Fortinet OT Security Overview and Solutions
Fortinet OT Security Overview and Solutions
Agenda
4
Operational Technology (OT): Used For
5
Operational Technology (OT)
Used By
6
Industrial Vertical Markets
Where do you find operational technology?
Energy & Utilities
Transportation &
Logistics
Smart Infrastructure,
Buildings, Cities
Smart Infrastructure, Buildings,
Manufacturing
Cities
• Computerized Maintenance
Management systems
• Engineering Station
• Real Time Servers
• Human Machine Interface
Valve • Historians
• PLC: Programmable Logic
Fan Controllers
• SIS: Safety Integrated
Systems
Pump
• SCADA: Supervisory Control
and Data Acquisition
OT IT
Other
1 Sense Disruptions
4 OPTIMIZE Industrial IoT & 5G
Remote Connectivity
Real-time PLC Process optimization ----Sometimes
Digital Supply Chain
Minutes, hours, days control
control loop Advanced analytics
Milli-seconds 3D Printing
Advanced Robotic
2
AI and Machine learning
Think Augmented/Virtual Reality
3 Act Digital Twin
2010 2013 2014 2015 2016 2017 2018 2019 2020 2021
• Stuxnet disrupts • Hospital drug • MIRAI • Merck & Co. • Global • Attempted
Iranian nuclear infusion pumps Botnet global production Aluminum poisoning of
program hacked 145,00 shutdown by producer Tampa H20
IoT ransomware shutdown by Supply
• Michigan traffic
devices ($1B loss) ransomware
light hacked
• Maersk Shipping
global shutdown
• ASCO parts
by ransomeware
shutdown by
($250M loss)
ransomware
4X 133% 2X
as likely to have more likely to track and as likely to currently have
centralized visibility in report vulnerabilities found the CISO/CSO responsible
the SOC and blocked for OT security
Source: The State of Operational Technology and Cybersecurity 2020 © Fortinet Inc. All Rights Reserved. 14
Introduction to Industrial
Control Systems (ICS)
What is an Industrial Control System ?
IT
Converged
IT/OT
OT
FortiGate
Level 5
Internet DMZ
Enterprise
Corporate Environment
Web
Servers
Email
Servers FortiWeb FortiMail
IT
FortiGate FSSO
Level 4
External
Enterprise LAN Business Authentication Services Enterprise
Servers & Domain Controllers Desktops
Corporate Environment
Operational Technology (OT) Authentication Boundary
Level 3.5
FSSO
Converged
Operational DC DMZ
Management Zone
FortiSwtich
FortiSIEM FortiSandbox FortiManager FortiAnalyzer FortiNAC
FortiClient EMS
Server FortiAuthenticator
Domain
Controller IT/OT
Zones of Control
Level 3 Zones and Conduits
Micro Segmentation
Operational DC Physical and Virtual
Manufacturing Zone Segmentation
FortiSwtich
Level 3
OT
Level 2
Level 1 & 0
Security
Fabric
Adaptive Cloud
Security
Broad
visibility and protection of the entire
digital attack surface to better Zero Trust
Access
manage risk
FORTIOS
Integrated
solution that reduces management
complexity and shares threat
intelligence
Automated Security-Driven
Open
Ecosystem
self-healing networks with AI-driven Networking
FortiGuard Threat
security for fast and efficient Intelligence
operations
∂ ∂
Fabric Open Fabric
Fabric
Management EcoSystem
Management
∂
Zero Trust Security-Driven Adaptive Cloud AI-Driven
Access Networking Security SOC
SD-WAN Detect
NAC Platform
Secure WLAN
Identity Network Respond
Secure LAN
MFA
FortiClient FortiEDR
FortiSwitch FortiSASE FortiCWP FortiMail FortiSIEM FortiGate Cloud
Fabric Agent
FortiADC FortiSOAR
FortiGuard Services
© Fortinet Inc. All Rights Reserved. 28
“By 2025, 75% of OT security
solutions will be delivered via
multifunction platforms
interoperable with IT security
solutions.”
Gartner
Source: Gartner’s 2021 Market Guide for Operational Technology Security
© Fortinet Inc. All Rights Reserved. 29
Fortinet Security Fabric is
aligned to OT Standards and
Guidelines
IEC 62443 – Solutions Mapping
1 FortiGate, FortiWiFi/FortiAP, FortiNAC
FortiAuthenticator, FortiToken, FortiClient, FortiEDR,
FortiAnalyzer, FortiManager, FortiSIEM
Resource
Availability
(RA)
Identification
and
authentication
control (IAC) 2 FortiGate, FortiWiFi/FortiAP, FortiNAC, FortiAuthenticator,
FortiToken, FortiClient, FortiEDR, FortiAnalyzer,
FortiManager, FortiSandobox, FortiSIEM
3
FortiGate, FortiWiFi/FortiAP, FortiAuthenticator, FortiToken,
FR7 FR1 FortiClient, FortiEDR, FortiAnalyzer, FortiManager,
FortiSandobox, FortiSIEM, FortiTester, FortiResponder
Use Control
(UC)
4
Timely FR6 FR2 FortiGate, FortiSwitch, FortiAP, FortiEDR
response to
events (TRE)
FR5
Restricted
data flow
(RDF)
FR4
FR3
System
Integrity (SI) 5 FortiGate, FortiSwitch, FortiNAC, FortiClient, FortiEDR,
FortiAnalyzer
6
Data
confidentiality FortiGate, FortiClient, FortiEDR, FortiAnalyzer, FortiSIEM,
(DC) FortiManager
Threat
Logging & Access Segmentation, Protection & Response
Intelligence
Monitoring Control
SOAR EDR Switch NGFW WIFI Extender
Network
Segmentation
Events, Alerts and Incident Detection
Analyzer Sandbox SIEM Deception
Interoperability
NIS D Pillars
Maps to NIST CSF, CIS Top20 Risk Management – Proactive Controls
Analyzer
Virtual
FortiGate (FG-301E as Example) FortiAnalyzer (FAZ-800F as Example) FortiSIEM (FSA-2000F as Example) Machine
Cloud
FortiClient FortiEDR
© Fortinet Inc. All Rights Reserved. 39
FortiGuard Application Control for Industrial
Systems
Specialized for OT
Industrial Control Systems (ICS)
Detect and Protects industrial applications
Almost 1,800 industrial app signatures
Recognized OT Protocols
DNP3 HART
BACnet LONTalk
Elcom MMS
EtherCAT Modbus
EtherNet/IP OPC
IEC 60870-6 Profinet
(TASE 2) /ICCP S7
IEC 60870-5-104 SafetyNET
IEC 61850 Synchrophasor
QNX Yokogawa
Telemetry
Network
Web IPS Application Control
Web
Anti-Virus
Sandbox Filtering
SECURITY
Email
Endpoint FABRIC
CERTs PROTECTIONS
AI / Machine Fortinet Distribution Anti- Endpoint
Indicators of Compromise (IoCs)
Learning Network Spam Vulnerability
Enforcement
Partnerships
Zero-Day FortiGuard PROACTIVE
Labs RESEARCH Adversary Security
Threat Intel Briefs Threat Signals
Virtual
Playbooks Blogs Patches
OSINT Detection and protection Federated Machine
in milliseconds Learning
CTA feeds
THREAT
INTELLIGENCE
Trusted SERVICES Penetration Phishing Incident
Partnerships Testing Service Response
FortiManager
Cloud Mgmt FortiAnalyzer
& Operations
Available A-la-carte
IPAM Service
Enterprise
Protection IoT Service
Industrial Security
World-class
Protection Security Rating
Deep OT Visibility
Fan
01 OT Increasingly
Connected
Digital Transformation and the pandemic are
driving increased connectivity from OT to IT.
03 Rich OT
Capabilities
OT-specific features in almost every Fortinet
product family, Practice Leaders and Strong
Partnership with Global OT EcoSystems
© Fortinet Inc. All Rights Reserved. 58
Other Resources Available
A Technology and Learning Partner
Creating qualified professionals to close the cyber skills shortage
Demo Time.