FortiGate Next Generation Firewall (NGFW)

FortiGate: Next Generation Firewall (NGFW)

FortiGate: Next Generation Firewall (NGFW) – High threat protection performance with automatic visibility to stop attacks.

Request a Quote

DESCRIPTION

FortiGate: Next Generation Firewall (NGFW) – High threat protection performance with automatic visibility to stop malicious attacks on the network.

Overview

Overview FortiGate: Next Generation Firewall (NGFW)

FortiGate next-generation firewalls (NGFWs) utilize a purpose-built security processor and intelligence security services from Forti Guard’s AI-powered labs to provide high-rated protection, high-performance inspection of clear and encrypted text traffic. The new generation of firewalls reduce cost and complexity with full visibility into applications, users and networks and provide the best possible security. As an integral part of the Fortinet Security Fabric, new generation firewalls can communicate within Fortinet’s comprehensive security portfolio as well as third-party security solutions in a multivendor environment to share threat intelligence and improve security posture.

When companies consider how to provide comprehensive visibility and advanced layer 7 security, including threat protection, intrusion prevention, web filtering and application control, they face major hurdles that complicate managing these point products without integration and lack of visibility. Gartner predicts that by 2019.80% of corporate traffic will be encrypted and 50% of attacks targeting companies will be hidden in encrypted traffic to infiltrate networks or extract data, therefore using HTTPS checking is a must.

FortiGate: Next-Generation Firewall News

  • 31 Okt 2019

    Fortinet’s Latest Security Processor Accelerates the Best Selling Next Generation Firewall

    FortiGate 60F Sets New Benchmarks for Security, Calculates Rankings, and Generates High Performance for Integrated Security and SD-WAN

  • 19 Sep 2019

    Fortinet Recognized as Leader in Gartner’s Magic Quadrant for Network Firewalls

    Marks 10 consecutive times that Fortinet is in the Magic Quadrant for Network Firewalls

  • 1 Agustus 2019

    Fortinet Accelerates and Secures Cloud On-Ramp with a New Generation Firewall

    Announced today, the new FortiGate Next-Generation Firewalls (NGFW) Firewall, comprising the FortiGate 1100E, FortiGate 2200E and FortiGate 3300E Series. FortiGate Next-Generation Firewall’s new e-series enables our customers to design security-driven networks and accelerate their on-line. the path to the clouds.

FortiGate: Next Generation Firewall Product Details

FortiGate’s new generation firewall offers flexible deployment from the network edge to the core, data center, internal segment, and cloud. The FortiGate enterprise firewall leverages a purpose-built security processor (SPU) that delivers scalable performance of advanced security services such as Threat Protection, SSL inspection, and extremely low latency to protect internal segments and mission critical environments.

FortiGate NGFW provides automatic visibility to cloud applications, IoT devices and automatically finds end-to-end topology views of corporate networks. FortiGate is a core part of a validated security and security structure protecting corporate networks from known and unknown attacks.

Models and Specification

FortiGate: Next-Generation Firewalls Models and Specifications

FortiGate NGFW is available in many different models to meet your needs from entry-level hardware to ultra-high-end devices to meet the most demanding threat protection performance requirements. This ensures that the corporate campus, core data center, or internal segment, FortiGate can seamlessly fit into your environment.

FortiGate: Chassis-based NGFW

FortiGate 7060E FortiGate 7030E
Threat Protection 80 Gbps Threat Protection 35 Gbps
SSL Inspection Throughput 79.9 Gbps SSL Inspection Throughput 50 Gbps
Network Interfaces Multiple 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28 Network Interfaces Multiple 10 GE SFP+/SFP, 40 GE/100 GE QSFP28
FortiGate 7040E FortiGate 5001E
Threat Protection 40 Gbps Threat Protection 13.5 Gbps
SSL Inspection Throughput 50 Gbps SSL Inspection Throughput 17 Gbps
Network Interfaces Multiple 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28 Network Interfaces 2x 40GE QSFP+, 2x 10GE SFP+, 2x GE RJ45

FortiGate: Ultra high-end NGFW

FortiGate 6300F FortiGate 6500F
Threat Protection 60 Gbps Threat Protection 100 Gbps
SSL Inspection Throughput 90 Gbps SSL Inspection Throughput 130 Gbps
Network Interfaces Multiple 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45 Network Interfaces
Multiple 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45

FortiGate: High-end NGFW

FortiGate 3200D
Threat Protection 20 Gbps Threat Protection 15 Gbps
SSL Inspection Throughput 32 Gbps SSL Inspection Throughput 20 Gbps
Network Interfaces 10x 100GE QSFP28, 16x 10GE SFP+, 2x GE RJ45 Network Interfaces
Multiple GE RJ45 and 10 GE SFP+ / GE SFP slots
FortiGate 3960E FortiGate 3100D
Threat Protection 13.5 Gbps Threat Protection 13 Gbps
SSL Inspection Throughput 30 Gbps SSL Inspection Throughput 22 Gbps
Network Interfaces Multiple 40/100 GE QSFP+/QSFP28, 10 GE SFP+ and GE RJ45 Network Interfaces
Multiple 10 GE SFP+ | Multiple GE SFP and GE RJ45
FortiGate 3800D FortiGate 3000D
Threat Protection 13 Gbps Threat Protection 13 Gbps
SSL Inspection Throughput 23 Gbps SSL Inspection Throughput 19 Gbps
Network Interfaces Multiple 100 GE CFP2, 40 GE QSFP+, 10 GE SFP+ and/or multiple GE SFP/RJ45 depending on variants Network Interfaces
Multiple 10 GE SFP+ | Multiple GE SFP and GE RJ45
FortiGate 3700D FortiGate 2500E
Threat Protection 13 Gbps Threat Protection 5.4 Gbps
SSL Inspection Throughput 24 Gbps SSL Inspection Throughput 11.5 Gbps
Network Interfaces Multiple 40 GE QSFP+, 10 GE SFP+ and GE SFP Network Interfaces
10x 10GE SFP+, 2x 10GE SFP+ bypass, 34x GE RJ45
FortiGate 3600E FortiGate 2200E
Threat Protection 30 Gbps Threat Protection 11 Gbps
SSL Inspection Throughput 34 Gbps SSL Throughput Inspection 17 Gbps
Network Interfaces 6x 100 GE QSFP28, 32x 25 GE SFP28, 2x GE RJ45 Network Interfaces
4x 40GE QSFP+, 20x 10GE/25GE SFP+/SFP28, 12x GE RJ45
FortiGate 3400E FortiGate 2000E
Threat Protection 23 Gbps Threat Protection 5.4 Gbps
SSL Inspection Throughput 30 Gbps SSL Inspection Throughput 12.5 Gbps
Network Interfaces 4x 100 GE QSFP28, 24x 25 GE SFP28, 2x GE RJ45 Network Interfaces
6x 10GE SFP+, , 34x GE RJ45
FortiGate 3300E FortiGate 1500D
Threat Protection 17Gbps Threat Protection 5 Gbps
SSL Throughput Inspection 21 Gbps SSL Inspection Throughput 10.5 Gbps
Network Interfaces 4x 40GE QSFP+, 4x 10GE RJ45, 16x 10GE/25GE SFP+/SFP28, 12x GE RJ45 Network Interfaces
8x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
FortiGate 1100E FortiGate 1200D
Threat Protection 7.1 Gbps Threat Protection 4 Gbps
SSL Throughput Inspection 10 Gbps SSL Inspection Throughput 6 Gbps
Network Interfaces 2x40GE QSFP+, 4x25GE SFP28, 4x10GE SFP+/SFP, 8x1GE SFP, 16xGE RJ45 Network Interfaces
4x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
FortiGate 1000D
Threat Protection 4 Gbps
SSL Throughput Inspection 4 Gbps
Network Interfaces
2x 10 GE SFP+, 16x GE SFP, 18x GE RJ45

FortiGate: Mid-range NGFW

FortiGate 900D FortiGate 300E
Threat Protection 3 Gbps Threat Protection 3 Gbps
SSL Inspection Throughput 4 Gbps SSL Throughput Inspection 3.9 Gbps
Network Interfaces Multiple GE RJ45, GE SFP and 10 GE SFP+ slots Network Interfaces
Multiple GE RJ45 and GE SFP Slots
FortiGate 800D FortiGate 200E
Threat Protection 3 Gbps Threat Protection 1.2 Gbps
SSL Inspection Throughput 4 Gbps SSL Throughput Inspection 1 Gbps
Network Interfaces Multiple GE RJ45, GE SFP, 10 GE SFP+ slots and bypass GE RJ45 pairs Network Interfaces
Multiple GE RJ45, GE SFP Slots
FortiGate 600E FortiGate 100F
Threat Protection 7Gbps Threat Protection 1 Gbps
SSL Inspection Throughput 8 Gbps SSL Throughput Inspection 1 Gbps
Network Interfaces Multiple GERJ45, Multiple GE SFP, Multiple 10GE SFP+ Network Interfaces
2 x 10GE SFP+ Slots, 18 x GE RJ45 and 8x 1GE SFP and 4x GE RJ45/SFP Shared Media Pairs
FortiGate 500E FortiGate 100E
Threat Protection 4.7 Gbps Threat Protection 250 Mbps
SSL Inspection Throughput 5.7 Gbps SSL Throughput Inspection 130 Mbps
Network Interfaces Multiple GE RJ45, GE SFP and 10 GE SFP+ Slots Network Interfaces
Multiple GE RJ45, GE SFP Slots | PoE/+ Variants
FortiGate 400E
Threat Protection 5 Gbps
SSL Inspection Throughput 4.8 Gbps
Network Interfaces
Multiple GE RJ45 and Multiple GE SFP Slots

FortiGate: Entry-level NGFW

FortiGate 80E FortiGate 40F
Threat Protection 250 Mbps Threat Protection 600 Mbps
SSL Inspection Throughput 180 Mbps SSL Throughput Inspection 310 Mbps
Network Interfaces Multiple GE RJ45 | Varients with internal storage | Variants with PoE/+ interfaces Network Interfaces
Multiple GE RJ45 | WiFi Variants
FortiGate 60F FortiGate 30E
Threat Protection 700 Mbps Threat Protection 150 Mbps
SSL Throughput Inspection 750 Mbps SSL Throughput Inspection 160 Mbps
Network Interfaces Multiple GE RJ45 | Variants with internal storage Network Interfaces
Multiple GE RJ45 | WiFi Variants
FortiGate 60E FortiGate 60D – Rugged
Threat Protection 200 Mbps Threat Protection 25 Mbps
SSL Throughput Inspection 175 Mbps SSL Throughput Inspection 18 Mbps
Network Interfaces Multiple GE RJ45 | WiFi variants | Variants with internal storage | Variants with PoE/+ interfaces Network Interfaces
10x GE RJ45
FortiGate 50E
Threat Protection 160 Mbps
SSL Throughput Inspection 185 Mbps
Network Interfaces Multiple GE RJ45 | WiFi Variants | Variants with dual radios | Variants with internal storage

Virtual Machines

FortiGate-VM00 FortiGate-VM08, -VM08V
Throughput 12 Gbps Throughput 33 Gbps
vCPU 1x vCPU core, (up to) 2 GB RAM vCPU
8x vCPU cores, (up to) 12 GB RAM
FortiGate-VM01, -VM01V FortiGate-VM16, -VM16V
Throughput 12 Gbps Throughput 36 Gbps
vCPU 1x vCPU core, (up to) 2 GB RAM vCPU
16x vCPU cores, (up to) 24 GB RAM
FortiGate-VM02, -VM02V FortiGate-VM32, -VM32V
Throughput 15 Gbps Throughput 50 Gbps
vCPU 2x vCPU cores, (up to) 4 GB RAM vCPU
32x vCPU cores, (up to) 48 GB RAM
FortiGate-VM04, -VM04V FortiGate-VMUL, -VMULV
Throughput 28 Gbps vCPU
Unlimited vCPU cores and RAM
vCPU
4x vCPU cores, (up to) 6 GB RAM

“V” Series VMs do not include VDOM licenses by default.  VDOM licenses can be added separately.

Actual performance may vary depending on the network and system configuration.

Performance metrics were observed using a DELL R740 (CPU Intel Xeon Platinum 8168 2.7 GHz, Intel X710 network adapters), running FOS v5.6.3. Tested with VMware vSphere 6.5 Enterprise Plus. SR-IOV is enabled.

Customer Reviews

Fortinet Customers and Partners emphasize the value-proposition of FortiGate’s Next Generation Firewall in the Gartner Peer Insights Review for Network Firewalls.

FortiGate Next-Generation Firewall offers flexible deployment from the network edge to the core, data center, internal segments, and multiple clouds, enhancing a custom built security processor (SPU) that delivers high performance from advanced security services such as threat protection, SSL inspection, IPS without fear of degradation for mission critical environments. FortiGate NGFW provides seamless integration with multiple clouds and enables the secure delivery of business applications and services.

FortiGate NGFW provides fully automatic visibility to all internal segments, applications and network flows to detect and recover any malware and pave the way for consistent security policies regardless of asset location. FortiGate NGFW is the first vendor to offer support for the latest encryption standard called TLS 1.3 which provides a stronger security framework and makes Fortinet customers future ready.

FortiGate NGFW has been Recognized as the Leader in the Gartner Magic Quadrant for Network Firewalls. This is the 10th time Fortinet has been recognized in MQ for Network Firewall.

FortiGate NGFW has received its 6th consecutive “Recommended” rating in the NSS Labs 2019 NGFW Group Test and continues to receive positive feedback from users at Gartner Peer Insights.

Here’s what some of our customers have to say about FortiGate NGFW.

“Fortinet FortiGate is perfect for businesses of any size to protect their internal network”

Software Engineer, Knowledge Specialist, company size- $ 50 million- $ 250 million, Education Industry

“We have two firewalls, one in each data center. They are configured as active-passive. All incoming and outgoing traffic passes through them for the entire organization. This ensures that all packages to and from the user are managed and controlled. If you have an immediate need, this is a good horse. We’re not at the console every day. Mostly set it up and forget it for us. If this is what you need, it’s not a bad solution. ”

“Powerful CLI Functions, API Integration, and Advanced Features”

Security Analyst, Security and Risk Management, company size – $ 50 million – $ 250 million, service industry

“We use Enterprise Firewall at our location around 3+. This product is quite successful in terms of integration in terms of architecture. The API provided by the manufacturer allows very successful integration. Designed with integration security in mind. We can assign permissions via a role-based API. The Next Generation Firewall has a firewall feature. It includes advanced features for security. Especially our firewall and automation tool integration works smoothly. We managed to block the intelligence data we were feeding on the firewall. Performs very well in high traffic. However, the log flow is about an hour behind. The use and management of the product is not too difficult and complex. SIEM command functions and functionality include utilities for admins managing products. ”

“Easy Implementation, Simple GUI”

Network Engineer, company size – $ 500 million – $ 1 billion, Manufacturing industry

“We have been using Fortinet Firewall for some time now. We were running FortiOS 6.0.4 which performed very well. The GUI is easy to operate and we really like this product.

“Are You Thinking Of A Firewall Solution? No Need To Think Twice For FortiGate “

Server Administrators, Infrastructure and Operations, company size – $ 50 million – $ 250 million, Health industry

“FortiGate offers several sizing options to suit any size organization, from small businesses to large companies. The licensing options are also flexible, allowing organizations to choose their level of protection. Options include antivirus, web filtering, DNS filtering, application control, intrusion prevention, anti-spam, web application firewall, and SSL inspection. They also include a cloud sandbox with their offering. ”

“The Most Stable And Versatile Product with Outstanding Features And Outstanding Performance”

Project Manager, company size – $ 3 B – $ 10 B, Industry construction

“If I were to talk about my experience as a whole, I would say it is a wonderful product that can be implemented easily and is considered an integral part of the business. Very helpful in achieving our goals. This gives us an easy way to handle the system. It is undoubtedly the most reliable product. He offers great support with his efficient team providing quick responses to our questions. ”

“Top Level Performance, Top Level NGF Firewall Features”

Security Engineer, Security & Risk Management, company size- $ 50 million – $ 250 million, Service industry

“Next Generation is one of the most successful Firewall products with a Firewall feature. Antivirus engines are very successful against high-level threats. You can start the automation process by detecting the same threat through the logs. It also works in high traffic. When you finish your segmentation correctly, the visibility level will start to increase. This product has many capabilities that work, such as SSL inspection and bandwidth settings at the Application level. The product log has official support for many SIEM systems. Syslog sends and sends incoming quality. You can raise awareness in your incident response process by creating various alerts about SIEM. ”

“Fighting Cyber ​​Threats with Peace of Mind”

Vice President, Financial Industry, company size – $ 10 billion – $ 30 billion, Finance industry

“After different Firewall POCs became available on the market, our network security team found Fort gate Firewall to be the best gadget available. FortiGate This device receives continuous threats and intelligence updates from the FG Labs security service. Intrusion prevention, anti-malware, and, application control and web filtering protect your company from both known and unknown advanced attacks. ”

Gartner Peer Insights reviews are the opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.
Use Cases

Next-Generation Firewall Use Cases

Services

FortiGuard Security Services for FortiGate: Next-Generation Firewalls

FortiGuard
Industry Leading AI-driven Protection and Intelligence

FortiGate next-generation firewalls (NGFWs) are the backbone for a security-driven network.  Given the mission-critical role these play in any environment, Fortinet fortifies our leading NGFW’s with best-in-class security, support, and cloud-based automation and management.

Read on to find out how Fortinet subscriptions and services can help you get the most out of your FortiGate NGFW’s:

Effective best-in-class security requires timely, global intelligence combined with fast decision-making and response across all critical vectors. Fortinet offers proven and one of the most certified artificial intelligence-driven protection available in the market today powered by FortiGuard Labs.

For customers implementing FortiGates as NGFWs, here’s how FortiGuard subscriptions can help:

  • Application Control: Fortinet boasts one of the largest applications database to safeguard your organization from risky application and allows you visibility and control of applications running in your network
  • Intrusion Prevention: Stop unwanted attempts to access your network that target vulnerabilities and configuration gaps. We block over 10 million intrusion attempts per minute.
  • Advanced Threats: Stop malicious files and payloads moving into your network with FortiGuard’s leading advanced malware, antivirus, and sandboxing capabilities. We stop over 35,000 malicious files per minute.

FortiCare
World-class Global Support and Professional Services

Mission critical security-driven networks deserve the best support available.  FortiCare provides 24×7 support options to help keep your FortiGates up and running.  We also have services to help you recover in the rare moments when bigger bumps seem to come out of nowhere such as our Premium RMA options with 4-hour replacements.

Want faster resolution?  Choose our Advanced Support option.

Need help to get going with new deployments and integrations?  FortiCare can do it, too, with Professional Services and Resident Engineers!  Contact Sales to find out how.

  • 24×7 Support
  • Advanced Support
  • Premium RMA
  • Professional Service & Resident Engineer

FortiOps

Cloud-based Management, Visibility, and Operations

Delivering world-class security is not all that we do! We can help our customers lower their total cost of ownership (TCO) and simplify day-to-day security operations through our FortiOps services, which provide cloud-based management, visibility, and automation across their Fortinet Security Fabric.

  • Centralized Management
  • Security Analytics & Event Management
  • Visibility & Control for SaaS Applications
  • SD-WAN Monitoring
  • SD-WAN VPN Overlay

Pro-Tips

  • Keep it simple and save some money too! Choose the Unified Protection Bundle for your FortiGates that includes 24×7 FortiCare, all the FortiGuard Services you see here, and more. Therefore, Customers looking to also lower their TCO can add FortiOps options a-la-carte or order the Enterprise Protection Bundle for the most comprehensive and cost-effective protection and operations for their NGFW.
  • Don’t forget to add FortiCare Advanced Support and Premium RMA for the fastest way to recover from unexpected bumps. We have global team of experts standing by to assist you and global depots to get you parts fast!