The Consolidation Imperative

Maximizing Security, ROI and Environmental Benefits with Fortinet SolutionsTodd Craw – FL Channel SE - June 2010

Consolidation is all Around Us

Just a few examples: Discrete MP3 Player, Camera, Phone =

iPhone or Android Triple Play services over coax or dsl =

Voice, Video and Data

And most importantly: Network Security = Antivirus, IDS/IPS,

Antispam, Web Content Filtering, VPN and more in one device

Consolidation Market Drivers

Dynamic threat landscape

Slowing growth of IT budgets

Easier Mangement – Lower Opex

Fewer Devices – Lower Capex

Reductions in Footprint

Energy/Carbon

Rackspace

Dynamic Threat Landscape

Evolving Threats

Continued increase in sophistication

and prevalence of threats require

multiple security technologies

Increased enterprise adoption of Web

2.0 applications and IP-based services

provide new vectors for attack

Regulatory compliance pressures

(SOX, PCI, etc.)

Blended Threat – W32/Pushdo!tr Multiple Attack Vectors

Spams email with malicious attachment

Email contains a trojan downloader

– Downloads a rootkit to cover activity

– Downloads multiple other components

The trojan uses a command and control communication channel

W32/Pushdo!tr - Antispam

Antispam recognizes email as spam

Blocks message from user’s inbox

W32/Pushdo!tr - Antivirus Gateway antivirus detects

the malicious attachments The trojan downloader The rootkit The various other

components

Removes malicious payloads, preventing accidental execution

W32/Pushdo

W32/Pushdo!tr – Intrusion Prevention

IPS detects communications on the command and control channel

Blocks the transmission of the infected host’s communication

W32.Pushdo.Virus .Detection

Financial “Belt Tightening”

Slowing growth of IT budgets driving higher demands for ROI Rising complexity and cost

of managing and maintaining multiple security solutions

Increased pressure to improve security service while reducing TCO

Real Disadvantages Higher Capex for multiple products Increases network complexity and

operational costs – training & support Discrete security technologies such

as VPN, AV, IPS, WCF, AntiSpam have become commodities!

Multiple Point Solutions Add Complexity & Cost Perceived Advantages

Comprehensive security approach Quickly react to individual threats Specialization

Consolidate to Reduce TCO

Lower operational expenditures (OpEx) Simplified management, maintenance,

renewals and threat update subscriptions Smaller investment on training and support

Lower capital expenditures (CapEx) Fewer devices to purchase, manage and

maintain Virtualization to manage up to thousands

of security profiles from one platform

Long-term investment protection Future-proof devices:

Service activation as security needs grow Per-device license model

Doing More With Less – Capex Savings

Security Service Fortinet CompetitorFirewall / VPN $43,495 $13,199

Intrusion Prevention Included $38,145

Antivirus Included $16,585

Web Filtering Included $13,449

Totals $43,495 $81,378

500 User Network Savings over Standalone Products - $37,883

Fortinet Consolidated Network Security

Reduces number of vendors and appliances

Provides comprehensive security

Minimizes down-time from individual threats

Simplifies security management

Coordinates security alerting, logging, and

reporting

Improves detection capabilities

Reducing Footprint

Firewall / VPN

Antivirus

Web Filtering

IPS

FortiGate Appliance¼ Physical Space

¼ Power Consumption=

=

Consolidate for Environmental Benefits

Smaller hardware footprint Reduced data center space with

multi-threat security appliances and virtualized security chassis

Reduced power consumption over multiple standalone systems

Green impact Energy/emission reduction 

across the entire life cycle with less manufacturing, cabling and recycling

Fortinet Differentiation Broad technology platform

ASIC accelerated security on all platforms Unified security functions AV, IPS, WCF, FW,

VPN, Anti-spam/Spyware with NO OEM relationships

Identical user interface on all appliances No per user licensing – services unlimited

Unified Management, Logging and Reporting Enterprise management – firmware – policy Logging, reporting, event correlation Active directory integration

user activity reporting

Broad security subscription coverage via global infrastructure Active push and pull technology for rapid

protection >200 researchers WW

FortiOS constantly adds new features

FortiOS is the security hardened operating system that powers all FortiGate multi-threat security systems. The CLI and GUI are the same across all applicances.

Application Control

Facilitates inspection for evasive applications using non-standard ports, port-hopping, or tunneling within trusted applications

More flexible and fine-grained policy control Increased security Deeper visibility into network traffic FortiOS 4.2 adds shaping to any application!

Enforces security policy for over 1000 applications, regardless of port or protocol used for communication

SSL Traffic Inspection

Inspect otherwise hidden communication

Increased protection for secure web/app servers

Improved visibility into network traffic

Supports HTTPS, POP3S, SMTPS, and IMAPS protocols

Proxies SSL encrypted traffic, inspecting for threats and applying policy to traffic that is invisible to other security devices.

Data Leakage Prevention

Integrates with Application Control and SSL Inspection

Works across any application and encrypted traffic

Configurable actions (block / log) Provides audit trails for data and files Aides in legislative compliance Protects an organization’s sensitive

information

Keep sensitive, confidential, and proprietary data from escaping defined network perimeter

Consolidate with Fortinet

Preserve Your Investment∙ Lower CapEx with fewer hardware requirements ∙ Lower OpEx with reduced management

complexity ∙ Increase functionality without increasing hardware

Reduce Your Footprint∙ More robust security capabilities with less hardware ∙ More powerful protection with less power consumption ∙ More network defense with less cost of ownership

Protect Your Network∙ Network and content-level protection ∙ Data integrity-level protection ∙ Enterprise-level strength

Thank You for your time!

Questions?For more information, visit us at: http://fortinet.com/

Protect Your

Network

Reduce Your

Footprint

Preserve Your

Investment

Lee County Clerk of Courts

“The Fortinet solution is surpassing our high expectations and demands. Though we were seeking a performance and throughput improvement, we now also have less boxes to manage, 24/7 availability even if a datacenter goes down and a way to report on

network usage without taking the entire network down.”

Brian Bernard, senior network administrator Lee County Clerk of Courts

Products: FortiGate-1000, FortiGate-5050, FortiGate-5001FA2

Solution: Antivirus, anti-spam, firewall, Web filtering and intrusion prevention

Where: FortiGate-1000 at its Sarasota, FL disaster recovery site

-Two FortiGate-5050™ systems in active/active mode located at two data centers in Fort Myers, FL and one FortiGate-5050 for the public facing network and the other is for the remote agency network being accessed by the State attorney, defense attorneys and other state agencies.

- Two FortiGate-5001FA2 blade modules are connected to each of the FortiGate-5050 systems in clustered pairs.

Benefits: Protection of sensitive information such as case histories from county courts, county finance information, land records

- Aggregate, analyze and report on log data traversing the distributed network.

Hardee’s quick-service and fast-casual dining

“Managing multiple restaurant locations nationwide, it was very important for us to select a network security solution that was cost-effective, easy to use and offered central management while ensuring Federal compliance regulations. The FortiGate

product line is allowing us to offer enterprise-level network security to our restaurants as well as complying with government regulations such as PCI mandates.”

Greg May, Chief Technology Officer Paradigm

Products: FortiGate-300A, FortiWifi-60B, FortiManager-400

Solution: firewall, IPS and Web content filtering

Where: FortiGate at Paradigm HQ to provide firewall, IPS and WCF for the main network

- FortiWifi deployed at each of the 95 franchise networks

- FortiManager deployed at Paradigm HQ to easily and centrally manage the 295 appliances located at nationwide franchises.

Benefits: new wireless newtork for patrons of some of the restaurants

- PCI compliance

- Simplified management of appliances

-Consolidated network security functions

Clerk of the Circuit Court of Cook County second largest county in U.S.

"In our first 107 days of having the Fortinet solution deployed, we did not have a second of downtime. Although we experienced 381,407 attempted attacks against our network, the Fortinet solution blocked and protected us from every single

attack."

Bridget Dancy, CIOCircuit Court of Cook County

Products: FortiGate™-1000 (replaced Norton and Microsoft), FortiAnalyzer™-100

Solution: Antivirus and intrusion prevention

Where: FortiGate™-1000 to provide antivirus, firewall and intrusion prevention for network

- FortiAnalyzer™-100 to easily analyze and log traffic traversing the network of more than 800 computers

Benefits: protecting more than 5.6 million documents ranging from employee email to citizen legal case material, adoptions, mental health, and tax objection documents.

-helping secure the Circuit Court Clerk's $5 million cashiering system which collects and disburses more than $100 million in revenue -Experienced 381,407 attempted attacks against network and Fortinet blocked and protected every single attack

-FortiAnalyzer is providing valuable intelligence on network usage and assistance with meeting regulatory compliance