Industry Trends

Securing the New Enterprise

By Bill McGee | April 25, 2016

Organizations are undergoing dramatic change, driven by their transformation to a digital business model and the resulting exponential increase in data, devices, users, applications, and transactions flooding their networks through the cloud. Managing, processing, and servicing this information is business critical, and it is putting a huge strain on budgets and IT resources.

Of course, changes like this also exponentially expand the attack surface that needs to be protected. There are more targets than ever, and cybercriminals are developing new, sophisticated attacks to exploit these often unprotected attack vectors. So it is more critical than ever that data, applications, transactions, and devices moving into and out of the distributed network are inspected, authenticated, and secured from cybercriminals and malware.

But at the same time, security teams are having to overcome the performance limitations inherent in most firewall solutions - especially when enabling essential advanced security features like IPS, sandboxing, or SSL decryption. Far too often, they are forced to choose between providing essential security inspections and preserving the performance of their networks.

Organizations should never have to choose between security and doing business.

Which is why Fortinet has announced the expansion of their high-end security offerings with the FortiGate 6040E enterprise firewall. This is the first in a series of ultra-high performance enterprise firewalls, delivering unprecedented performance, effortless scale, and superior security so large enterprises don’t have to choose between security features and network disruption.

Built on an innovative new processing architecture that leverages Fortinet’s just announced CP9 ASIC technology, the FortiGate 6040E has overcome the performance limitations of current large enterprise next-generation firewall solutions by delivering advanced security processing at ultra-high speeds. It utilizes powerful dual CPUs running in parallel to Fortinet’s next-generation, purpose-built content and network processors that offload and accelerate security inspection performance. Combined with intuitive and intelligent controls, the FortiGate 6040E delivers unprecedented security and network performance in a deceptively compact form-factor.

FortiGate 6040E Technical Highlights:

  • Hybrid Architecture: The new FG 6040E combines dual high-performance CPUs with custom-built security ASICs, which means that advanced NGFW functionality, including inspection and enforcement technologies, can be applied while maintaining critical throughput levels and high availability.
  • Performance: The FortiGate 6040E is designed to provide 320 Gbps of enterprise firewall performance, and over 80 Gbps with all Next-Generation Firewall security features enabled.
  • Redesigned Management Interface: The 6040E’s intuitive graphical interface simplifies management and policy orchestration while expanding visibility and reporting capabilities
  • Advanced Content Security Processing: The FortiGate 6040E features the new FortiASIC CP9 next-generation Content Processor, delivering the deep inspection of critical data that today’s sophisticated threats require – including the fastest full SSL decryption and largest number of connections per second in the industry.
  • Small Form Factor: Intelligent networking, security, processing, and management capabilities are all efficiently integrated within a small form-factor chassis.
  • Configuration Flexibility: Organizations can choose between six different configurations to meet their specific technical requirements, including an array of 10 GbE, 40 GbE, and 100 GbE I/O interfaces.

Solving Today’s Enterprise Firewall Challenges:

The New FortiASIC CP9 Content Processor

Yesterday’s innovation has been outpaced by today’s demand and tomorrow’s growth. Even today’s latest “next-gen” firewalls can’t keep up.

The reason is that they are dependent on software to process high-demand security functions, such as SSL decryption or IPS, through a general-purpose CPU that was never designed for this level of processing. This limitation often creates security gaps as organizations are forced to compromise security features or buy additional expensive appliances to compensate for massive network performance bottlenecks.

Fortinet has overcome these challenges with their latest generation of FortiASIC security processors. Optimized to offload and rapidly process security-specific workloads, these purpose-built security ASICs deliver silicon-accelerated performance to meet today’s growing traffic demands, as well as to implement advanced security strategies like the inspection of encrypted traffic or internal segmentation at the core of the infrastructure.

FortiASIC’s CP9 Content Processor has been redesigned to provide the fastest full SSL decryption, and largest number of connections per second in the industry. It provides deep content inspection at record speeds, something most firewalls fail to do efficiently or cot-effectively.

This processor is part of Fortinet’s award-winning parallel path processing architecture that offloads critical CPU-intensive security functions to hardware designed specifically for security inspection, rather than to off-the-shelf general-purpose hardware - which is where most firewall solutions fail to deliver the performance today’s enterprises require. This allows content and network processors to work in parallel with general-purpose CPUs to ensure that a network’s function, performance, and scalability are not limited by the hardware securing them.

Solutions for Enterprises of Every Size:

New FortiGate 2000 series Enterprise Firewalls

Fortinet has also announced the introduction of two new FortiGate 2000 series enterprise firewalls – the FortiGate 2000E and 2500E – which also feature the new FortiASIC CP9 for uncompromised security performance. These new firewalls have been designed for the enterprise looking to protect the Internet and data center edge with higher NGFW and SSL inspection capabilities and performance along with increased VPN capabilities, deep content inspection, and advanced application controls. They are also ideal as high-performance, dynamic internal segmentation firewalls to tighten core security combined with increased visibility and control across the infrastructure.


Until now, organizations were faced with the dilemma of leaving themselves vulnerable to attacks, or spending huge sums of money to rack and stack expensive security devices to try and keep up with demand. That’s because increasing network demands have already outpaced the capacity most legacy security technologies, even including advanced next-generation firewalls. Not only are threats more sophisticated, they are buried in a landslide of data that these security solutions were simply never designed to manage.

And the challenge is only going to get worse, as organizations anticipate the introduction of billions of new IoT devices and an estimated twenty-six IP-enabled devices per person just by 2020.

Fortinet continues to deliver highly integrated security solutions, like the FG 6040E, based on innovative design and cutting-edge hardware, that deliver the advanced security and high-performance that today’s digital businesses require, at a cost-effective price point no other vendors can match.