下一代防火墙
FortiGate:以更低的复杂性提供业内首屈一指的威胁防护和性能
Gartner 2019 Magic Quadrant for Network Firewalls-
设备
-
虚拟机
-
云

FortiGate:下一代防火墙概述
FortiGate下一代防火墙产品采用了专用的安全处理芯片(ASIC)并集成了自有的FortiGuard实验室的威胁情报服务,提供业界领先的安全保护功能和包括加密流量在内的超高性能。FortiGate所提供的应用、用户和网络可视化大大降低了安全的复杂度,同时提供安全评级让客户能够遵从安全最佳实践。
安全架构师们考虑的是如何为其企业提供全面的威胁防护,包括入侵防御,Web过滤,反恶意软件和应用程序控制。但同时,单点的安全产品的部署与堆叠,造成了管理与运维方面的障碍,同时缺乏统一的安全视角与安全管理。 Gartner估计,2019年,80%的企业流量是被加密的状态,而50%的针对企业的攻击将隐藏在加密流量中。
FortinGate NGFW 相关新闻:
-
2019年2月6日Fortinet发布NFGW新品:高性能基于意图的内网隔离防御Fortinet宣布推出由FortiGate 3600E,FortiGate 3400E,FortiGate 600E和FortiGate 400E系列NGFW新品,使企业能够在其安全架构中实施基于意图的网络分段与隔离,降低部署成本及复杂性的同时提高威胁防御风险的能力。
-
2018年11月8日FortiGate NGFW连续参与NSS Labs实验的数据中心安全网关测试FortiGate 3200D和FortiGate 6300F在测试中”推荐级“评价。
FortiGate NGFW 产品信息
FortiGate企业防火墙可以应用于部署在不同的场景,提供从网络边界到核心、数据中心、内网到云的安全防护。 FortiGate企业防火墙设计应用了专用的安全处理器(SPU),提供可扩展的高级安全服务的同时不降低性能,保护关键应用的可连续性与高可用性。
FortiGate NGFW加载的FortiOS操作系统,从接入的终端设备、物联网设备、到云的应用,均可以自动发现,并提供可视化,在网络中自动生成从终端到云端的拓扑视图。 FortiGate 设备是Fortinet所倡导的Security Fabric网络安全架构的核心组件,它避免了安全单点部署的局限性与安全性的妥协,保护企业网络免受已知与未知的威胁与攻击。
功能
高性能威胁检测与防御
经测试,卓越的威胁防御和SSL检测性能,防御隐藏在加密流量中的恶意软件攻击。
经过第三方独立认证的安全有效性
经过独立认证和持续的威胁情报更新,对已知和未知攻击的强大保护。
关键应用保护
提供高弹性的网络分段保护与隔离,超低延迟。
自动进行供网络安全风险的持续评估
通过自动化工作流程和审计功能,既缓解了网络安全人员稀缺矛盾的同时保障了合规性。
Fortinet Security Fabric安全架构的扩展
是Fortinet Security Fabric安全架构的核心,同时可与其他安全组件共享威胁情报,形成迅速且自动化的安全响应
部署快且运维简单
提供一致的安全策略 ,通过统一面板管理安全资产,包括物理网络及虚拟网络的资产。
FortiGate NGFW 型号与参数
FortiGate NGFW有多种不同型号,满足用户从入门级硬件设备到超高端设备的部署选择,藉以满足苛刻的网络环境与威胁防护性能要求。 无论是企业园区、数据中心,亦或是内网部署,FortiGate均可以无缝融入您的环境。
机框设备
Threat Protection(威胁检测) |
80 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
79.9 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28 |
Threat Protection(威胁检测) |
40 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
50 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28 |
Threat Protection(威胁检测) |
35 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
50 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+/SFP, 40 GE/100 GE QSFP28 |
Threat Protection(威胁检测) |
13.5 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
17 Gbps |
Network Interfaces (网络接口) |
2x 40GE QSFP+, 2x 10GE SFP+, 2x GE RJ45 |
更多参数信息及功能,请访问 产品 页面。
超高端设备
Threat Protection(威胁检测) |
60 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
90 Gbps |
Network Interfaces (网络接口) |
多个 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45 |
Threat Protection(威胁检测) |
100 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
130 Gbps |
Network Interfaces (网络接口) |
多个 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45 |
更多参数信息及功能,请访问 产品 页面。
高端设备
Threat Protection(威胁检测) |
70 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
65 Gbps |
Network Interfaces (网络接口) |
Multiple 100 GE/40GE QSFP28, multiple 25GE/10 GE SFP28/SFP+, two 25G SFP28 / 10GE SFP+ HA, multiple 1 GE RJ45 |
Threat Protection(威胁检测) |
35 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
38 Gbps |
Network Interfaces (网络接口) |
多个 100 GE/40GE QSFP28, 多个 25GE/10 GE SFP28/SFP+, two 10GE SFP+ HA, 多个 1 GE RJ45 |
Threat Protection(威胁检测) |
20 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
32 Gbps |
Network Interfaces (网络接口) |
10x 100GE QSFP28, 16x 10GE SFP+, 2x GE RJ45 |
Threat Protection(威胁检测) |
13.5 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
30 Gbps |
Network Interfaces (网络接口) |
多个 40/100 GE QSFP+/QSFP28, 10 GE SFP+ and GE RJ45 |
Threat Protection(威胁检测) |
13 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
23 Gbps |
Network Interfaces (网络接口) |
多个 100 GE CFP2, 40 GE QSFP+, 10 GE SFP+ and/or multiple GE SFP/RJ45 depending on variants |
Threat Protection(威胁检测) |
13 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
24 Gbps |
Network Interfaces (网络接口) |
多个 40 GE QSFP+, 10 GE SFP+ and GE SFP |
Threat Protection(威胁检测) |
30 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
34 Gbps |
Network Interfaces (网络接口) |
6x 100 GE QSFP28, 32x 25 GE SFP28, 2x GE RJ45 |
Threat Protection(威胁检测)n |
23 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
30 Gbps |
Network Interfaces (网络接口) |
4x 100 GE QSFP28, 24x 25 GE SFP28, 2x GE RJ45 |
Threat Protection(威胁检测) |
15 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
20 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45 and 10 GE SFP+ / GE SFP slots |
Threat Protection(威胁检测) |
13 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
22 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+ | Multiple GE SFP and GE RJ45 |
Threat Protection(威胁检测) |
13 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
19 Gbps |
Network Interfaces (网络接口) |
多个 10 GE SFP+ | 多个 GE SFP and GE RJ45 |
Threat Protection(威胁检测) |
5.4 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
11.5 Gbps |
Network Interfaces (网络接口) |
10x 10GE SFP+, 2x 10GE SFP+ bypass, 34x GE RJ45 |
Threat Protection(威胁检测) |
5.4 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
12.5 Gbps |
Network Interfaces (网络接口) |
6x 10GE SFP+, 34x GE RJ45 |
Threat Protection(威胁检测) |
9.1 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
17 Gbps |
Network Interfaces (网络接口) |
多个 40 GE QSFP+, 多个 25GE, 10 GE SFP28/SFP+, two 10GE SFP+ HA, 多个 1 GE SFP, 多个 1 GE RJ45 |
Threat Protection(威胁检测) |
5 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
10.5 Gbps |
Network Interfaces (网络接口) |
8x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45 |
Threat Protection(威胁检测) |
4 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
6 Gbps |
Network Interfaces (网络接口) |
4x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45 |
Threat Protection(威胁检测) |
4 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
4 Gbps |
Network Interfaces (网络接口) |
2x 10 GE SFP+, 16x GE SFP, 18x GE RJ45 |
更多参数信息及功能,请访问 产品 页面。
中端设备
Threat Protection(威胁检测) |
3 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
4 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP and 10 GE SFP+ 插槽 |
Threat Protection(威胁检测) |
3 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
4 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP, 10 GE SFP+ 插槽 and bypass GE RJ45 pairs |
Threat Protection(威胁检测) |
7Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
8 Gbps |
Network Interfaces (网络接口) |
多个 GERJ45, 多个 GE SFP, 多个 10GE SFP+ |
Threat Protection(威胁检测) |
4.7 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
5.7 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP and 10 GE SFP+ 插槽 |
Threat Protection(威胁检测) |
5 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
4.8 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45 and 多个 GE SFP 插槽 |
Threat Protection(威胁检测) |
3 Gbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
3.9 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45 and GE SFP 插槽 |
Threat Protection(威胁检测) |
1.2 Gbps |
SSL Throughput Inspection |
1 Gbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP 插槽 |
Threat Protection(威胁检测) |
250 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
130 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45, GE SFP 插槽 | PoE/+ Variants |
更多参数信息及功能,请访问 产品 页面。
入门级设备
Threat Protection(威胁检测) |
900 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
715 Mbps |
Network Interfaces (网络接口) |
Multiple GE RJ45, GE SFP Slots, ByPass Variants |
Threat Protection(威胁检测) |
250 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
180 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | 不同型号内存不同 | 不同型号PoE接口数不同 |
Threat Protection(威胁检测) |
700 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
750 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | 不同型号内存不同 |
Threat Protection(威胁检测) |
200 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
175 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | WiFi variants | 不同型号内存不同 | 不同型号PoE接口数不同 |
Threat Protection(威胁检测) |
160 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
185 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | WiFi Variants | Variants with dual radios | 不同型号内存不同 |
Threat Protection(威胁检测) |
600 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
310 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | WiFi Variants |
Threat Protection(威胁检测) |
150 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
160 Mbps |
Network Interfaces (网络接口) |
多个 GE RJ45 | WiFi Variants |
Threat Protection(威胁检测) |
25 Mbps |
SSL Inspection Throughput (SSL 检测吞吐量) |
18 Mbps |
Network Interfaces (网络接口) |
10x GE RJ45 |
更多参数信息及功能,请访问 产品 页面。
Throughput (吞吐量) |
12 Gbps |
vCPU |
1x vCPU core, (up to) 2 GB RAM |
Throughput (吞吐量) |
12 Gbps |
vCPU |
1x vCPU core, (up to) 2 GB RAM |
Throughput (吞吐量) |
15 Gbps |
vCPU |
2x vCPU cores, (up to) 4 GB RAM |
Throughput (吞吐量) |
28 Gbps |
vCPU |
4x vCPU cores, (up to) 6 GB RAM |
Throughput (吞吐量) |
33 Gbps |
vCPU |
8x vCPU cores, (up to) 12 GB RAM |
Throughput (吞吐量) |
36 Gbps |
vCPU |
16x vCPU cores, (up to) 24 GB RAM |
Throughput (吞吐量) |
50 Gbps |
vCPU |
32x vCPU cores, (up to) 48 GB RAM |
vCPU |
Unlimited vCPU cores and RAM |
“V” Series VMs do not include VDOM licenses by default. VDOM licenses can be added separately.
Actual performance may vary depending on the network and system configuration.
Performance metrics were observed using a DELL R740 (CPU Intel Xeon Platinum 8168 2.7 GHz, Intel X710 network adapters), running FOS v5.6.3. Tested with VMware vSphere 6.5 Enterprise Plus. SR-IOV is enabled.
下一代防火墙部署场景
通过整合产品以提高投资回报、降低网络与安全部署的复杂性是许多企业最关心的问题。 同样重要的是确保从私有云和公有云安全访问资源,同时不必担心诸如加密恶意软件这样的威胁。 实现设备,用户,实时威胁信息和自动化的精细可见性对于确保及时处理攻击至关重要。

化繁为简
整合产品与服务,降低复杂度。通过行业领先的威胁防护和FortiGuard Labs的服务,用户可以降低成本并最大限度的提高投资回报率(ROI)

加密云接入
通过检查所有类型的流量,从明文到加密,以及实施入侵防御系统(IPS)保护,实现全面的可见性和策

可视化与自动化
获取对网络和安全事件的访问以实现整个过程和场景的可见性,并通过自动化流程简化操作。
基于意图的网络分段部署
基于意图的网络分段允许网络运营者根据业务的意图创建安全域或进行网络分段。 基于意图的分段是在内部和所有云实例中部署威胁防护的能力,降低风险,实现合规性并保护业务关键的应用程序。

缩小攻击面
通过网络分段与微隔离,以及实时的安全服务应用,有效的提高了威胁的响应能力。

受信应用访问
通过确保业务应用和实现自适应的访问控制提高安全状态。
FortiGuard Security Services for FortiGate: Next-Generation Firewalls
FortiGate NGFW receives continuous threat intelligence updates from FortiGuard Labs security services. Intrusion prevention, anti-malware, cloud sand-box, application control and web filtering protects enterprises from known and unknown advanced attacks.
应用控制
通过实时、全面了解用户正在运行的应用,轻松实施可接受的使用策略,从而提高安全性,并满足合规要求。借助 FortiGuard 应用控制服务,您可以快速创建策略,以允许、拒绝或限制对应用或整个应用类别的访问。
FortiCloud 沙箱
FortiCloud 沙箱服务是一款高级威胁检测解决方案,可执行动态分析,以识别以前未知的恶意软件。FortiCloud 沙箱生成的可执行情报将应用到您网络内的预防控制系统中,从而消除威胁。

病毒爆发防护服务
FortiGuard 病毒爆发防护服务 (VOS) 通过 FortiCloud 沙箱分析填补了杀毒更新之间的空白,可检测并阻止在特征库更新期间发现的恶意软件威胁,以免波及整个组织。操作系统将启动对我们全球威胁情报数据库的实时查阅。

内容消除与重建
内容消除与重建 (CDR) 能够实时清除文件中的所有“活动”内容,并生成干净的文件。所有“活动”内容均被视为可疑内容,并予以删除。CDR 将处理所有传入文件,对其进行解构,并删除所有不符合防火墙策略的元素。
IP 信誉和反僵尸网络
FortiGuard IP 信誉服务能够从威胁传感器、CERT、MITRE、合作友商及其他全球来源组成的 Fortinet 分布式网络中聚合恶意源 IP 数据,这些信息来源将协同提供有关恶意数据源的最新威胁情报。从分布式网络网关获取的近乎实时的情报与 FortiGuard 实验室提供的一流研究成果相结合,可确保组织安全无虞,并助力主动拦截攻击。
Our Enterprise (ENT) bundle now includes:
- CASB - providing visibility, compliance, data security and threat protection for your cloud-based services.
- Industrial Security Service protection – SCADA (supervisory control and data acquisition) and ICS (industrial control systems). These signatures address attacks against critical infrastructure and manufacturing industries, where we are seeing frequent and sophisticated cyberattacks.
- Security Rating Service - this service performs checks against your fabric-enabled network and provides scoring and recommendations to your operation teams. The subsequent scorecard can be used to gauge adherence to various internal and external organizational polices, standards, and regulations requirements, including providing a ranking of your firm against industry peers.
The FortiGuard Enterprise (ENT) Protection bundle is designed to address today’s advanced threat landscape. The Enterprise Bundle consolidates the comprehensive protection needed to protect and defend against all cyberattack channels from the endpoint to the cloud. Including the technologies needed to address today’s challenging OT, compliance, and management concerns. The Enterprise Bundle offers the most comprehensive protection overall. The Enterprise Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- CASB
- Security Rating
- Industrial Security Service
- FortiCare
The FortiGuard Unified Protection Bundle (UTM) is our traditional Unified Threat Management security bundle. The Unified Protection Bundle extends threat protection across the entire digital attack surface, providing industry-leading defense against sophisticated attacks. The UTM bundle has you covered for web and email-based attacks. The UTM bundle delivers the best package available for a unified threat protection offering. The UTM Bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- Web Filtering
- Antispam
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare
The FortiGuard Advantage:
- FortiGuard processes over 69 million websites every hour, providing up-to-the-minute reputation and categorization.
- Prevent malicious downloads and browser hijacking attacks with top-rated web filtering (VBWeb Verified)
- Improved email productivity through superior spam prevention validated with 3rd party independent testing (VBSpam + Verified)
The FortiGuard Advanced Threat Protection (ATP) bundle provides the foundational security needed to protect and defend against known and unknown cyber threats. The Advanced Threat Protection bundle includes:
- NGFW Application Control
- IPS
- Antivirus
- Botnet
- IP/Domain Reputation
- Mobile Security
- FortiSandbox Cloud
- Virus Outbreak Protection
- Content Disarm & Reconstruction
- FortiCare 24*7
Service | Advanced Threat Protection (ATP) |
Unified Protection (UTM) |
Enterprise Protection (ENT) |
A La Carte Protection |
Threat Intelligence Service |
✔ |
|||
Industrial Security Service |
✔ |
✔ |
||
Security Rating |
✔ |
✔ |
||
CASB |
✔ |
✔ |
||
Web Filtering |
✔ | ✔ |
✔ |
|
Antivirus + Sandboxing |
✔ |
✔ |
✔ |
✔ |
IPS |
✔ |
✔ |
✔ |
✔ |
Antispam |
✔ |
✔ |
||
Internet DB |
✔ |
✔ |
✔ |
|
IP Reputation |
✔ |
✔ |
✔ | |
Application Control |
✔ |
✔ |
✔ |
Resources
白皮书
eBooks
实例探究
网络研讨会 & 视频
Fuse Community
技术参数表
下一代防火墙
- FortiGate 7000E 技术参数表
- FortiGate 6000F 技术参数表
- FortiGate 5000E Series Data Sheet
- FortiGate 3900E 技术参数表
- FortiGate 3800D Series Data Sheet
- FortiGate 3700D Series Data Sheet
- FortiGate 3600E 技术参数表
- FortiGate 3400E 技术参数表
- FortiGate 3300E 技术参数表
- FortiGate 3200D Data Sheet
- FortiGate 3100D Data Sheet
- FortiGate 3000D Data Sheet
- FortiGate 2500E 技术参数表
- FortiGate 2200E 技术参数表
- FortiGate 2000E 技术参数表
- FortiGate 1500D 技术参数表
- FortiGate 1200D Series Data Sheet
- FortiGate 1100E 技术参数表
- FortiGate 1000D Series Data Sheet
- FortiGate 900D Series Data Sheet
- FortiGate 800D Series Data Sheet
- FortiGate 600E 技术参数表
- FortiGate 500E系列 技术参数表
- FortiGate 400E 技术参数表
- FortiGate 300E系列 技术参数表
- FortiGate 200E系列 技术参数表
- FortiGate 100F 技术参数表
- FortiGate 100E系列 技术参数表
- FortiGate 80E 系列 技术参数表
- FortiGate 60F 技术参数表
- FortiGate/FortiWiFi 60E系列 技术参数表
- FortiGate/FortiWiFi 60E-DSL Data Sheet
- FortiGate/FortiWiFi 50E系列 技术参数表
- FortiGate/FortiWiFi 30E系列 技术参数表
- FortiGate 30E 3G4G Data Sheet
- FortiGate Rugged 技术参数表
- Fortinet Transceivers Datasheet
- Fortinet Product Matrix
Product Demo
This full working demo lets you explore the many features of our FortiGate Next-Generation Firewall (NGFW). You’ll quickly see how FortiGate allows you to enable threat protection features such as IPS, Web-Filtering, Anti-Malware, Cloud Sand-box and SSL inspection to stop known and unknown threats. FortiGate also provides the full visibility and identifies applications, users and devices to identify issues quickly and intuitively. Be sure to check out our Security Fabric features to provide end to end topology view, security ratings based on the best practices and automation to reduce complexity.
NSS Labs Next Generation Intrusion Prevention Systems (NGIPS) 2019
NSS Labs’ Next Generation Intrusion Prevention Systems (NGIPS) focuses on security effectiveness and TCO for NGIPS solutions across selected vendors tested. The Security Value Map (SVM) shows that FortiGate NGIPS achieved a cumulative blocking rate of 99.18% for FortiGate 100F and the lowest TCO at $2 per protected Mbps. Fortinet builds world-class NGIPS appliances that requires highest possible performance, best of breed security and having another “Recommended” IPS rating from NSS Labs is just another proof point.
NSS Labs 2019 NGFW Group Test Results
With these reports, you can see Fortinet’s NGFW strong performance results that were conducted with new traffic mix (70% HTTPS + 30% HTTP) . Fortinet’s NGFW demonstrated high NGFW/SSL performance and low TCO.
Please review the comparative reports to learn more:
NSS Labs Breach Prevention Systems (BPS) Test 2019
NSS Labs BPS focuses on both detecting and blocking of exploits, advanced malware, and evasions which is critical in reducing the risk of breaches. This test helps emphasize the importance in the automation of the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Breach Protection tested solution consists of FortiSandbox, FortiGate, and FortiClient integrated together, earned a Recommended award by achieving an overall Security Effectiveness of 97.8% and offering the lowest 3-year TCO.
- NSS Labs 2019 BPS Test Report FortiSandbox (AWS), FortiGate, FortiClient
- NSS Labs 2019 BPS Security Value Map (SVM)
NSS Labs NGFW/SSL 2018 SVM and Report
NSS Labs Next Generation Firewall (NGFW) focuses on enterprise edge and internal segments along with growing need of SSL inspection. The Security Value Map (SVM) shows that FortiGate 500E achieved high cumulative blocking rate at 99.3% and the lowest TCO at $2.00 per protected Mbps. FortiGate 500E also received high SSL inspection performance and a very minimal performance degradation based on our purpose-built security processor technology. Fortinet received fifth consecutive NSS Labs NGFW “Recommended” rating showcase the consistency and commitment to customer need.
- NSS Labs 2018 NGFW Security Value Map (SVM)
- NSS Labs 2018 NGFW Test Report – FortiGate 500E
- NSS Labs 2018 SSL/TLS Test Report – FortiGate 500E
NSS Labs NGFW 2018 Comparative Reports
NSS Labs NGFW Comparative reports provide detailed comparison of all 10 participated vendors for security, performance and total cost of ownership (TCO). With these reports, you can compare Fortinet’s outstanding results with Palo Alto Networks, Checkpoint, Cisco and many other vendors. In several areas, Fortinet showcased the best results:
- High SSL Inspection Performance with industry's least performance degradation
- Fortinet delivered 100% block rate for live exploits
- Fortinet showcased highest value among all vendors
- NGFW performance is 30% better than claimed in data sheet
- Fortinet delivered best ultra-low latency across different packet sizes
Security - NGFW Comparative Report
Performance - NGFW Comparative Report
TCO - NGFW Comparative Report
SVM - NGFW Comparative Report
NSS Labs DCIPS 2018 SVM and Report
NSS Labs’ Data Center Intrusion Prevention Systems (DCIPS) focuses on data center environments, especially vulnerabilities commonly found in servers. The Security Value Map (SVM) shows that FortiGate IPS achieved the highest cumulative blocking rate at 98.73% and the lowest TCO at $3 per protected Mbps. Fortinet builds world-class IPS appliances and another “Recommended” IPS rating from NSS Labs proves this.
NSS Labs DCSG 2017 SVM and Report
NSS Labs’ DCSG test is a comprehensive Data Center Security Gateway (DCSG) test, including several tests to measure relevant security effectiveness and Intrusion Prevention (IPS) performance using live exploits including “weaponized” exploits (97.9% and 98% block rate respectively for Fortinet FortiGate 7060E and FortiGate 3000D) and resistance to evasion techniques (100% block rate for Fortinet). The FortiGate 7060E and 3000D both achieved “Recommended” status, with a leading combination of Security Effectiveness and Value per protected Megabit Per Second (Mbps) in the NSS Labs Security Value Map (SVM).
- NSS Labs 2017 DCSG SVM
- NSS Labs 2017 DCSG Test Report FortiGate 3000D
- NSS Labs 2017 DCSG Test Report FortiGate 7060E
NSS Labs NGFW 2017 SVM
FortiGate 3200D and 600D enterprise firewalls both offer a winning combination of security effectiveness, performance, and value, earning Fortinet its fourth consecutive NSS Labs NGFW Recommended rating. Fortinet excelled in continuous live testing, blocking 99.71% of exploits used in active attack campaigns every day and delivered the highest performance scores with 18.5 Gbps throughput and an average latency of 4.6 microseconds, regardless of packet size and including real-world traffic processing.
- NSS Labs NGFW Test Report FortiGate 3200D
- NSS Labs NGFW Test Report FortiGate 600D
- NSS Labs 2017 NGFW Security Value Map SVM
NSS Labs Breach Prevention Systems (BPS) Test 2017
NSS Labs introduced a new group test, BPS focused on detecting and blocking exploits, advanced malware, and evasions. This helps validate the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Security Fabric consisting of FortiSandbox, FortiGate, FortiMail, and FortiClient integrated together, earned a Recommended award by achieving a block rate of 99.6% and offering the lowest 3-year TCO.
NSS Labs NGFW 2016 SVM
NSS Labs’ Next Generation Firewall (NGFW) real-world testing reveals that Fortinet delivers a winning combination of security, network performance, and total cost of ownership (TCO). Fortinet was nearly perfect; scoring 99.6% in overall security effectiveness. The FortiGate 3200D was rated by NSS at 19 Gbps, 37% above its data sheet specifications, with excellent TCO where the value increased based on actual performance compared to the claimed specifications.
NSS Labs 2015 Next Generation IPS Test
In 2015, NSS Labs conducted a group test of next generation IPS solutions to assess their abilities to identify both the applications and the users on their internal networks, protect the enterprise user against threats/exploits, and catch sophisticated attacks while producing as few false positives as possible. Demonstrating 99% effectiveness and superior value, Fortinet FortiGate earned the NSS Labs Recommendation.
FortiGate: Next-Generation Firewall Alliance Partners
For a complete list of all the Alliance partners go to www.fortinet.com/fabricready.
Below is a list of current FortiGate Next-Generation Firewall Alliance Partners:

Acalvio ShadowPlex Autonomous Deception solution provides early detection of advanced threats with precision and speed. Together with Fortinet, Acalvio can automatically quarantine any compromised enterprise hosts based on the deception alerts and user-configurable threat severity levels.

At ADVA Optical Networking, we're creating a new vision for a more connected world. Our award-winning network functions virtualization (NFV) solutions provide our customers with unprecedented choice and flexibility. Our ADVA Ensemble solution suite provides a comprehensive NFV architecture that includes programmable hardware, comprehensive software and end-to-end orchestration solutions.

Advantech helps service providers and enterprises extend the cloud to the IoT edge by providing scalable network platforms that accelerate network transformation. Advantech network appliances and edge servers combined with Fortinet security software offer key foundational building blocks that will form the backbone of the new IoT economy.

Aislelabs is a location analytics and marketing automation platform designed for brick & mortar enterprises across multiple verticals. Aislelabs products, deployed on Fortinet infrastructure, enables end-to-end customer behavioral analytics by not only tracking how customers behave within the space, but also tools to engage them online and offline.

Alcide is a cloud-native security leader with the mission to empower DevOps and security teams to manage application and networking security through the intelligent automation of security policies applied uniformly, regardless of the workload and infrastructure.

The leading provider of business-driven security management solutions, AlgoSec helps over 1,500 enterprises align security with their business processes, to make their organizations more agile, secure and compliant.

As a business unit of Alibaba Group, Alibaba Cloud provides a comprehensive suite of global cloud computing services to power both our international customers’ online businesses and Alibaba Group’s own e-commerce ecosystem.

Altran ranks as the undisputed global leader in Engineering and R&D services. The company offers clients an unmatched value proposition to address their transformation and innovation needs. Altran works alongside its clients, from initial concept through industrialization, to invent the products and services of tomorrow. The Aricent acquisition extends this leadership to semiconductors, digital experience and design innovation.

AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance

Ampere is designing the future of hyperscale cloud computing with its 64-bit designed Arm® server processor architecture. Born-in and built for the cloud with a modern architecture, Ampere gives customers the freedom to accelerate the delivery of the most memory-intensive applications such as artificial intelligence, big data, machine learning and databases in the cloud.

The AppViewX Platform is a modular, low-code software application that enables the automation and orchestration of network infrastructure using an intuitive, context-aware, visual workflow. Together with Fortinet, our combined solution enables SecOps teams to easily translate business requirements into automation workflows that improve agility and enforce compliance.

Aptilo Networks is trusted by 100+ operators for our systems managing wireless data services. Aptilo IoT Connectivity Control Service™, with Aptilo in the control plane and FortiGate in the data plane, allows mobile operators to leave their Mobile Core untouched and create IoT Connectivity services previously considered unthinkable.

Area 1 Security is led by security, artificial intelligence, and data analytics experts who created a preemptive solution to stop phishing, the number one cause of cyber-attacks.

Arista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments.

Arm technology is at the heart of a computing and data revolution that is transforming the way people live and businesses operate. Together with Fortinet, we are at the forefront of designing, securing, and managing all areas of computing from the chip to the cloud.

Array Networks NFV infrastructure is purpose-built for running networking and security virtual appliances, and provides an ideal platform for deploying Fortinet FortiGate next-generation firewall VAs. Array’s solution for Fortinet provides SSL acceleration, consolidation, streamlined instantiation and resource binding that delivers SW agility with HW-like performance.

Asavie is the global leader in network services for mobile networks. Asavie’s solution enables full visibility and control of the data transit across all cellular endpoints enabling enhanced security, increased productivity and ROI across Enterprise mobility, Internet of things and SDWAN.

Asimily is a medical and connected device solution solving for use cases around inventory, cyber-security and operational management. Together Fortinet and Asimily can proactively protect every device on the network to provide comprehensive security management for every connected device.

ATAR Labs builds next-generation SOAR platform ATAR. Together with Fortinet, SOC teams become more agile and respond to complex threats and defend their infrastructure. Automatic processes deployed and orchestrated from ATAR, and enforcement, and detection from Fortinet creates an integrated operation to achieve a secure environment.

Attivo Networks is an award-winning innovator in cyber security defense. As the leader in deception-based threat detection technology, Attivo empowers continuous threat management using dynamic deceptions for the real-time detection, analysis, and accelerated response to cyber incidents.

AudioCodes Ltd. (NasdaqGS: AUDC) is a leading vendor of advanced voice networking and media processing solutions for the digital workplace. AudioCodes and Fortinet enable enterprises and service providers worldwide to build and operate secure and reliable all-IP voice and data networks for unified communications, contact centers and hosted business services.

Auvik’s cloud-based software simplifies and automates network monitoring and management for IT managed service providers. Auvik gives MSPs better visibility, documentation, and monitoring for their client networks, and automates many time-consuming network tasks. With Auvik, MSPs have an efficient and profitable way to manage their client networks. The Auvik and Fortinet integration provides mapping, alerting, and configuration management for Fortinet products.

Aviatrix AVX™ software delivers a multi-cloud networking platform that combines the simplicity and automation expected in cloud with the operational visibility and control enterprises need. Together with Fortinet, enterprise customers are able to easily bring their established next-generation firewall policies to their multi-cloud network.

BackBox is the leading provider for Intelligent Automation for Network and Security devices. BackBox provides real-time inventory, task automation, pre-emptive health checks on critical devices, and is ideal for any organization, multi-tenant sites and service providers.

Bambenek Labs' threat intelligence solution surveil's cybercrime networks in real-time to provide actionable, relevant, and high-fidelity threat intelligence to block threats at the network layer. Together, with Fortinet, you can enrich your network devices and SIEM with high fidelity threat intelligence to provide enhanced protection for your organizations to prevent breaches.

Big Switch Networks is the market leader in bringing hyperscale-inspired data center networking technologies to a broader audience.

Brocade networking solutions help the world's leading organizations turn their networks into platforms for business innovation. With solutions spanning public and private data centers to the wireless network edge, Brocade is leading the industry in its transition to the New IP network infrastructures required for today's era of digital business.

CASQUE multi-factor authentication products do not rely on the secrecy of fixed keys. So there is nothing for a hacker to target or for a corrupt Insider to disclose. This immunity augments the FortiGate’s formidable threat protection features and makes this integration especially appropriate to protect access to the “crown jewels” of the Enterprise.

Centrify is the leader in securing enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile, and on-premises.

Chronicle is an independent company within Alphabet, focused on enterprise cybersecurity. We leverage massive data and compute resources to analyze and fight cyber threats.

Cigent provides straightforward, easy to deploy, and simple to manage software and firmware based solutions that prevent the exfiltration of sensitive data.
Together with Fortinet’s wide threat visibility and detection capabilities, Cigent’s Dynamic Data Defense Engine for Windows (D3E) provides an unprecedented level of live data protection. When Fortinet detects a threat on the endpoint, D3E’s Active Lock technology protects sensitive data by locking access to sensitive files that can only be accessed with a step up authentication.

Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.

Claroty's ICS Security Platform passively protects industrial networks and assets from cyberattack; ensuring safe and continuous operation of the worlds most critical infrastructures without compromising the safety and security of personnel or expensive industrial assets. 2018 S4 ICS Challenge winner!

Cloudify specializes in IT operations automation technology that manages application and network services through open orchestration. The company’s award-winning Cloudify software enhances the velocity and reliability of software deployment, lifecycle management and network functions in cloud-native environments.

CloudMosa web isolation technology safeguards enterprise endpoints against cyber threats by isolating all Internet code execution and web rendering in the cloud and keeps threats like malware, ransomware and malicious links at bay. Together with Fortinet, CloudMosa web isolation solution delivers unmatched security shielding.

Corsa scales security for high capacity networks with Red Armor, a turnkey virtualization platform. The Corsa Red Armor platform is tightly integrated with Fortinet’s FortiGate-VM virtual NGFW to scale traffic inspection capacity seamlessly while maintaining network throughput performance even with full SSL/TLS visibility enabled. This offers unlimited, economical protection for North-South traffic flows at any service provider, enterprise or campus network security zone.

CSPi’s Myricom nVoy Series solution offers customers a new approach to cyber threat identification and investigation – a rapid breach response solution that identifies alerts associated with a specific asset and provides an extraction of the entire set of conversations associated with that breach. This detailed data is crucial in performing timely and accurate analysis needed to comply with data-privacy regulations.

Cyber Observer produces a holistic orchestration & awareness management solution for CISOs, CIOs & senior managers that integrates easily and quickly to provide an unprecedented & comprehensive analysis and visual representation of an enterprise’s entire cybersecurity ecosystem.

CyberArk is the global leader in privileged account security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets.

Cyberhaven automates data loss prevention with real-time surveillance of data movement and full context reporting of user actions to detect and respond to data leaks with 100% accuracy. Together with Fortinet, customers can automatically identify and alert on data leaks.

Coupling CyberMDX detection and identification capabilities with Fortinet, healthcare organizations are equipped with unmatched IoMT & IoT asset visibility, classification and attack-prevention enforcement tools.

CyberX delivers the only IIoT and ICS cybersecurity platform built by blue-team experts with a track record defending critical national infrastructure-and the only platform with patented ICS-aware threat analytics and machine learning. Together with Fortinet, CyberX reduces the time from ICS & IIoT threat detection to prevention.

CyGlass is an AI based SaaS security platform that uses network data to uncover, pinpoint, and respond to advanced cyber threats that have evaded traditional security controls.

Cylus, the global leader in rail cybersecurity, developed a cybersecurity monitoring and threat detection solution designed for railway systems, including signaling, rolling stock, traffic management, and telecom systems. Together with Fortinet, we offer full protection for railway networks with tailored policy rules, asset classification, and centralized management.

The Cynerio-Fortinet joint solution equips healthcare IT security teams with comprehensive security and remediation policies that ensure uninterrupted clinical services. Armed with detailed insights into medical device behavior, impact, and criticality, hospitals can enforce customized cybersecurity policy using ACLs, VLANs, NAC and firewalls.

Cyr3con uses advanced technology to triage threats by combining artificial intelligence and darkweb threat intelligence to predict attacks against the enterprise before they occur. Cyr3con provides this predictive intelligence for synthesis with Fortinet security fabric in order to provide a more proactive cyber defense.

Cyturus delivers cybersecurity business risk quantification services, utilizing a highly integrated cyber risk platform that determines the current state of an organization’s cyber maturity and informs strategic decision making. Together with Fortinet, we identify gaps, measure the associated business risk, prioritize remediation efforts and provide corrective actions to mitigate risk.

D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.

Darktrace is the global leader in cyber AI with its Immune System technology, leveraging AI to fight threats across IoT, operational technology, cloud and SaaS platforms, email applications, and on-premise or remote networks. Together with Fortinet, Immune System technology provides unified and adaptive cloud-native security.

DefendEdge’s SiON, an Employee Threat Management platform, delivers machine learning intelligence to empower customers with enhanced protection against advanced persistent threats in today’s ever-evolving cybersecurity landscape. Together with Fortinet’s Security Fabric, SiON can detect, prevent, respond, and predict end user anomalous or malicious activities.

Delve and Fortinet have teamed up to solve the problem of enterprise vulnerability overload, providing an AI-based solution that automates traditionally labor-intensive VM operations, especially remediation prioritization, meaningfully risk-ranking all your vulnerabilities from 1 to n, so you know what to fix first.

DFLabs IncMan SOAR leverages existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of incidents. Together with Fortinet, IncMan allows joint customers to respond to security incidents in a faster, more informed and efficient manner.

At ElevenPaths, Telefónica Cyber Security Unit, we believe in the idea of challenging the current state of security, an attribute that must always be present in technology. We’re always redefining the relationship between security and people, with the aim of creating innovative security products which can transform the concept of security, thus keeping us one step ahead of attackers, who are increasingly present in our digital life.
- Fortinet-ElevenPaths Metashield for ICAP solution brief
- Fortinet-ElevenPaths Vamps solution brief
- Press Release

empow’s i-SIEM is a next generation SIEM that detects cyberattacks and automatically orchestrates adaptive investigation and mitigation actions in real time, without the need for manual rules. empow digests logs from dozens of security tools, including Fortinet, to provide organizations with the most thorough protection.

Enea develops the software foundation for the connected society. We provide solutions for mobile traffic optimization, subscriber data management, network virtualization, traffic classification, embedded operating systems, and professional services. Solution vendors, systems integrators, and service providers use Enea to create new world-leading networking products and services.

Enable strong authentication for your Fortinet VPN and SIEM solutions with Entrust Datacard Identity. With cloud or on-premises deployment options, Entrust Datacard’s authentication solution integrates with Fortinet FortiGate VPN and FortiSIEM Server Agent using industry-standard protocols (Radius or SAML).

Equinix connects the world’s leading businesses to their customers, employees and partners inside the most-interconnected data centers. On this global platform for digital business, companies come together across five continents to reach everywhere, interconnect everyone and integrate everything they need to create their digital futures.

Ericom secures and connects the digital workspace with innovative solutions that protect endpoints and networks from known and unknown threats and increase enterprise security and productivity by optimizing desktop and application delivery.

ESET®, the leading EU-based endpoint security software and service provider, develops enterprise-grade multilayered technology combining sophisticated machine learning and unparalleled human expertise to incorporate optimum level protection and fully-automated security management. Together, our two solutions offer wholly integrated network & endpoint protection from best of breed vendors.
Both companies intend to work together to plan solution integrations to provide a more secure future for our customers.

Extreme Networks, Inc. delivers software-driven networking solutions that help IT departments everywhere deliver the ultimate business outcome: stronger connections with customers, partners, and employees.

FireMon solutions deliver continuous visibility into and control over network security infrastructure, policies, and risk.

Firesec™ is a Security Analysis and Orchestration platform. It is designed to solve problems of these personas - CISO, Security Consultant, Security Auditor and Network Administrator. It is an automated solution for security configuration analysis and compliance readiness and supports a wide variety of firewalls to help enhance the security of your network and significantly speed up compliance to industry standards.

Flowmon Networks empowers businesses to manage and secure their computer networks confidently. Through high-performance network monitoring technology and lean-forward behavior analytics, IT pros worldwide benefit from absolute network traffic visibility to enhance network & application performance and deal with modern cyber threats. Flowmon complements Fortinet with network behavior analysis on east-west traffic while the integration with Fortinet keeps our mutual customers safe from advanced security threats.

ForeScout Technologies is transforming security through visibility. ForeScout offers a highly scalable, heterogeneous platform that provides Global 2000 enterprises and government agencies with agentless visibility and control of traditional and non-traditional devices, including IoT devices, the instant they connect to the network.

FRIXTEL is an integrator of TIC solutions for Service Providers. FRIXTEL’s strength is advising companies wishing to introduce, promote and sell their products and/or services in Latin America.

Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology. Together with Fortinet, Thales provides advanced security certificate management by the Luna HSM for the encryption and decryption of secure application and session traffic.

Gigamon provides active visibility into physical and virtual network traffic, enabling stronger security, and superior performance.

Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.

Graylog is a leading log management solution for uncovering insights from terabytes of machine data. With Graylog you can easily aggregate, parse, and analyze your Fortinet logs while enriching them, combining it with other security data, and generating alerts.

HashiCorp is the leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, and Nomad are downloaded tens of millions of times each year and are broadly adopted by the Global 2000.

Hewlett Packard Enterprise is an industry-leading technology company that enables customers to go further, faster. With the industry’s most comprehensive portfolio, HPE's technology and services help customers around the world make IT more efficient, more productive, and more secure.

Hughes Network Systems, LLC (HUGHES) provides fully managed networking and digital media solutions to distributed enterprises. Solutions include an award-winning Secure SD-WAN Gateway, Broadband WAN optimization technologies, digital signage and employee communications. With 40 years of experience, companies continue to choose Hughes to help lower costs, improve productivity, expand the business, reduce turnover and provide new technologies that keep them ahead of the competition.

IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
- Fortinet – IBM Security AppScan Solution Brief
- Fortinet – IBM Security QRadar Solution Brief
- Fortinet FortiGate and IBM QRadar Deployment Guide
- FortiGate App For IBM QRadar Technical Solution Guide
- Fortinet - IBM Resilient Technical Deployment Guide
- Fortinet - IBM Cloud Connector Solution Brief
- Fortinet FortiSOAR Connector for IBM QRadar

ID Quantique is the world leader in quantum-safe crypto solutions, designed to protect data for the future.
Combining IDQ’s QKD with FortiGate VPN product line provides immediate protection to data in the face of today’s brute force attacks, ensure that data with a long shelf life is protected against future attacks and safeguard high-value data in a post-quantum computing world.

Together with Fortinet, Idaptive delivers Next-Gen Access through a zero trust approach. Idaptive secures access everywhere by verifying every user, validating their devices, and intelligently limiting their access.

Indeni provides security infrastructure automation with unprecedented visibility, that’s ready to go in minutes. Our production-ready knowledge is curated from vetted, community-sourced experience, to automate Fortinet tasks while integrating with your existing processes. It's certified automation, with control, so you can focus on mission-critical projects that drive new business.

Industrial Defender ASM® solutions deliver cybersecurity, compliance and change management for Industrial Control Systems (ICS). Over the last decade, the organization has successfully developed and delivered a single unified platform to secure and manage heterogeneous control environments for critical infrastructure operations.

Infoblox is leading the way to next-level DDI with its Secure Cloud-Managed Network Services. Infoblox brings next-level security, reliability and automation to cloud and hybrid systems, setting customers on a path to a single pane of glass for network management. Infoblox is a recognized leader with 50 percent market share comprised of 8,000 customers, including 350 of the Fortune 500.

InSync Information Technologies Pvt Ltd is a products & services company focused on network automation solutions for communication service providers and large enterprises. Our trademark product is our vendor agnostic network automations and orchestration platform that automates routine network operations. Together with Fortinet integrations, InSync provides reliable network services automation capabilities to our customers for operational efficiency and superior user experience

Intel invents at the boundaries of technology to make amazing experiences possible for business and society, and for every person on Earth. To learn more about Intel and our technologies, please visit: www.intel.com

Revolutionizing cybersecurity with the first of its kind enterprise threat intelligence and mitigation platform that drives proactive defense by turning tailored threat intelligence into automated security action.

IP Infusion is a leading provider of network disaggregation solutions for telecom and data communications operators. IP Infusion’s Open SD-Edge platform, powered by DANOS Vyatta Edition software from AT&T, provides a uCPE solution to deliver Fortinet’s industry-leading Virtual Network Functions.

Ixia delivers a powerful combination of innovative solutions and trusted insight to support your network and security products, from concept to operation.

Sumo Logic is a pioneer of continuous intelligence, a new category of software, which enables organizations of all sizes to address the data challenges and opportunities presented by digital transformation, modern applications and cloud computing. In addition to supporting a wide spectrum of security use cases, including compliance, Sumo Logic's Cloud SIEM integration with FortiSOAR enables security analysts to streamline workflows and automatically triage alerts—increasing human efficiencies and enabling analysts to focus on higher-value security functions.

With 50,000+ employees and $51B in global sales in 160 countries, Lenovo is a global leader in providing innovative consumer, commercial and data center technologies. Together with Fortinet, we create solutions that extend security from the Communications Service Provider (CoSP) Core Network to the Edge.

Lightspeed Systems has been serving schools since 1999. It’s our mission to protect students by providing IT with the tools it needs to succeed.

LinkShadow Cybersecurity Analytics Platform is a world-leading UEBA and Threat-Hunting Solution Provider. Together with Fortinet, LinkShadow can empower the Security team with cutting-edge Threat Anticipation with Proactive Incident Response, while simultaneously gaining rapid insight into the effectiveness of the existing security investments.

LiveAction’s network performance visualization and analytics solutions provide network professionals the insights needed to easily manage and control end-to-end performance of multi-fabric, multi-vendor, and multi-cloud environments. The LiveAction and Fortinet integration extends network performance visibility and situational awareness to the Fortinet network edge infrastructure.

McAfee is one of the world’s leading independent cybersecurity companies. Inspired by the power of working together, McAfee creates business and consumer solutions that make the world a safer place.

Together, Medigate and Fortinet deliver the deep clinical visibility and cybersecurity intelligence needed to accurately detect real-time threats in healthcare networks and automate effective policy enforcement to keep patient data and operations safe.

NVIDIA pioneered accelerated computing—a supercharged form of computing at the intersection of computer graphics, high-performance computing, and AI. Working together with Fortinet, NVIDIA BlueField-2 DPU provides innovative security solutions at the host and access, providing protection and visibility closest to the application, workload, and data.

Menlo Security delivers security without compromise and helps enterprises achieve digital transformation to leverage the full benefits of the Cloud and deliver 100% protection against web and email threats. The integrated offering enhances employee productivity by providing an “isolate” option for risky and uncategorized websites.

METTCARE leads with a unified and secure digital identity engine, making edge-to-cloud computing impenetrable to intruders. Cybersecurity and privacy are built into the fabric of METTCARE and Fortinet digital transformation with device-IoT-user authentication, business intelligence and risk mitigation. Cyber-resilient organizations depend on METTCARE intelligent-data access, consented-data management and quantum-ready data storage.

Micro Focus is a global software company with 40 years of experience in delivering and supporting enterprise software solutions that help customers innovate faster with lower risk. Our portfolio enables our 20,000 customers to build, operate and secure the applications and IT systems that meet the challenges of change. We are a global software company, committed to enabling customers to both embrace the latest technologies and maximize the value of their IT investments. Everything we do is based on a simple idea: the fastest way to get results from new technology investments is to build on what you have–in essence, bridging the old and the new.
- Fortinet-Micro Focus Fortify WebInspect Solution Brief
- Fortinet-Micro Focus ArcSight ESM Solution brief
- ArcSight Marketplace

Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.

Harnessing Machine Learning, Artificial Intelligence, MistNet’s Autonomous Security Operations solution empowers organizations by detecting and blocking threats in real-time as well as creating a rich record of all user, host and container transactions. The Fortinet/MistNet solution provides the most high-performance and complete threat detection and investigative solution available.

NetDialog is a world leader in network and application performance monitoring. NetDialogs flagship product NetX gives partners and enterprises insight into the performance of their WAN’s and the applications that run over it. Together with Fortinet, NetDialog will deliver advanced monitoring and reporting capabilities allowing enterprises to take better informed IT decisions.

Recognized as the standard in compliance and cybersecurity technology for critical infrastructure industries, Network Perception brings transparency to network configurations. The intuitive platform with off-line network visualization provides in-depth network verification, ensuring regulatory compliance, cyber security, and organizational resilience. Together with Fortinet, Network Perception can increase efficiencies, simplifying workflows and enabling continuous compliance verification.

Niagara Networks complements Fortinet's inline DDoS/IPS/FW/NGFW solutions with our Bypass solution. Our next-generation network visibility solutions are designed to support a wide variety of modules, including fail-safe bypass, I/O ports, taps, data processing and interfaces (up to 100Gb) that can be customized to meet the challenges of creating a robust visibility adaptation layer.

NodeWeaver is a software-defined operating platform that simplifies the deployment, management, and orchestration of edge infrastructure and applications. As distributed compute becomes more critical for operations, these systems must be deployed, managed, maintained, and secured on a mass scale. Together, NodeWeaver and Fortinet provide the foundational operating platform for this distributed computing layer, securely and cost-efficiently.

NoviFlow offers fully programmable networking solutions that can handle complex flows, drive massive throughput, and can scale elegantly. NoviFlow and Fortinet joint solutions accelerate performance and flexibility with on-demand scalability, reduce total solution CAPEX and OPEX and protect TCO.

Nozomi Networks is a leading provider of real-time visibility, advanced monitoring capabilities, and strong security for industrial control networks supporting critical infrastructure. Nozomi has been deployed in some of the largest industrial installations, providing some of the fastest return-on–investment in the industry.
- Solution brief
- Fortinet FortiGate and Nozomi Networks Guardian Deployment Guide
- Fortinet FortiSIEM and Nozomi Networks CMDB Deployment Guide
- ICS Security Overview & Integration Video
- Fortinet-Nozomi integration demo

Nuage Networks, a Nokia Corp subsidiary, brings a unique combination of groundbreaking technologies and unmatched networking expertise to the enterprise and telecommunications industries.

Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform leverages web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.

NXP’s Layerscape series processors, built on Arm® core technology, extend performance to the smallest form factor — leveraging integrated peripherals and acceleration to deliver power- and cost-effective networking solutions. Together, NXP and Fortinet extend the choice of enterprise security solutions for customers.

Okta, the leader in identity and access management, works with best of breed technology partners like Fortinet to enable seamless and secure Zero Trust access.

Open Cloud Factory’s next generation NAC solution, OpenNAC Enterprise, increases security in IT/OT networks via visibility, control, and compliance of all connected assets. Together with Fortinet, OpenNAC Enterprise’s facilitates rich asset information (real-time, centralized CDMD) to automate optimal routing and filtering rules (SD-WAN + NGFW).

OPSWAT is a global cybersecurity company with over 1200 customers focused on critical infrastructure protection through device and content security. Together with Fortinet, OPSWAT prevents corporate damage by eliminating security risks from data and devices coming into and out of an organization.

Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.

Ordr delivers comprehensive proactive protection for the hyper-connected enterprise. The Ordr Systems Control Engine utilizes sophisticated machine learning and artificial intelligence to provide complete visibility and exhaustive control over every class of connected device and system.

RAM2 - OTORIO's Industrial-SOAR platform, designed for automation personnel operations and collaboration with the SOC's cyber experts. RAM2 offers centralized, simplified and automated industrial cyber risk preparedness and management solution. Based on attack vectors simulations and business impact risk engine the RAM2 provides smart mitigations to the operational environment and manufacturing processes.

Network security is about trust. Trust in the assurance, expertise, and guidance to understand your requirements, identify the right solution, and support you from start to finish. Owl hardware-enforced cybersecurity and professional services, with Fortinet’s network and cloud security software, create a trusted, hardened barrier for your digital assets.

Picus Security offers continuous security validation as the most proactive approach to ensure cyber-resilience. The Picus platform measures the effectiveness of defenses by using emerging threat samples in production environments, providing the insight required to build the right security strategy to better manage complex operations.

Pluribus Networks provides data center solutions that allow your business to run unconstrained.

Pulse Secure enables seamless access to resources by combining visibility, authentication and context-based access control. This solution with Fortinet extends perimeter protection to all devices visible to the Secure Access solution while allowing access controls to respond to threat intelligence gathered by the Fortinet platform.

Together with Fortinet, Quantum Xchange’s Phio TX quantum-safe key distribution system can future-proof FortiGate high-end appliances and VMS for the quantum threat. Phio TX provides multiple types of quantum encryption to allow for crypto agile, long-term security for critical data transported over VPNs.

RAD is a global Telecom Access solutions and products vendor, at the forefront of pioneering technologies. For critical infrastructure, our Service Assured Networking solutions include best-of-breed products for cyber-secure industrial IoT (IIoT) backhaul with edge/fog computing and seamless migration to modern packet-switched OT WANs.

Radiflow provides cybersecurity solutions and services for critical business operations, with standards-compliant (IEC62443, NERC-CIP, NIS-D) tools for handling the entire security lifecycle. The Fortinet-Radiflow solution utilizes the Fortinet FortiGate NGFW for protecting OT assets, with security policy rules for new devices attempting to connect to the OT network.

Together with Fortinet, RangeForce provides CyberSkills Simulation Training & Cyber Range Solutions, helping enterprises assess their Security, IT, and DevOps teams' skills, learn through adaptive learning paths, and transform their organizations for true cyber resiliency.

Rapid7 is advancing security with visibility, analytics, and automation delivered through our Insight cloud. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks.

Red Hat® Ansible® Automation Platform is the foundation for building and operating automation services at scale, providing enterprises a composable, collaborative, and trusted execution environment. Ansible helps enable the automated management of Fortinet’s flagship enterprise firewall, FortiGate, integrating it into customer’s IT automation strategies.

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprises to be resilient to cyber-events across public cloud, private cloud and physical network environments. RedSeal helps customers understand their network from the inside out – providing actionable intelligence, situational awareness and a Digital Resilience Score to help enterprises measure and improve their resilience.

The Refactr DevSecOps automation platform is an all-in-one solution for designing and executing secure automation pipelines that include infrastructure delivery, application configuration, and security actions. Customers can quickly deploy Fortinet’s solutions through pre-built pipelines and leverage existing Fortinet automation content built with open DevOps and security automation tools.

Restorepoint’s solutions help organisations and service providers reduce cost, manage unforeseen risks, and to accelerate change management across their multi-vendor network infrastructures. Using our cost-effective products, customers can quickly automate Network Outage Protection, Compliance Auditing, and Privileged Access Management and to simplify Bulk Change Management.

A global leader in secure real time communications providing software, cloud and network infrastructure solutions to Communications Service Providers and Enterprises.
- Solution Brief - Fortinet FortiGate and Ribbon's SBC Platform
- Solution Brief - Fortinet FortiGate and Ribbon's Muse Cyber Security Suite

RingCentral is a leading provider of global enterprise cloud communications, collaboration, and contact center solutions. The RingCentral platform empowers employees to work from anywhere and on any device using Message, Video or Phone. RingCentral and Fortinet integrations enable secure and massively resilient collaborative communications services.

Rubrik delivers a single platform to manage and protect data in the cloud, at the edge, and on-premises. Enterprises choose Rubrik’s Cloud Data Management software to simplify backup and recovery, accelerate cloud adoption, and enable automation at scale.

SAASPASS offers full stack identity and access management with multi-factor authentication, single sign-on, enterprise password management, and endpoint security all combined in one product. Together, Fortinet and SAASPASS serve as secure gatekeepers to the network.

Saasyan creates open, cloud-enabled software to help Australian K-12 schools fulfill their duty of care to students, and operate more efficiently. Together, Fortinet and Saasyan enable schools to have cutting-edge network security and best of breed pastoral care tools to ensure their students’ cyber-welfare.

Safetica Technologies delivers data protection solution for business. Safetica DLP (Data Loss Prevention) prevents companies from data breaches, teaches employees to care about sensitive data and makes data protection regulations easy to comply. Safetica integration with Fortinet technologies gives companies a powerful tool to secure all its´ data, no matter where it resides or flows.

SCADAfence provides threat protection, risk management and visibility solutions for industrial OT networks. Combining SCADAfence’s dedicated solutions for OT networks with Fortinet’s Security Fabric, allows industrial organizations to effectively enforce security policies, improve incident response and extend their visibility from IT to OT.

Seclore offers the first, fully browser-based Data-Centric Security Platform, providing organizations the agility to utilize best-of-breed solutions to discover, identify, protect, and track the usage of data wherever it goes. 6000+ companies in 29 countries achieve their data security, governance, and compliance objectives with Seclore.

Seclytics uses Science to predict where attacks will originate - on average 51 days before they strike - with over 97% accuracy and <.01 false positives. Together with Fortinet, we are able to report on and prevent attacks before adversaries strike.

SentinelOne is shaping the future of endpoint security with an integrated platform that unifies the detection, prevention and remediation of threats initiated by nation states, terrorists, and organized crime. SentinelOne’s unique approach is based on deep inspection of all system processes combined with innovative machine learning to quickly isolate malicious behaviors, protecting devices against advanced, targeted threats in real time.

ServiceNow makes work better. Our applications automate, predict, digitize and optimize business processes across IT, Customer Service, Security Operations, HR and more, for a better enterprise experience.

Siemens is a global powerhouse focusing on the areas of electrification, automation and digitalization.

Siemplify combines security orchestration and automation with patented contextual investigation and case management to deliver intuitive, consistent and measurable security operations processes. The Siemplify integration with Fortinet Security Fabric empowers organizations to triage, investigate and respond to threats quickly and effectively.

Skybox arms security leaders with a powerful set of integrated security solutions that give unprecedented visibility of the attack surface and key Indicators of Exposure (IOEs), such as exploitable attack vectors, hot spots of vulnerabilities, network security misconfigurations, and risky firewall access rules.

SmartHive allows organizations to learn from each other in realtime and anonymously. An Attack on one is Defense for all.

Spirent’s CyberFlood Data Breach Assessment emulates attack, malware, and DLP scenarios to continually validate security policies and effectiveness in production networks. Together with Fortinet, Spirent provides users visibility into actual breach events and provides specific remediation recommendations to harden security policies in production networks.

Splunk Inc. is the market-leading platform that powers Operational Intelligence.

Symantec Corporation (NASDAQ:SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. The partnership with Fortinet combines Symantec’s endpoint protection leadership with Fortinet’s best-in-class network security and Fabric integration to deliver unparalleled security protection.
- Solution brief
- Technical Deployment Guide
- Press Release on partnership
- Fabric Connector Technical Guide

Syncurity’s award-winning and patent-pending IR-Flow® SOAR platform reduces cyber risk by accelerating security operations processes, people and technology. Together with Fortinet, Syncurity reduces the time to detect, contain and remediate cyber risks leveraging standards-based APIs for alert enrichment, detailed investigation and automated incident response.

SYSCOM, established in 1975 and going public in 2001, continues leading Taiwan's system integration and e-commerce industry with innovative solutions. SYSCOM specializes in providing comprehensive solutions for financial institutions, high-tech manufacturers, the public sector, securities companies, healthcare and medical industries, telecommunications, and educational institutions.

Telco Systems delivers an industry-leading portfolio of SDN/NFV, Carrier Ethernet and MPLS-based demarcation, aggregation and edge solutions, enabling service providers to create intelligent, service-assured, CE 2.0-compliant networks for mobile backhaul, business services and cloud networking.

TelcoBridges’ FreeSBC virtual session border controller protects networks from DoS and DDoS attacks while offering outstanding traffic management and session handling performance.

Tenable®, Inc. is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform.

Designed by analysts but built for the entire team, ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform.

ThreatQuotient’s mission is to improve the efficiency and effectiveness of security operations through a threat-centric platform. Together with Fortinet, network defenders can make intelligence actionable by exporting data from ThreatQ into FortiGate firewalls to provide protection on the wire.

TokenEx secures the world’s most sensitive data from attack. Together with Fortinet’s Security Fabric, the TokenEx cloud data protection platform identifies and secures all sensitive data and enables seamless compliance with any data regulatory requirements including CCPA, GDPR, HIPPA, NACHA and PCI.

TrapX Security is the pioneer and global leader in cyber deception technology. Their DeceptionGrid solution rapidly detects, deceives, and defeats advanced cyberattacks and human attackers in real-time. DeceptionGrid also provides automated, highly accurate insight into malicious activity unseen by other types of cyber defenses.

TriagingX provides automation of endpoint forensics, cutting advanced threat hunting time from hours to minutes. TXHunter analyzes Fortinet firewall log data and automatically launches forensic investigation on alerted endpoints. TXHunter enables FortiSIEM users to investigate sophisticated threats without leaving the platform. It's fast, efficient, and effective.

Most businesses rely on mission-critical applications—whether on-premise or in the cloud—to run daily operations. Hybrid data centers with workloads running on-premises, multiple infrastructure-as-a-service (IaaS) providers, and containers only complicate application security. TrueFort provides real-time visibility, behavior analytics, and automated controls to monitor and manage network, OS, software, and identity to understand and better protect your applications.

Tufin leads the Security Policy Orchestration market, enabling enterprises to centrally manage, visualize, and control security policies across hybrid cloud and physical network environments.

UBiqube is a vendor-agnostic provider of end-to-end network and security orchestration solutions. UBiqube’s MSActivator™ is a multi-tenant software framework enabling the design, automation, and management of services over hybrid communication infrastructures (SDN/NFV/IoT).

Vectra AI is the leading Cloud & Network Detection and Response (NDR) for your network, cloud, datacenter and SaaS applications. The Vectra platform blends security research with data science. Together with Fortinet, Vectra will automatically find and stop advanced attacks before they cause damage.

The Venafi Platform delivers protection and security for large numbers of highly complex machine identities; providing visibility, intelligence, and automation of TLS certificates.
Together with Venafi, Fortinet has current machine identities to inspect traffic and enable organizations to successfully detect threats hiding in encrypted traffic.

VMware is a global leader in cloud infrastructure and business mobility.
- NSX solution brief
- NFV solution brief
- NSX-T solution brief
- Carbon Black Solution brief
- Carbon Black Technical Integration Guide
- Carbon Black Solution Video

Wandera’s mobile security suite provides multi-level protection against cyber threats for users, endpoints, and corporate applications. Customers taking advantage of the technical alliance between Fortinet and Wandera can enforce policies that are consistent on both sides of the perimeter.

Together with Fortinet, Welotec provides a rugged and reliable computing platform to run OT applications like FortiGate NGFW, substation gateway, HMI, SCADA, and engineering workstation. This reduces the complexity in IEC 61850 transmission and distribution substations and increases cybersecurity in OT networks.

Wind River®, a wholly owned subsidiary of Intel Corporation, is the world leader in embedded software solutions for the telecommunications and communications industries. Wind River offers a comprehensive, end-to-end portfolio of solutions ideally suited to address the emerging needs of NFV and IoT; from the secure and managed intelligent devices at the edge, to the gateway, into the critical network infrastructure, and up into the cloud.

Together with Fortinet, Xona provides a comprehensive zero-trust user access platform for Operational Technology (OT). Xona enables operators to efficiently and securely operate critical infrastructure systems and applications from a remote environment anywhere in the world while also meeting stringent compliance mandates.

Zadara has integrated with Fortinet to simplify provisioning and deployment of clouds along with increasing their security. Fortinet’s equipment guards access to Zadara clouds at deployments worldwide, including public clouds, hybrid and on-premises systems in a variety of data centers.

Zentera’s CoIP™ (Cloud over IP) Platform creates a unified zero trust network to secure on-prem and cloud environments. The zero trust network contains and protects sensitive cross-domain applications, such as hybrid cloud and IT/OT environments, enabling application segmentation without changing existing network and security infrastructure.

The vision of a world without downtime is finally here. ZeroDown is delivering the peace of mind to CIOs and CTOs around the world to sleep well, knowing ZeroDown has their critical applications secure and available at a fraction of the cost of traditional disaster recovery and high availability systems.