Skip to content Skip to navigation Skip to footer

FortiGate: IPS

Comprehensive threat protection with a powerful intrusion prevention system

FortiGate IPS – NSS Labs Recommended Again
web product icon ips

Overview

FortiGate IPS Overview

NSS NGIPS

An intrusion prevention system (IPS) is a critical component of every network’s core security capabilities. It protects against known threats and zero-day attacks including malware and underlying vulnerabilities. Deployed inline as a bump in the wire, many solutions perform deep packet inspection of traffic at wire speed, requiring high throughput and low latency.

Fortinet delivers this technology via the industry-validated and recognized FortiGate platform. FortiGate security processors provide unparalleled high performance, while FortiGuard Labs informs industry-leading threat intelligence, which creates a proven success in protecting from known and zero-day threats. As a key component of the Fortinet Security Fabric, FortiGate IPS secures the entire end-to-end infrastructure without compromising performance.

 

Features and Benefits

 

FortiGuard Labs

Leading threat intelligence

Comprehensive protection against known and zero-day threats, as well as targeted attacks
Virtual Patch

Virtual patching

Protect the network against exploitable vulnerabilities
top rate icon

Industry validated

Independent third-party validation for performance and security effectiveness
icon benefits spu

High performance

Innovative security processor technology provides high-performance network throughput and deep security inspection
icon sandbox

Advanced threat protection

Seamless integration – appliance or cloud service – with world-class sandboxing for advanced threats
Icon security fabric

Security Fabric integration

Integration and automation with Fortinet’s broad product portfolio and partner ecosystem
Data Protection

Encrypted traffic blindspot

Supports the latest ciphers and standards with best-in-class performance

FortiGate IPS Models and Specifications

FortiGate IPS is available in different form factors and models to meet the needs of your environment. All models offer full FortiGate IPS functionality and can be managed across all form factors in a single FortiManager-FortiAnalyzer instance.

View by:

Chassis IPS
IPS吞吐量
120 Gbps
接口
Varied
IPS吞吐量
60 Gbps
接口
Varied
IPS吞吐量
60 Gbps
接口
Varied
IPS吞吐量
18 Gbps
接口
2x 40GE QSFP+, 2x 10GE SFP+, 2x GE RJ45
Ultra high-end IPS
IPS吞吐量
170 Gbps
接口
4x 100GE QSFP28, 24x 25GE SFP28, 3x 10GE SFP+,2x GE RJ45
IPS吞吐量
110 Gbps
接口
4x 100GE QSFP28, 24x 25GE SFP28, 3x 10GE SFP+,2x GE RJ45
High-end IPS
IPS吞吐量
50 Gbps
接口
Multiple 100 GE/40GE QSFP28, multiple 25GE/10 GE SFP28/SFP+, two 10GE SFP+ HA, multiple 1 GE RJ45
IPS吞吐量
32 Gbps
接口
10x 100GE QSFP28,16x 10GE SFP+, 2x GE RJ45
IPS吞吐量
30 Gbps
接口
6x 100GE QSFP28, 16x 10GE SFP+, 2x GE RJ45
IPS吞吐量
30 Gbps
接口
4x 100GE CFP2, 4x 40GE QSFP+ 8x 10GE SFP+, 2x GE RJ45
IPS吞吐量
28 Gbps
接口
4x 40GE QSFP+, 20x 10GE SFP+/GE SFP, 8x SFP+, 2x GE RJ45
IPS吞吐量
55 Gbps
Network Interfaces (网络接口)
6x100GE/40GE QSFP28, 30x10GE SFP/SFP+, 2xGE RJ45
IPS吞吐量
44 Gbps
Network Interfaces (网络接口)
4x100GE/40GE QSFP 28, 22x10GE SFP/SFP+, 2xGE RJ45
IPS吞吐量
TBD
Network Interfaces (网络接口)
4x 40GE QSFP+, 16x 25GE SFP28 / 10GE SFP+, 14x GE RJ45, 4X 10GE RJ45
IPS吞吐量
26 Gbps
接口
48x 10GE SFP+/GE SFP, 2x GE RJ45
IPS吞吐量
22 Gbps
接口
32x 10GE SFP+/GE SFP, 2x GE RJ45
IPS吞吐量
23 Gbps
接口
16x 10GE SFP+/GE SFP, 2x GE RJ45
IPS吞吐量
11.5 Gbps
接口
10x 10GE SFP+, 2x 10GE SFP+ bypass, 34x GE RJ45
IPS吞吐量
TBD
Network Interfaces (网络接口)
4x 40GE QSFP+, 20x 25GE SFP28 / 10GE SFP+, 14x GE RJ45
IPS吞吐量
11.5 Gbps
接口
6x 10GE SFP+, 34x GE RJ45
IPS吞吐量
18 Gbps
Network Interfaces (网络接口)
4x 40GE QSFP+ 12x 25GE SFP28 / 10GE SFP+, 2x 10GE SFP+ HA 8x GE SFP 18x GE RJ45
IPS吞吐量
13 Gbps
接口
8x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
IPS吞吐量
6.8 Gbps
接口
4x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
IPS吞吐量
12.5 Gbps
Network Interfaces (网络接口)
2x40GE QSFP+ 4x25GE SFP28, 4x10GE SFP+/SFP, 8x1GE SFP, 18xGE RJ45
IPS吞吐量
6 Gbps
接口
2x 10 GE SFP+, 16x GE SFP, 18x GE RJ45
Mid-range IPS
IPS吞吐量
4.2 Gbps
接口
2x 10 GE SFP+, 8x GE SFP, 4x GE RJ45 Bypass, 22x GE RJ45
IPS吞吐量
10 Gbps
接口
8x1GE RJ45, 8x1GE SFP, 2x10G SFP+
IPS吞吐量
5.2 Gbps
接口
2x 10 GE SFP+, 10x GE RJ45, 8x GE SFP
IPS吞吐量
7.8 Gbps
接口
16x 1GE RJ45, 16x 1GE SFP
IPS吞吐量
5 Gbps
接口
18x GE RJ45, 16x GE SFP
IPS吞吐量
2.2 Gbps
接口
18x GE RJ45, 4x GE SFP
IPS吞吐量
2.6 Gbps
接口
26 1GE, 4 1GE Shared Media, 2 10GE
Threat Protection(威胁检测)
250 Mbps
SSL Throughput Inspection
130 Mbps
Network Interfaces (网络接口)
Multiple GE RJ45, GE SFP Slots | PoE/+ Variants
FortiAnalyzer
设备/虚拟域(最多)
150
GB 日志/天
100
Collector Sustained Rate (logs/sec)
4500
设备/虚拟域(最多)
200
GB 日志/天
200
Collector Sustained Rate (logs/sec)
9000
设备/虚拟域(最多)
2000
GB 日志/天
600
Collector Sustained Rate (logs/sec)
27000
设备/虚拟域(最多)
2000
GB 日志/天
1000
Collector Sustained Rate (logs/sec)
45000
设备/虚拟域(最多)
4000
GB 日志/天
3000
Collector Sustained Rate (logs/sec)
60000
设备/虚拟域(最多)
10000
GB 日志/天
5000
Collector Sustained Rate (logs/sec)
90000
设备/虚拟域(最多)
10000
GB 日志/天
8300
Collector Sustained Rate (logs/sec)
150000
FortiManager
设备/虚拟域(最多)
30
GB 日志/天
2
存储容量
8 TB
设备/虚拟域(最多)
100
GB 日志/天
2
存储容量
12 TB
设备/虚拟域(最多)
300
GB 日志/天
2
存储容量
24 TB
设备/虚拟域(最多)
1200
GB 日志/天
2
存储容量
36 TB
设备/虚拟域(最多)
4000
GB 日志/天
10
存储容量
48 TB
FortiGate IPS, FortiAnalyzer and FortiManager virtual machines are all supported on VMware vSphere, Citrix Xen Server, Xen, KVM, and Microsoft Hyper-V.

FortiGate IPS
IPS吞吐量
1 Gbps
接口
Up to 10
IPS吞吐量
1.5 Gbps
接口
Up to 10
IPS吞吐量
3 Gbps
接口
Up to 10
IPS吞吐量
6 Gbps
接口
Up to 10
IPS吞吐量
12 Gbps
接口
Up to 10
IPS吞吐量
19 Gbps
接口
Up to 10
FortiAnalyzer IPS
设备/虚拟域(最多)
10000
GB 日志/天
1
存储容量
500 GB
设备/虚拟域(最多)
10000
GB 日志/天
+1
存储容量
+500 GB
设备/虚拟域(最多)
10000
GB 日志/天
+5
存储容量
+3 TB
设备/虚拟域(最多)
10000
GB 日志/天
+25
存储容量
+10 TB
设备/虚拟域(最多)
10000
GB 日志/天
+100
存储容量
+24 TB
设备/虚拟域(最多)
10000
GB 日志/天
+500
存储容量
+48 TB
设备/虚拟域(最多)
10000
GB 日志/天
+2000
存储容量
+100 TB
FortiManager IPS
设备/虚拟域(最多)
10
GB 日志/天
1
存储容量
100 GB
设备/虚拟域(最多)
+10
GB 日志/天
2
存储容量
200 GB
设备/虚拟域(最多)
+100
GB 日志/天
5
存储容量
1 TB
设备/虚拟域(最多)
+1000
GB 日志/天
10
存储容量
4 TB
设备/虚拟域(最多)
+ 5000
GB 日志/天
25
存储容量
8 TB
设备/虚拟域(最多)
+ 10000
GB 日志/天
50
存储容量
16 TB

FortiGate IPS, FortiAnalyzer and FortiManager virtual machines are all available on Amazon Web Services and Microsoft Azure. In addition, FortiGate IPS is also available on Oracle Cloud, IBM Cloud and Google Cloud Platform.

Amazon Web Service

Microsoft Azure

Oracle Cloud

IBM Cloud

Google Cloud Platform

FortiGuard Service for FortiGate IPS

FortiGate IPS is the primary user of the FortiGuard Intrusion Prevention service, but your detection, control and security posture are greatly improved with any combination of the following FortiGuard services, many of which are included in the FortiGuard bundles.

View FortiGuard Labs Services and Bundles.

Effective best-in-class security requires timely, global intelligence combined with fast decision-making and response across all critical vectors. Fortinet offers proven and one of the most certified artificial intelligence-driven protection available in the market today powered by FortiGuard Labs.

For customers implementing FortiGates as NGFWs, here’s how FortiGuard subscriptions can help:

  • Application Control: Fortinet boasts one of the largest applications database to safeguard your organization from risky application and allows you visibility and control of applications running in your network
  • Intrusion Prevention: Stop unwanted attempts to access your network that target vulnerabilities and configuration gaps. We block over 10 million intrusion attempts per minute.
  • Advanced Threats: Stop malicious files and payloads moving into your network with FortiGuard’s leading advanced malware, antivirus, and sandboxing capabilities. We stop over 35,000 malicious files per minute.

FortiGuard

Industry Leading AI-driven Protection and Intelligence

FortiCare

World-class Global Support and Professional Services

Mission critical security-driven networks deserve the best support available.  FortiCare provides 24x7 support options to help keep your FortiGates up and running.  We also have services to help you recover in the rare moments when bigger bumps seem to come out of nowhere such as our Premium RMA options with 4-hour replacements. 

Want faster resolution?  Choose our Advanced Support option.

Need help to get going with new deployments and integrations?  FortiCare can do it, too, with Professional Services and Resident Engineers!  Contact Sales to find out how.

   

FortiGuard Service Bundles for FortiGate

Enterprise Protection Bundle

Protection to address today's advanced threat landscape. It delivers all FortiGuard security services available for the FortiGate including: NGFW Application Control and IPS, Web Filtering, FortiCloud Sandbox, Antivirus, Mobile Security, IP Reputation & Antibotnet, Antispam, and core FortiCare security services with a choice of 8x5 or 24x7 support.

UTM Protection Bundle

Traditional UTM security services including NGFW Application Control and IPS, Web Filtering, Antivirus, Antispam, and core FortiCare security services with a choice of 8x5 or 24x7 support.

Threat Protection Bundle

Core protection technologies including: Application Control, IPS, AV, Botnet IP/Domain and Mobile Malware Service. FortiCare security services include 24x7 support. 

You can find more information here.

FortiGate IPS Resources

View by:

FortiGate IPS Alliance Partners

FortiGate IPS provides integration with many leading IT vendors as part of the Fortinet Security Fabric.  Below is a list of current Product Alliance Partners:

FortiGate IPS: Protect Against Known and Zero-day Threats | Intrusion Prevention System

Fortinet’s FortiGate offers a comprehensive security driven network platform that delivers an industry validated solution to the enterprises. Purpose built for enterprises and designed to deliver superior security efficacy and the industry’s best IPS performance. Powered by the AI/ML driven threat intelligence from FortiGuard Labs.

Watch the video

Features and Benefits

FortiGuard Labs

Leading threat intelligence

Comprehensive protection against known and zero-day threats, as well as targeted attacks
Virtual Patch

Virtual patching

Protect the network against exploitable vulnerabilities
top rate icon

Industry validated

Independent third-party validation for performance and security effectiveness
icon benefits spu

High performance

Innovative security processor technology provides high-performance network throughput and deep security inspection
icon sandbox

Advanced threat protection

Seamless integration – appliance or cloud service – with world-class sandboxing for advanced threats
Icon security fabric

Security Fabric integration

Integration and automation with Fortinet’s broad product portfolio and partner ecosystem
Data Protection

Encrypted traffic blindspot

Supports the latest ciphers and standards with best-in-class performance