Piyanut Intorn

Agenda

• Introduction to Operational Technology (OT)

• Threat to Operational Technology
• Introduction to Industrial Control Systems (ICS)
• Customer Pain Points
• Security Fabric for Operational Technology
• Value Proposition and Key Differentiator
• Engage your customer
• Other Resources available
• Q&A

© Fortinet Inc. All Rights Reserved. 2

Introduction to Operation
Technology (OT)
What is OT ?
Definition

Programmable systems or devices that interact with the

physical environment. These systems/devices detect or
cause a direct change through the monitoring and/or
control of devices, processes, and events. Examples
include industrial control systems, building management
systems, fire control systems, and physical access control
mechanisms.
[Link]

4
Operational Technology (OT): Used For

Monitor, Control, Operate Industrial Automation

5
Operational Technology (OT)
Used By

Diverse industries All environmental conditions

Often “critical” infrastructures Harsh (heat, moisture, vibration); Office & Data Center

6
Industrial Vertical Markets
Where do you find operational technology?
Energy & Utilities

Transportation &
Logistics
Smart Infrastructure,
Buildings, Cities
Smart Infrastructure, Buildings,
Manufacturing

Cities

© Fortinet Inc. All Rights Reserved. 7

What is the difference between IT and OT?
Example
• Customer Relationship
Management (CRM)
• VoIP
• Email Server
• Enterprise Resource
Planning (ERP)
• Human Capital Management
(HCM)
• Financial Reporting Tools
• End-points (laptops, servers,
smartphone,...)

• Computerized Maintenance
Management systems
• Engineering Station
• Real Time Servers
• Human Machine Interface
Valve • Historians
• PLC: Programmable Logic
Fan Controllers
• SIS: Safety Integrated
Systems
Pump
• SCADA: Supervisory Control
and Data Acquisition

© Fortinet Inc. All Rights Reserved. 8

IT and OT have more in common than you may think
Similarities Distinctions
• Both are primarily TCP/IP IT Security objective priorities OT
Medium Availability
Availability requirement
requirement Very High
• Common protocols: HTTP, HTTPS, SNMP, Delays accepted Real-time
Real-time requirement
requirement Critical
SSH, ICMP, NTP, DNS, Syslog, Telnet, FTP 3-5 years Component lifetime
Component lifetime 20+ years

• PKI, Identity, Cryptography, Certs Scheduled Application patches

Application of patches Rare
Mandatory Security
Security testing
testing // audit
audit Occasional
• Operating Systems: Windows & Linux High Security
Security awareness
awareness Increasing
IT Department Design Authority
Design Authority OEM / SIs
• Contemporary technologies: Virtualization
Docker, Kubernetes, etc. Safety and Availability are critically important in OT.

“What about Industrial / ICS protocols?”

• We support > 50 of them; ICS protocol support
matters

“What about Environmental Requirements?”

• In fact, rarely needed. Our rugged firewalls and
switches do support them.
© Fortinet Inc. All Rights Reserved. 9
Why OT is being disrupted ?
Business process optimization and Remote Connectivity driving IT/OT Convergence

OT IT
Other
1 Sense Disruptions
4 OPTIMIZE Industrial IoT & 5G
Remote Connectivity
Real-time PLC Process optimization ----Sometimes
Digital Supply Chain
Minutes, hours, days control
control loop Advanced analytics
Milli-seconds 3D Printing
Advanced Robotic
2
AI and Machine learning
Think Augmented/Virtual Reality
3 Act Digital Twin

© Fortinet Inc. All Rights Reserved. 10

Security Challenges in OT

Attack Advanced Vendor

Surface Threats Complexity

Digital Attack surface is Requires rapid Detection Complexity slows down

rapidly expanding and Prevention Management and Response

© Fortinet Inc. All Rights Reserved. 11

Threat to Operational
Technology
 OT Infrastructure Attacks
The Risk is Real
• New York dam • German steel mill • Trisis/Triton: • Ekans
floodgates furnace destroyed Malware Ransomware
compromised designed to attack on Honda,
• Car transmission and compromise Fresenius
brakes controlled Safety
• Ukraine power grid
knocked offline • SolarWinds Orion

2010 2013 2014 2015 2016 2017 2018 2019 2020 2021

• Stuxnet disrupts • Hospital drug • MIRAI • Merck & Co. • Global • Attempted
Iranian nuclear infusion pumps Botnet global production Aluminum poisoning of
program hacked 145,00 shutdown by producer Tampa H20
IoT ransomware shutdown by Supply
• Michigan traffic
devices ($1B loss) ransomware
light hacked
• Maersk Shipping
global shutdown
• ASCO parts
by ransomeware
shutdown by
($250M loss)
ransomware

© Fortinet Inc. All Rights Reserved. 13

OT Risk is proportional to OT Connectivity
Yet inversely proportional to IT/OT security is integrated
Impact on organization
Operational outage that affected 43%
51%
productivity
30%
Brand awareness degradation 40%
23%
Operational outage that put physical safety at risk 39%
36%
Operational outage that impacted revenue 37%
28%
Lost business-critical data/IP 34%
0%
Failure to meet compliance requirements 28%
15% 2019 2020
None 9%

Top-tier organizations are:

4X 133% 2X
as likely to have more likely to track and as likely to currently have
centralized visibility in report vulnerabilities found the CISO/CSO responsible
the SOC and blocked for OT security

Source: The State of Operational Technology and Cybersecurity 2020 © Fortinet Inc. All Rights Reserved. 14
Introduction to Industrial
Control Systems (ICS)
What is an Industrial Control System ?

Industrial control system (ICS) is a general

term that encompasses several types of
control systems, including supervisory
SCADA control and data acquisition (SCADA)
ICS PLC DCS systems, distributed control systems (DCS),
RTU
OT
SIS Safety Instrumented System (SIS) and
other control system configurations such as
IIOT Programmable Logic Controllers (PLC),
Remote Terminal Unit (RTU) etc., often
found in the industrial sectors and critical
infrastructures.
© Fortinet Inc. All Rights Reserved. 16
Industrial Control System Structure
PERA (Purdue Enterprise Reference Architecture) model

IT

Converged
IT/OT

OT

© Fortinet Inc. All Rights Reserved. 17

 Applying Fortinet’s Reference Architecture to
Purdue
Electrical Substation Purdue, ISA-99, IEC-62443
FortiGuard
Level External Global FortiGuard Threat
Internet Intelligence Intelligence Service
Remote User Remote Vendor

FortiGate
Level 5
Internet DMZ
Enterprise
Corporate Environment
Web
Servers
Email
Servers FortiWeb FortiMail
IT
FortiGate FSSO
Level 4
External
Enterprise LAN Business Authentication Services Enterprise
Servers & Domain Controllers Desktops
Corporate Environment
Operational Technology (OT) Authentication Boundary

Level 3.5
FSSO
Converged
Operational DC DMZ
Management Zone
FortiSwtich
FortiSIEM FortiSandbox FortiManager FortiAnalyzer FortiNAC
FortiClient EMS
Server FortiAuthenticator
Domain
Controller IT/OT
Zones of Control
Level 3 Zones and Conduits
Micro Segmentation
Operational DC Physical and Virtual
Manufacturing Zone Segmentation

FortiSwtich

FortiGate Historian Application Engineering Engineering

FortiLink Server Zone Server Zone Server Zone WorkStation Zone
FortiSwitch
Private VLANs
Operator
WorkStation Zone
OT
Micro Segmentation FortiGate

Wide Area Network

MPLS, SD-WAN, 3G, 4G, APN,
VPN
ADSL, Cable

© Fortinet Inc. All Rights Reserved. 18

Typical Example of Power Plant Architecture

Level 3

OT

Level 2

Level 1 & 0

© Fortinet Inc. All Rights Reserved. 19

Customer Pain Points
Ecosystem Complexity Slows Response and
Mitigation
Hard to build automation

Too Many Too Many Manual & Lack of Cost &

Vendors Alerts Slow Response Trained People Complexity

© Fortinet Inc. All Rights Reserved. 21

Security Fabric for
Operational Technology (OT)
Fortinet’s Unique Value Proposition for OT Cyber
Security
The Fortinet Security Fabric provides
a unique converged IT/OT/IIoT cybersecurity framework
for Plant Asset Owners

Helping Asset Owners:

Reduce Cybersecurity Risks

Reduce the Security Burden on OT teams

Safeguard Production Uptime and Safety standards

Comply with OT & IT Regulations and Best Practices

Because:

It deploys a Defense in Depth strategy with a Single Pane of Glass

The Security Fabric is aligned to OT standards & guidelines

Fortinet has experienced OT teams and dedicated Solutions

Fortinet has the best Technology Alliance & Channel Partners

© Fortinet Inc. All Rights Reserved. 24

Deploys Defense-in-Depth with
a Single Pane of Glass
 Fabric Management
∂ ∂ Center
Fabric AI-driven
AI-
Managem SOC
Driven
Fortinet NOC
ent
SOC
SOC

Security
Fabric
Adaptive Cloud
Security
Broad
visibility and protection of the entire
digital attack surface to better Zero Trust
Access
manage risk
FORTIOS
Integrated
solution that reduces management
complexity and shares threat
intelligence

Automated Security-Driven
Open
Ecosystem
self-healing networks with AI-driven Networking
FortiGuard Threat
security for fast and efficient Intelligence

operations

© Fortinet Inc. All Rights Reserved. 26

Fortinet Cybersecurity Platform Appliance Virtual
Machine
Cloud Security-as- Software
a-Service
Enterprise Security Fabric

∂ ∂
Fabric Open Fabric
Fabric
Management EcoSystem
Management

∂
Zero Trust Security-Driven Adaptive Cloud AI-Driven
Access Networking Security SOC

Endpoint Network Firewall Applications Protect

Protection

SD-WAN Detect
NAC Platform

Secure WLAN
Identity Network Respond

Secure LAN
MFA

© Fortinet Inc. All Rights Reserved. 27

Fortinet Cybersecurity Platform Appliance Virtual
Machine
Cloud Security-as-
a-Service
Software

Different consumption models available

FortiNAC FortiAP FortiGate FortiGate VM FortiWeb FortiClient FortiAnalyzer FortiManager

FortiClient FortiEDR
FortiSwitch FortiSASE FortiCWP FortiMail FortiSIEM FortiGate Cloud
Fabric Agent

FortiAuthenticator FortiExtender FortiCASB FortiSandbox FortiCloud

FortiADC FortiSOAR

FortiGuard Services
© Fortinet Inc. All Rights Reserved. 28
“By 2025, 75% of OT security
solutions will be delivered via
multifunction platforms
interoperable with IT security
solutions.”
Gartner
Source: Gartner’s 2021 Market Guide for Operational Technology Security
© Fortinet Inc. All Rights Reserved. 29
Fortinet Security Fabric is
aligned to OT Standards and
Guidelines
IEC 62443 – Solutions Mapping
1 FortiGate, FortiWiFi/FortiAP, FortiNAC
FortiAuthenticator, FortiToken, FortiClient, FortiEDR,
FortiAnalyzer, FortiManager, FortiSIEM

Resource
Availability
(RA)
Identification
and
authentication
control (IAC) 2 FortiGate, FortiWiFi/FortiAP, FortiNAC, FortiAuthenticator,
FortiToken, FortiClient, FortiEDR, FortiAnalyzer,
FortiManager, FortiSandobox, FortiSIEM

3
FortiGate, FortiWiFi/FortiAP, FortiAuthenticator, FortiToken,
FR7 FR1 FortiClient, FortiEDR, FortiAnalyzer, FortiManager,
FortiSandobox, FortiSIEM, FortiTester, FortiResponder
Use Control
(UC)

4
Timely FR6 FR2 FortiGate, FortiSwitch, FortiAP, FortiEDR
response to
events (TRE)

FR5
Restricted
data flow
(RDF)
FR4
FR3
System
Integrity (SI) 5 FortiGate, FortiSwitch, FortiNAC, FortiClient, FortiEDR,
FortiAnalyzer

6
Data
confidentiality FortiGate, FortiClient, FortiEDR, FortiAnalyzer, FortiSIEM,
(DC) FortiManager

© Fortinet Inc. All Rights Reserved. 7 FortiGate, FortiClient, FortiEDR, FortiAnalyzer,

FortiManager, Fabric-Ready Partner Solutions
31
NIST CSF – Solutions Mapping
Function Category Fortinet

Asset Management ([Link]) FortiSwitch, FortiNAC

Business Environment ([Link]) -
Governance ([Link]) -
IDENTIFY (ID)
Risk Assessment ([Link]) FortiGuard Security Rating Service
Risk Management Strategy ([Link]) -
Supply Chain Risk Management ([Link]) -
Identity Management, Authentication and Access Control ([Link]) FortiSwitch, FortiGate, FortiAuthenticator
Awareness and Training ([Link]) Fortinet Online Training
Data Security ([Link]) FortiGate, FortiEDR
PROTECT (PR)
Information Protection Processes and Procedures ([Link]) -
Maintenance ([Link]) -
Protective Technology ([Link]) FortiGate, FortiEDR
Anomalies and Events ([Link]) FortiGate, FortiGuard Services, FortiAnalyzer, FortiSIEM
DETECT (DE) Security Continuous Monitoring ([Link]) FortiAnalyzer, FortiManager, FortiSIEM
Detection Processes ([Link]) FortiGate, FortiAnalyzer
Response Planning ([Link]) FortiSIEM, FortiSOAR
Communications ([Link]) -
RESPOND (RS) Analysis ([Link]) FortiAnalyzer, FortiSIEM, FortiSOAR
Mitigation ([Link]) -
Improvements ([Link]) -
Recovery Planning ([Link]) -
RECOVER (RC) Improvements ([Link]) -
Communications ([Link]) -

© Fortinet Inc. All Rights Reserved. 32

 Fortinet Security Fabric and Compliance
Single pane of glass, integrated across multiple vendors

Identify (& Visibility) Critical Assets and System

SIEM NAC NGFW

Asset Single Pane

Management Management
Risk
Management Secure Conditional Access to Networks & Assets
NAC MFA Client Tokens

Threat
Logging & Access Segmentation, Protection & Response
Intelligence
Monitoring Control
SOAR EDR Switch NGFW WIFI Extender

Network
Segmentation
Events, Alerts and Incident Detection
Analyzer Sandbox SIEM Deception
Interoperability

NIS D Pillars
Maps to NIST CSF, CIS Top20 Risk Management – Proactive Controls
Analyzer

© Fortinet Inc. All Rights Reserved. 33

NERC CIP – Solutions Mapping
Standard – Version Standard Name Fortinet
CIP-002-5.1 BES Cyber System Categorization
CIP-003-8 Security Management Controls
CIP-004-6 Personnel & Training
CIP-005-6 Electronic Security Perimeter(s)
CIP-006-6 Physical Security of BES Cyber Systems
CIP-007-6 System Security Management
CIP-008-6 Incident Reporting and Response Planning
CIP-009-6 Recovery Plans for BES Cyber Systems
CIP-010-3 Configuration Change Management and Vulnerability
Assessments
CIP-011-2 Information Protection
CIP-012-1 Communications Between Control Centers
CIP-013-1 Supply Chain Risk Management
CIP-014-2 Physical Security
© Fortinet Inc. All Rights Reserved. 34
Experienced OT teams and
dedicated solutions
Fortinet OT Practice Leaders
APAC EMEA LATAM North America
Joe Sarno Pedro Paixao Jim Overbeck
SVP, APAC & EMEA, OT VP and GM Latin America VP, North America, OT

Emmanuel Miranda Antoine d’Haussy Fernando Lobo Shawn Reilly

Business Development Director EMEA, OT SME Regional Sales Director Sr. Director, Vertical Practice
Director, OT/CI 20+ years in Industry. Former 30+ years of experience
20 years experience in OT Product Line leader for Industrial securing advanced solutions
environments with significant EPC business and OT.
Control Systems Cyber security,
exposure in the power sector.
Digitization, and M&D.
Entoro Wijaya Budiman
Dino-Boris Dougoud Leandro Werder Michelle Balderson
Regional Engineer, OT/CI Engineering Director
More than 20 years of OT
OT Solution Architect Director, OT, West USA,
25+ years of IT experience at 20+ years of experience working in Canada
experience in Technical Sales the Cybersecurity and Network
technical consulting within the 25+ years experience bringing
Consulting and Architect for ICS. industry
industry. focus to people, process and
technology to solve business
Chew Poh Chang challenges.
CSE OT/CI
Aasef Iqbal Leonardo Moreira Chris Blauvelt
More than 20 years experience in
OT Solution Architect Sales Engineer Director, OT, East USA, Fed
cybersecurity architecture, risk
10+ years in cybersecurity 20+ years of experience in IT and 10+ years of experience,
management, penetration testing, OT, managing and delivering
assurance and compliance for architecture, risk management and developing, building, and
cybersecurity projects.
Critical Infrastructure (CI) more for Critical Infrastructure. maintaining electrical power
automation and control systems.
Country OT SME
Regional / System Samir Mokthar Roberto Shigueo Suzuki Carlos Sanchez
Engineer, OT/CI OT SE SME BD Manager Director, OT, Central USA
10+ years experience in 20+ years of experience in sales 30+ years experience designing
cybersecurity breach and business development in and deploying secure critical
LATAM and NA. Specialized in
compromise assessments and emerging technologies and new infrastructure.
more for Critical Infrastructure. product introduction.

© Fortinet Inc. All Rights Reserved. 36

Industrial Standard and Compliance Ready

EMI Thermal Vibration

Unprotected devices can fail or A wide (-20 to +75C) operating  Devices must survive being
be destroyed when exposed to temp can be expected in a dropped from a cabinet
high levels of electromagnetic hash environment. rack mount
interference  Requires efficient heat  50G anti-shock & 5-500 Mhz
 A strong electromagnetic dissipation system and self anti-vibration requirement
compatibility (EMC) design warming is present
is required  Protective components are
used to cushion the device

IEC-61850 describes a unified communications system design for use in

electrical sub-stations. IEC-61850-3 provides guidance on the hardware
requirements of equipment deployed in this demanding environment.

© Fortinet Inc. All Rights Reserved. 37

 Fortinet Solution Offering for ICS/OT
FortiGate, FortiSwitch, FortiAP Rugged Series
Ruggedized Design Consolidated Security Architecture Ease of Management
Fan-less and use of robust FortiGate running FortiOS consolidated security Allows rapid provision and deployment,
components ensure reliable operation offers better protection and lower cost of monitoring of device and threat status
in harsh industrial environments. ownership than multiple point products. while providing actionable reports.

FortiGate, FortiSwitch, FortiAP Rugged Series

FGR-60F 3G/4G FGR-60F FGR-35D FGR-30D

SPU SoC Powered, high SPU SoC Powered, high Security appliance Ruggedized compact
performance security and VPN performance security and with IP67 rating for security appliance with
gateway VPN gateway outdoor environment DIN mounting kit
FSR-112D-POE and FSR-124D FortiAP 222E
Features Included in FortiGate Fan-less passive cooling with DIN- IEEE 802.11a/b/g/n/ac
rail or wall-mountable. Power over Ruggedized Wireless. Both
 Security (IPS, FW, OT traffic monitor)  DNS Filter Ethernet capable including PoE+. 2.4GHz and 5GHz spectrums
 Encryption (GRE, VXLAN, IPSEC)  Web Filtering Redundant power input terminals. supported. Operates in extreme
 Connectivity (Proxy, VLANs, IPv6.)  IPSEC VPN Mean time between failure greater temperatures.
 Advance features (SD_WAN)  SSL VPN – Client/Clientless than 25 years.
 Central authentication (LDAP, RADIUS, etc.)  SSL Inspection
 DLP  Packet capture triggered by IPS
 WiFI  Virtual Domains (VDOM)
 Antivirus  Transparent or Proxy (Man in the middle)

© Fortinet Inc. All Rights Reserved. 38

 Specialized Fortinet Solution Offering for ICS/OT
Non Rugged Industrial Series Appliance

Virtual
FortiGate (FG-301E as Example) FortiAnalyzer (FAZ-800F as Example) FortiSIEM (FSA-2000F as Example) Machine

Cloud

FortiSwitch (FSW-248E as Example) FortiAuthenticator (FAC-200D as Example) FortiDeceptor (FDC-1000F as Example)

And FortiToken
Security-as-
a-Service

FortiManager (FMG-300F as Example) FortiSandbox (FSA-500F as Example) FortiNAC (FNC-CA-600C as Example)

Software

FortiClient FortiEDR
© Fortinet Inc. All Rights Reserved. 39
FortiGuard Application Control for Industrial
Systems
Specialized for OT
 Industrial Control Systems (ICS)
 Detect and Protects industrial applications
 Almost 1,800 industrial app signatures

Recognized OT Protocols
 DNP3  HART
 BACnet  LONTalk
 Elcom  MMS
 EtherCAT  Modbus
 EtherNet/IP  OPC
 IEC 60870-6  Profinet
(TASE 2) /ICCP  S7
 IEC 60870-5-104  SafetyNET
 IEC 61850  Synchrophasor

© Fortinet Inc. All Rights Reserved. 40

FortiGuard Application Control for Industrial
Systems
1,700+ Granular OT/ICSApplication Controls (DNP3 Example)
 DNP3  DNP3_Enable.[Link]  DNP3_Save.Configuration
 DNP3_Abort.File  DNP3_Freeze.[Link]  DNP3_Select
 DNP3_Activate.Config  DNP3_Freeze.[Link]  DNP3_Start.Application
 DNP3_Assign.Class  DNP3_Freeze.[Link]  DNP3_Stop.Application
 DNP3_Authenticate.File  DNP3_Freeze.[Link]  DNP3_Unsolicited.Message
 DNP3_Authentication.Error  DNP3_Get.[Link]  DNP3_Warm.Restart
 DNP3_Authentication.Request  DNP3_Immediate.Freeze  DNP3_Write
 DNP3_Close.File  DNP3_Immediate.[Link]
 DNP3_Cold.Restart  DNP3_Initialize.Application
 DNP3_Confirm  DNP3_Initialize.Data
 DNP3_Delay.Measurement  DNP3_Open.File
 DNP3_Delete.File  DNP3_Operate
 DNP3_Direct.Operate  DNP3_Read
 DNP3_Direct.[Link]  DNP3_Record.[Link]
 DNP3_Disable.[Link]  DNP3_Response

© Fortinet Inc. All Rights Reserved. 41

Application Control Definitions | FTNT vs Competitor
2019-01-14
PROTOCOL FTNT XXX PROTOCOL FTNT XXX PROTOCOL FTNT XXX

ADDP 9 0 EtherNet 9 0 OpenADR 29 0

BACnet 131 31 [Link] 30 0 [Link] 28 0
CIP 70 1 ICCP 42 0 [Link] 5 1
[Link] 15 0 IEC.60870.5.104 85 9 [Link] + [Link] 2 1
CoAP IEC.61850 44 0
5 0 RTPS 1 0
[Link] 16 0
DIS 47 0 [Link] + 57 7
LonTalk 5 0 [Link]
[Link] 9 1
MMS 85 1 STANAG 3 0
DNP3 37 32
MTConnect 1 1 SafetyNET 16 0
[Link] 6 0
Modbus 77 15 [Link] 7 0
[Link] 139 0
[Link]. 1 0 Siemens.S7.1200 4 0
ECOM100 1 0 Discovery
ELCOM 10 1 [Link] 1 0 Synchrophasor 14 1

Ether 138 0 OPC 324 2 [Link] 1 0

EtherCAT 3 0 [Link] 1 0 oBIX 1 0
© Fortinet Inc. All Rights Reserved. 42
IPS / Virtual Patching for Industrial Systems

Supported Applications & Vendors

 Schneider Electric  GE  RealFlex

 ABB  Iconics  Rockwell
 Advantech  InduSoft Automation
 Broadwin  IntelliCom  RSLogix
 CitectSCADA  Measuresoft  Siemens
 CoDeSys  Microsys  Sunway
 Cogent  MOXA  TeeChart
 DATAC  PcVue  VxWorks
 Eaton  Progea  WellinTech

 QNX  Yokogawa

© Fortinet Inc. All Rights Reserved. 43

FortiGuard Virtual Shielding for Industrial Systems

400+ OT/ICS Vulnerabilities Shielded (Schneider Electric xample)

 [Link] (CVE-2014-  [Link] (CVE-2015-7937)
0779)  [Link] (CVE-2011-4859)
 [Link]  [Link] (CVE-2014-
 [Link] 5412)
 [Link] (CVE-2014-9200)  [Link] (CVE-2015-
 [Link] 7918,
 [Link] (CVE- CVE-2015-8561)
2015- 7374)
 [Link] (CVE-2013-
0657)
 [Link] (CVE-2014-0774)
 [Link] (CVE-2015-
0982)
 [Link] (CVE-2014-8511, CVE-
2014-8512)
 [Link] (CVE-2014-8513,
CVE-2014-9188)
 [Link] (CVE-2014-8514)
 [Link] (CVE-2014-5411)
 [Link] (CVE-2014-
8390)

© Fortinet Inc. All Rights Reserved. 44

FortiGuard Labs
ACTIONABLE THREAT
VISIBILITY INNOVATION
INTELLIGENCE

Telemetry
Network
Web IPS Application Control
Web
Anti-Virus
Sandbox Filtering
SECURITY
Email
Endpoint FABRIC
CERTs PROTECTIONS
AI / Machine Fortinet Distribution Anti- Endpoint
Indicators of Compromise (IoCs)
Learning Network Spam Vulnerability
Enforcement
Partnerships
Zero-Day FortiGuard PROACTIVE
Labs RESEARCH Adversary Security
Threat Intel Briefs Threat Signals
Virtual
Playbooks Blogs Patches
OSINT Detection and protection Federated Machine
in milliseconds Learning

CTA feeds
THREAT
INTELLIGENCE
Trusted SERVICES Penetration Phishing Incident
Partnerships Testing Service Response

© Fortinet Inc. All Rights Reserved. 45

FortiGuard Subscriptions
Orchestrator
SD-WAN
Orchestration Monitoring
360
Protection
VPN Overlay

FortiManager
Cloud Mgmt FortiAnalyzer
& Operations

Available A-la-carte
IPAM Service

Advanced ASE FortiCare

Support FortiConverter

Enterprise
Protection IoT Service

Industrial Security
World-class
Protection Security Rating

Email & Web

Unified IPS & Adv. Malware

Protection
Advanced
Threat World-class 24x7 FortiCare w/ App Control
Protection Support
© Fortinet Inc. All Rights Reserved. 46
Extensive Technology Alliance
and Channel Partners
Global OT Ecosystem
OT TECHNOLOGY PARTNERS
Asset Management Management Solutions Other

12 Connectors 135+ APIs 9 DevOps 130+ Extended Ecosystem

SOLUTION VENDORS AND SYSTEMS INTEGRATORS

Control Vendors Global System Integrators Specialized Services

© Fortinet Inc. All Rights Reserved. 49

Extensive Industry Cybersecurity Ecosystem
250+ Security Fabric Ecosystem integrations

Fabric Connectors (12)

Fortinet-developed deep integrations that automate security operations and policies

Fabric APIs (135+)

Partner-developed integrations using Fabric APIs that provide broad visibility with end-to-end solutions

Fabric DevOps (9)

Community-driven DevOps scripts that automate network and security provisioning, configuration, and orchestration

Extended Security Fabric Ecosystem (130+)

Collaboration with threat-sharing organizations (30+) and integrations with other vendor products (100+)
Endpoint
Firewalls Switching Wireless
Security

Note: Logos are a representative subset of the Security Fabric Ecosystem

© Fortinet Inc. All Rights Reserved. 50

Reference Architecture
Fortinet Security Fabric - PERA
Addressing Critical Use Cases Integrating
OT and IT
Zones and Conduits

Secure Remote Connectivity

Deep OT Visibility

Role Based Access Control

Securing Critical End Point

Valve Centralize Security Management

Fan

Advanced Persistent Threat

Pump

© Fortinet Inc. All Rights Reserved. 52

 Securing Operational Technology
with the Fortinet Security Fabric
Fortinet Security Fabric
External
Network Segmentation Zone Cloud
Cloud Security
Cloud NGFW Cloud EDR Cloud Sandbox Cloud SIEM
Network Microsegmentation Internet Cloud, VPN, IoT, IIoT
NOC/SOC
Major Enforcement Boundary
5.5 Information Technology (IT) DMZ
Web Services Security Business & Routed Threat Application Fabric
NGFW VPN/MFA Protection Control API

Enterprise Zones Enterprise Network Enterprise, Email, Automation

Secure Remote Access Web Application Threat
SOAR
Secure Switch Firewall Protection EDR Honeypot Sandbox
Business Planning &
Logistics
Site, ERP
Threat Protection
Major Enforcement Boundary
3.5 Operational Technology (OT) DMZ SIEM
Routed Transparent Threat Application
Operations & NGFW NGFW VPN/MFA Protection Control
Fabric
API
Application Control Control Zones Operations &
DCS, MES, Control Center
Control
Web Application Threat
Secure Switch Honeypot Sandbox
Protection EDR
Endpoint Security Minor Enforcement Boundary
Firewall
Centralized
2.5 Industrial Control System (ICS) DMZ
Management
Process Control
Honeypot
2.5 Supervisory
Area
Zones Control
HMIs, Historians, LAN, SCADA
Transparent Threat Application Fabric
NGFW VPN/MFA Protection Control API

Basic Control PLC, RTU, IED, LAN Centralized

Sandbox Logging &
Threat
Reporting
Secure Switch Protection EDR Honeypot
Process Actuators, Sensors
NOC/SOC
DMZ: Demilitarized Zone, Security Conduit Zones: Security Zones
EDR: Endpoint Detection & Response MFA: Multi-factor Authentication
SIEM: Security Information and Event Management NGFW: Next-Generation Firewall
© Fortinet Inc. All Rights Reserved. 53
SOAR: Security Orchestration, Automation and Response VPN: Virtual Private Network
Customer Reference
Fortinet OT Customers

Oil & Gas Electrical & Utilities Water Manufacturing Transportation

© Fortinet Inc. All Rights Reserved. 55

Engaging your Customer
10 Questions to help to start the OT Cybersecurity
Discussion
1. Many customers we speak to have challenges in implementing OT security, what‘s your
experience been like?
2. How would you describe the maturity of your OT cybersecurity implementation?
3. What visibility do you have into your OT systems - can you identify all the assets and the
all your traffic?
4. How would you know if an Advanced Persistent Threat had breached your OT perimeter?
5. What degree of control do you have over the network and its traffic – can you control
anything, anytime?
6. What are the risks you are most concerned about in your OT systems?
7. As you think about the state of your own OT security, I’m curious as to what you see as
vulnerabilities that must be addressed?
8. What value do you place on OT domain expertise in cybersecurity vendors?
9. Does your control system supports remote connection securely ?
10. How often do you perform Cybersecurity assessment for your OT Network and what
framework do you lean on ?

© Fortinet Inc. All Rights Reserved. 57

Fortinet OT Solutions Summary
Key Messages

01 OT Increasingly
Connected
Digital Transformation and the pandemic are
driving increased connectivity from OT to IT.

The Fortinet Security Fabric enables asset

02 Accelerated
Convergence
owners to enhance security posture spanning
IT and OT integration.

03 Rich OT
Capabilities
OT-specific features in almost every Fortinet
product family, Practice Leaders and Strong
Partnership with Global OT EcoSystems
© Fortinet Inc. All Rights Reserved. 58
Other Resources Available
A Technology and Learning Partner
Creating qualified professionals to close the cyber skills shortage

Fortinet NSE Certification Program Step Level Objective 470,000+

Certifications
An 8-level training and assessment NSE 1 Foundation - Public
program designed for customers,
partners, and employees. Partnerships
include
NSE 2 Solutions - Public 315+
Security
NSE 3 Products
academies
Response to COVID-19 NSE 4 Professional
100+
NSE 5 Analyst Countries with
Free online security training for our
partners, customers and communities ATCs
NSE 6 Specialist
to help protect our end users, empower
our ecosystem with security skills, and NSE 7 Architect Cyber Skills
narrow the security skills gap.
Partnerships
NSE 8 Expert

© Fortinet Inc. All Rights Reserved. 60

Figures as of June 30, 2020
Q&A

Demo Time.