AWS-Fortinet Solution Well-Architected-Mapping

ElleryCen 44 views 16 slides Jul 01, 2024
Slide 1
Slide 1 of 16
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16

About This Presentation

this presentation introduced AWS Well-Architect security pillar and how Fortinet solution capable with it.

Size: 623.3 KB
Language: en
Added: Jul 01, 2024
Slides: 16 pages

Slide Content

S olution Mapping with AWS Well-Architect Yitao Cen,   Head of Product Marketing, APAC Alan Chen, Technical Marketing Engineer, APAC

AWS Well- Architec ted Framework AWS Well-Architected Framework describes key concepts, design principles, and architectural best practices for designing and running workloads in the cloud. Well-Architected Review (WAR) is a professional service staffed by AWS Solution architect or AWS Well-architected Partners, to provide an assessment and identify recommended remediation, typically for a high-priority workload. By answering a few foundational questions, customer can learn how well your architecture aligns with cloud best practices and gain guidance for making improvements. https:// docs.aws.amazon.com / wellarchitected /latest/framework/ welcome.html

The security pillar describes how to take advantage of cloud technologies to protect data, systems, and assets in a way that can improve your security posture. Security Pillar Overview https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/welcome.html

AWS recommend that customer should manage account and workload settings/config properly, such as separating accounts, securing root users, keeping protection tactics and security practices up-to-date. FortiCNP , a Fortinet CSPM offering, can help to gain visibility on cloud security posture, any possible risk or any compliance violation and recommend best practices, with prioritizing risks based on Fortinet patent-pending Resource Risk Insights (RRI) technology which turns overwhelming volumes of data into actionable insights. FortiCNP can integrate with several AWS services, such as GuardDuty , Security Hub, Inspector, Config, CloudTrail, CloudWatch, as well as Fortinet FortiGate and FortiWeb, to help you keep monitoring your security postures, analysing security findings, showing comprehensive visibility, automated response for incident. How does Fortinet solution enhance AWS security services? User friendly management console with patent-pending Resource Risk Insights (RRI) technology turns overwhelming volumes of data into actionable insights. Not only consolidate the findings for AWS native services, but also can leverage FortiGate and FortiWeb logs for risk correlation analysis. The ease of single-click deployment offered by AWS security services, without the associated alert fatigue Security Pillar – Security Foundation SEC01 Q: How do you securely operate your workload? A: To operate your workload securely, you must apply overarching best practices to every area of security. Take requirements and processes that you have defined in operational excellence at an organizational and workload level, and apply them to all areas. Staying up to date with AWS and industry recommendations and threat intelligence helps you evolve your threat model and control objectives. Automating security processes, testing, and validation permit you to scale your security operations. Best practices recommendations:

Q: How do you manage authentication for people and machines? A: There are two types of identities that you must manage when approaching operating secure AWS workloads. Understanding the type of identity you must manage and grant access helps you verify the right identities have access to the right resources under the right conditions. Human Identities: Your administrators, developers, operators, and end users require an identity to access your AWS environments and applications. Machine Identities: Your service applications, operational tools, and workloads require an identity to make requests to AWS services, for example, to read data. Best practices recommendations: Similar to SEC01, SEC02 focus on Identity Management. Customer can leverage FortiCNP capabilities to analyse identity configs if they are following best practices or not. For example, checking if multi-factor authentication (MFA) are enforced, credentials are rotated regularly and have the appropriate access level. FortiCNP can integrate with several AWS services, such as GuardDuty , Security Hub, Inspector, Config, CloudTrail, CloudWatch, to help you keep monitoring your security postures, analysing configuration correctness. How does Fortinet solution enhance AWS security services? Scans and monitors customer cloud configurations to evaluate best practices and detect misconfiguration risk. The ease of single-click deployment offered by AWS security services, without the associated alert fatigue. User friendly management console with patent-pending Resource Risk Insights (RRI) technology turns overwhelming volumes of data into actionable insights. Security Pillar - Identity & Access Management SEC02

Q: How do you manage permissions for people and machines? A: Manage permissions to control access to people and machine identities that require access to AWS and your workload. Permissions control who can access what, and under what conditions. Best practices recommendations: Similar to SEC01 and 02, SEC03 focus on least privilege management. Customer can leverage FortiCNP capabilities to analyse if identity configs comply with best practices or not. For example, it can continuously monitor permissions, IAM roles life cycle, and public access resources . FortiCNP can integrate with several AWS services, such as GuardDuty , Security Hub, Inspector, Config, CloudTrail, CloudWatch, to help you keep monitoring your security postures, analysis configuration correctness, unintended public access resources. How does Fortinet solution enhance AWS security services? Scans and monitors customer cloud configurations to evaluate best practices and detect misconfiguration risk. The ease of single-click deployment offered by AWS security services, without the associated alert fatigue. User friendly management console with patent-pending Resource Risk Insights (RRI) technology turns overwhelming volumes of data into actionable insights. Security Pillar - Identity & Access Management SEC03

Q: How do you detect and investigate security events? A: Capture and analyze events from logs and metrics to gain visibility. Take action on security events and potential threats to help secure your workload. Best practices recommendations: FortiSIEM and FortiSOAR are ideal choices to satisfy SEC04 best practices. FortiSIEM integrate with many AWS services for centralized logging and analysis: AWS Cloud Trail, AWS Cloud Watch, AWS ELB, AWS Kinesis, AWS RDS, AWS Security Hub, AWS SQS, AWS S3. With FortiSOAR , customers can define playbook for incident response automation with great flexibility. How does Fortinet solution enhance AWS security services? FortiSIEM and FortiSOAR are designed to be the backbone of your security operations team, delivering capabilities ranging from automatically building your inventory of assets, to applying cutting-edge behavioral analytics to rapidly detect and respond to threats. Out-of-box reports are easy for continuous compliance, as well as visualized threat hunting makes security operation more efficiency. Self-learning asset inventory, real-time analytics, streamlined investigation are all ready-to-use features for offloading security operation team efforts compare with all DIY using AWS services. Industry-leading threat intelligence and deep fabric integration enable you always up-to-date on detection and automate response across your entire IT landscape. Security Pillar - Detection SEC04

Q: How do you protect your network resources? A: Any workload that has some form of network connectivity, whether it’s the internet or a private network, requires multiple layers of defense to help protect from external and internal network-based threats. Best practices recommendations: FortiGate and FortiWeb are ideal choice to satisfy SEC05 best practices, to protect network, Web - based and API traffic. FortiGate is able to deliver: Network segmentation at VPC level, with automated incident response. Site-to-Site VPN and Client-to-Site VPN capabilities Traffic/Policy analysis Secure data access by integrate with S3 endpoint. Traffic inspection via Intrusion Prevention System, Anti-Virus, URL/DNS Filtering FortiWeb is able to deliver: Industry top tier Web and API security Anti-Virus for mitigating file upload attack Stop malicious bot activity without blocking bots that support legitimate business needs How does Fortinet solution enhance AWS security services? User friendly management console with Machine Learning based threat protection to reduce false positive. Flexible and Cloud native deployment model (VM or SaaS) for minimizing changes to existing architecture. Better TCO offering: the only NGFW support AWS Graviton instance. Easy to forecast security cost with simple pricing model. Security Pillar - Infrastructure Protection SEC05

Q: How do you protect your compute resources? A: Compute resources in your workload require multiple layers of defense to help protect from external and internal threats. Compute resources include EC2 instances, containers, AWS Lambda functions, database services, IoT devices, and more. Best practices recommendations: In SEC06, AWS suggests to protect the entire workload, including AWS instances, services and IoT devices. Then security practices should cover below assets: Host, Workload, Code, Supply Chain, API. Fortinet can support security testing covering source code, container, web and API, as well as protecting IoT devices to cover BP01,02,04,05: Static or source code testing via FortiDevSec Container scanning and IAC scanning via FortiDevSec Advanced Web/API Vulnerability testing with Fuzzing via FortiDAST Automate compute protection via FortiWeb for Web/API and FortiGate for EC2/containers and IoT devices Secure remote access dedicated for System Operation via FortiPAM Privilege Access Management How does Fortinet solution enhance AWS security services? The Easy-to-use and comprehensive portal where users can log in and view all the issues across all their applications and all the different scan types. Seamless integration with in Fortinet fabric. Easy to see correlated results and perform automated protection. Noise reduction via intelligently correlates across multiple scan results and manipulates the risk ratings accordingly. Security Pillar - Incident Response SEC06

In SEC0 7, AWS suggests to use its Macie to identify and classify data in your workload, such as S3, RDS and DynamoDB, then define proper data protection controls. In this chapter, FortiCNP assists customer to consolidate a unified view on data landscape by integration with Amazon Macie, then execute correlation analysis based on RRI. How does Fortinet solution enhance AWS security services? Scans and monitors customer cloud configurations to evaluate best practices and detect misconfiguration risk. The ease of single-click deployment offered by AWS security services, without the associated alert fatigue. User friendly management console with patent-pending Resource Risk Insights (RRI) technology turns overwhelming volumes of data into actionable insights. Security Pillar - Data Protection SEC07 Q: How do you classify your data? A: Classification provides a way to categorize data, based on criticality and sensitivity in order to help you determine appropriate protection and retention controls. Best practices recommendations:

SEC0 8 is the follow up action on SEC07. Once complete the data identification and classification, you should ensure data is secured at rest, which main rely on configurations, such as enforce data encryption and secure key management. In this chapter, FortiCNP assists customer to consolidate a unified view on security posture of data-at-rest by integration with Amazon Macie, Config, GuardDuty then execute correlation analysis based on RRI. How does Fortinet solution enhance AWS security services? Scans and monitors customer cloud configurations to evaluate best practices and detect misconfiguration risk. The ease of single-click deployment offered by AWS security services, without the associated alert fatigue. User friendly management console with patent-pending Resource Risk Insights (RRI) technology turns overwhelming volumes of data into actionable insights. Security Pillar - Data Protection SEC08 Q: How do you protect your data at rest? A: Protect your data at rest by implementing multiple controls, to reduce the risk of unauthorized access or mishandling. Best practices recommendations:

Q: How do you protect your data in transit? A: Protect your data in transit by implementing multiple controls to reduce the risk of unauthorized access or loss. Best practices recommendations: In SEC09 , FortiGate and FortiCNP assist customer customer to apply all best practices. FortiGate is able to deliver: Encryption in transit via IPSEC VPN in network-to-network scenario Integrate with AWS GuardDuty for automate block unintended data access With add-on DLP license, FortiGate also support advanced data loss protection via FortiGuard DLP database that categorizes predefined DLP data type patterns for unintended data exfiltration. By integrate with several AWS services, such as GuardDuty , Security Hub, Inspector, Config, CloudTrail, CloudWatch, FortiCNP is able to help you keep monitoring workload security postures, analysis data security configurations, then customers can easily identify how to improve configurations to satisfy best practices in this chapter. How does Fortinet solution enhance AWS security services? User friendly management console, with flexible and cloud native deployment for minimizing influence on existing architecture. High performance to support scale IPSEV VPN tunnels and volume data transit. Scans and monitors customer cloud configurations to evaluate best practices and detect misconfiguration risk. User friendly management console with patent-pending Resource Risk Insights (RRI) technology turns overwhelming volumes of data into actionable insights. Security Pillar - Data Protection SEC09

Q: How do you anticipate, respond to, and recover from incidents? A: Preparation is critical to timely and effective investigation, response to, and recovery from security incidents to help minimize disruption to your organization. Best practices recommendations: F ortinet Cloud Consulting Service and Security Advisory Service which include incident readiness, playbook and response process improvement will help customers to apply all best practices in this chapter. F ortinet Cloud Consulting Service and Security Advisory Service Services can help customer on: developing incident management plans Prepare forensic capabilities Automate containment via playbook and Fortinet Security Fabric With Fortinet professional services, and Tabletop Exercise services, customer can apply pre-provision access and pre-deploy tools, as well as run game days aka simulations. How does Fortinet solution enhance AWS security services? Fortinet is the 20+ year leader in security industry. Our consultants and engineers have expertise in incident readiness and response. Fortinet has industrial certified resources including cloud architects , security consultants and service delivery engineers at global scale. Security Pillar - Incident Response SEC10

Q: How do you incorporate and validate the security properties of applications throughout the design, development, and deployment lifecycle? A: Training people, testing using automation, understanding dependencies, and validating the security properties of tools and applications help to reduce the likelihood of security issues in production workloads. Best practices recommendations: Customer should focus on securing DevOps covering the entire Software Development Life Cycle (SDLC). In this chapter, Fortinet can help on BP02, 03 and 07 with FortiDevSec and FortiDAST with Static and Dynamic scanning integration with CI/CD pipeline. FortiDevSec : orchestrates and automates continuous application security testing for developers and DevOps directly into the application CI/CD DevOps lifecycle. It offers comprehensive application scanning, including scanning source code, open-source/ third party libraries, secret, container images, IaC files and live web application URLs. includes all the above types of scanning to provide comprehensive vulnerability management. DAST scanning alone is provided through FortiDAST , but FortiDevSec is seamlessly integrated with FortiDAST . How does Fortinet solution enhance AWS security services? The Easy-to-use and comprehensive portal where users can log in and view all the issues across all their applications and all the different scan types. Scanners get set up automatically. Unified configuration for all your scans with no need for siloed plugins Noise reduction via intelligently correlates across multiple scan results and manipulates the risk ratings accordingly. Security Pillar - Application Security SEC11

FortiSIEM BYOL https://aws.amazon.com/marketplace/pp/prodview-6rqkoxup67mhq?sr=0-1&ref_=beagle&applicationId=AWSMPContessa FortiSOAR BYOL https://aws.amazon.com/marketplace/pp/prodview-ajgaysp4jbybq?sr=0-1&ref_=beagle&applicationId=AWSMPContessa Fortinet Security Consulting Service https://aws.amazon.com/marketplace/pp/prodview-qyu7ym7k75soi?sr=0-1&ref_=beagle&applicationId=AWSMPContessa FortiGate NGFW PAYG https://aws.amazon.com/marketplace/pp/prodview-wory773oau6wq?sr=0-1&ref_=beagle&applicationId=AWSMPContessa Fortigate Cloud Native Firewall SaaS https://aws.amazon.com/marketplace/pp/prodview-vtjjha5neo52i?sr=0-1&ref_=beagle&applicationId=AWSMPContessa FortiWeb PAYG https://aws.amazon.com/marketplace/pp/prodview-hi4pzmnlcgpy4?sr=0-6&ref_=beagle&applicationId=AWSMPContessa FortiWeb Cloud SaaS https://aws.amazon.com/marketplace/pp/prodview-rbkvcwsvcpgsk?sr=0-1&ref_=beagle&applicationId=AWSMPContessa FortiCNP Monthly PAYG SaaS https://aws.amazon.com/marketplace/pp/prodview-vl24vc3mcb5ak?sr=0-1&ref_=beagle&applicationId=AWSMPContessa Solution Readiness on AWS Marketplace FortiDevSec via FortiCloud Portal https://fortidevsec.forticloud.com/devsec-home FortiDAST via FortiCloud Portal https://fortidast.forticloud.com/#/
Tags
aws well-architect fortinet
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 44
  • Slides 16
  • Age 518 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
29 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views
View More in This Category