Fortinet and Windstream presented on debunking common network security myths. They discussed that having only a firewall is not enough protection today given blended attacks. Blocking applications alone is also insufficient; layered protection is needed. Consolidated security solutions are better than stand-alone products due to improved performance, protection and reduced complexity. Staying on top of threats is possible through real-time updates from hundreds of thousands of sensors. Even small businesses are targets, not just large enterprises. Windstream offers a managed network security solution beyond just desktop protection to defend an entire network environment.
2. Introduction
Presenters
Drew Savage, Fortinet
Director, MSSP Strategy and Business Development – Global Alliances
Has spent the past 12 years focusing on security for carriers, managed
service providers and vendors and will be the main presenter for the webinar.
Terry O’Brian, Windstream
Windstream Enterprise Product Development
Has over 25 years experience in voice and data technologies, business
development, and product marketing. Terry has authored numerous industry
white papers and trade press articles on a variety of networking topics
including MPLS, ATM/Frame Relay, Unified Communications, and Network
Security.
2
3. Overview
Top 5 Network Security Myths
1. I have a firewall, I don’t need any other network protection
2. Blocking applications is good enough
3. Best of breed products are better than a consolidated approach
4. There is no way to stay on top of threats
5. Hackers only attack big companies
3
4. Mature Company with Market Leadership Across the Board
Worldwide UTM Market Share Magic Quadrant for Unified
Q2 2010 (1) Threat Management (2)
Market
Rank Company
Share (%) (2)
1 16.4
• Founded in 2000 2 Cisco 9.8
• Global presence with 30+ offices 3 Juniper 9.0
worldwide & 1,300+ employees
4 SonicWALL 8.1
– 5,000+ channel partners
– 100,000+ customers 5 Check Point 7.2
– Majority of the Fortune Global 100 6 WatchGuard 4.9
• IPO Nov 2009 7 McAfee 5.5
• NASDAQ: FTNT
8 Crossbeam 2.6
• 2009 revenue of $252 Million
9 Other 41.4
– 19% YoY growth
Total 100.0
• World class management team
Notes
(1) IDC Worldwide Security Appliances Tracker, September 2010 (market share based on factory revenue)
(2) Gartner, Inc., “Magic Quadrant for Unified Threat Management”, October 2010
4
5. Fortinet Pioneered a New Approach
Traditional Network Security Solutions The Fortinet Solution
Stand-alone, non-integrated security Real-time, integrated security intelligence
Mix of off the shelf systems and applications ASIC-accelerated performance
Higher total cost of ownership Lower total cost of ownership
Difficult to deploy / manage / use Easy to deploy / manage / use
5
6. Customers Worldwide
8 of the top 10 Fortune companies in Americas
8 of the top 10 Fortune companies in EMEA
9 of the top 10 Fortune companies in APAC
7 of the top 10 Fortune Telecommunications companies
9 of the top 10 Fortune Retail & Commercial Banks
9 of top 10 Fortune Aerospace & Defense
6
7. Myth #1
1. I have a firewall, I don’t need any other network protection
2. Blocking applications is good enough
3. Best of breed products are better than a consolidated approach
4. There is no way to stay on top of threats
5. Hackers only attack big companies
7
8. This Week in Hacks
South Shore Hospital data breach may affect up to 800,000; contractor named
A host of personal information was contained on the files.. driver’s license numbers,
SSNs, medical records…banking details
Bank Of America Accounts Hacked
Debit Card Information Stolen – local branch
Ceridian, Lookout Services Settle With FTC Over Data Breach
A report recently revealed that data breaches were at an all time high in 2010, with
96 percent of all breaches shown to have been avoidable by implementing simple
security measures.
FCC Helps Small Business Plug Huge Cybersecurity Gap
Study that finds American small businesses lose billions annually to cyberattacks and
that 74 percent of small and medium businesses reported being affected by cyber-
attacks in the past 12 months at an average cost of $200,000 per incident.
http://www.fcc.gov/cyberforsmallbiz
8
9. Layers of Protection Against Today’s Threats
• Overlapping, complementary layers of
protection
• Comprehensive, integrated inspection
– Allow but don’t trust any application
– Examine all application content
9
10. Myth #2
1. I have a firewall, I don’t need any other network protection
2. Blocking applications is good enough
3. Best of breed products are better than a consolidated approach
4. There is no way to stay on top of threats
5. Hackers only attack big companies
10
11. Myth: Blocking applications is good enough
import java.awt.*; import java.applet.*;
import java.net.*; public class SlideShow
extends Applet { private Image[] images;
private String[] text; private Label captions;
private volatile int curFrame; private Thread
timerThread; private volatile boolean
noStopRequested; private boolean paused;
Google SEO Poisoning Cross site scripting
Solution
• Integrated Web Filtering
Blocks malicious website
• Antivirus
Block downloads of viruses
• Intrusion Protection and Application Control
Block exploit kits (SWF) and
Botnet command channels
11
12. Myth #3
1. I have a firewall, I don’t need any other network protection
2. Blocking applications is good enough
3. Best of breed products are better than a consolidated approach
4. There is no way to stay on top of threats
5. Hackers only attack big companies
12
13. Myth: Stand-alone products are better than
consolidated approach
•Deliver comprehensive solutions for the
largest global networks and organizations
–Improve performance
–Increase protection
–Reduce complexity
•Continually raising the performance bar
with purpose-built hardware and software
–Custom processors and latest
generation general purpose processors
•Convert stand-alone products into features
–Simplify the network and improve
visibility
•This approach facilitates highly efficient
and effective MSS
13
14. Fortinet & Windstream: Your World Class Security
Solution
24X7 Fully
Customer Logfile Weekly
Managed
Portal Retention Reports
Service
Anti –
Malware
Site to Site Web
VPN Filtering
Application
Firewall IPS
Control
Remote
Wireless Access
LAN
VPN
Remote
Protect
14
15. Myth #4
1. I have a firewall, I don’t need any other network protection
2. Blocking applications is good enough
3. Best of breed products are better than a consolidated approach
4. There is no way to stay on top of threats
5. Hackers only attack big companies
15
16. Myth: There is no way to stay on top of threats
• Application Control: Unwanted Services and P2P Limiting
Botnet command channel, compromised Facebook applications, independent of port or protocol
• Intrusion Prevention: Vulnerabilities and Exploits
Browser and website attack code crafted by hackers and criminal gangs.
• Web Filtering: Multiple categories and Malicious sites
Botnet command, phishing, search poisoning, inappropriate content
• Antivirus: All malicious code
Documents, macros, scripts, executables
Delivered via Web, Email, USB, Instant messaging, social networks, etc
16
17. Comprehensive Protection Solution for SMBs
Defending Against Day Zero Attacks
450000+ FortiGates = Hundreds Of Thousands of Eyes and Ears
NEW ATTACK
DETECTED!!!!!!!
Fortinet support centers Threat Identified, Remedy Created,
FortiGuard update server locations
FortiGates Deployed Pushed to FortiGuard, Pushed to
FortiGates
17
18. Myth #5
1. I have a firewall, I don’t need any other network protection
2. Blocking applications is good enough
3. Best of breed products are better than a consolidated approach
4. There is no way to stay on top of threats
5. Hackers only attack big companies
18
19. Myth: Hackers Only Attack Big Companies
According to NIST 23%+ of all small business have suffered a
data breach many not knowing it, of these…
• 42% reported laptop theft
• 44% reported insider abuse
• 50% detected computer viruses
• 21% reported denial of service attacks
• 20% reported systems being made bots
Why, isn't there more to be gained by attacking large
organizations?
Low hanging fruit - typically less armor against attack, easier, less chance
of discovery
Thinking of taking up mountain climbing? Not a good idea to begin with
Mount Everest
The infrastructure & applications are largely the same.
Microsoft: One Out of 14 Downloads Is Malware
19
20. Summary
Complete Content Protection
•A firewall isn’t enough with today’s current blended attacks
Simple allow/deny access doesn’t work
•Protection in depth is critical
Consolidation is better than best-of-breed
•Integrated solutions better protect your network
Every FortiGate is protected with real-time updates
•CPE or Cloud, On Net or Off ubiquitous security for
your entire network
Windstream’s Managed Security investment is world class
•People, processes and tools delivering your piece of mind
20
22. Windstream Managed Network Security
Beyond Desktop Security
• Windstream Managed Network Security unifies stand-alone security
services, such as anti-virus protection, firewall and intrusion
prevention and detection, into one robust solution.
• Managed Network Security goes beyond protecting PC desktops. It
defends your entire office computing environment against the latest
generation of Internet threats.
• Protect your entire network:
– Application servers
– Desktop PCs
– Wireless LAN
– Network printers
• Windstream provides security without the hassle. We set it up,
maintain it and manage it for you.
22
23. Benefits to Your Business
• Comprehensive, near real-time protection against a variety of
Internet attacks.
• Helps keep your business in compliance with regulatory standards
for security.
• Because Managed Network Security is fully managed by
Windstream, you will reduce costs of dedicated IT staff or in-house
security expert.
23
24. Key Features
Managed Network Security Features
• CPE and Cloud firewall delivery options with customizable rules
• Application intelligence detects and prevents malicious traffic from gaining
network access
• Protection against viruses, worms, and phishing attacks
• Security log storage and weekly reports
• IPSec encrypted, site-to-site VPN connections
• Remote access VPN and remote desktop options available
• Remote Protect and Off-Net Remote Protect available
• Secure Wi-Fi options available
• Web content filtering protects employees from objectionable web content
• User-friendly web portal for account administration
24
25. Product Reporting Features
Reports for each Service
Firewall
IPS
AntiVirus – Virus, Spyware etc.
VPN – All
WiFi
Web Content Filtering
Visible Value of the Service
Underscores value of security investment
More robust than Do-It-Yourself approaches
Aids in validating regulatory compliancy for audits
High Level and Powerful
Provides needed visibility into service performance
Easy to understand charts, graphs, and tables
26. Related Services
Internet Access. As your business grows, so does your dependency on the Internet for
access to real-time business applications and the demand for faster and more efficient
connectivity.
MPLS Networking Solutions. Windstream's MPLS Networking Solutions provide
customers with private, multi-site data connectivity for corporate headquarters, branch
offices, business offices and business partners. Connect your locations with a secure,
private network with Windstream's Virtual Private Network (VPN) or Virtual LAN (VLAN)
services.
Web Hosting Solutions. Windstream Web and E-mail Hosting services enable
customers to build and publish a Web site, create an online store, manage their
business e-mail accounts as well as many other features to promote your business.
Windstream E-mail Hosting packages include branded e-mail accounts with up to 1GB
of e-mail storage, 99% uptime guarantee and 24/7 technical support.
Equipment Solutions. Windstream has partnered with some of the most respected
names in the industry to bring you state-of-the-art technology and the features you need
to drive your business forward.
26