Skip to content Skip to navigation Skip to footer

Global Trade Compliance

Welcome and thank you for your interest in complying with U.S. export control laws.

When exporting, or re-exporting Fortinet products (hardware, software & technology), U.S. export controls apply and it is your responsibility to ascertain your compliance obligations.

Fortinet's policy is to comply fully with U.S. government and host country government laws and regulations. Under no circumstances will Fortinet sell or ship product contrary to U.S. export control regulations. Any person or entity exporting or re-exporting Fortinet products directly or indirectly and via any means, including electronic transfer, is wholly responsible for doing so in accordance with the U.S. Export Administration Regulations and the laws of host countries.

Please be aware there are U.S. embargoes, restricted parties, end-users and end-uses which you must assess prior to export, in conjunction with the U.S. Export Administration Regulations, and specifically encryption controls. Fortinet assumes no responsibility or liability for your failure to obtain any necessary export approvals. Approvals are dependent upon an item's technical characteristics, the destination, end use, and end user, as well as other activities of the end user. To request Fortinet product export classification information please click here or retrieve our export classification matrix through Fortinet Partner Portal. Additionally, keep in mind that U.S. export controls can remain in force as products and technology are re-exported to different parties and places around the world.

Why is Trade Compliance important?

Non-compliance with the U.S. Export Control laws may subject you or your business to criminal and civil penalties, including denial of company's export privileges.

DON'T LET THIS HAPPEN TO YOU - Real life investigations of export control and Anti-Boycott violations.


For an overview of U.S. export control laws and compliance factors, in addition to reviewing the U.S. Export Administration Regulations, additional information regarding dual-use controls, encryption regulations, export licensing and other important information is available at the U.S. Department of Commerce, Bureau of Industry & Security website:

Restricted and Unrestricted Products and Technology

Fortinet's products and technology are controlled under the U.S. Export Administration Regulations (EAR). Many of our products contain strong encryption, which is considered restricted in many jurisdictions. Products classified under 5A002, 5D002, and 5E002 are subject to additional distribution use and user restrictions.

Fortinet’s restricted and unrestricted products with strong encryption capability may be exported or re-exported to most civilian, commercial or government end users located in most countries except the embargoed countries Cuba, Iran, North Korea, Syria, and the Covered Region of Ukraine (Crimea, Donetsk, and Luhansk regions).

Restricted Product License Requirement:

Exporting or re-exporting Fortinet restricted products to government end user customers not located in the following countries (ENC Favorable Treatment Countries) require a U.S. export license: Austria, Australia, Belgium, Bulgaria, Canada, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Japan, Latvia, Lithuania, Luxembourg, Malta, Netherlands, New Zealand, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey, United Kingdom, United States.

Re-Export of Fortinet’s Products and Technology

Partners, distributors or customers planning to re-export Fortinet’s products or technology must comply with both the U.S. re-export regulations and their local country export regulations. Guidance on re-exports or transfers of U.S. Origin Items or Foreign-made Items subject to the Export Administration Regulations (EAR) can be found at

Import Controls

Exporting Fortinet’s products to other countries will require the importer to comply with customs and local import regulations at the country of destination. For example, importing Fortinet’s encryption technology or dual-use items (products classified as 5A002, 5D002, 5E002) to some countries will require an import license application. These countries include but are not limited to France, Russia, Israel, China, Hong Kong and Malaysia. Remember: It is the importer’s responsibility to comply with all import regulations at the country of destination. To avoid costly delays, importers of Fortinet’s products are encouraged to consult with a qualified customs broker who can ensure the importation meets all laws and regulations locally.


If you are an end-user of Fortinet product, and Fortinet's Global Trade Compliance Department has requested you complete the form required to process your order, please click here for the form.

Partner Support

If you are an authorized Fortinet partner, please register with our Partner Portal and you will find additional GTC guidance, forms and documents.

Product Regulatory Compliance

Questions regarding Fortinet’s product regulatory compliance such as requesting Declaration of Conformity, please contact



Department E-Mail:
Urgent export compliance issues: