B&Data Solutions Day 2008 Think Beyond a Virtualized Infrastructure

The Network Security Consolidation Imperatives - Protect, Preserve and Reduce

Flora ChanRegional Manager, Hong Kong & Macau

Fortinet Confidential

Virtualized Network Security

Network Security Consolidation Imperatives

About Fortinet

1

2

3

Agenda

Fortinet Confidential

Secure Virtualization: A New Paradigm

Virtualization is the most important solution being implemented in the Enterprise Data Center today.

This creates the need for a ‘security for virtualization’ paradigm that protects virtual environments in ways beyond what is currently available to protect physical environments.

Gartner Group:

Enterprises that do not leverage virtualization technologies will spend 25% more annually for hardware, software, security,

labor, and space for their infrastructure.

Fortinet Confidential Fortinet Confidential

Network Security Requirements

Performance

Management / Reporting

Flexibility

Content Security

Reliability / Density

Logging / Reporting

Fortinet Confidential Fortinet Confidential

Network Security Considerations

High availability

Out-of-Band management

Troubleshooting

Product upgrades

Product support

Hardware cost

Added network complexity

Fortinet Confidential

Fortinet’s Virtualization - Virtual Domains

Virtual Domains (VDOMs) Enable a single FortiGate

system to function as multiple independent virtual FortiGate systems

Up to 500 VDOMs supported per physical FortiGate device

Fortinet Confidential

Virtualized Network Security

Each VDOM can be configured with custom:

Virtual Routing features (Static, PBR, OSPF, BGP, RIP, Multicast)

Virtual Firewall (All Firewall features)

Virtual VPN (IPSec VPN, SSL VPN, PPTP)

Virtual IPS (Signature/Anomaly based, Protocol decoding)

Virtual Web filtering (84 Web Filter categories)

Virtual Antivirus (HTTP, FTP, SMTP, IMAP, POP3, NNT, ICQ, MSN, Yahoo, AIM)

Virtual Antispam (SMTP, POP3, IMAP)

Fortinet Confidential Fortinet Confidential

Fortinet’s VDOMsEach VDOM contains its own virtual interfaces, route table, state table, application proxies, and IPS table instances.

Fortinet Confidential

Virtualized ManagementMultiple Administrative domains Administrative Domain (ADOM) Per customer/device group policy management Per customer/device report generation Supports VDOM groups and device groups or

combinations of them

Fortimanager

Admin 2 Device Group 2

Device Group 1

FortiAnalyzer

Admin 1

Customer 1

Customer 2

Fortinet Confidential

Virtualized Reporting

Customizable with Customer/Private Branding

Per VDOM reporting Per ADOM log access

Fortinet Confidential

Agenda

Virtualized Network Security

Network Security Consolidation Imperatives

About Fortinet

1

2

3

Fortinet Confidential

Consolidation is all Around Us!

Just a few examples: Mobile Phones Companies Telecommunications / Video

And most importantly: Network Security

Fortinet Confidential

Consolidation Market Drivers Dynamic security landscape

Continued increase in sophistication and prevalence of threats which require multiple security protections

Increased enterprise adoption of Web 2.0 applications and IP-based services provide new methods of attack

Regulatory compliance pressures (SOX, PCI, etc.)

Slowing growth of IT budgets driving higher demands for ROI Rising complexity and cost of managing and maintaining

multiple security solutions Increased pressure to improve security service while reducing

TCO

Corporate concern for the environment/desire to be “green”

Fortinet Confidential

Consolidate for Enhanced Security

Comprehensive, integrated security platform Full breadth of network and content security on

a single appliance

Superior threat protection Integrated threat research; global research

team provides 24x7x365 coverage

More effective and efficient security management Centralized management and reporting Simplified deployment, configuration and

maintenance Unified logging and reporting

Fortinet Confidential

Consolidate to Reduce TCO

Lower capital expenditures (CapEx) Fewer devices to purchase, manage and

maintain Virtualization to manage up to thousands

of security profiles from one platform

Lower operational expenditures (OpEx) Smaller investment on training and support Simplified management, maintenance,

renewals and threat update subscriptions

Long-term investment protection Future-proof devices: service activation

as security needs grow Per-device license model

Fortinet Confidential

Consolidate for Environmental Benefits

Smaller hardware footprint Reduced data center space with

multi-threat security appliances and virtualized security chassis

Reduced power consumption over multiple standalone systems

Green impact Energy/emission reduction across

the entire life cycle with less manufacturing, cabling and recycling

Fortinet Confidential

The Network Security Consolidation Imperatives

Preserve Your Investment∙ Lower CapEx with fewer hardware requirements ∙ Lower OpEx with reduced management

complexity ∙ Increase functionality without increasing hardware

Reduce Your Footprint∙ More robust security capabilities with less hardware ∙ More powerful protection with less power consumption ∙ More network defense with less cost of ownership

Protect Your Network∙ Network content-level protection ∙ Data integrity-level protection ∙ Enterprise-level strength

Fortinet Confidential

A New Security Architecture is Required Antispam

Reduce unwanted email

Web filters Eliminated unproductive web-browsing

VPN Delivering secure remote access

Firewall Defend against intrusions

Antivirus Protect email from virus infection

IPS Protect against malicious attacks

VPNVPN

IPSIPS

UsersUsers

ServersServersFirewallFirewall

AntivirusAntivirus

AntispamAntispam

URL FiltersURL Filters

Fortinet Confidential

Real Disadvantages Requires multiple products that don’t talk to

each other Increases network complexity and operational

costs Negative impact to environment Non-optimal security implementation

Multiple Point Solutions Add Complexity & Cost

Perceived Advantages Comprehensive security approach Quickly react to individual threats

VPNVPN

IPSIPS

UsersUsers

ServersServersFirewallFirewall

AntivirusAntivirus

AntispamAntispam

URL FiltersURL Filters

Fortinet Confidential

Fortinet Consolidated Network Security

VPNVPN

IPSIPS

UsersUsers

ServersServersFirewallFirewall

AntivirusAntivirus

AntispamAntispam

URL FiltersURL Filters

Provides comprehensive security Minimizes down-time from individual threats Reduces number of vendors and appliances Simplifies security management Coordinates security alerting, logging, and reporting Improves detection capabilities Improves TCO

Fortinet Confidential

Agenda

Virtualized Network Security

Network Security Consolidations Imperatives

About Fortinet

1

2

3

Fortinet Confidential

Company Overview Leading provider of ASIC-accelerated Unified Threat

Management (UTM) Security Solutions

Company Stats Founded in 2000 by Ken Xie (Former NetScreen Founder)

Silicon Valley based with offices worldwide

1,000+ employees / 500+ engineers

350,000+ FortiGate devices shipped worldwide

Strong, validated technologies and products 11 patents; 80+ pending

Seven ICSA certifications (FIRST and ONLY security vendor)

Government Certifications (FIPS-2, Common Criteria EAL4+)

Virus Bulletin 100 approved

Fortinet Confidential

Large Global Installed BaseBlue Chip CustomersBlue Chip Customers

Fortinet products are used by:

• 20,000+ customers WW

•The world’s leading enterprises, telcos and service providers

• Major government education, healthcare and retail institutions

Fortinet Confidential Fortinet Confidential

Market Leadership & Growth

Fortinet pioneered the UTM market & has been the WW UTM market leader for the past 3 years -- source: IDC, 2007

By 2011 UTM will be the largest single market with a CAGR of 26.2%

Fortinet Confidential

Fortinet Leads Across UTM Market

“Fortinet is the leading vendor in the UTM security appliance market”

“Fortinet’s UTM product portfolio is seeing success across all price bands, including the high end, which has been the hardest sell for many vendors”

Fortinet Confidential

Email Email SpamSpam

X VirusesViruseswormsworms

Next-Generation Security Gateways

HackerHacker

XFortiGateFortiGate

www.find_a_new_job.comwww.free_music.comwww.pornography.com

InternetInternet

Real-TimeReal-TimeContent SecurityContent Security

at the Network Edgeat the Network Edge

Web filtering / Web filtering / BannedBannedcontentcontentX

Intrusions Intrusions PreventionPrevention

X

Instant Message / Instant Message / P2P securityP2P securityX

Fortinet Confidential

Comprehensive Product Portfolio

FortiGate-60A – FortiGate-100A

SMB & Remote OfficeSMB & Remote Office

FortiGate-200A – FortiGate-800F

EnterpriseEnterprise

FortiGate-1000A – FortiGate-5000

Carrier, MSSP &Carrier, MSSP &Large EnterpriseLarge Enterprise

FortiAnalyzer/FortiManager Centralised Management

FortiGate UTM Appliances

FortiMail Email Security

Fortinet Confidential

Fortinet Unique Value Proposition

SecurityMulti-Layered

1

PerformanceScalable & Line Speed

2

CostLow Cap and Op Ex

3

FlexibilityBroad Hardware Offering Security Software Modules Security Subscription

4

Fortinet Confidential

Thank You!For more information, please visit us at: http://www.fortinet.com/

Protect Your

Network

Reduce Your

Footprint

Preserve Your

Investment