Take control of your SAP testing with UiPath Test Suite
Fortinet ixia ottawa, june 2013
1. 1
What’s Next in Next-Gen
Firewalls and Testing?
Ottawa. June 20th, 2013
2. 2
AGENDA
11:30 am Lunch
12:00 pm Welcome
12:10 pm Video: John Pescatore (SANS) –NGFW and ATAs
12:25 pm Fortinet / Ixia Live Demonstrations
1:00 pm Wrap Up / Q+A
What’s Next in Next-Gen
Firewalls and Testing?
10. 10
Live Demonstrations
• Test 1
NGFW Bandwidth Throughput
• Test 2
NGFW BW + Attacks
-Same throughput as Test 1
Bidirectional attacks added (1757 in each direction)
Standard BP strike level 4
Blocked strikes retry and retransmit
• Test 3
NGFW BW + Attacks (but no detection)
Still same throughput as before
Bidirectional attacks go through FW only rules (no IPS or App control)
11. 11
Test Lab and Certification Results
Separate 3rd Party Facts from Vendor Claims
13. 13
Over 150 New Features & Enhancements
Securing Mobile Devices
------------------------------------
Device Identification
Device Based Policy
Endpoint Control
Making Smart Policies
-------------------------------------
Secured Guest Access
Visibility & Reporting
Identity-Centric
Enforcement
More
Intelligence
Fighting Advanced Threats
--------------------------------------
Client Reputation
Advanced Anti-malware
Protection
FortiOS 5 - The World’s Most Powerful Network
Security Operating System
More Security
More
Control
15. 15
Fortinet’s Answer to What’s Next - FortiOS 5
The World’s Most Powerful Network Security OS just got even better!
Advanced Security
Advanced Threat Protection and Remediation Technologies to
break the Threat life Cycle
Contextual Visibility
Empowering organization to gain deep insights to real-time and
historical network use by Application, by User and by Device
(BYOD)
Feature Select
Instantly fine-tune Fortigate based on desired deployment
needs using feature presets
16. 16
Feature Select: Enabling Flexible, Optimized Configurations
• Deploy specific security functions per network location requirements
HQ
(Enterprise Core)
Branch Office
(Distributed Enterprise)
NGFW+ATP
NGFW+ATP
WF
ATP
NGFW
NGFW
INTERNET
Retail Outlet /Kiosk
(Distributed Enterprise)
Data Center
FW
NGFW
UTM
Management
Endpoint Control
17. 17
Feature Select Presets - Flexible Configuration
Allow administrators
to easily set up GUI
that is relevant to the
unit’s deployment
Further
customizations
18. 18
Context Visibility - Network Activities
NAT’ed IP and Port
Applications and
their usage
Device & User Info
Concurrent Session &
New session per sec
Geo IP Info
FortiGuard Encyclopedia
Integration
19. 19
Context Visibility – Threat Status
DRILL DOWN
Display top clients
that is associated
with most threats
20. 20
Advanced Targeted Attacks
• Advanced Targeted Attacks (ATA)
» Target specific organizations
» Infiltrate from multiple vectors
» Remain stealthy for lengthy periods of
time before exfiltrating data
• ATA is the accepted term for viruses
» Advanced Persistent Threats (APT) also used
• Modified Infection Lifecycle
» Zero day vulnerabilities
» Fresh Malware
» Phishing emails
» Password hacks
21. 21
Fortinet Advanced Threat Protection
Once compromised,
systems can be
controlled remotely
Botnets
Infection via web
downloads, phishing
or watering hole
attacks
Malicious
Websites
Viruses and other
malware evolve to
avoid detection
Polymorphic
Malware
Host machines can
become infected by
viruses, trojans, etc.
Traditional
Viruses, etc.
Identifies and
blocks suspicious
websites
Identifies zero-day
malware via
cloud-based AV
sandboxing
Prevents command
and control from
remote systems
through
IP reputation
Web Filtering Malware Sandboxing Botnet DB Blacklist
FortinetATP
Advanced AV Engine
Uses heuristic
techniques and OS
independent local
sandboxing
Infected hosts take
orders from the
Internet
Potential initial host
infection vector
Avoids traditional
signature-based AV
detection
Destructive behavior
or backdoor
installation
22. 22
Capacity&Performance
FG-100-800 Series FG-1000-3000 Series
FG-5000
Chassis System
Enterprise Branch Enterprise Core
Data
Center
Enterprise Product Offering
ATP NGFW NGFW+ATP
10G Interfaces
Dual power supplies
Multi-gigabit NGFW performance
Highly scalable
WFNGFW NGFW+ATP
Compact 1 RU
NGFWFW
29. 29
Storage SAN
HOLDING YOUR
VENDORS ACCOUNTABLE
METRIC
Transactions
Concurrent Flows
Average Latency
(microseconds)
Attacks Blocked
(Ixia Security Level 1)
GOAL
10,000
30,000
5,000
80%
FIREWALL A
12,243
32,684
5,114
47%
FIREWALL B
8,832
57,908
1,308
91%
FIREWALL C
N/A
14,618
235,648
78%
Met Specification Missed Specification by 5% or less Missed Specification by more than 5%Key:
Wireless Wi-Fi
Next-Gen Security Devices
Massive Performance Routing
Port Density Switching
Ethernet 100G
DEVICE
EVALUATION
30. 30
APP FLOOD
SYN FLOOD
USERS
Router Firewall Load
Balancer
App Server Switch Database
Server
APPLICATION RESILIENCY
NETWORK RESILIENCY DATA CENTER RESILIENCY
DDOS RESILIENCY
TESTING
31. 31
Best-in-class solutions to test, assess and
optimize networks and data centers
Complete visibility into your network, data center,
and the applications that fuel your business
From the lab to the network to the cloud, Ixia solutions
optimize networks and data centers to accelerate,
secure, and scale the delivery of your applications.
Actionable insight to eliminate guesswork for optimal
and predictable application & service delivery
Only Ixia Provides
Use this slide to introduce Fortinet during the Welcome segment (see Agenda)The purpose of this slide is just to do a quick 2 to 3 minute Fortinet intro for guests who are not familiar with the company.Fortinet is a leader in the NGFW and UTM markets. We are publicly traded, profitable and had 2012 revenues of $533 million.Historically, security has followed Internet trends, and now is no exception. Security that can protect against network and content threats – both known and unknown – and do so at network speeds is required. Fortinet recognized this early on and our vision was to tightly integrate many securityfunctions and point products together into a single, manageable and flexible platform. This vision created the Unified Threat Management market, and it’s offshoot, the Next Generation Firewall market, which is essentially a subset of UTM.UTM is defined as a device that “Unifies” multiple security features, including firewall/VPN, Intrusion Detection/Prevention and gateway antivirus, at a minimum, Fortinet offers all these plus much more features. We also leverage our FortiASIC to accelerate performance, and utilize our FortiGuard Labs for real-time global update service, this solution effectively protects our customers in today’s challenging network environment
Ixia is the global leader for test, assessment and validation of IT infrastructure solutions that enable customers to optimize technology throughout the IT lifecycle. Our family of products provides quantifiable data where no data exist before. This means less guessing more facts. We assist preproduction, production and operations with products solutions and services that evaluate performance scalability and security resiliency.
This is the actual gear used in today’s demo. It consists of a Fortigate 3600C and an Ixia BreakingPoint FireStorm ONE. The setup is physically located in Sunnyvale, CA. We are using the hotel Internet connect to reach to equipment.
Here is both a physical and logical view of the demo configuration.We are just using a single port on the Fortigate/Breakpoint connected in loopback mode so that the Breaking Point can monitor and show the activity on the Fortigate.If all ports were activated on the Fortigate, capacity would be 60G. But we are only using 1 port so 10 G would be the maximum. In fact, we have throttled this back for the demo and the latency of the remote connection, so we should expect to see 8 to 9G for the demo.
This is a summary off the 3 demos we will do today (read the slide!). They are:Test 1 NGFW Bandwidth ThroughputTest 2NGFW BW + Attacks Test 3 NGFW BW + Attacks (but no detection)
Fortinet’s leading is continually validated by our robust feature set, independent test lab verifications and industry awardsFortinet has been award the coveted “Recommended” designation by NSS labs for Firewall, IPS and NGFW.
FORTINET BUILT AND OWNS ALL 3 KEY UTM COMPONENTS – INTEGRATED SECURITY TECHNOLOGIES, HIGH-SPEED ASICS, AND GLOBAL SUBSCRIPTION UPDATE SERVICES -- WHICH PROVIDES US WITH A COMPETITIVE ADVANTAGE. WE BELIEVE THAT NONE OF OUR COMPETITORS PROVIDE A SOLUTION THAT INCORPORATES ALL THESE 3 UTM KEY COMPONENTS. OUR FORTIOS OPERATING SYSTEM ENABLES US TO EFFICIENTLY DELIVER MULTI-THREAT, COMPREHENSIVE SECURITY.OUR FORTIASICs ADD SIGNIFICANT PROCESSING POWER ADVANTAGE OVER THE SOFTWARE APPROACH, ACCELERATING FORTIGATE UTM PERFORMANCE.OUR FORTIGUARD INFRASTRUCTURE PROVIDES PROTECTION IN REAL-TIME - ESSENTIALLY PROVIDING A RECURRING, SUBSCRIPTION BUSINESS ON TOP OF OUR FORTIGATE APPLIANCES.SOME OF OUR COMPETITORS MAY BE ABLE COMPETE WITH INDIVIDUAL ELEMENTS OF OUR UTM SOLUTION - BUT IN OUR VIEW NO ONE CAN DELIVER THE ENTIRE SOLUTION AS WE ARE DOING TODAY. FOR EXAMPLE:SECURITY VENDORS SUCH AS CHECK POINT AND MCAFEE OFFER A BROAD SET OF FEATURES, BUT DO A POOR JOB OF INTEGRATING THEM, AND DON’T COME CLOSE ON PERFORMANCE NETWORKING VENDORS SUCH AS CISCO AND JUNIPER ARE OK ON PERFORMANCE, BUT THEIR FIREWALL AND VPNS MISS ALL THE VIRUS AND BAD CONTENT-BASED ATTACKS.WE BELIEVE WE HAVE THE BEST TECHNOLOGY COVERING ALL THE KEY UTM FUNCTIONS, AND FROM A PERFORMANCE AND INTEGRATION PERSPECTIVE, NO ONE EVEN COMES CLOSE TO FORTINET.
FortiOS tackles today’s challenges:The need for more control – how do I control devices - devices may be personal or belongs to the organizationThe need to protect against new threats – How do I protect the network against zero-day attacks and goes beyond using Signatures …The need to effectively enforce security with more complex network environment and requirements – How do I simplify the management and implementation, so that I as the weakness link – do it correctly! Also, How can I better understand what is going on my network
So, what is next for Next Gen Firewalls?
Fortinet answered the question, “What’s next in next-generation enterprise firewalls?” with new features within its FortiOS 5 operating system, which serves as the foundation for the company’s award-winning FortiGate™ network security platform. The new update includes:Feature Select: With one-click, customers can choose from a variety of security configuration options, including: High Speed Firewall, NGFW, ATP, Web Filtering, UTM and others Contextual Visibility: Gives organizations real-time and historical insight on network use based on application, user and device Advanced Threat Protection (ATP): Enhanced security tools combat and mitigate multi-vector persistent attacks
Gartner has recently recommend that customers standardize on a single firewall platform across their enterprise. Gartner believes this will reduce firewall rule errors, simplify management and lead to reduced operating costs.Fortinet offers a wide product portfolio with its Fortigate network security platforms.Now, with Feature Select, you can standardize the same network security operating systems (FortiOS) across your enterprise and be able to fine tune each device with features specific to it physical location in the network.Feature Select includes the following presets:FW = FirewallNGFW = NGFWATP = Advanced Threat ProtectionWF = Web FilteringNGFW +ATP = NGFW + Advanced Threat ProtectionUTM = Unified Threat Management
You access Feature Select from the Fortigate Console “Features” section.Using the dropdown box, you choose your desired Feature Select Preset, and then the configuration will be updated in the Fortigate.
Better Protection with Better VisibilityThe new Contextual Visibility feature in FortiOS 5 gives administrators deeper insights into historic or real-time network activities using detailed analytics. The types of data that can be extracted include IP and Port, geographical IP, session type, user names, network usage, network coverage and the types of applications and devices that are connecting to the network. With this, administrators can use correlated data to identify top clients associated with particular threats and further isolate suspicious Websites and IP addresses.
Another Example of Context VisibilityThe new Contextual Visibility feature in FortiOS 5 gives administrators deeper insights into historic or real-time network activities using detailed analytics. The types of data that can be extracted include IP and Port, geographical IP, session type, user names, network usage, network coverage and the types of applications and devices that are connecting to the network. With this, administrators can use correlated data to identify top clients associated with particular threats and further isolate suspicious Websites and IP addresses.Context Visibility can also be used to drill down and identify Threat Status.
Fortinet addresses these threat vectors with multiple technologies to provide advanced threat protectionFortinet Web Filtering uses URL matching and advanced DNS-based web filters to identify potentially harmful websitesFortinet Antivirus Engine can identify standard AV threats, but also uses advanced techniques like heuristics and sandboxing to determine malicious behaviorFortiGuard Analytics (aka AV sandboxing) allow zero-day wares to be identified and further analyzed in the cloudFortiGuard Botnet database contains up-to-date information about IP reputations and prevents remote command and control communications
Summary of Fortigate NGFW offerings.
The current threat landscape is changing everything, from the way we protect data and secure infrastructures to the way we test infrastructure devices and train cyber warriors. The divide between testing tools, threat intelligence, and monitoring products has created dangerous blind spots that continue to erode the security posture of businesses and government agencies.
Ixia believes organizations deserve definitive answers, not best guesses and promises.That’s why Ixia accelerates and secures application delivery by providing the most comprehensive solutions that test, assess, and optimize networks. This is a critical combination that provides the predictive insights and actionable intelligence you need to accelerate, secure, and scale application delivery.Our recent acquisitions of Anue and BreakingPoint have added to our already strong solutions.
Only Ixia Anue solutions deliver complete visibility into your network, your data center, and the applications and services that fuel your business. Deliver Right Packets to Security & Monitoring Tools (with Anue Dynamic filters)Aggregate Traffic from Different Parts of the Network (with Anue Aggregation)Eliminate Monitoring Traffic Bottlenecks (with Anue Load Balancing)Share Traffic between Different Tools (with Anue traffic sharing)Filter Application Traffic (Layer 2, 3, 4, plus Dynamic filters – send the traffic each tool needs)De-duplicate Packets (increase performance of security monitoring tools)Identify Security Threats with the help of Partners Tools such as Fortinet
Ixia BreakingPoint solutions are the industry's most scalable, easy-to-use, and adaptable network assessment offerings – allowing companies to optimize performance and protect against threats with the latest applications and security attacks. You WILL be attacked, so you better be ready. All you can trust is data…data that provides predictive analytics, shows infrastructure stress fractures, monitors user behavior, and keeps you ahead of the hackers and the auditors.
Actionable Security IntelligenceBridges the gap between IT testing, monitoring, and IT operations delivering the advance insight to protect highly dynamic converged and mobile networks, virtualized data centers, applications, and data in a highly volatile environment.Using our patented products, we then CONTROL this intelligence to simulate massively scalable With the exclusive ability to capture and control global threat intelligence at Internet-scale, BreakingPoint delivers the patented product bridges the gap between IT testing, monitoring, and operations delivering the advance insight to protect highly dynamic converged and mobile networks, virtualized data centers, applications, and data.