Fortinet's FortiGate Antivirus Firewall Products Awarded U.S. and Canadian Government FIPS Security Certification

SUNNYVALE, Calif., Nov 4, 2004 - Fortinet, Inc., the confirmed market leader in Unified Threat Management and only provider of ASIC-accelerated network-based antivirus firewall systems for real-time network protection, today announced that its FortiGate™-300, 400, 500, 800, 3000 and 3600 integrated network security systems have received Federal Information Processing Standard (FIPS) 140-2 security validation. This coveted certification, from the National Institute of Standards and Technology of the United States of America and the Communications Security Establishment of the Government of Canada, is garnered after products successfully pass a long and rigorous testing to become qualified for use in protecting sensitive data belonging to government agencies.

Considered the benchmark for security within government departments and agencies, the FIPS 140-2 certification assures U.S. and Canadian government customers, systems integrators and resellers that Fortinet's FortiGate systems provide the highest level of protection for sensitive information and comply with strict government security regulations. FortiGate Antivirus Firewall systems are ideal for both large and small government environments, especially those affected by HIPAA regulations, the Sarbanes-Oxley Act and other initiatives designed to guard personal information. FIPS certification also benefits Fortinet resellers selling into the government, as they can now deliver a wide-range of cost-effective network security platforms products that have been tested and validated for use in government environments.

The six FortiGate products, tested by the Cryptographic Module Testing accredited laboratory, passed the following 11 required criteria relating to the secure design and implementation of a cryptographic module:

• Cryptographic Module Specification
• Roles, Services, and Authentication
• Physical Security
• EMI/EMC
• Design Assurance
• Cryptographic Module Ports and Interfaces
• Finite State Model
• Cryptographic Key Management
• Self-Tests
• Mitigation of Other Attacks

"As network threats continue to intensify and government and other entities increasingly rely on Information Technology to store and transfer information, it is imperative that advanced and proven security tools are utilized," said Richard Hanke, vice president of product management for Fortinet. "Fortinet's FortiGate Antivirus Firewalls uniquely provide complete protection at the network edge to shield government and corporate data from attacks. FIPS certification validates this and provides peace of mind to government customers, systems integrators and resellers that our products have passed rigorous tests to be proven effective for even the most demanding environments."

Fortinet's award winning ASIC-accelerated FortiGate Antivirus Firewalls deliver real-time complete content protection through the integration of a broad range of security functions -- including antivirus, firewall, virtual private networking (VPN), intrusion detection and prevention, content filtering, traffic shaping, and anti-spam. All of Fortinet's FortiGate systems are ICSA-certified, easy to manage and provide cost-effective network-level and content-level protection at the network edge. FortiGate systems are kept up to date automatically through Fortinet's FortiProtect™ Network, which delivers continuous and automatic "push" updates that ensure protection against the latest viruses, worms, Trojans, and other threats - around the clock, and around the world.

About Fortinet (www.fortinet.com)
Fortinet is the confirmed leader of the Unified Threat Management market. The company's award-winning FortiGate™ series of ASIC-accelerated antivirus firewalls, winner of the 2004 Security Product of the Year Award from Network Computing Magazine and the 2003 Networking Industry Awards Firewall Product of the Year, are the new generation of real-time network protection systems. They detect and eliminate the most damaging, content-based threats from e-mail and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance. FortiGate systems are the only security products that are quadruple-certified by the ICSA (antivirus, firewall, IPSec, NIDS), and deliver a full range of network-level and application-level services in integrated, easily managed platforms. Named to the Red Herring Top 100 Private Companies, Fortinet is privately held and based in Sunnyvale, California.