forticlient customer presentation n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
FortiClient Customer Presentation PowerPoint Presentation
Download Presentation
FortiClient Customer Presentation

Loading in 2 Seconds...

  share
play fullscreen
1 / 38
hafwen

FortiClient Customer Presentation - PowerPoint PPT Presentation

206 Views
Download Presentation
FortiClient Customer Presentation
An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. FortiClient Customer Presentation

  2. The Human Factor Source: Verizon DBIR 2018

  3. Market Trends The Platform Approach

  4. User Security Gaps According to Gartner 63% of companies can not monitor off-network endpoints, over half can’t determine endpoint compliance status Through 2021, 99% ofvulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year. • 4% • of people will click on any phishing campaign 80% of hacking-related breaches leveraged weak, stolen or compromised credentials LACK OF VISIBILITY GULLIBLE END USERS VULNERABLE ENDPOINTS Sources: • The Cost Of Insecure Endpoints, Ponemon Institute, 2017 • Gartner, How to Respond to the 2018 Threat Landscape, Greg Young, 28 November, 2017 • Breach Investigation Report, Verizon, 2018

  5. Integrated Threat Detections • THREAT INTELLIGENCE • NEXT GEN FIREWALL • FILE DETONATION/ SANDBOXING • ENDPOINT SECURITY • ANALYTICS & UEBA

  6. Fortinet Security Fabric Network Security Multi-Cloud Security Device, Access, and Application Security Network Operations Open Ecosystem Security Operations BROADVisibility of the entire digital attack surface Fabric APIs Fabric Connectors INTEGRATED AI-driven breach prevention across devices, networks, and applications Endpoint/Device Protection Multi-Cloud Security NetworkSecurity AUTOMATED  Operations, orchestration, and response Secure Access Application Security Security Operations Q1FY19 v1.4.4

  7. Fabric Integrated Endpoint Security Network Operations Endpoint/Device Protection NetworkSecurity Security Operations

  8. FortiClient Components More than Advanced endpoint protection 3 ENDPOINT PROTECTION (EPP) ADVANCED THREAT PROTECTION App FW, Anti-malware, Anti-exploit, Web Filtering Sandbox Integration SECURE REMOTE ACCESS 1 2 3 2 SSL & IPSec VPN, SSO FABRIC AGENT 1 Telemetry, Quarantine, Vulnerability, App Inventory

  9. FortiClient Fabric Agent More than Advanced endpoint protection Network Operations 3 4 ENDPOINT PROTECTION (EPP) ADVANCED THREAT PROTECTION App FW, Anti-malware, Anti-exploit, Web Filtering Sandbox Integration Endpoint/Device Protection SECURE REMOTE ACCESS 2 SSL & IPSec VPN, SSO NetworkSecurity FABRIC AGENT 1 Telemetry, Quarantine, Vulnerability, App Inventory Security Operations

  10. Fabric Agent Use Case • Risk-based visibility • Identify unpatched vulnerabilities with patching options • Software inventory for visibility on installed application and versions • Dynamic access control • Integrated and automated • Integrated with the Security Fabric • Automated response to contain incidents • Compatibility FortiClient FortiGate FortiClient

  11. Use Case 1- Fabric Agent Automobile Dealership

  12. Vulnerability Dashboard

  13. Risk Visibility In The Network ContextEndpoint Telemetry • Device information • OS • Co-relate multiple MAC • FortiClient Status • Endpoint Vulnerabilities • Logged-in User • User Avatar • Social IDs • Online/Off-line • Endpoint events and logs

  14. Security Rating

  15. Automation • File quarantine • Submit files for Sandbox analysis • Auto Patching • Compliance enforcement • Endpoint quarantine

  16. Dynamic Access Control (Intent Based Segmentation) Use Case: Block Access for Security Risk Endpoints Engineering Segment ENGINEERINGINTRANET AccessDenied Sales Segment SALES INTRANET Tag Finance Segment FortiGate FortiClient EMS FINANCE INTRANET Internet Critical Vulnerability User:Kate Group:Engineering User:Jenny Group:Sales User:Jack Group:Finance

  17. Dynamic Access Control (Intent Based Segmentation) Use Case: Access Based on AD Groups Engineering Segment ENGINEERINGINTRANET AccessDenied Sales Segment SALES INTRANET Tag FortiGate FortiClient EMS Tagging Configuration FINANCE INTRANET Internet User:Kate Group:Engineering User:Jenny Group:Sales User:Kate Group:Sales

  18. Dynamic Access Control (Intent Based Segmentation) Use Case: Restricted Access for Unknown Endpoints Finance Segment ENGINEERINGINTRANET AccessDenied AccessDenied AccessDenied Engineering Segment SALES INTRANET Sales Segment FortiGate FINANCE INTRANET Internet BYOD User:Unknown Group:Unknown

  19. Proactive Endpoint Defense 3 4 • ML-powered Antimalware—CPRL • Anti-exploit • Web filtering • Application firewall • Sandbox integration ENDPOINT PROTECTION (EPP) ADVANCED THREAT PROTECTION App FW, Anti-malware, Anti-exploit, Web Filtering Sandbox Integration SECURE REMOTE ACCESS 2 SSL & IPSec VPN, SSO FABRIC AGENT 1 Visibility, Quarantine, Vulnerability, App Inventory

  20. Proactive Endpoint Defense Mitigate Vulnerabilities & Prevent Exploits Detect & Block Advanced Malware Integrated & Automated Response • Anti-malware • Anti-Exploit • Web filter • Application firewall • Integrated Sandbox • File and endpoint quarantine • Auto patching • Sandbox integration • SIEM integration • Vulnerability scanning • Patching • Exploit Protection Visibility. Integration. Centralized management.

  21. Detect and Block Malware and Advanced Threats • Antimalware • Pattern-based (CPRL) antimalware engine • Detect polymorphic malware • Block known attack channels and malicious website • Big data analysis, machine learning and AI in the Cloud • Anti Exploits (exploit protection) • Behavior-based detection • Can detect Advanced malware and ransomware typically package an exploit • Prevents attacks that leverage PowerShell or other scripts • Sandbox Integration • Detect advanced or custom malware • Automatic file submission for analysis • Threat intelligence sharing across enterprise

  22. Enhanced FortiSandbox Integration (new)

  23. Use Case 2- Full Endpoint Protection Online market place

  24. Secure Remote Access Two Factor Authentication (2FA) Single Sign On (SSO) VPN LDAP/ Active Directory FortiGate FortiToken VPN Finance Database FortiAuthenticator SSO Finance user Internet Finance Intranet • Auto-connect, Always on VPN • Supports SSL and IPsec VPN • Dynamic VPN Gateway selection, and split tunneling • Additional layers of security with two-factor authentication • Single-Sign-on agent supports FortiAuthenticator

  25. Auto Dealership • 4000 Employees • 175+ locations • Represent 34 Auto brands KEY TAKE-AWAYS: • Customer leverages Security Fabric to gain visibility and asset management • Remote access with Two Factor Authentication • Goals • Acquisition – Asset control and endpoint visibility • Branch location security and connectivity • Challenges • Rapid expansion and acquisition– unable to get clear account and protection status on computers • Lack of network visibility across branch offices

  26. Another Dealership Solutions • FortiClient Fabric Agent: • Endpoint visibility and compliance/ policy enforcement • VPN, SSO • FortiAuthenticator, Token • FortiGate • FortiManager, FortiAnalyzer Why Fortinet • Integration and Vendor Consolidation - Security Fabric architecture • Visibility across endpoints and network • Secure SD-WAN with native NGFW features • Secure remote access with MFA and push token Purchased/Implemented • ENDPOINT PROTECTION (EPP) • App FW, Anti-malware, Anti-exploit, Web Filtering Future upgrade • ADVANCED THREAT PROTECTION • Cloud Sandbox Integration SECURE REMOTE ACCESS SSL & IPSec VPN, SSO Purchased/Implemented FABRIC AGENT Telemetry, Quarantine, Vulnerability, App Inventory

  27. Centralized Management with EMS Enterprise Management System (EMS) • Configure, deploy and manage FortiClient • Integrate with LDAP and other enterprise systems • Real-time endpoint monitoring • Threat summary, alert and notification • Remote actions • Anti-malware scanning • Vulnerability scanning • Endpoint quarantine • Software Inventory • File quarantine management • Highly scalable

  28. FortiClient ENDPOINT VISIBILITY PROACTIVE ENDPOINT PROTECTION AUTOMATION SIMPLIFIED ENDPOINT MANAGEMENT • Expanded Visibility Across all OS – Windows, Mac, Linux, Chromebook, Android and iOS • Software Inventory • Integrated Vulnerability management with patching • CPRL updates derived from FortiGuard ML • Enhanced sandbox integration • Sandbox analysis report in EMS • Real time Cloud-based threat detection for emerging threats • Dynamic Access control • Compliance Enforcement • Security Fabric IOC Quarantine • Support FortiOS group policy • Dynamic Endpoint Grouping • Centralized Quarantine Management • Single Console Management for all platforms • Improved Usability with New Navigation • Cloud-managed option coming soon

  29. Education

  30. Protecting Students on the Internet • Students must be protected from inappropriate content • Internet browsing must be transparent—visible/logged/reported

  31. Web Filtering • 75+ URL categories • More than 43 million rated websites, and 2 billion+ web pages • Works with Google Safe Search • Includes whitelisting and blacklisting of websites • Monitor all web browser activity

  32. Public k-12 school districts • Schools: 29 • Students: 25,994 • Teachers: 989 • Deal Size: 40K endpoints KEY TAKE-AWAYS: • Single management for windows, Chromebook, iOS devices • Security Fabric • ATP Large School District in California Goals • Integration, consolidation, CIPA compliance Challenges • Enforce web-filtering policy across different device platforms • Enhanced security—across mail, gateway, and endpoint Competition • Sophos, Zscaler…

  33. Large School District in California Solutions • FortiMail • FortiClient • FortiGate 501E, 101E and 61E • FortiGate VM • FortiAuthenticator Why Fortinet • Integration and Vendor Consolidation—Security Fabric architecture • Visibility across endpoints and network • Consistent web filtering and security policy on and off campus • Cross platform support—Windows, Mac, iOS, Android, Chromebook Purchased/Implemented • ENDPOINT PROTECTION (EPP) • App FW, Anti-malware, Anti-exploit, Web Filtering • ADVANCED THREAT PROTECTION • Cloud Sandbox Integration SECURE REMOTE ACCESS SSL & IPSec VPN, SSO Purchased/Implemented FABRIC AGENT Telemetry, Quarantine, Vulnerability, App Inventory

  34. Web Filtering Across all Popular OSs

  35. Endpoint & Network Security Integration Check List

  36. 10,000 employees • 1200+ locations • Deal size: Four million+ KEY TAKE-AWAYS: • Customer leverages Security fabric through out the network infrastructure, from retail store, campus to the Cloud • FabricAgent combability with Symantec Endpoint Protection Leading Fashion Brand Goals • Infrastructure modernization • Simplification through vendor consolidation Project • Modernize retail location • Protecting customer data in the GDPR era • Consolidate and consistent security across datacenter, public Cloud (Azure, AWS), campus and regional branch offices Competition • Check Point, Cisco

  37. Leading Fashion Brand Solutions • FortiClient • Compatibility with Symantec Endpoint protection • Endpoint visibility and compliance/policy enforcement • VPN and Mobility Agent for SSO • FortiGate • FortiWifi/FortiSwitch/FortiAP • FortiGate VM • FortiAnalyzer/FortiManager • FortiAuthenticator Why Fortinet • Integration and Vendor Consolidation—Security Fabric architecture • Visibility across endpoints and network • Open eco-system, compatibility Provided by Symantec • ENDPOINT PROTECTION (EPP) • App FW, Anti-malware, Anti-exploit, Web Filtering Future upgrade • ADVANCED THREAT PROTECTION • Sandbox Integration SECURE REMOTE ACCESS SSL & IPSec VPN, SSO Purchased/Implemented FABRIC AGENT Telemetry, Quarantine, Vulnerability, App Inventory