FortiGate:下一代防火墙概述
FortiGate下一代防火墙产品采用了专用的安全处理芯片(ASIC)并集成了自有的FortiGuard实验室的威胁情报服务,提供业界领先的安全保护功能和包括加密流量在内的超高性能。FortiGate所提供的应用、用户和网络可视化大大降低了安全的复杂度,同时提供安全评级让客户能够遵从安全最佳实践。
安全架构师们考虑的是如何为其企业提供全面的威胁防护,包括入侵防御,Web过滤,反恶意软件和应用程序控制。但同时,单点的安全产品的部署与堆叠,造成了管理与运维方面的障碍,同时缺乏统一的安全视角与安全管理。 Gartner估计,2019年,80%的企业流量是被加密的状态,而50%的针对企业的攻击将隐藏在加密流量中。
FortinGate NGFW 相关新闻:
-
2019年2月6日Fortinet发布NFGW新品:高性能基于意图的内网隔离防御Fortinet宣布推出由FortiGate 3600E,FortiGate 3400E,FortiGate 600E和FortiGate 400E系列NGFW新品,使企业能够在其安全架构中实施基于意图的网络分段与隔离,降低部署成本及复杂性的同时提高威胁防御风险的能力。
-
2018年11月8日FortiGate NGFW连续参与NSS Labs实验的数据中心安全网关测试FortiGate 3200D和FortiGate 6300F在测试中”推荐级“评价。
FortiGate NGFW 产品信息
FortiGate企业防火墙可以应用于部署在不同的场景,提供从网络边界到核心、数据中心、内网到云的安全防护。 FortiGate企业防火墙设计应用了专用的安全处理器(SPU),提供可扩展的高级安全服务的同时不降低性能,保护关键应用的可连续性与高可用性。
FortiGate NGFW加载的FortiOS操作系统,从接入的终端设备、物联网设备、到云的应用,均可以自动发现,并提供可视化,在网络中自动生成从终端到云端的拓扑视图。 FortiGate 设备是Fortinet所倡导的Security Fabric网络安全架构的核心组件,它避免了安全单点部署的局限性与安全性的妥协,保护企业网络免受已知与未知的威胁与攻击。
功能
高性能威胁检测与防御
经测试,卓越的威胁防御和SSL检测性能,防御隐藏在加密流量中的恶意软件攻击。
经过第三方独立认证的安全有效性
经过独立认证和持续的威胁情报更新,对已知和未知攻击的强大保护。
关键应用保护
提供高弹性的网络分段保护与隔离,超低延迟。
自动进行供网络安全风险的持续评估
通过自动化工作流程和审计功能,既缓解了网络安全人员稀缺矛盾的同时保障了合规性。
Fortinet Security Fabric安全架构的扩展
是Fortinet Security Fabric安全架构的核心,同时可与其他安全组件共享威胁情报,形成迅速且自动化的安全响应
部署快且运维简单
提供一致的安全策略 ,通过统一面板管理安全资产,包括物理网络及虚拟网络的资产。
FortiGate NGFW 型号与参数
FortiGate NGFW有多种不同型号,满足用户从入门级硬件设备到超高端设备的部署选择,藉以满足苛刻的网络环境与威胁防护性能要求。 无论是企业园区、数据中心,亦或是内网部署,FortiGate均可以无缝融入您的环境。
机框设备
Threat Protection(威胁检测) |
80 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
100 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28 |
Threat Protection(威胁检测) |
40 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
50 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28 |
Threat Protection(威胁检测) |
35 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
50 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+/SFP, 40 GE/100 GE QSFP28 |
Threat Protection(威胁检测) |
13.5 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
17 Gbps |
Network Interfaces (网络接口) |
2x 40GE QSFP+, 2x 10GE SFP+, 2x GE RJ45 |
更多参数信息及功能,请访问 产品 页面。
超高端设备
Threat Protection(威胁检测) |
60 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
90 Gbps |
Network Interfaces (网络接口) |
多个 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45 |
Threat Protection(威胁检测) |
100 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
130 Gbps |
Network Interfaces (网络接口) |
多个 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45 |
更多参数信息及功能,请访问 产品 页面。
高端设备
Threat Protection(威胁检测) |
20 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
32 Gbps |
Network Interfaces (网络接口) |
10x 100GE QSFP28, 16x 10GE SFP+, 2x GE RJ45 |
Threat Protection(威胁检测) |
13.5 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
30 Gbps |
Network Interfaces (网络接口) |
多个 40/100 GE QSFP+/QSFP28, 10 GE SFP+ and GE RJ45 |
Threat Protection(威胁检测) |
13 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
23 Gbps |
Network Interfaces (网络接口) |
多个 100 GE CFP2, 40 GE QSFP+, 10 GE SFP+ and/or multiple GE SFP/RJ45 depending on variants |
Threat Protection(威胁检测) |
13 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
24 Gbps |
Network Interfaces (网络接口) |
多个 40 GE QSFP+, 10 GE SFP+ and GE SFP |
Threat Protection(威胁检测) |
30 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
34 Gbps |
Network Interfaces (网络接口) |
多个 100 GE, 40 GE QSFP28, multiple 10 GE SFP+/SFP |
Threat Protection(威胁检测)n |
23 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
30 Gbps |
Network Interfaces (网络接口) |
多个 100 GE, 40 GE QSFP28, multiple 10 GE SFP+/SFP |
Threat Protection(威胁检测) |
15 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
20 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45 and 10 GE SFP+ / GE SFP slots |
Threat Protection(威胁检测) |
13 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
22 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+ | Multiple GE SFP and GE RJ45 |
Threat Protection(威胁检测) |
13 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
19 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+ | 多个 GE SFP and GE RJ45 |
Threat Protection(威胁检测) |
5.4 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
11.5 Gbps |
Network Interfaces (网络接口) |
10x 10GE SFP+, 2x 10GE SFP+ bypass, 34x GE RJ45 |
Threat Protection(威胁检测) |
5.4 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
12.5 Gbps |
Network Interfaces (网络接口) |
6x 10GE SFP+, 34x GE RJ45 |
Threat Protection(威胁检测) |
5 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
10.5 Gbps |
Network Interfaces (网络接口) |
8x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45 |
Threat Protection(威胁检测) |
4 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
6 Gbps |
Network Interfaces (网络接口) |
4x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45 |
Threat Protection(威胁检测) |
4 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
4 Gbps |
Network Interfaces (网络接口) |
2x 10 GE SFP+, 16x GE SFP, 18x GE RJ45 |
更多参数信息及功能,请访问 产品 页面。
中端设备
Threat Protection(威胁检测) |
3 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
4 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP and 10 GE SFP+ 插槽 |
Threat Protection(威胁检测) |
3 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
4 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP, 10 GE SFP+ 插槽 and bypass GE RJ45 pairs |
Threat Protection(威胁检测) |
7Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
8 Gbps |
Network Interfaces (网络接口) |
多个 GERJ45, 多个 GE SFP, 多个 10GE SFP+ |
Threat Protection(威胁检测) |
4.7 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
6.8 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP and 10 GE SFP+ 插槽 |
Threat Protection(威胁检测) |
5 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
4.8 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45 and 多个 GE SFP 插槽 |
Threat Protection(威胁检测) |
3 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
6.8 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45 and GE SFP 插槽 |
Threat Protection(威胁检测) |
1.2 Gbps |
SSL Throughput Inspection |
1 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP 插槽 |
Threat Protection(威胁检测) |
250 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
190 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP 插槽 | PoE/+ Variants |
更多参数信息及功能,请访问 产品 页面。
入门级设备
Threat Protection(威胁检测) |
250 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
180 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | 不同型号内存不同 | 不同型号PoE接口数不同 |
Threat Protection(威胁检测) |
200 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
175 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | WiFi variants | 不同型号内存不同 | 不同型号PoE接口数不同 |
Threat Protection(威胁检测) |
160 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
185 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | WiFi Variants | Variants with dual radios | 不同型号内存不同 |
Threat Protection(威胁检测) |
150 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
160 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | WiFi Variants |
Threat Protection(威胁检测) |
25 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
18 Mbps |
Network Interfaces (网络接口) |
10x GE RJ45 |
更多参数信息及功能,请访问 产品 页面。
Throughput (吞吐量) |
12 Gbps |
vCPU |
1x vCPU core, (up to) 2 GB RAM |
Throughput (吞吐量) |
12 Gbps |
vCPU |
1x vCPU core, (up to) 2 GB RAM |
Throughput (吞吐量) |
15 Gbps |
vCPU |
2x vCPU cores, (up to) 4 GB RAM |
Throughput (吞吐量) |
28 Gbps |
vCPU |
4x vCPU cores, (up to) 6 GB RAM |
Throughput (吞吐量) |
33 Gbps |
vCPU |
8x vCPU cores, (up to) 12 GB RAM |
Throughput (吞吐量) |
36 Gbps |
vCPU |
16x vCPU cores, (up to) 24 GB RAM |
Throughput (吞吐量) |
50 Gbps |
vCPU |
32x vCPU cores, (up to) 48 GB RAM |
vCPU |
Unlimited vCPU cores and RAM |
“V” Series VMs do not include VDOM licenses by default. VDOM licenses can be added separately.
Actual performance may vary depending on the network and system configuration.
Performance metrics were observed using a DELL R740 (CPU Intel Xeon Platinum 8168 2.7 GHz, Intel X710 network adapters), running FOS v5.6.3. Tested with VMware vSphere 6.5 Enterprise Plus. SR-IOV is enabled.
下一代防火墙部署场景
通过整合产品以提高投资回报、降低网络与安全部署的复杂性是许多企业最关心的问题。 同样重要的是确保从私有云和公有云安全访问资源,同时不必担心诸如加密恶意软件这样的威胁。 实现设备,用户,实时威胁信息和自动化的精细可见性对于确保及时处理攻击至关重要。
化繁为简
整合产品与服务,降低复杂度。通过行业领先的威胁防护和FortiGuard Labs的服务,用户可以降低成本并最大限度的提高投资回报率(ROI)
加密云接入
通过检查所有类型的流量,从明文到加密,以及实施入侵防御系统(IPS)保护,实现全面的可见性和策
可视化与自动化
获取对网络和安全事件的访问以实现整个过程和场景的可见性,并通过自动化流程简化操作。
基于意图的网络分段部署
基于意图的网络分段允许网络运营者根据业务的意图创建安全域或进行网络分段。 基于意图的分段是在内部和所有云实例中部署威胁防护的能力,降低风险,实现合规性并保护业务关键的应用程序。
缩小攻击面
通过网络分段与微隔离,以及实时的安全服务应用,有效的提高了威胁的响应能力。
受信应用访问
通过确保业务应用和实现自适应的访问控制提高安全状态。
FortiGuard Security Services for FortiGate: Next-Generation Firewalls
FortiGate NGFW receives continuous threat intelligence updates from FortiGuard Labs security services. Intrusion prevention, anti-malware, cloud sand-box, application control and web filtering protects enterprises from known and unknown advanced attacks.
应用控制
可对您的用户正在运行的应用程序获得无可比拟的实时可见性,并轻松执行您可接受的使用策略,从而提供安全性并满足合规要求。通过 FortiGuard 应用控制,您可以快速创建策略来允许、拒绝或限制对应用程序或整个类别的应用程序的访问。
FortiSandbox 云
FortiSandbox 云服务是一个高级威胁检测解决方案,能够执行动态分析来提前识别未知的恶意软件。FortiSandbox 云生成的可执行威胁情报会反馈到防火墙网络安全策略配置中,进行威胁阻断。
Virus Outbreak Protection Service
FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiCloud Sandbox analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.
Content Disarm & Reconstruction
Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.
IP 信誉 & 反僵尸安全服务
FortiGuard IP 信誉服务从 Fortinet 分布式威胁传感器网络、CERT、MITRE、进行合作的竞争对手以及其他全球资源收集恶意来源 IP 数据,合力提供关于敌对来源的最新威胁情报。有来自分布式网络网关近乎实时的情报,再结合 FortiGuard Labs 的世界级研究,组织可得到更安全的保护并对攻击实施主动拦截。
Our Enterprise (ENT) bundle now includes:
- CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
- Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
- Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers.
The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- CASB
- Security Rating
- Industrial Security Service
- FortiCare
The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare
The FortiGuard Advantage:
- FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization.
- Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
- Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare 24*7
| Service | Advanced Threat Protection (ATP) |
Unified Protection (UTM) |
Enterprise Protection (ENT) |
A La Carte Protection |
| Threat Intelligence Service |
✔ |
|||
| Industrial Security Service |
✔ |
✔ |
||
| Security Rating |
✔ |
✔ |
||
| CASB |
✔ |
✔ |
||
| Web Filtering |
✔ | ✔ |
✔ |
|
| Antivirus + Sandboxing |
✔ |
✔ |
✔ |
✔ |
| IPS |
✔ |
✔ |
✔ |
✔ |
| Antispam |
✔ |
✔ |
||
| Internet DB |
✔ |
✔ |
✔ |
|
| IP Reputation |
✔ |
✔ |
✔ | |
| Application Control |
✔ |
✔ |
✔ |
Solution Guides
Case Studies
White Papers
Data Sheets
下一代防火墙
- FortiGate 7000E Series Data Sheet
- FortiGate 5000 Series Data Sheet
- FortiGate 3900E Series Data Sheet
- FortiGate 3800D Series Data Sheet
- FortiGate 3700D Data Sheet
- FortiGate 3200D Data Sheet
- FortiGate 3100D Data Sheet
- FortiGate 3000D Data Sheet
- FortiGate 2500E Data Sheet
- FortiGate 2000E Data Sheet
- FortiGate 1500D Series Data Sheet
- FortiGate 1200D Data Sheet
- FortiGate 1000D Data Sheet
- FortiGate 900D Data Sheet
- FortiGate 800D Data Sheet
- FortiGate 600D Data Sheet
- FortiGate 500E系列 技术参数表
- FortiGate 300E系列 技术参数表
- FortiGate 200E系列 技术参数表
- FortiGate 100E系列 技术参数表
- FortiGate 90E系列 技术参数表
- FortiGate/FortiWiFi 90D-POE Data Sheet
- FortiGate 80E 系列 技术参数表
- FortiGate/FortiWiFi 60E系列 技术参数表
- FortiGate/FortiWiFi 60E-DSL/J Data Sheet
- FortiGate/FortiWiFi 60D-3G4G-VZW Data Sheet
- FortiGate/FortiWiFi 50E系列 技术参数表
- FortiGate/FortiWiFi 30E系列 技术参数表
- FortiGate 30E-3G4G Data Sheet
- FortiGate Rugged Series Data Sheet
- Fortinet Product Matrix
FortiGate: Next-Generation Firewall Demo
FortiGate Next-Generation Firewall Demo
This full working demo lets you explore the many features of our FortiGate Next-Generation Firewall (NGFW). You’ll quickly see how FortiGate allows you to enable threat protection features such as IPS, Web-Filtering, Anti-Malware, Cloud Sand-box and SSL inspection to stop known and unknown threats. FortiGate also provides the full visibility and identifies applications, users and devices to identify issues quickly and intuitively. Be sure to check out our Security Fabric features to provide end to end topology view, security ratings based on the best practices and automation to reduce complexity.
Access the demoNSS Labs NGFW/SSL 2018 SVM and Report
NSS Labs Next Generation Firewall (NGFW) focuses on enterprise edge and internal segments along with growing need of SSL inspection. The Security Value Map (SVM) shows that FortiGate 500E achieved high cumulative blocking rate at 99.3% and the lowest TCO at $2.00 per protected Mbps. FortiGate 500E also received high SSL inspection performance and a very minimal performance degradation based on our purpose-built security processor technology. Fortinet received fifth consecutive NSS Labs NGFW “Recommended” rating showcase the consistency and commitment to customer need.
- NSS Labs 2018 NGFW Security Value Map (SVM)
- NSS Labs 2018 NGFW Test Report – FortiGate 500E
- NSS Labs 2018 SSL/TLS Test Report – FortiGate 500E
NSS Labs NGFW 2018 Comparative Reports
NSS Labs NGFW Comparative reports provide detailed comparison of all 10 participated vendors for security, performance and total cost of ownership (TCO). With these reports, you can compare Fortinet’s outstanding results with Palo Alto Networks, Checkpoint, Cisco and many other vendors. In several areas, Fortinet showcased the best results:
- High SSL Inspection Performance with industry's least performance degradation
- Fortinet delivered 100% block rate for live exploits
- Fortinet showcased highest value among all vendors
- NGFW performance is 30% better than claimed in data sheet
- Fortinet delivered best ultra-low latency across different packet sizes
Security - NGFW Comparative Report
Performance - NGFW Comparative Report
TCO - NGFW Comparative Report
SVM - NGFW Comparative Report
NSS Labs DCIPS 2018 SVM and Report
NSS Labs’ Data Center Intrusion Prevention Systems (DCIPS) focuses on data center environments, especially vulnerabilities commonly found in servers. The Security Value Map (SVM) shows that FortiGate IPS achieved the highest cumulative blocking rate at 98.73% and the lowest TCO at $3 per protected Mbps. Fortinet builds world-class IPS appliances and another “Recommended” IPS rating from NSS Labs proves this.
NSS Labs DCSG 2017 SVM and Report
NSS Labs’ DCSG test is a comprehensive Data Center Security Gateway (DCSG) test, including several tests to measure relevant security effectiveness and Intrusion Prevention (IPS) performance using live exploits including “weaponized” exploits (97.9% and 98% block rate respectively for Fortinet FortiGate 7060E and FortiGate 3000D) and resistance to evasion techniques (100% block rate for Fortinet). The FortiGate 7060E and 3000D both achieved “Recommended” status, with a leading combination of Security Effectiveness and Value per protected Megabit Per Second (Mbps) in the NSS Labs Security Value Map (SVM).
- NSS Labs 2017 DCSG SVM
- NSS Labs 2017 DCSG Test Report FortiGate 3000D
- NSS Labs 2017 DCSG Test Report FortiGate 7060E
NSS Labs NGFW 2017 SVM
FortiGate 3200D and 600D enterprise firewalls both offer a winning combination of security effectiveness, performance, and value, earning Fortinet its fourth consecutive NSS Labs NGFW Recommended rating. Fortinet excelled in continuous live testing, blocking 99.71% of exploits used in active attack campaigns every day and delivered the highest performance scores with 18.5 Gbps throughput and an average latency of 4.6 microseconds, regardless of packet size and including real-world traffic processing.
- NSS Labs NGFW Test Report FortiGate 3200D
- NSS Labs NGFW Test Report FortiGate 600D
- NSS Labs 2017 NGFW Security Value Map SVM
NSS Labs Breach Prevention Systems (BPS) Test 2017
NSS Labs introduced a new group test, BPS focused on detecting and blocking exploits, advanced malware, and evasions. This helps validate the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Security Fabric consisting of FortiSandbox, FortiGate, FortiMail, and FortiClient integrated together, earned a Recommended award by achieving a block rate of 99.6% and offering the lowest 3-year TCO.
NSS Labs NGFW 2016 SVM
NSS Labs’ Next Generation Firewall (NGFW) real-world testing reveals that Fortinet delivers a winning combination of security, network performance, and total cost of ownership (TCO). Fortinet was nearly perfect; scoring 99.6% in overall security effectiveness. The FortiGate 3200D was rated by NSS at 19 Gbps, 37% above its data sheet specifications, with excellent TCO where the value increased based on actual performance compared to the claimed specifications.
NSS Labs 2015 Next Generation IPS Test
In 2015, NSS Labs conducted a group test of next generation IPS solutions to assess their abilities to identify both the applications and the users on their internal networks, protect the enterprise user against threats/exploits, and catch sophisticated attacks while producing as few false positives as possible. Demonstrating 99% effectiveness and superior value, Fortinet FortiGate earned the NSS Labs Recommendation.
FortiGate: Next-Generation Firewall Alliance Partners
For a complete list of all the Alliance partners go to www.fortinet.com/fabricready.
Below is a list of current FortiGate Next-Generation Firewall Alliance Partners:
The leading provider of business-driven security management solutions, AlgoSec helps over 1,500 enterprises align security with their business processes, to make their organizations more agile, secure and compliant.
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
Arista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments.
Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.
FireMon solutions deliver continuous visibility into and control over network security infrastructure, policies, and risk.
Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
- Fortinet – IBM Security AppScan Solution Brief
- Fortinet – IBM Security QRadar Solution Brief
- Fortinet FortiGate and IBM QRadar Deployment Guide
- FortiGate App For IBM QRadar Technical Solution Guide
- Fortinet - IBM Resilient Technical Deployment Guide
- Learn more about the Fortinet-IBM Security Alliance
Nozomi Networks is a leading provider of real-time visibility, advanced monitoring capabilities, and strong security for industrial control networks supporting critical infrastructure. Nozomi has been deployed in some of the largest industrial installations, providing some of the fastest return-on–investment in the industry.
- Solution brief
- Technical Integration Guide
- ICS Security Overview & Integration Video
- Fortinet-Nozomi integration demo
Nuage Networks, a Nokia Corp subsidiary, brings a unique combination of groundbreaking technologies and unmatched networking expertise to the enterprise and telecommunications industries.
Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.
Tufin leads the Security Policy Orchestration market, enabling enterprises to centrally manage, visualize, and control security policies across hybrid cloud and physical network environments.
