High threat protection performance with automatic visibility to stop malicious attacks on the network.
Overview FortiGate: Next Generation Firewall (NGFW)
FortiGate next-generation firewalls (NGFWs) utilize a specially built security processor and intelligence security service from Forti Guard’s AI-powered laboratory to provide high-ranking protection, high-performance inspection of clear and encrypted text traffic. The new generation firewall reduces costs and hassle with full visibility into applications, users and networks and provides the best security. As an integral part of Fortinet Security Fabric, the new generation firewall can communicate in Fortinet’s comprehensive security portfolio as well as third-party security solutions in a multivendor environment to share threat intelligence and improve security posture.
When companies consider how to provide comprehensive visibility and sophisticated layer 7 security, including threat protection, intrusion prevention, web filtering and application control, they face a complex key hurdle in managing these product points without integration and lack of visibility. Gartner estimates that by 2019. 80% of company traffic will be encrypted and 50% of attacks targeting companies will be hidden in encrypted traffic to infiltrate the network or extract data, therefore using HTTPS checks is a must.
FortiGate: Next-Generation Firewall News
-
31 Okt 2019
Fortinet’s newest security processor speeds up next-generation, best-selling firewall
FortiGate 60F Sets New Benchmarks for Security, Calculates Ranking, and Produces High Performance for Integrated Security and SD-WAN
-
19 Sep 2019
Fortinet Recognized as Leader in the Gartner Magic Quadrant for Network Firewalls
Mark 10 times in a row that Fortinet is in the Magic Quadrant for Network Firewalls
-
1 Agustus 2019
Fortinet Speeds Up and Secures Cloud On-Ramp with a New Generation of Firewall
Announced today, the new FortiGate Next-Generation Firewalls (NGFW) Next-Generation Firewall, consisting of FortiGate 1100E, FortiGate 2200E and FortiGate 3300E Series. The new e-series FortiGate Next-Generation Firewall allows our customers to design a network driven by security and speed up their on-line. path to the clouds.
FortiGate: Produk Detail Firewall Next Gen
The new generation of FortiGate firewalls offer flexible deployments from the edge of the network to the core, data center, internal segments and the Cloud. FortiGate’s corporate firewall utilizes a specially built security processor (SPU) that provides scalable performance of advanced security services such as Threat Protection, SSL inspection, and very low latency to protect internal segments and mission critical environments.
FortiGate NGFW provides automatic visibility to cloud applications, IoT devices and automatically finds end-to-end topology display of the corporate network. FortiGate is a core part of a validated security and security structure protecting corporate networks from known and unknown attacks.
FortiGate: Next-Generation Firewalls Models and Specifications
FortiGate NGFW is available in many different models to meet your needs ranging from entry-level hardware to ultra-sophisticated devices to meet the most demanding threat protection performance requirements. This ensures that the company’s campus, core data center, or internal segment, FortiGate can enter seamlessly into your environment.
FortiGate: Chassis-based NGFW
| FortiGate 7060E | FortiGate 7030E | ||
| Threat Protection | 80 Gbps | Threat Protection | 35 Gbps |
| SSL Inspection Throughput | 79.9 Gbps | SSL Inspection Throughput | 50 Gbps |
| Network Interfaces | Multiple 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28 | Network Interfaces | Multiple 10 GE SFP+/SFP, 40 GE/100 GE QSFP28 |
| FortiGate 7040E | FortiGate 5001E | ||
| Threat Protection | 40 Gbps | Threat Protection | 13.5 Gbps |
| SSL Inspection Throughput | 50 Gbps | SSL Inspection Throughput | 17 Gbps |
| Network Interfaces | Multiple 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28 | Network Interfaces | 2x 40GE QSFP+, 2x 10GE SFP+, 2x GE RJ45 |
FortiGate: Ultra high-end NGFW
| FortiGate 6300F | FortiGate 6500F | ||
| Threat Protection | 60 Gbps | Threat Protection | 100 Gbps |
| SSL Inspection Throughput | 90 Gbps | SSL Inspection Throughput | 130 Gbps |
| Network Interfaces | Multiple 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45 | Network Interfaces |
Multiple 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45
|
FortiGate: High-end NGFW
| FortiGate 3200D | |||
| Threat Protection | 20 Gbps | Threat Protection | 15 Gbps |
| SSL Inspection Throughput | 32 Gbps | SSL Inspection Throughput | 20 Gbps |
| Network Interfaces | 10x 100GE QSFP28, 16x 10GE SFP+, 2x GE RJ45 | Network Interfaces |
Multiple GE RJ45 and 10 GE SFP+ / GE SFP slots
|
| FortiGate 3960E | FortiGate 3100D | ||
| Threat Protection | 13.5 Gbps | Threat Protection | 13 Gbps |
| SSL Inspection Throughput | 30 Gbps | SSL Inspection Throughput | 22 Gbps |
| Network Interfaces | Multiple 40/100 GE QSFP+/QSFP28, 10 GE SFP+ and GE RJ45 | Network Interfaces |
Multiple 10 GE SFP+ | Multiple GE SFP and GE RJ45
|
| FortiGate 3800D | FortiGate 3000D | ||
| Threat Protection | 13 Gbps | Threat Protection | 13 Gbps |
| SSL Inspection Throughput | 23 Gbps | SSL Inspection Throughput | 19 Gbps |
| Network Interfaces | Multiple 100 GE CFP2, 40 GE QSFP+, 10 GE SFP+ and/or multiple GE SFP/RJ45 depending on variants | Network Interfaces |
Multiple 10 GE SFP+ | Multiple GE SFP and GE RJ45
|
| FortiGate 3700D | FortiGate 2500E | ||
| Threat Protection | 13 Gbps | Threat Protection | 5.4 Gbps |
| SSL Inspection Throughput | 24 Gbps | SSL Inspection Throughput | 11.5 Gbps |
| Network Interfaces | Multiple 40 GE QSFP+, 10 GE SFP+ and GE SFP | Network Interfaces |
10x 10GE SFP+, 2x 10GE SFP+ bypass, 34x GE RJ45
|
| FortiGate 3600E | FortiGate 2200E | ||
| Threat Protection | 30 Gbps | Threat Protection | 11 Gbps |
| SSL Inspection Throughput | 34 Gbps | SSL Throughput Inspection | 17 Gbps |
| Network Interfaces | 6x 100 GE QSFP28, 32x 25 GE SFP28, 2x GE RJ45 | Network Interfaces |
4x 40GE QSFP+, 20x 10GE/25GE SFP+/SFP28, 12x GE RJ45
|
| FortiGate 3400E | FortiGate 2000E | ||
| Threat Protection | 23 Gbps | Threat Protection | 5.4 Gbps |
| SSL Inspection Throughput | 30 Gbps | SSL Inspection Throughput | 12.5 Gbps |
| Network Interfaces | 4x 100 GE QSFP28, 24x 25 GE SFP28, 2x GE RJ45 | Network Interfaces |
6x 10GE SFP+, , 34x GE RJ45
|
| FortiGate 3300E | FortiGate 1500D | ||
| Threat Protection | 17Gbps | Threat Protection | 5 Gbps |
| SSL Throughput Inspection | 21 Gbps | SSL Inspection Throughput | 10.5 Gbps |
| Network Interfaces | 4x 40GE QSFP+, 4x 10GE RJ45, 16x 10GE/25GE SFP+/SFP28, 12x GE RJ45 | Network Interfaces |
8x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
|
| FortiGate 1100E | FortiGate 1200D | ||
| Threat Protection | 7.1 Gbps | Threat Protection | 4 Gbps |
| SSL Throughput Inspection | 10 Gbps | SSL Inspection Throughput | 6 Gbps |
| Network Interfaces | 2x40GE QSFP+, 4x25GE SFP28, 4x10GE SFP+/SFP, 8x1GE SFP, 16xGE RJ45 | Network Interfaces |
4x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
|
| FortiGate 1000D | |||
| Threat Protection | 4 Gbps | ||
| SSL Throughput Inspection | 4 Gbps | ||
| Network Interfaces |
2x 10 GE SFP+, 16x GE SFP, 18x GE RJ45
|
||
FortiGate: Mid-range NGFW
| FortiGate 900D | FortiGate 300E | ||
| Threat Protection | 3 Gbps | Threat Protection | 3 Gbps |
| SSL Inspection Throughput | 4 Gbps | SSL Throughput Inspection | 3.9 Gbps |
| Network Interfaces | Multiple GE RJ45, GE SFP and 10 GE SFP+ slots | Network Interfaces |
Multiple GE RJ45 and GE SFP Slots
|
| FortiGate 800D | FortiGate 200E | ||
| Threat Protection | 3 Gbps | Threat Protection | 1.2 Gbps |
| SSL Inspection Throughput | 4 Gbps | SSL Throughput Inspection | 1 Gbps |
| Network Interfaces | Multiple GE RJ45, GE SFP, 10 GE SFP+ slots and bypass GE RJ45 pairs | Network Interfaces |
Multiple GE RJ45, GE SFP Slots
|
| FortiGate 600E | FortiGate 100F | ||
| Threat Protection | 7Gbps | Threat Protection | 1 Gbps |
| SSL Inspection Throughput | 8 Gbps | SSL Throughput Inspection | 1 Gbps |
| Network Interfaces | Multiple GERJ45, Multiple GE SFP, Multiple 10GE SFP+ | Network Interfaces |
2 x 10GE SFP+ Slots, 18 x GE RJ45 and 8x 1GE SFP and 4x GE RJ45/SFP Shared Media Pairs
|
| FortiGate 500E | FortiGate 100E | ||
| Threat Protection | 4.7 Gbps | Threat Protection | 250 Mbps |
| SSL Inspection Throughput | 5.7 Gbps | SSL Throughput Inspection | 130 Mbps |
| Network Interfaces | Multiple GE RJ45, GE SFP and 10 GE SFP+ Slots | Network Interfaces |
Multiple GE RJ45, GE SFP Slots | PoE/+ Variants
|
| FortiGate 400E | |||
| Threat Protection | 5 Gbps | ||
| SSL Inspection Throughput | 4.8 Gbps | ||
| Network Interfaces |
Multiple GE RJ45 and Multiple GE SFP Slots
|
||
FortiGate: Entry-level NGFW
| FortiGate 80E | FortiGate 40F | ||
| Threat Protection | 250 Mbps | Threat Protection | 600 Mbps |
| SSL Inspection Throughput | 180 Mbps | SSL Throughput Inspection | 310 Mbps |
| Network Interfaces | Multiple GE RJ45 | Varients with internal storage | Variants with PoE/+ interfaces | Network Interfaces |
Multiple GE RJ45 | WiFi Variants
|
| FortiGate 60F | FortiGate 30E | ||
| Threat Protection | 700 Mbps | Threat Protection | 150 Mbps |
| SSL Throughput Inspection | 750 Mbps | SSL Throughput Inspection | 160 Mbps |
| Network Interfaces | Multiple GE RJ45 | Variants with internal storage | Network Interfaces |
Multiple GE RJ45 | WiFi Variants
|
| FortiGate 60E | FortiGate 60D – Rugged | ||
| Threat Protection | 200 Mbps | Threat Protection | 25 Mbps |
| SSL Throughput Inspection | 175 Mbps | SSL Throughput Inspection | 18 Mbps |
| Network Interfaces | Multiple GE RJ45 | WiFi variants | Variants with internal storage | Variants with PoE/+ interfaces | Network Interfaces |
10x GE RJ45
|
| FortiGate 50E | |||
| Threat Protection | 160 Mbps | ||
| SSL Throughput Inspection | 185 Mbps | ||
| Network Interfaces | Multiple GE RJ45 | WiFi Variants | Variants with dual radios | Variants with internal storage | ||
Virtual Machines
| FortiGate-VM00 | FortiGate-VM08, -VM08V | ||
| Throughput | 12 Gbps | Throughput | 33 Gbps |
| vCPU | 1x vCPU core, (up to) 2 GB RAM | vCPU |
8x vCPU cores, (up to) 12 GB RAM
|
| FortiGate-VM01, -VM01V | FortiGate-VM16, -VM16V | ||
| Throughput | 12 Gbps | Throughput | 36 Gbps |
| vCPU | 1x vCPU core, (up to) 2 GB RAM | vCPU |
16x vCPU cores, (up to) 24 GB RAM
|
| FortiGate-VM02, -VM02V | FortiGate-VM32, -VM32V | ||
| Throughput | 15 Gbps | Throughput | 50 Gbps |
| vCPU | 2x vCPU cores, (up to) 4 GB RAM | vCPU |
32x vCPU cores, (up to) 48 GB RAM
|
| FortiGate-VM04, -VM04V | FortiGate-VMUL, -VMULV | ||
| Throughput | 28 Gbps | vCPU |
Unlimited vCPU cores and RAM
|
| vCPU |
4x vCPU cores, (up to) 6 GB RAM
|
||
“V” Series VMs do not include VDOM licenses by default. VDOM licenses can be added separately.
Actual performance may vary depending on the network and system configuration.
Performance metrics were observed using a DELL R740 (CPU Intel Xeon Platinum 8168 2.7 GHz, Intel X710 network adapters), running FOS v5.6.3. Tested with VMware vSphere 6.5 Enterprise Plus. SR-IOV is enabled.
Fortinet Customers and Partners emphasize the value of FortiGate’s Next Generation Firewall proposition in the Gartner Peer Insights Review for Network Firewalls.
FortiGate Next-Generation Firewall offers flexible deployments from the edge of the network to the core, data centers, internal segments, and some clouds, enhancing specially built security processors (SPU) that provide high performance from advanced security services such as threat protection, SSL inspection, IPS without fear of degradation for mission critical environments. FortiGate NGFW provides seamless integration with multiple clouds and enables the safe delivery of business applications and services.
FortiGate NGFW provides automatic and full visibility to all internal segments, applications and network flow to detect and recover any malware and pave the way for consistent security policies regardless of the location of the asset. FortiGate NGFW is the first vendor to offer support for the latest encryption standard called TLS 1.3 which provides a stronger security framework and makes Fortinet customers ready for the future.
FortiGate NGFW has been recognized as a Leader in the Gartner Magic Quadrant for Network Firewalls. This is the 10th time that Fortinet has been recognized in the MQ for Network Firewall.
FortiGate NGFW has received the 6th consecutive “Recommended” ranking in the NSS Labs 2019 NGFW Group Test and continues to get positive feedback from users at Gartner Peer Insights.
This is what some of our customers have said about FortiGate NGFW.
“Fortinet FortiGate is perfect for businesses of any size to protect its internal network”
Software Engineer, Knowledge Specialist, company size – $ 50 million – $ 250 million, Education Industry
“We have two firewalls, one in each data center. They are configured as active-passive. All traffic coming and going past them for the whole organization. This ensures that all packages to and from users are managed and controlled. If you have immediate needs, this is a good horse. We are not on the console every day. Most arrange it and forget it for us. If this is what you need, it’s not a bad solution.”
“Robust CLI Functions, API Integration and Advanced Features”
Security, Security and Risk Management Analyst, company size – $ 50 million – $ 250 million, service industry
“We use Enterprise Firewall in our location around 3+. This product is quite successful in terms of integration in terms of architecture. The API provided by the manufacturer allows very successful integration. Designed with security integration first. We can assign permissions via the role based API. Firewall Next Generation has a firewall feature. This includes advanced features for security. Especially the firewall and integration of our automation tools function smoothly. We succeeded in blocking the intelligence data that we ate in the firewall. Performs very well in high traffic. However, log flow is about an hour behind. The use and management of the product is not too difficult and complex. The functionality and functionality of commands in SIEM include utilities for admins that manage products.”
“Easy Implementation, Simple GUI”
Network Engineer, company size – $ 500 million – $ 1 billion, Manufacturing industry
“We have been using Fortinet Firewall for some time now. We run FortiOS 6.0.4 which performs very well. The GUI is easy to operate and we really like this product. “
“Are You Thinking About a Firewall Solution? No Need to Think Twice for FortiGate ”
Server, Infrastructure and Operations Administrator, company size – $ 50 million – $ 250 million, Health industry
“FortiGate offers several size options to suit any size organization, from small businesses to large companies. License options are also flexible, which allows organizations to choose their level of protection. Options include antivirus, web filtering, DNS filtering, application control, intrusion prevention, anti-spam, web application firewall, and SSL inspection. They also include cloud sandboxes with their offerings. “
“The Most Stable and Versatile Product with Extraordinary Features and Extraordinary Performance”
Project Manager, company size – $ 3 billion – $ 10 billion, construction industry
“If I talk about my overall experience, I would say it is an amazing product that can be implemented easily and is considered an integral part of business. Very helpful in achieving our goals. This gives us an easy way to handle the system. No doubt the most reliable product. He offers exceptional support with his team who efficiently provide quick responses to our questions. “
“Top-Level Performance, Top-Level NGF Firewall Feature”
Security Engineer, Security & Risk Management, company size – $ 50 million – $ 250 million, Service industry
“Next Generation is one of the most successful Firewall products with Firewall features. The antivirus engine is very successful against high-level threats. You can start the automation process by detecting the same threat through logs. It also works in high traffic. When you complete the segmentation correctly, the level of visibility will begin to increase. This product has many capabilities that work, such as SSL inspections and bandwidth settings at the Application level. The product log has official support for many SIEM systems. Syslog sends and sends incoming quality. You can increase awareness in your incident response process by making various warnings about SIEM. “
“Fighting with Cyber Threats with Peace of Mind”
Vice President, in the Financial Industry, company size – $ 10 billion – $ 30 billion, the Financial industry
“After different firewall POCs are available on the market, our network security team found that Fort gate Firewall is the best gadget available. FortiGate This device receives continuous threats and intelligence updates from the FG Labs security service. Intrusion prevention, anti-malware, and, application control and web filtering protect your company from known and unknown advanced attacks. “
Gartner Peer Insights reviews are subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.
Next-Generation Firewall Use Cases
Reducing complexity by consolidating products to save costs is a major concern for many companies. No less important is ensuring secure access to resources from private and public clouds without fear of encrypted malware. Achieving the granular visibility of devices, users, real-time threat information, and automation is very important to ensure that attacks are handled in a timely manner.
Reduce Complexity
Consolidation of products and services to reduce complexity. With industry-leading FortiGuard Labs threat protection and services, you can reduce costs and maximize your return on investment (ROI).
Encrypted Cloud Access
Get comprehensive visibility and policy controls by checking all types of traffic, from clear text to encrypted, and implementing intrusion prevention (IPS) protection systems.
Visibilitas dan Otomasi
Get access to network and security events for contextual visibility, and simplify operations with automated processes.
Intent-based Segmentation Use Cases
Intentional based segmentation enables network operators to create domains or security segments based on business objectives. Intentional based segmentation is the ability to apply threat protection wherever needed, both on-site and in all cloud instances, to reduce risk, achieve compliance, and protect applications that are important to business.
Reduce the Attack Surface
Effectively manage attack vectors with micro, industry-leading threat protection, and FortiGuard Labs services.
Compliance with regulations
Meet compliance and regulatory requirements, such as PCI DSS, PII, HIPPA, and GDPR.
Access Trusted Applications
Improve your security posture by securing business applications and implementing adaptive access controls.
FortiGuard Security Services for FortiGate: Next-Generation Firewalls
FortiGuard
Industry Leading AI-driven Protection and Intelligence
FortiGate next-generation firewalls (NGFWs) are the backbone for a security-driven network. Given the mission-critical role these play in any environment, Fortinet fortifies our leading NGFW’s with best-in-class security, support, and cloud-based automation and management.
Read on to find out how Fortinet subscriptions and services can help you get the most out of your FortiGate NGFW’s:
Effective best-in-class security requires timely, global intelligence combined with fast decision-making and response across all critical vectors. Fortinet offers proven and one of the most certified artificial intelligence-driven protection available in the market today powered by FortiGuard Labs.
For customers implementing FortiGates as NGFWs, here’s how FortiGuard subscriptions can help:
- Application Control: Fortinet boasts one of the largest applications database to safeguard your organization from risky application and allows you visibility and control of applications running in your network
- Intrusion Prevention: Stop unwanted attempts to access your network that target vulnerabilities and configuration gaps. We block over 10 million intrusion attempts per minute.
- Advanced Threats: Stop malicious files and payloads moving into your network with FortiGuard’s leading advanced malware, antivirus, and sandboxing capabilities. We stop over 35,000 malicious files per minute.
FortiCare
World-class Global Support and Professional Services
Mission critical security-driven networks deserve the best support available. FortiCare provides 24×7 support options to help keep your FortiGates up and running. We also have services to help you recover in the rare moments when bigger bumps seem to come out of nowhere such as our Premium RMA options with 4-hour replacements.
Want faster resolution? Choose our Advanced Support option.
Need help to get going with new deployments and integrations? FortiCare can do it, too, with Professional Services and Resident Engineers! Contact Sales to find out how.
- 24×7 Support
- Advanced Support
- Premium RMA
- Professional Service & Resident Engineer
FortiOps
Cloud-based Management, Visibility, and Operations
Delivering world-class security is not all that we do! We can help our customers lower their total cost of ownership (TCO) and simplify day-to-day security operations through our FortiOps services, which provide cloud-based management, visibility, and automation across their Fortinet Security Fabric.
- Centralized Management
- Security Analytics & Event Management
- Visibility & Control for SaaS Applications
- SD-WAN Monitoring
- SD-WAN VPN Overlay
Pro-Tips
- Keep it simple and save some money too! Choose the Unified Protection Bundle for your FortiGates that includes 24×7 FortiCare, all the FortiGuard Services you see here, and more. Therefore, Customers looking to also lower their TCO can add FortiOps options a-la-carte or order the Enterprise Protection Bundle for the most comprehensive and cost-effective protection and operations for their NGFW.
- Don’t forget to add FortiCare Advanced Support and Premium RMA for the fastest way to recover from unexpected bumps. We have global team of experts standing by to assist you and global depots to get you parts fast!
