Transform your enterprise branch with secure sd-wan
DSS_ITSEC
978 views
28 slides
Nov 27, 2018
Slide 1 of 28
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
About This Presentation
Timo Lohenoja, Systems engineer Finland and the Baltics, Fortinet, https://dssitsec.eu
Slide Content
2018 Fortinet Security Fabric A Security Architecture that provides: BROAD Visibility & Protection of the Digital Attack Surface INTEGRATED Detection of Advanced Threats AUTOMATED Response & Continuous Trust Assessment Delivered as: Appliance Virtual Machine Hosted Cloud Software
Transform your enterprise branch with Secure SD-WAN Timo Lohenoja, CISSP Systems Engineer [email protected]
Enterprise Branch Going Through Evolution 70% Of customers mentioned existing WAN is brittle, slow, expensive and not effective for cloud adoption 2 due to back-haul 62 Average number of cloud applications shows rapid growth of SaaS and IaaS 3 DX Transformation SaaS Inefficient Traditional WAN Security is “MUST” 90% Of SD-WAN vendors do no provide security. With direct internet access, security becomes critical at every branch Today’s Enterprise Branch WAN traffic is back-hauled to data-center which degrades SaaS Applications Performance
DataCenter MPLS Challenges with Today’s WAN SaaS Applications Branch Branch No App Visibility MPLS Internet No NGFW Security Expensive and Slow Poor Application SLA
DataCenter Secure SD-WAN Enables Digital Transformation SaaS Applications Branch Branch Hybrid WAN Support MPLS Internet Internet Application Visibility Opex Savings Rapid Provisioning High Application Performance Advance Security
Gartner : Four architectures to secure SD-WAN 90% of the SD-WAN vendors only offer stateful firewalls… Gartner, October 2017 Multiple products: Agility impact? Simplification impact? Management impact? One product: Integrated NGFW & SD-WAN Zero touch provisioning One management Multiple products: Agility impact? Simplification impact? Traffic impact? Management impact?
Evolution of Fortinet Secure SD-WAN 5.4 5.6 6.0! Application steering Link load Balancing Traffic Shaping Identification of cloud applications Dynamic WAN Path Controller Zero Touch Provisioning Pure Play SD-WAN vendors FortiGate SD-WAN Security 6.0 New Features Visibility into 3000+ applications Multiple SLA Strategies Enhanced Application monitoring FortiOS
FortiGate – Integrated NGFW with SD-WAN Application Aware Multi-Path Intelligence Multi Broadband Supported Simplified Provisioning Integrated SD-WAN with NGFW Security Anti-botnet Intrusion Prevention Antivirus IP Reputation SSL Inspection IPsec VPN Inspection Application Control Next Generation Security Networking & URL Filtering
Fortinet SD-WAN Gives Performance of a Lifetime – Recommended by NSS Labs Highest QoE for VoIP Best Total Cost of Ownership Only Security Vendor to be Recommended 4.38 out of 4.41 $5@749 Mbps Blocked 100% Evasions
FortiGate Secure SD-WAN Solution
Fortinet secure SD-WAN solution at a glance Ethernet Broadband 3G/4G failover VPNs Transport Independent App aware path controller Traffic engineering QoS and edge routing NGFW security FortiOS Integrated Secure SD-WAN Application SLA Unified centralized policy Zero touch deployment Single pane & end to end Management & Analytics
FOS 6.0 - Enable Best of Breed SD-WAN Visibility into 3000+ applications Application-level transaction for better SLA Dynamic WAN link selection using SLA strategies Automated fail-over capabilities High-level monitoring of SD-WAN devices on a map Detailed application monitoring Application Aware Multi-Path Intelligence Simplified Monitoring Certified Security Multi Broadband Supported Transport independent with support for Ethernet, 3G/4G Aggregate multiple interfaces into single SD-WAN interface Most Certified Security such as NSS Labs High Performance powered by Security Processor technology 6.0
SD-WAN Application Awareness – Broad and Deep BROAD DEEP Posts Games Videos Chat Granular Application Visibility 3000+ Applications Supported 6.0
Application Aware SD-WAN – FOS 6.0 Example SD-WAN Rules Granular application awareness with 3000+ known applications Internet Service Database Dynamically updated database of known service IPs and protocols Layer 4 Application Control Dynamically updated database of applications Deep inspection 6.0
Dynamic WAN path controller and measurement Application Steering WAN Path Measurements Dynamic Application Fail-over
Control Application Performance using Strategized SLA TOP CRITICAL HIGH MEDIUM LOW Best Quality Minimum Quality 6.0 6.0
Performance SLA (For high priority applications) Application-Level Transaction Latency < 200ms Latency < 100ms AND Packet Loss < 1% AND Jitter < 30ms Multiple Measurement Techniques Ping HTTP TCP Echo UDP Echo TWAMP Failover Parameters Check Interval Success before restore 6.0 6.0 Failure before inactive
SLA Strategy using Best Quality 6.0 No compromise on SLA High performance of business-critical applications Always use the link with the best SLA requirements regardless of link cost 6.0
SLA Strategy using Minimum Quality 6.0 Maintain SLA While Saving on Opex Consider both SLA and Link Cost
FortiManager - Single Pane of Glass Management VPN Visibility and Management on FMG NOC Dashboard and simple central monitoring Zero-Touch deployment with FortiDeploy
Centralized Applications SLA – FortiManager 6.0
Case Studies
Large SuperMarket in Northern Europe 30% Market Share in Netherlands 13 Independent Retail Organizations 1500 branches, 10 datacenters Unique set of security and networking requirements for each retail member Proliferation of IoT devices, demanding more bandwidth and security CHALLENGES Unified “best of breed” approach, competing against powerful national supermarket chains Undergoing digital transformation to simplify management and increase productivity GOALS EMEA SOLUTION Consolidation of Branch Services Fortinet’s patented VDOM functionality allowed customer to deploy multiple retail formulas from a single location Extended Fortinet’s SD-WAN solution to include switches, access points and extenders from Fortinet
2018 Fortinet Solutions Network Security Multi-Cloud Security Endpoint Security Email Security Web Application Security Secure Unified Access Advanced Threat Protection Management - Analytics FortiGate Enterprise Firewall FortiGate Cloud Firewall Network Security FortiClient EPP FortiWeb Web Application Firewall FortiMail Secure Email Gateway FortiSandbox Advanced Threat Protection FortiAnalyzer Central Logging /Reporting FortiManager Central Security Management FortiSIEM Security Information & Event Management FortiGate Virtual Firewall Network Security FortiAP Wireless Infrastructure FortiSwitch Switching Infrastructure SWG SD-WAN IPS
Evaluate FortiGate SD-WAN! Native SD-WAN Proven NGFW FortiGate provides PROVEN best of breed SD-WAN features in base platform Make your branch application aware with our WAN Path Controller Consistent application performance with automated fail-over 90% of SD-WAN vendors do not offer NGFW security Fortinet is the industry leader in Security Effectiveness and Performance Simple to manage integrated NGFW And SD-WAN in single offering SD WAN NGFW
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 978
- Slides 28
- Age 2563 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
48 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
22 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views