FortiGate: Next Generation Firewall (NGFW)

Die FortiGate Next Generation Firewalls nutzen spezielle Security-Prozessoren und Threat Intelligence Security Services von den FortiGuard Labs, damit Sie auch bei verschlüsseltem Traffic von einem erstklassigen Schutz und einer Top-Performance profitieren. Eine FortiGate verringert die Komplexität. Sie erhalten eine automatisierte Transparenz über Anwendungen, Benutzer und Netzwerke sowie Sicherheitsbewertungen, um Best Practices für die Security umzusetzen. 

Sie sind Sicherheitsarchitekt und wollen unternehmensweit einen umfassenden Bedrohungsschutz bereitstellen – mit Intrusion Prevention, Web-Filter, Anti-Malware und Application Control? Dann kennen Sie wahrscheinlich die Komplexität beim Management verschiedener Einzellösungen, die sich weder integrieren noch transparent kontrollieren lassen. Nach Schätzungen von Gartner werden bis 2019 rund 80 % des Unternehmens-Traffics verschlüsselt sein – und die Hälfte aller Angriffe wird dann über verschlüsselten Datenverkehr ins Unternehmen gelangen.

FortiGate Enterprise Firewalls unterstützen flexible Bereitstellungen vom Netzwerkrand und Kernbereich bis hin zum Rechenzentrum, internen Segment und der Cloud. FortiGate Enterprise Firewalls arbeiten mit speziellen Security-Prozessoren (SPU), die eine skalierbare Leistung mit intelligenten Security-Diensten wie Threat Protection, SSL-Inspektion sowie eine extrem geringe Latenz beim Schutz interner Segmente und kritischer Umgebungen bieten.

Die FortiGate NGFW bietet eine automatisierte Transparenz über Cloud-Anwendungen und IoT-Geräte und erkennt automatisch die End-to-End-Topologie des Unternehmensnetzwerks. Die FortiGate gehört zu den Eckpfeilern der Security Fabric und bietet eine bestätigte Sicherheit, die das Unternehmensnetzwerk vor bekannten und unbekannten Angriffen schützt. 

Die FortiGate NGFW ist in vielen verschiedenen Modellen erhältlich, um Ihre Anforderungen zu erfüllen: von Hardware-Appliances der Einstiegsklasse bis hin zu Ultra-Highend-Geräten für maximale Performance.  Dadurch kann die FortiGate nahtlos in Ihre Umgebung integriert werden – ob Unternehmensgelände, Rechenzentrum im Netzwerk-Kern oder interne Segmente.  

Produktvergleich

Reducing complexity by consolidating products to save costs is a top concern for many enterprises. Equally important is ensuring secure access of resources from private and public clouds without the fear of encrypted malware. Achieving granular visibility of devices, users, real-time threat information, and automation are paramount to ensuring that attacks are handled in a timely manner.  

Intent-based segmentation allows network operators to create security domains or segments based in accordance with business intent. Intent-based segmentation is the ability to deploy threat protection wherever it is needed, both on-premises and in all cloud instances, to reduce risk, achieve compliance, and protect business-critical applications.

NSS Labs NGFW/SSL 2018 SVM and Report

NSS Labs Next Generation Firewall (NGFW) focuses on enterprise edge and internal segments along with growing need of SSL inspection. The Security Value Map (SVM) shows that FortiGate 500E achieved high cumulative blocking rate at 99.3% and the lowest TCO at $2.00 per protected Mbps. FortiGate 500E also received high SSL inspection performance and a very minimal performance degradation based on our purpose-built security processor technology. Fortinet received fifth consecutive NSS Labs NGFW “Recommended” rating showcase the consistency and commitment to customer need.

• NSS Labs 2018 NGFW Security Value Map (SVM)
• NSS Labs 2018 NGFW Test Report – FortiGate 500E
• NSS Labs 2018 SSL/TLS Test Report – FortiGate 500E

NSS Labs NGFW 2018 Comparative Reports

NSS Labs NGFW Comparative reports provide detailed comparison of all 10 participated vendors for security, performance and total cost of ownership (TCO). With these reports, you can compare Fortinet’s outstanding results with Palo Alto Networks, Checkpoint, Cisco and many other vendors. In several areas, Fortinet showcased the best results:  

• High SSL Inspection Performance with industry's least performance degradation
• Fortinet delivered 100% block rate for live exploits
• Fortinet showcased highest value among all vendors
• NGFW performance is 30% better than claimed in data sheet
• Fortinet delivered best ultra-low latency across different packet sizes

Security - NGFW Comparative Report

Performance - NGFW Comparative Report

TCO - NGFW Comparative Report

SVM - NGFW Comparative Report

NSS Labs DCIPS 2018 SVM and Report

NSS Labs’ Data Center Intrusion Prevention Systems (DCIPS) focuses on data center environments, especially vulnerabilities commonly found in servers. The Security Value Map (SVM) shows that FortiGate IPS achieved the highest cumulative blocking rate at 98.73% and the lowest TCO at $3 per protected Mbps. Fortinet builds world-class IPS appliances and another “Recommended” IPS rating from NSS Labs proves this.

• NSS Labs 2018 DCIPS SVM
• NSS Labs 2018 DCIPS Test Report – FortiGate IPS 3000D

NSS Labs DCSG 2017 SVM and Report

NSS Labs’ DCSG test is a comprehensive Data Center Security Gateway (DCSG) test, including several tests to measure relevant security effectiveness and Intrusion Prevention (IPS) performance using live exploits including “weaponized” exploits (97.9% and 98% block rate respectively for Fortinet FortiGate 7060E and FortiGate 3000D) and resistance to evasion techniques (100% block rate for Fortinet). The FortiGate 7060E and 3000D both achieved “Recommended” status, with a leading combination of Security Effectiveness and Value per protected Megabit Per Second (Mbps) in the NSS Labs Security Value Map (SVM).

• NSS Labs 2017 DCSG SVM
• NSS Labs 2017 DCSG Test Report FortiGate 3000D
• NSS Labs 2017 DCSG Test Report FortiGate 7060E

NSS Labs NGFW 2017 SVM

FortiGate 3200D and 600D enterprise firewalls both offer a winning combination of security effectiveness, performance, and value, earning Fortinet its fourth consecutive NSS Labs NGFW Recommended rating. Fortinet excelled in continuous live testing, blocking 99.71% of exploits used in active attack campaigns every day and delivered the highest performance scores with 18.5 Gbps throughput and an average latency of 4.6 microseconds, regardless of packet size and including real-world traffic processing.

• NSS Labs NGFW Test Report FortiGate 3200D
• NSS Labs NGFW Test Report FortiGate 600D
• NSS Labs 2017 NGFW Security Value Map SVM

NSS Labs Breach Prevention Systems (BPS) Test 2017

NSS Labs introduced a new group test, BPS focused on detecting and blocking exploits, advanced malware, and evasions. This helps validate the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Security Fabric consisting of FortiSandbox, FortiGate, FortiMail, and FortiClient integrated together, earned a Recommended award by achieving a block rate of 99.6% and offering the lowest 3-year TCO.

• NSS Labs BPS Test Report FortiSandbox, FortiGate, FortiMail, FortiClient

NSS Labs NGFW 2016 SVM

NSS Labs’ Next Generation Firewall (NGFW) real-world testing reveals that Fortinet delivers a winning combination of security, network performance, and total cost of ownership (TCO). Fortinet was nearly perfect; scoring 99.6% in overall security effectiveness. The FortiGate 3200D was rated by NSS at 19 Gbps, 37% above its data sheet specifications, with excellent TCO where the value increased based on actual performance compared to the claimed specifications.

• NSS Labs NGFW Test Report FortiGate 3200D
• NSS Labs 2016 NGFW Security Value Map

NSS Labs 2015 Next Generation IPS Test

In 2015, NSS Labs conducted a group test of next generation IPS solutions to assess their abilities to identify both the applications and the users on their internal networks, protect the enterprise user against threats/exploits, and catch sophisticated attacks while producing as few false positives as possible. Demonstrating 99% effectiveness and superior value, Fortinet FortiGate earned the NSS Labs Recommendation.

• NSS Labs 2015 Next Generation IPS Test Report

For a complete list of all the Alliance partners go to www.fortinet.com/fabricready.

Below is a list of current FortiGate Next-Generation Firewall Alliance Partners: