Jay Kay – Fortinet
During the Jay Kay Systems event, we had opportunities to meet in small groups with each manufacturer. These are my notes from the various sessions.
Application Control – Can identify over 2400 applications regardless of port or protocol used. Deeper visibility into the network. Facilitates inspection for evasive applications using non-standard ports, port-hopping, or tunnelling within trusted applications. More flexible and fine-grained policy control. Increased security. Layer 7 information.
How do you seamlessly integrate your firewall with AD?
FSSO – Fortinet Single Sign On
Domain member server has an FSSO Collector Agent. Apply policies based on the user. We now know all the user groups they belong to.
version 5.0 has user identity policies. Can also do address based policies. Or even device identity.
Can create a guest profile, can use Client Reputation – as you do things on the network, the system will score you, and place you appropriately.
In the future planning on making policies available based on user and device identity combined – very cool.
Now available for pretty much everything. Centrally manage FortiClient from the FortiGate. On-net and Off-net – users are protected when they are off-net (at home), and when on-net, it turns itself off as they are protected by the big fortigate. – WAAYYY COOL!!!
Lots of really nice new widgets – top sources, user, IP, what is the traffic doing, how many sessions, etc. Also look by type of traffic – ie. why is there lots of FTP?
Can drill down further on an App -> ie. lots of Facebook, can then see which sessions/users, etc. on Facebook.
Visibility – Who is using all my bandwidth? Username, type of traffic, etc.
FortiAnalyzer can pull lots of information and traffic reports too. Completely customizable.
FortiCloud will also give some nice reports – but intended for smaller business units