fortinet securityfabric 2018 資訊安全論壇 · 系統，弱點資料庫...

數位資訊的威脅與趨勢發展

3

2007 2017Threat Actors <50 >1,000Threat Types <50 >1,000,000

Alerts/Day (Average Per Firm) <1,000 >1,000,000Security Vendors <100 >2,300VC Investments <$500M >$6B

Security Spending <$3B >$80B

網路安全的演進⋯

Source: Optiv, 2017

4

This is Security !

5

Over 1000!

6

Fortinet 2018 年資安趨勢預測

§/��-%Hivenet�Swarmbot�.%12§)�8'�$��%�!§��%��49§65�&� +3%�'7�§ �+30+3#,*"9(��$ AI /��

請參閱：2018 Threat Predictions - by Derek Manky

Mid-year 2017 Predictions Update

https://blog.fortinet.com/2017/11/14/fortinet-fortiguard-2018-threat-landscape-predictions

https://blog.fortinet.com/2017/08/08/mid-year-predictions-update

© Copyright Fortinet Inc. All rights reserved.

鞏固網路安全成就數位轉型Security without perimeter

Johnson Lai+e: [email protected]

Channel Manager

8

[Digital Transformation]DX��%��+!��(��'%#$4)�!3*"%2.1

/ �,��6��+!%��&��-0��5�� %��

9

資訊安全成為數位轉型的極其重要的關鍵

洞悉潛在的威脅

導入更多創新技術與自動化管控

彈性化配置

新世代安全須涵蓋混合雲環境提供一致性的管理與

多樣化建置

OT 的安全

將 IT 的安全擴展到運營技術網絡

資料保護

無論以何種型態存在, 靜止的或處於傳輸過程

法規遵循

融入整合於既有安全規範策略與法令之內

10

[Security Transformation]SX20��%8)�;��.��4�%�&��;�6%��%�&��

!%�'��$ #15�+;*9�=� %��/-�,:%

(��7+"3�<�2�%4��

11

數位資訊威脅的攻擊來自四面八方已難以預測

Cloud

Access

Network

BROADAttack Surface

Devices

12

過多的獨立產品與產業規範制度遵循

Security Consoles

Compliance

Point Products

INTEGRATIONVery Difficult

Form Factor

30+

GPDR

13

層出不窮的嶄新威脅，資源與專業人力的短缺

Skills

Maturity

Noise

AUTOMATIONCritical

Speed

14

+��(��/�

�,��&� -��

��.*�!��$

�#�)��'%�0

�*�" !��$

現今的安全防護需要的是一個完整且可擴展的框架

�#��

嶄新的資訊安全框架⋯

16

��

FORTINETSECURITYFABRIC 20182018

��-C> %E��G�;�8C>��)9�7�F

�-?<�6

��'�-�:+�C>*AD�6-��

��-!5/0H1,�3�-7 �(*=�H.�?�/07@2�"�B4

��#&$#

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS

ADVANCED THREAT PROTECTION

MANAGEMENT-ANALYTICS

��

17The Fabric 8

18

鄭重介紹 ⋯⋯

19

Multi

CloudEmail Applications

Web Unified

Access

Management

AnalyticsThreat

Protection

Advanced

Endpoint

IoT

NetworkSecurity

Multi-Cloud Security

EndpointSecurity

Email Security

Web Application Security

SecureUnified Access

Advanced Threat Protection

Management& Analytics

FortiGateEnterprise Firewall

FortiGate Cloud FirewallNetwork Security

FortiClientEPP

FortiWebWeb Application

Firewall

FortiMailSecure Email

Gateway

FortiSandboxAdvanced Threat

Protection

FortiAnalyzerCentral Logging

/Reporting

FortiManagerCentral Security

Management

FortiSIEMSecurity Information &

Event Management

FortiGate Virtual Firewall

Network Security

FortiAPWireless

Infrastructure

FortiSwitchSwitching Infrastructure

Securing IoT, Networks & Cloud ecosystems

“The Fabric 8”

20

THE FABRIC 8

Network Security

FortiGateEnterprise Firewall

SWG

SD-WAN

IPSAppliance Virtual

Machine

Cloud

& ��#�%�+��#("'$!��& ��)��+ ��*��

Network

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



21

提昇防護的廣度能預防來自四面八方的細微攻擊BROAD

WAF

EMAILSWITCH

ACCESSPOINTS

Network

MOBILE IoT

WINDOWS MAC

APIs

SECURITY

SANDBOX

MANAGEMENT

ANALYTICS

CASB PRIVATE

PUBLICMETER

Access Apps

CloudEndpoint

22

THE FABRIC 8

Multi-Cloud Security

FortiGate Virtual FirewallNetwork Security

FortiCASBCloud Access Security Broker

FortiGate Cloud FirewallNetwork Security

Fortinet ConnectorsCloud & SDN Integration

Virtual Machine

Cloud

)��*%��*��'#�"�Fortinet ��&�� !��$�(* �'#��

Multi

Cloud

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



23

多樣化雲端應用引發了更多的網路攻擊威脅管道

Campus

Branch Office

Retail Office

Single Console

Private Cloud

Public

SaaS

SD-WAN CSP Cloud

Remote

Data Center

WAN

24

THE FABRIC 8

Endpoint Security

Software

FortiClientNG Endpoint Protection Platform

Enterprise Management ServerCentral Management

2��!6*�.)��4$��(��&+�1�� &5��2��#%.) ��0!��,/-�"�3�'

Endpoint

IoT

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



25

即時主機安全防護

時時刻刻快速更新

週期性掃描過濾

網路行為偵測解析

多種應用程式分類

針對特有應用程式的細節控制

即時雲端的網站IP URL評比

安全搜尋設定

例外排除名單

即時更新應用程式、系統，弱點資料庫

自動化系統安全強化

週期性弱點掃描

終端先進式威脅防護方案Advanced Threat Protection

Antivirus ApplicationFirewall Web Filter Vulnerability

Scanning

有效避免惡意軟體感染

有效減少攻擊管道生成

避免透過網頁木馬入侵感染

避免未預期系統或程式弱點

“Fortinet rarely misses a VB100 comparative, and a strong record of

passes, complemented by a

steady improvement in detection over the last couple of years, have put it well up with the

leaders… ”

26

THE FABRIC 8

Email Security

FortiMailSecure Email Gateway

Appliance Virtual Machine

Hosted Cloud

4�6�3��*0��'�+� 3��)(57��/��2&��,%��'-# "��$�!�'.��1

Email

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



27

郵件傳遞是主要威脅感染的管道

Malware

• 特別針對低警戒心的用戶經常會發生大量的攻擊

• 透過社交工程技術來讓用戶打開電子郵件並執行惡意軟件

• 零時差的攻擊程式

Phishing

• 針對特定組織或團體單位，（魚叉式網絡釣魚）並根據用戶感興趣的內容題材

• 通常針對CxO 等級（捕鯨）

• 零時差惡意軟體或社交工程洩漏到財務或重要內部信息

• 12％的用戶會點擊這樣的郵件中的惡意附件或鏈接*

��

* Source: Verizon 2016 Data Breach Investigations Report

Compliance & Data Loss

• 通過電子郵件發送個人身份信息（PII）

• 從組織中發送公司機密信息• 公司內部間諜活動• 無法加密敏感電子郵件• 未能備份/保存/歸檔電子郵件以

符合企業標準• IRS – 7 years• PCI – 1 year• State depts – 3 years• HIPPA – 6 years

28

THE FABRIC 8

Web Application Security

FortiWebWeb Application Firewall

FortiADCApplication Delivery Controller


Hosted Cloud

%!'� �� (��&��$(��"#��

Applications

Web

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



29

§ 網站應用程序漏洞修補

§ 病毒威脅過濾防範

§ 安全的網頁服務

§ 提升應用程能力與可靠度

§ 弱點掃描功能

§ 提升SSL 處理能力與內容解析

安全 / 高擴展與快捷的網頁應用服務架構

FortiGuard

AttachmentScanning

SSLOffloadingSSL

Outlook (mobile and web)

30

THE FABRIC 8

Secure Unified Access

FortiAP, FortiWLC, FortiWLMWireless Infrastructure

FortiSwitchSwitching Infrastructure

FortiAuthenticator, FortiTokenIdentity and Identity Management


Hosted

�� Fortinet Security Fabric ��

Unified

Access

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



FortiWiFiIntegrated Wireless

31

網路終端存取的現況與挑戰

新世代WIFI的變革與演進

有線/無線的認證

簡化單一的管理與維運

資料存取方式變遷

大量成長的行動裝置

無線存取的需求增加

��(Integrated Security)

32

THE FABRIC 8

Advanced Threat Protection

FortiSandboxAdvanced Threat Protection


Hosted Cloud

�� (NGFW, SEG, EPP, WAF…) �$#��%"�� $��!�!��#��

ATP

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



33

現今威脅已是快速多變並難以預測⋯⋯

�� & � �$�� "� �� "�� & ��

��! ��

�%#�:File, IP, App, Email App Signatures, Digitally singed files

��%#�:File, IP, App, Email Generic Signatures

'��

99.5%Of Malware samples are

Unique to an Organization

Source:Verizon 2016 Data Breach Investigations Report, April 2016

99.5% ��

58��

��

沙箱模擬技術

34

THE FABRIC 8

Management & Analytics

�Fortinet#�� $��"�%��(��*'�!)��#&��*�� &

FortiAnalyzerCentral Logging & Reporting

FortiManagerCentral Security Management

FortiSIEMSecurity Information & Event Management


Hosted Cloud

FortiCloudCloud-based Central Management

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



35

管理與分析 - 包含了哪些範疇?

��

UIG��

� ��

��

PIAFabric ��FortiManager FortiAnalyzerFortiCloud FortiSIEM

36

[Security Transformation]SX 52��(;,�?��0��7�(�)!��B

��9(��(�)��#(�*B��

'�&38C�A�"(��1/.>(+�

�� =<B:-$6�@�5�(7�%4C

37

��

FORTINETSECURITYFABRIC 20182018

��-C> %E��G�;�8C>��)9�7�F

�-?<�6

��'�-�:+�C>*AD�6-��

��-!5/0H1,�3�-7 �(*=�H.�?�/07@2�"�B4

��#&$#

NETWORK

MULTI-CLOUD

PARTNER API

EMAILUNIFIED ACCESS

IOT-ENDPOINT

WEB APPS



��

如何按部就班建構Security Fabric

39

SECURITY FABRIC – 客戶的環境與應用

DDoS Protection

Database Protection

Web ApplicationFirewall

ApplicationDeliveryController

Top-of-Rack

BRANCHOFFICE

Distributed Ent FW

LTE Extension

Endpoint Protection NGFWSecure Access

Point

IP VideoSecurity

Email Server

Web Servers

SDN, VirtualFirewall

DCFW/ NGFW

Sandbox

Internal Segmentation

FW

Sandbox

Switching

Internal Segmentation FW

Email Security


CAMPUS


DATA CENTER/PRIVATE CLOUD

VirtualFirewall

FortiCloud

Client Devices

Client Devices

PUBLIC CLOUD

OPERATIONS CENTER

40

SECURITY FABRIC – Network Security

DDoS Protection

Database Protection



Top-of-Rack

BRANCHOFFICE

LTE Extension

Endpoint Protection

FortiGateNGFWSecure Access

Point

IP VideoSecurity

Email Server

SDN, VirtualFirewall

FortiGateDCFW/ NGFW

Sandbox

FortiGate Internal Segmentation FW

Sandbox

Switching


Email Security



CAMPUS

Client Devices


Web Servers

ENTERPRISE FIREWALL

FortiGate/FortiWiFiDistributed Ent FW

Client Devices

FortiManager

FortiAnalyzer

FortiSIEM

OPERATIONS CENTER

VirtualFirewall

FortiCloud

PUBLIC CLOUD

41

SECURITY FABRIC – Cloud Security

DDoS Protection

Database Protection



Top-of-Rack

BRANCHOFFICE

LTE Extension

CAMPUS

Secure AccessPoint

IP VideoSecurity

Switching

FortiGateNGFW

FortiGateDCFW/ NGFW





FortiGate VMX SDN, Virtual

Firewall


Web Servers

ENTERPRISE FIREWALL

Client Devices

CLOUD SECURITY

Client Devices

Endpoint Protection

Email Server

Sandbox

Sandbox

Email Security

OPERATIONS CENTER

FortinetVirtual Firewall

FortiManager

FortiAnalyzer

FortiSIEM

FortiCloud

PUBLIC CLOUD


42

SECURITY FABRIC - Advanced Threat Protection

DDoS Protection

Database Protection


Top-of-Rack

BRANCHOFFICE

LTE Extension

CAMPUS

FortiClient Secure AccessPoint

IP VideoSecurity

Switching

FortiGateNGFW

FortiGateDCFW/ NGFW






Firewall


Web Servers

CLOUD SECURITYADVANCED THREATPROTECTION

ENTERPRISE FIREWALL

FortiClient

FortiSandbox

FortiClient

FortiSandbox

FortiMailEmail Security

Email Server


Firewall

OPERATIONS CENTER

FortiManager

FortiAnalyzer

FortiSIEM


FortiCloud

PUBLIC CLOUD

FortiCloud Sandboxing


43

SECURITY FABRIC – Application Security

Top-of-Rack

BRANCHOFFICE

LTE Extension

CAMPUS

FortiClientSecure AccessPoint

IP VideoSecurity

Switching

FortiGateNGFW

FortiGateDCFW/ NGFW





Firewall

FortiDDoS Protection


Firewall

FortiADCApplicationDeliveryController


Web Servers


APPLICATIONSECURITY

ENTERPRISE FIREWALL

FortiClient

FortiSandbox

FortiClient

FortiSandbox


FortiDBDatabase Protection


Email Server

OPERATIONS CENTER

FortiManager

FortiAnalyzer

FortiSIEM


FortiCloud

PUBLIC CLOUD



44

SECURITY FABRIC - Unified Access


Firewall

FortiADCApplicationDeliveryController

Top-of-Rack

BRANCHOFFICE

FortiExtenderLTE Extension

CAMPUS

FortiClient Secure AccessPoint

IP VideoSecurity

FortiGateNGFW

FortiGateDCFW/ NGFW





Firewall

FortiDDoS Protection



Web Servers

SECURE ACCESS APPLICATIONSECURITY

ENTERPRISE FIREWALL

FortiClient

FortiSandbox

FortiClient

FortiSandbox


FortiSwitchSwitching


FortiSwitchSwitching

Email Server

FortiDBDatabase Protection

OPERATIONS CENTER

FortiManager

FortiAnalyzer

FortiSIEM


FortiCloud

PUBLIC CLOUD


FortiCloud AP Management


fortinet securityfabric 2018 資訊安全論壇 · 系統，弱點資料庫...

Documents