Aterrizando GDPR/RGPD

Aterrizando GDPR/RGPD Rubén Aparicio RAM Fortinet Mayo 2018 Copyright Fortinet Inc. All rights reserved.

Algunos datos 2

Están las empresas preparadas? 3

El Valor de los Datos 4

Notificación de incidentes 5

Notificación de incidentes 6

Notificación de incidentes 7

Notificación de incidentes 8

El reto 9

UN TRABAJO EN EQUIPO SECURITY FABRIC 10

FORTINET SECURITY FABRIC 2018 PARTNER API MANAGEMENT- ANALYTICS MULTI- CLOUD 2018 IOT- ENDPOINT WEB APPS NETWORK UNIFIED ACCESS EMAIL BROAD ADVANCED THREAT PROTECTION A Security Architecture that is: INTEGRATED AUTOMATED Provides Visibility and Protection Across the Entire Digital Attack Surface Multiple Technologies Working Together for the Detection of Advanced Threats Embedded Intelligence for Automatic Response & Continuous Trust Assessment 11

Introducing The Fabric 8 Network Security Multi-Cloud Security Endpoint Security Email Security Web Application Security Secure Unified Access Advanced Threat Protection Management & Analytics Multi IoT Web Unified Advanced Management Cloud Endpoint Email Applications Access Threat Protection Analytics FortiGate Enterprise Firewall FortiGate Virtual Firewall Network Security FortiClient EPP FortiMail Secure Email Gateway FortiWeb Web Application Firewall FortiAP Wireless Infrastructure FortiSandbox Advanced Threat Protection FortiAnalyzer Central Logging /Reporting FortiGate Cloud Firewall Network Security FortiSwitch Switching Infrastructure FortiManager Central Security Management FortiSIEM Security Information & Event Management 12

Cual es el punto fuerte de Fortinet? El fabricante de seguridad con mayor número de unidades vendidas 13

QUE PUEDO PROTEGER EN MI ORGANIZACION? 14

SEGURIDAD EN DATACENTER 15

Solución completa para Datacenter FortiGate FortiAnalyzer FortiMail FortiWeb FortiSandbox FortiADC FortiDDoS Protección Visibilidad Seguridad TODA Escalable Autoaprendizaje protección unificada tráfico el correo Norte frente - Sur aplicaciones Rendimiento» Spam Mínima Reporting a amenazas Remediación latencia avanzadas web. < 2s APTs» Phishing unificada El Gestión Disponibilidad Solución» mejor ATPs de en 100% alertas DC IPS y NSS Labs Seguridad eventos hardware accionable en capa aplicación FortiGuard Web Server 2 Web Server 1 Web Server 3 Un fabricante Seguridad Integrada Mail Server Sólo con Fortinet Data Center Security AppSec 16

Visibilidad - Fortinet Security Fabric 17

Visibilidad ante una brecha de seguridad 18

SEGURIDAD EN SEDES REMOTAS 19

Empresa con Sedes Remotas FortiGate Central» Visibilidad en tiempo real unificada» Punto central FortiGate sedes remotas» Acceso seguro a internet» Conectividad con sede central FortiManager» Configuración y políticas centralizadas FortiAnalyzer» Visibilidad y reporting centralizados FortiAP y FortiSwitch» Acceso a la red seguro FortiSandbox» Protección frente a amenazas avanzadas o APTs. 20

Visibilidad Management & Visibility FortiManager (Monitor) 21

SEGURIDAD EN ENTORNO INDUSTRIAL 22

Best Practice 1: Segmentation and Encrypted Communication Network Segmentation/Segregation * FortiGate Device» SPU = Low latency» L4 FW, IPS, AV (+FSA) Segmentation and Encrypted Communication (FortiGate) Valve Fan Pump * IEC 62443 recommends creating secure areas = Network Segmentation/MicroSegmentation 23

Best Practice 2: Access Control Segmentation and Encrypted Communication (FortiGate) Role Based Access Control Users, Devices, Applications and Protocols (FortiGate and FortiAuthenticator) Valve Fan Pump 24

Best Practice 3: Secure Wired and Wireless Access Segmentation and Encrypted Communication (FortiGate) Role Based Access Control Users, Devices, Applications and Protocols (FortiGate and FortiAuthenticator) Enable Secure Wired and Wireless Access (FortiAP, FortiSwitch) Valve Fan Pump 25

Best Practice 4: Vulnerability and Patch Management Segmentation and Encrypted Communication (FortiGate) Access Control Users, Devices, Applications and Protocols (FortiGate and FortiAuthenticator) Secure Access (FortiSwitch/FortiAP/FortiExtender) Vulnerability and Patch Management (FortiWeb, FortiClient and FortiGate) Valve Fan Pump 26

Best Practice 5: Visibility, behavioral Analytics, tracking and simplicity Segmentation and Encrypted Communication (FortiGate) Access Control Users, Devices, Applications and Protocols (FortiGate and FortiAuthenticator) Secure Access (FortiSwitch/FortiAP/FortiExtender) Vulnerability and Patch Management (FortiWeb, FortiClient and FortiGate) Valve Fan Visibility, behavioral Analytic, tracking and simplicity: (Fortisiem, FAZ, Nozomi, FortiClient, Fortiswitch, FortiAP and FortiGate) Pump 27