Aligning Digital Transformation and Security at IBM Think 2019 - Fortinet Certifications

Fortinet at IBM Think 2019

As a Gold Sponsor at this year’s event, Fortinet will be highlighting a range of security solutions at booth #129. These will center around the Fortinet Security Fabric, which is designed to address the new cybersecurity challenges being introduced by digital transformation. Attendees will have the opportunity to learn more about the advantages of a fabric-based architecture and how it provides protection against threats across the entire network—from the cloud to IoT devices.

The Fortinet team will also be discussing the capabilities of our Secure SD-WAN solution. As the only vendor to provide native SD-WAN in combination with integrated threat protection, Fortinet is helping organizations properly prepare for the next generation of connectivity. By replacing individual WAN routers and security devices with a unified solution, FortiGate SD-WAN offers a single-pane-of-glass approach to management that simplifies next-gen branch deployments without compromising on essential protections.

Fortinet on IBM Cloud delivers both physical and virtualized security appliances to secure unique data planes. FortiGate virtual appliances on IBM Cloud for VMware Solutions are available through the IBM Cloud portal. FortiGate appliances bring comprehensive security to workloads on the IBM Cloud Platform with a rich set of virtualized firewall functionality, including security gateway, intrusion prevention, and web application security. 

Additionally, IBM Think 2019 attendees can take a deeper dive into understanding the security behind IT and OT convergence by attending our speaking session:

Best Practices for Securing Your OT Infrastructure

Best Practices for Securing Your OT Infrastructure (5981A) will be led by Rick Peters, Director of Operational Technology, Global Enablement at Fortinet. It will take place on Thursday, February 14th from 11:30–12:10 ET at Moscone South, Exhibit Level, Hall C.

This session will center on those cybersecurity challenges which emerge as a result of connecting traditional IT networks with SCADA/ICS systems. Despite embracing the conversion of IT and OT, many businesses and government agencies are not prepared to effectively combat associated cyberthreats. To properly enable the opportunities that such convergence provides, enterprises must take advantage of appropriate security tools and strategies in order to defend against outside hackers, without introducing new challenges into their OT space.

Digital Transformation and Security

The rise of digital business provides welcomed opportunities for organizations, but it has also opened the door for a whole new range of potential cyberthreats. For example, the new, exciting potential of AI is being embraced for a number of business-critical reasons reasons, but it is essential that organizations also understand how such solutions can also introduce new challenges. In order to make the most out of digital transformation, security must be considered to be just as critical as any other innovation being added to a digital business strategy.

By networking and collaborating with experts and peers at IBM Think 2019, individuals from all backgrounds will expand their knowledge of technology and better understand the vital role—and risks—they play in today’s businesses. Throughout the event, our team will be available to collaborate with attendees and showcase advanced Fortinet solutions designed to keep businesses secure through their digital transformation process.

Secret To Pass Fortinet Certification Exams In First Attempt

Data Privacy Day - What it Means for Your Organization

What this means for your organization

If your organization does business with any organizations or individuals in the EU, you have already had to make significant changes to how you process, manage, and store the data of EU residents. Prepare now to provide many of the same sorts of protection to your US and Canadian customers. Here is a quick checklist of the things you will need to do:

1.     Implement a comprehensive, integrated security strategy. It has been said that there cannot be any data privacy without good data security. Because of that, you have to start by ensuring that any PII data your organization touches is secured from the moment it enters your network to the moment it leaves. This includes applying security measures and policies that can seamlessly identify, follow, and secure data as it moves between network domains and devices, including across multi-cloud or SD-WAN environments, as well as into your storage area network (SAN).

Security plays a critical role in helping you know where every bit of data is located and who and what has access to it. An integrated security framework allows all security components to see other devices, share and correlate information between them, and participate in a coordinated threat response. It needs to be woven into and across every aspect of your evolving network to enable things like unified policy creation, centralized orchestration, and consistent enforcement. This approach allows you to extend visibility deep into your infrastructure to see every device, track every application and workflow, and more importantly, see and secure all data. It also allows you to demonstrate compliance with regards to protected privacy requirements and the verification of its secure storage, use, and removal.

2.     Change what and how you collect PII data. New privacy laws such as GDPR define individuals as the sole owners of their data, and not businesses or institutions. As a result, these individuals must be able to withdraw their consent to the collection of their data as quickly and easily as it was given. This will require organizations to collect only the minimum amount of data needed for a specific purpose, and to then be able to completely remove it when it is no longer needed. 

3.     Reorganize your data so that PII can be easily identified, flagged, and deleted. Be prepared to demonstrate to compliance officials that you can prevent specific data from being shared or sold to third parties and that you can remove all instantiations of an individual's PII regardless of where it is being stored or used. For larger organizations, this is not a trivial task. It will require significant retooling of databases, rewriting software applications and websites, and redesigning internal processes to simplify and accelerate internal processes to identify all data related to a single customer. The GDPR’s “right to be forgotten” (RTBF) means that data needs to be found and removed quickly and easily, rather than relying on humans to hunt for each instance of personal information scattered across your distributed network.

4.     Encrypt PII to ensure that if possesses no risk if compromised.  You should consider encrypting data in transit and at rest in your network.  Encryption negates the value of data if it is compromised.  But encrypting large volumes of data is no easy task.  Organizations should consider ability of encryption performance and any associated degradation of performance.

Summing Up

New and looming data privacy legislation reflects growing public concern about the protection and personal ownership of PII. Data Privacy Day is an urgent reminder that every organization that touches personal data needs to re-evaluate its IT security infrastructure. Are your IT security solutions able to effectively communicate, regardless of where they have been deployed, to optimally protect data and provide network-wide visibility? Does your network include sophisticated data-protection measures such as threat prevention and detection, pseudonymization of PII, and internal segmentation to isolate and track customer and employee data? And finally, have you documented, and more importantly, tested your data-breach response plan?

Our experts say about Fortinet Certification Exams

Will Emerging Threats Tip the Scales - Fortinet Certifications

Digital devices and infrastructures continue to be woven deeper into every aspect of our lives, whether through connected homes, cars, and mobile devices, or by expanding their role in business, government, and even critical infrastructure. One outcome of this is that the stakes in the ongoing battle between cybercriminals and security professionals continues to rise. We are no longer just looking at a cyber breach impacting an organization’s reputation and bottom line. Now and into the future, there is a real potential for a successful cyberattack to disrupt interconnected economies, shut down essential services, or even result in physical harm.

Emerging threats will tip the scales

The classic problem is that the playing field is dramatically uneven. Cybercriminals only need to find a single weakness in a security strategy to achieve their goals, while defenders have to stop 100% of threats 100% of the time. And because attacks are becoming increasingly sophisticated, often attack multiple threat vectors simultaneously, the imbalance between these adversaries continues to grow.

Last fall, Fortinet predicted a number of emerging threats that may be game changers if we don’t change our tactics. They include such things a Swarmbots—semi-autonomous botnets comprised of clusters of compromised devices with specialized skillsets that can work collectively to solve problems, the commoditization of fuzzing—a process for discovering zero-day vulnerabilities in hardware and software interfaces and applications, and machine learning poisoning—training automated security devices to intentionally overlook certain threats.

Changing cybersecurity tactics

The traditional process of identifying a threat and then developing a counter defense, or even attempting to anticipate and neutralize new attack strategies, are becoming obsolete. Defenders need to approach this problem from an entirely new direction. One possible approach is to adopt strategies and solutions that address and disrupt the economic drivers of the criminal community.

For many criminal organizations, attack techniques are evaluated not only in terms of their effectiveness, but also in the overhead required to develop, modify, and implement them. In short, in many ways they function like legitimate business. Knowing this, one defensive response is to make changes to people, processes, and technologies that impact the economic model of the attacker. Security Week, December 07, 2018

Changing the game

In his SecurityWeek byline, John Maddison outlined three strategies for defending against tomorrow’s threats:

1. Deploy Deception

One economic model used by cyberattackers depends on reducing risk of discovery. Since the time between breach and exploit continues to shorten, one strategy with real potential is to simply slow down attacks. Deception strategies can generate dozens of enticing false targets combined with tripwires that force attackers to slow down, allowing attackers and malware to be quickly identified and removed.

2. Refine Threat Intelligence

Building new attacks is expensive. Instead, cybercriminals maximize their investment in an attack by making minor changes to their malware.

Even something as basic as changing an IP address can enable malware to evade detection by many traditional security tools. The continued success of known exploits is testament to the effectiveness of this strategy. Security Week, December 07, 2018

As threat intelligence becomes better at identifying entire attack families, the more difficult it becomes for cybercriminals to simply adjust their existing attack tools and strategies to evade detection. Applying behavioral analytics to threat intelligence to predict the future behavior of malware can preempt new attacks and force cybercriminals back to the drawing board. 

3. Take a Proactive Approach

The final approach is to engineer as much risk as possible out of your current network by moving from implicit trust to a zero trust model. This includes implementing multi-factor authentication, deploying network access control, and adopting automated, intent-based segmentation and microsegmentation. This begins by integrating traditionally isolated security devices into a single, integrated architecture. Tools that can actively correlate threat intelligence and respond as a single, integrated system are much more effective at combating even the most advanced threats.

Conclusion

Getting out of the trap of security brinksmanship requires organizations to rethink their security strategies. Instead, organizations need to target the economic motivations of cybercriminals by anticipating their attacks and thereby forcing them back to the drawing board. This starts with a cohesive security fabric that can gather and share threat intelligence, perform logistical and behavioral analysis, and tie information back into a system to preempt criminal intent and raise the cost of doing criminal business.

Success Secrets: How you can Pass Fortinet Certification Exams in first attempt 

Fortinet Practice Exam Dumps PDF VCE Exams Files - VCE Exams Test

Fortinet NSE7 - Questions & Answers Free Demo

Question 1

Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?

A: Diagnose debug application radius -1.
B: Diagnose debug application fnbamd -1.
C: Diagnose authd console –log enable.
D: Diagnose radius console –log enable.

Correct Answer: A

Question 2

An administrator has configured a FortiGate device with two VDOMs: root and internal. The administrator has also created and inter-VDOM link that connects both VDOMs. The objective is to have each VDOM advertise some routes to the other VDOM via OSPF through the inter-VDOM link. What OSPF configuration settings must match in both VDOMs to have the OSPF adjacency successfully forming? (Choose three.)

A: Router ID.
B: OSPF interface area.
C: OSPF interface cost.
D: OSPF interface MTU.
E: Interface subnet mask.

Correct Answer: BDE

Question 3

An administrator has configured a dial-up IPsec VPN with one phase 2, extended authentication (XAuth) and IKE mode configuration. The administrator has also enabled the IKE real time debug:
diagnose debug application ike-1
diagnose debug enable

In which order is each step and phase displayed in the debug output each time a new dial-up user is connecting to the VPN?

A: Phase1; IKE mode configuration; XAuth; phase 2.
B: Phase1; XAuth; IKE mode configuration; phase2.
C: Phase1; XAuth; phase 2; IKE mode configuration.
D: Phase1; IKE mode configuration; phase 2; XAuth.

Correct Answer: D

Question 4

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

A: Group ID.
B: Group name.
C: Session pickup.
D: Gratuitous ARPs.

Correct Answer: A

Question 5

When does a RADIUS server send an Access-Challenge packet?

A: The server does not have the user credentials yet.
B: The server requires more information from the user, such as the token code for two-factor authentication.
C: The user credentials are wrong.
D: The user account is not found in the server.

Correct Answer: B

Success Secrets: How you can Pass Fortinet Certification Exams in first attempt 

Common SD-WAN Security Mistakes

Digital transformation is about much more than moving workflows to the cloud and adopting IoT. It is about retooling the entire network to make it faster, more efficient, much more flexible, and cost-effective. Which means it also includes things like agile software and application development, rethinking access and onboarding, and creating dynamic and adaptable network environments.

Top of the list for many organizations is the adoption of SD-WAN, which extends the advantages of digital transformation to branch offices. It provides them with instant access to distributed resources, whether they are located in a central data center, in a multi-cloud deployment, or somewhere else across the connected network. And it does this without the rigid implementation requirements and expensive overhead of traditional MPLS connections. 

Common SD-WAN Security Mistakes

The challenge is that SD-WAN is often adopted with only a cursory consideration of security. SD-WAN projects tend to be driven by the networking team, and a lot of organizations get so swept up in the cost-saving benefits of SD-WAN that they completely forget about security. 

Part of the problem is that the vendor community has done a poor job of integrating meaningful security into their solutions. There are currently over 60 vendors offering SD-WAN solutions, and nearly all of them only support IPSec VPN and basic stateful security, which is not at all enough to protect your branch against evolving cyberattacks. As a result, organizations having to add additional layers of effective security after their SD-WAN solution has already been deployed. This mistake not only puts the organization at risk due to their running an unsecured solution, but the process of bolting on security after the fact – often using the legacy security tools in place that were never really designed for the complexities of an SD-WAN deployment - creates unnecessary complexity and overhead, thereby increasing total cost of ownership.

Essential SD-WAN Security Requirements

To address these challenges, here are four security strategies that need to be part of any SD-WAN solution and strategy:

1. Insist on Native NGFW Protection

To begin, organizations must choose an SD-WAN solution with built-in NGFW security. This advanced security enables consistent inspection, detection, and protection across the entire SD-WAN, from branch to cloud to core, as an integrated function of any SD-WAN deployment. It also enables protection to natively follow workflows, data, and applications even as the SD-WAN network shifts and adapts to changing networking demands – a function that most legacy security solutions struggle to perform. Of course, not all security solutions are the same, so it is even better if that integrated NGFW security solutions has been verified by a third party for its security effectiveness. 

2. Integration is Fundamental

The other challenge is that you don’t want to deploy yet another stand-alone security solution. Fractured visibility and device-by-device policy orchestration simply adds more complexity to an already complicated challenge of securing today’s distributed digital networks. So the next thing you need to ensure is that the security strategy you choose for your SD-WAN deployment can be easily and seamlessly integrated into your existing security architecture. Choosing a solution that functions as part of a broader security fabric gives your organization a stronger security posture by providing transparent views of network security, centralized management controls, and threat intelligence sharing and correlation.

3. SD-WAN Traffic Must Be Encrypted

The challenge of replacing MPLS with a broadband connection is that public Internet is generally less reliable, which can be a serious issue for digital businesses and users that demand instant access to resources and data. In addition, nearly 90% of all organizations have implemented a multi-cloud strategy, which each require their own separate connection. As a result, most organizations deploying SD-WAN use multiple broadband links to connect the enterprise branch to the core network as well as to reach the multi-cloud. Every such connection, however, also expands your potential attack surface.

In addition, organizations are increasingly deploying cloud-based SaaS applications such as Office365 and Salesforce so their entire workforce is able to collaborate with maximum efficiency. These connections may often include critical information that needs to be protected. This is why using VPN as a transport security overlay is a fundamental component of any SD-WAN solution, and why it’s also essential that these VPN solutions provide very high performance combined with dynamic scalability. 

4. Encrypted Traffic Must Be Inspected

Secure connectivity, however, isn’t enough in digital business environments that measure success in microseconds. As SSL (HTTPS) traffic increases, attackers are hiding malware inside encrypted tunnels to evade detection. Unfortunately, most SD-WAN vendors that only offer basic security do not provide SSL inspection, or if they do, it is woefully inadequate. This is the most common mistake we see when enterprises deploy SD-WAN. 

One of the challenges is that even if security teams do manage to bolt on security to their SD-WAN deployment, SSL inspection will cripple the performance of nearly every legacy NGFW solution on the market. It’s so bad, in fact, that most security vendors won’t even publish their SSL inspection performance numbers. However, few organizations competing in today’s digital marketplace are willing to sacrifice performance. So real SSL inspection is either applied haphazardly or not at all. This is why it’s essential that in addition to scalable VPN connectivity, you also take a close look at SSL inspection numbers provided by third-party testing labs to ensure you select a solution that meets your performance and security requirements.

Our experts say about Fortinet Certification Exams

Helping Exponential-e Navigate the Changing Threat Landscape

The Need for a Modern, Efficient Solution

To continue to provide their customers with the peace of mind that Exponential-e strives for, it was clear that their managed firewall service would have to be updated to keep up with advancing requirements.

Exponential-e already had an established Fortinet Managed Firewall offering, which helped their customers protect their corporate networks from security threats and unauthorised access attempts. However, although the deployed FortiGate models were suitable at the time of implementation, the technology which powered these devices was aging. And because the threat landscape had evolved, their clusters were operating at maximum capacity and there was no system for centralised management. This meant that managing and operating these systems was time consuming and potentially insufficient. As a result, Exponential-e was looking to update and relaunch their Managed Firewall offering as a Managed Next Generation Firewall (MNGF) service, which would help to meet a number of security and operational concerns while keeping their solutions in line with the objective of becoming a managed security service provider (MSSP).

Another issue was that their current infrastructure had become unnecessarily costly to deploy and maintain. As a service provider, Exponential-e was keen to ensure maximum operational efficiency and therefore needed to increase the cost effectiveness of their offering.

Finally, Exponential-e was also driven by increasing customer demand for more visibility into threat data. Increasingly, customers prefer this approach to a ‘black box’ service, so Exponential-e required an interface which could provide their customers with higher visibility and advanced admin capabilities.

Meeting Exponential-e’s Requirements

To address these concerns, Fortinet worked closely with Exponential-e to build a solution strategy that would continue to help them drive their business success forward. Fortinet provided a range of complimentary products to meet Exponential-e’s initial requirements, including two FortiGate enterprise firewalls, along with FortiManager, FortiAnalyzer, FortiPortal, and FortiDeploy.

Rather than implementing a rigid product set that would rapidly become outdated, Exponential-e also needed a security infrastructure that could adapt to emerging threats. As a result, Fortinet’s FortiGuard security services subscription was an ideal solution as it provides constant updates to ensure customers are equipped to deal with the latest emerging threats. This solution is also backed up by Fortinet’s large, dedicated FortiGuard research team, which constantly scours the cyber landscape to discover, pre-empt, and block developing threats, enabling Fortinet customers like Exponential-e to rest assured that their offerings are updated and robust enough to stand up to emerging attacks.

This solution also met Exponential-e’s requirement to promote higher operational efficiency. Their new Fortinet solution has enabled Exponential-e to provide more efficient automated services for their customers, thereby reducing the overall costs for the ongoing maintenance and support of the managed services they offer. As a service provider who manages systems on behalf of their clients, this was an important concern to address. Fortinet’s easily deployed infrastructure provided higher efficiency, empowering Exponential-e to manage a greater number of solutions in a more efficient manner.

Success Secrets: How you can Pass Fortinet Certification Exams in first attempt

Mobile Malware Attacks Are Prevalent - fortinet certifications

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today announced the findings of its latest quarterly Global Threat Landscape Report. The research reveals threats are increasing and evolving to become more sophisticated. Unique threat variants and families are on the rise, while botnet infections continue to infect organizations. For a detailed view of the Threat Landscape Indices for exploits, botnets, and malware as well as some important takeaways for CISOs read the blog. Highlights of the report follow:

• Threat Development Continues to Be a Top Focus for Cybercriminals. Cybercriminals are not only expanding their attack arsenal but also developing new strategies for breaching defenses. Unique malware variants grew 43%, while the number of malware families grew by nearly 32%. The number of unique daily malware detections per firm also rose 62%. In line with these trends, unique exploits increased nearly 10% and the number of exploit detections per firm rose 37%. Cybercriminals continue to evolve threats by creating unique malware variants and families, demonstrating the ongoing importance of threat intelligence and assessment tools.
• Mobile Devices Remain a Target. Over one-quarter of organizations experienced a mobile malware attack, with the majority being on the Android operating system. In fact, of the threats organizations faced from all attack vectors, 14% of total malware alerts were Android related. By comparison, only .000311% of threats were targeted at Apple iOS. Mobile threats are a looming threat that must be addressed, especially as the mobile-shopping holiday season nears. These threats can become a gateway for corporate networks to be exploited. Criminals know mobile is an accessible target for infiltrating a network, and they are exploiting it.
• Cryptojacking is a Gateway to Other Attacks. Cryptojacking remains prevalent and continues to grow in scope. The number of platforms affected by cryptojacking jumped 38% and the number of unique signatures nearly doubled in the past year. These include new sophisticated platforms for advanced attackers as well as “as-a-service” platforms for novice criminals. IoT botnets are also increasingly leveraging cryptojacking exploits for their attack strategy. Although it is often considered to be a nuisance threat that simply hijacks unused CPU cycles, security leaders are realizing how cryptojacking can become a gateway for additional attacks. Underestimating the repercussions of cryptojacking places an organization under heightened risk.
• Percentage of Malicious Network Traffic is Higher on Weekends or Holidays. Data shows malicious network traffic represents a higher percentage of overall traffic on weekends and holidays as business traffic slows down significantly since many employees are not working during this time. For many organizations this may be an opportune time to sweep for malware because as the “haystack” of traffic becomes smaller, the chance of finding malicious “needles” is much greater. With cybercriminals using more automated and sophisticated techniques, any opportunity to increase visibility can be an advantage.
• Burstiness of Botnets. The botnet index rose only 2%, though the number of infection days per firm increased 34% from 7.6 days to 10.2 days. This may be an indication that botnets are becoming more sophisticated, difficult to detect, or harder to remove. It may also denote a failure to practice good cyber hygiene in general by some organizations. The importance of consistent security hygiene remains vital to thoroughly addressing the total scope of these attacks. Sometimes botnets can go dormant, only to return after normal business operations have resumed, if the root cause or “patient zero” is not determined.
• Encrypted Traffic Reaches a New Threshold. Encrypted traffic reached a new high, comprising 72% of all network traffic, up from 55% just one year ago. While encryption can certainly help protect data in motion as it moves between core, cloud, and endpoint environments, it also represents a challenge for traditional security solutions. The critical firewall and IPS performance limitations of some legacy security solutions continue to limit the ability of organizations to inspect encrypted data at business speeds. As a result, a growing percentage of this traffic is increasingly not analyzed for malicious activity, making it an ideal mechanism for criminals to spread malware or exfiltrate data.

Digital Change Requires a New Approach to Security

The threat data in this quarter’s report once again reinforces many of the threat prediction trends unveiled by the FortiGuard Labs global research team. To stay ahead of the ongoing efforts of cybercriminals, organizations need to transform their security strategies as part of their digital transformation efforts. Isolated, legacy security devices and poor security hygiene continue to be a formula for increased risk to today’s threat landscape as they do not provide adequate visibility or control. Instead, a security fabric that spans the entire expanded network environment and is integrated between each security element is vital to address today’s growing threat environment and to protect the expanding attack surface. This approach enables actionable threat intelligence to be shared at speed and scale, shrinks the necessary windows of detection, and provides the automated remediation required for today’s multi-vector exploits.

Report and Index Overview

The Fortinet Threat Landscape Report is a quarterly view that represents the collective intelligence of FortiGuard Labs drawn from Fortinet’s vast array of global sensors during Q3 2018. Research data covers global and regional perspectives. Also included in the report is the Fortinet Threat Landscape Index (TLI), comprised of individual indices for three central and complementary aspects of that landscape which are exploits, malware, and botnets, showing prevalence and volume in a given quarter. The report also examines important zero-day vulnerabilities and infrastructure trends to add context about the trajectory of cyberattacks affecting organizations over time.