Aterrizando GDPR/RGPD - secureit.es · Seguridad en capa aplicación Mail Server Web Server 1 Web...
28
© Copyright Fortinet Inc. All rights reserved. Aterrizando GDPR/RGPD Rubén Aparicio – RAM Fortinet Mayo 2018
Transcript of Aterrizando GDPR/RGPD - secureit.es · Seguridad en capa aplicación Mail Server Web Server 1 Web...
© Copyright Fortinet Inc. All rights reserved.
Aterrizando GDPR/RGPD
Rubén Aparicio – RAM FortinetMayo 2018
2
Algunos datos
3
¿Están las empresas preparadas?
4
El Valor de los Datos
5
Notificación de incidentes
6
Notificación de incidentes
7
Notificación de incidentes
8
Notificación de incidentes
9
El reto
10
UN TRABAJO EN EQUIPOSECURITY FABRIC
11
AUTOMATED
FORTINETSECURITYFABRIC 2018
2018
Provides Visibility and Protection Across the Entire
Digital Attack Surface
Multiple Technologies Working Together for the Detection of
Advanced Threats
Embedded Intelligence for Automatic Response &
Continuous Trust Assessment
A Security Architecture that is:
NETWORK
MULTI-CLOUD
PARTNER API
EMAILUNIFIED ACCESS
IOT-ENDPOINT
WEB APPS
ADVANCED THREAT PROTECTION
MANAGEMENT-ANALYTICS
BROAD INTEGRATED
12
Multi
CloudEmail Applications
Web Unified
Access
Management
AnalyticsThreat
Protection
Advanced
Endpoint
IoT
NetworkSecurity
Multi-Cloud Security
EndpointSecurity
Email Security
Web Application Security
SecureUnified Access
Advanced Threat Protection
Management& Analytics
FortiGate
Enterprise Firewall
FortiGate Cloud Firewall
Network Security
FortiClient
EPP
FortiWeb
Web Application
Firewall
FortiMail
Secure Email
Gateway
FortiSandbox
Advanced Threat
Protection
FortiAnalyzer
Central Logging
/Reporting
FortiManager
Central Security
Management
FortiSIEM
Security Information &
Event Management
FortiGate Virtual
Firewall
Network Security
FortiAP
Wireless
Infrastructure
FortiSwitch
Switching Infrastructure
Introducing The Fabric 8
13
¿Cual es el punto fuerte de Fortinet?El fabricante de seguridad con mayor número de unidades vendidas
14
¿QUE PUEDO PROTEGER EN MI ORGANIZACION?
15
SEGURIDAD EN DATACENTER
16
FortiGuard
Solución completa para Datacenter
Un fabricante
Seguridad Integrada
Sólo con FortinetData Center Security AppSec
FortiADC
Escalable
Rendimiento
Disponibilidad
Seguridad en capa
aplicación
Mail Server
Web Server 1
Web Server 3
Web Server 2
FortiWeb
Seguridad en
aplicaciones web.
FortiMail
Seguridad en el correo
» Spam
» Phishing
» ATPs
FortiDDoS
Autoaprendizaje
Remediación en < 2s
Solución 100%
hardware
FortiGate
Protección tráfico Norte - Sur
Mínima latencia
El mejor en DC IPS NSS Labs
Seguridad accionable
FortiAnalyzer
Visibilidad unificada
Reporting
Gestión de alertas y
eventos
FortiSandbox
TODA la protección frente
a amenazas avanzadas
APTs unificada
17
Visibilidad - Fortinet Security Fabric
18
Visibilidad ante una brecha de seguridad
19
SEGURIDAD EN SEDES REMOTAS
20
Empresa con Sedes Remotas
FortiGate Central
» Visibilidad en tiempo real unificada
» Punto central
FortiGate sedes remotas
» Acceso seguro a internet
» Conectividad con sede central
FortiManager
» Configuración y políticas
centralizadas
FortiAnalyzer
» Visibilidad y reporting centralizados
FortiAP y FortiSwitch
» Acceso a la red seguro
FortiSandbox
» Protección frente a amenazas
avanzadas o APTs.
21
VisibilidadManagement & Visibility – FortiManager (Monitor)
22
SEGURIDAD EN ENTORNO INDUSTRIAL
23
Network Segmentation/Segregation * – FortiGate Device
» SPU = Low latency
» L4 FW, IPS, AV (+FSA)
Best Practice 1:Segmentation and Encrypted Communication
Valve
Fan
Pump
* IEC 62443 recommends creating secure areas = Network Segmentation/MicroSegmentation
Segmentation and Encrypted
Communication (FortiGate)
24
Best Practice 2: Access Control
Valve
Fan
Pump
Role Based Access Control – Users,
Devices, Applications and Protocols
(FortiGate and FortiAuthenticator)
Segmentation and Encrypted
Communication (FortiGate)
25
Best Practice 3: Secure Wired and Wireless Access
Valve
Fan
Pump
Segmentation and Encrypted
Communication (FortiGate)
Enable Secure Wired and Wireless
Access (FortiAP, FortiSwitch)
Role Based Access Control – Users,
Devices, Applications and Protocols
(FortiGate and FortiAuthenticator)
26
Best Practice 4: Vulnerability and Patch Management
Valve
Fan
Pump
Segmentation and Encrypted
Communication (FortiGate)
Vulnerability and Patch Management
(FortiWeb, FortiClient and FortiGate)
Access Control – Users, Devices,
Applications and Protocols (FortiGate
and FortiAuthenticator)
Secure Access
(FortiSwitch/FortiAP/FortiExtender)
27
Valve
Fan
Pump
Best Practice 5: Visibility, behavioral Analytics, tracking and simplicity
Segmentation and Encrypted
Communication (FortiGate)
Vulnerability and Patch Management
(FortiWeb, FortiClient and FortiGate)
Access Control – Users, Devices,
Applications and Protocols (FortiGate
and FortiAuthenticator)
Secure Access
(FortiSwitch/FortiAP/FortiExtender)
Visibility, behavioral Analytic, tracking
and simplicity: (Fortisiem, FAZ,
Nozomi, FortiClient , Fortiswitch,
FortiAP and FortiGate)
