FortiGate: Next Generation Firewall (NGFW)

High threat protection performance with automated visibility to stop attacks

Gartner 2019 Magic Quadrant for Network Firewalls
web product icon ngfw

FortiGate: Next-Generation Firewall Overview

Fortinet NSS Labs Recommended for SD-WANFortiGate next-generation firewalls (NGFWs) utilize purpose-built security processors and threat intelligence security services from AI-powered FortiGuard labs to deliver top-rated protection, high performance inspection of clear-texted and encrypted traffic. Next-generation firewalls reduce cost and complexity with full visibility into applications, users and networks and provides best of breed security. As an integral part of the Fortinet Security Fabric next-generation firewalls can communicate within Fortinet’s comprehensive security portfolio as well as third-party security solutions in a multivendor environment to share threat intelligence and improve security posture.

As enterprises consider how to provide comprehensive visibility and advanced layer 7 security, including threat protection, intrusion prevention, web filtering and application control, they face a major complexity hurdle managing these point products with no integration and lack of visibility. Gartner estimates that by 2019 80% of enterprise traffic will be encrypted and 50% of attacks targeting enterprise will be hidden in encrypted traffic to infiltrate networks or exfiltrate data, therefore employing HTTPS inspection is a requisite. 

 

FortiGate: Next-Generation Firewall News

     

FortiGate: Next-Generation Firewall Videos

Fortinet Network Security Solution
Fortinet Recognized as a Leader in 2019 Magic Quadrant for Network Firewalls

FortiGate: Next-Generation Firewall Product Details

FortiGate next-generation firewalls offer flexible deployments from the network edge to the core, data center, internal segment, and the Cloud. FortiGate enterprise firewalls leverages purpose-built security processors (SPUs) that delivers scalable performance of advanced security services like Threat Protection, SSL inspection, and ultra-low latency for protecting internal segments and mission critical environments.

FortiGate NGFW provides automated visibility into cloud applications, IoT devices and automatically discovers end to end topology view of the enterprise network. FortiGate is a core part of security fabric and validated security protect the enterprise network from known and unknown attacks. 

Features and Benefits

high performance icon

High-performance threat protection

Industry's highest threat protection and SSL inspection performance to protect from malware attacks hiding in encrypted traffic 
icon vulnerability

Validated security effectiveness

Independently certified and continuous threat intelligence updates provide robust protection from known and unknown attacks
icon benefits secure choice

Protect mission critical applications

Highly scalable segmentation and ultra-low latency to protect network segments 
icon benefits management

Continuous risk assessment via automation

Leverage automated workflow and auditing features to deal with scarce security staff and continuously maintain compliance posture 
Icon security fabric

Security Fabric integration

Intelligently share threats across the entire digital attack surface to provide quick and automated protection 
platform support icon

Enterprise class security management

Deliver consistent security policy -- Single pane-of-glass to manage security assets irrespective of location and form factor

FortiGate: Next-Generation Firewalls Models and Specifications

FortiGate NGFW is available in many different models to meet your needs ranging from entry-level hardware appliances to ultra high-end appliances to meet the most demanding threat protection performance requirements.  This ensures that enterprise campus, core data-center, or internal segments, FortiGate can fit seamlessly into your environment.  

Compare Products

FortiGate: Chassis-based NGFW

Threat Protection
80 Gbps
SSL Inspection Throughput
79.9 Gbps
Network Interfaces
Multiple 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28
Threat Protection
40 Gbps
SSL Inspection Throughput
50 Gbps
Network Interfaces
Multiple 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28
Threat Protection
35 Gbps
SSL Inspection Throughput
50 Gbps
Network Interfaces
Multiple 10 GE SFP+/SFP, 40 GE/100 GE QSFP28
Threat Protection
13.5 Gbps
SSL Inspection Throughput
17 Gbps
Network Interfaces
2x 40GE QSFP+, 2x 10GE SFP+, 2x GE RJ45

Please see the product page for more information on these and many more Product features.  

FortiGate: Ultra high-end NGFW

Threat Protection
60 Gbps
SSL Inspection Throughput
90 Gbps
Network Interfaces
Multiple 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45
Threat Protection
100 Gbps
SSL Inspection Throughput
130 Gbps
Network Interfaces
Multiple 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45

Please see the product page for more information on these and many more Product features.  

FortiGate: High-end NGFW

Threat Protection
20 Gbps
SSL Inspection Throughput
32 Gbps
Network Interfaces
10x 100GE QSFP28, 16x 10GE SFP+, 2x GE RJ45
Threat Protection
13.5 Gbps
SSL Inspection Throughput
30 Gbps
Network Interfaces
Multiple 40/100 GE QSFP+/QSFP28, 10 GE SFP+ and GE RJ45
Threat Protection
13 Gbps
SSL Inspection Throughput
23 Gbps
Network Interfaces
Multiple 100 GE CFP2, 40 GE QSFP+, 10 GE SFP+ and/or multiple GE SFP/RJ45 depending on variants
Threat Protection
13 Gbps
SSL Inspection Throughput
24 Gbps
Network Interfaces
Multiple 40 GE QSFP+, 10 GE SFP+ and GE SFP
Threat Protection
30 Gbps
SSL Inspection Throughput
34 Gbps
Network Interfaces
6x 100 GE QSFP28, 32x 25 GE SFP28, 2x GE RJ45
Threat Protection
23 Gbps
SSL Inspection Throughput
30 Gbps
Network Interfaces
4x 100 GE QSFP28, 24x 25 GE SFP28, 2x GE RJ45
Threat Protection
17Gbps
SSL Throughput Inspection
21 Gbps
Network Interfaces
4x 40GE QSFP+, 4x 10GE RJ45, 16x 10GE/25GE SFP+/SFP28, 12x GE RJ45
Threat Protection
15 Gbps
SSL Inspection Throughput
20 Gbps
Network Interfaces
Multiple GE RJ45 and 10 GE SFP+ / GE SFP slots
Threat Protection
13 Gbps
SSL Inspection Throughput
22 Gbps
Network Interfaces
Multiple 10 GE SFP+ | Multiple GE SFP and GE RJ45
Threat Protection
13 Gbps
SSL Inspection Throughput
19 Gbps
Network Interfaces
Multiple 10 GE SFP+ | Multiple GE SFP and GE RJ45
Threat Protection
5.4 Gbps
SSL Inspection Throughput
11.5 Gbps
Network Interfaces
10x 10GE SFP+, 2x 10GE SFP+ bypass, 34x GE RJ45
Threat Protection
11 Gbps
SSL Throughput Inspection
17 Gbps
Network Interfaces
4x 40GE QSFP+, 20x 10GE/25GE SFP+/SFP28, 12x GE RJ45
Threat Protection
5.4 Gbps
SSL Inspection Throughput
12.5 Gbps
Network Interfaces
6x 10GE SFP+, , 34x GE RJ45
Threat Protection
5 Gbps
SSL Inspection Throughput
10.5 Gbps
Network Interfaces
8x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
Threat Protection
4 Gbps
SSL Inspection Throughput
6 Gbps
Network Interfaces
4x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
Threat Protection
7.1 Gbps
SSL Throughput Inspection
10 Gbps
Network Interfaces
2x40GE QSFP+, 4x25GE SFP28, 4x10GE SFP+/SFP, 8x1GE SFP, 16xGE RJ45
Threat Protection
4 Gbps
SSL Throughput Inspection
4 Gbps
Network Interfaces
2x 10 GE SFP+, 16x GE SFP, 18x GE RJ45

Please see the product page for more information on these and many more Product features.  

FortiGate: Mid-range NGFW

Threat Protection
3 Gbps
SSL Inspection Throughput
4 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP and 10 GE SFP+ slots
Threat Protection
3 Gbps
SSL Inspection Throughput
4 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP, 10 GE SFP+ slots and bypass GE RJ45 pairs
Threat Protection
7Gbps
SSL Inspection Throughput
8 Gbps
Network Interfaces
Multiple GERJ45, Multiple GE SFP, Multiple 10GE SFP+
Threat Protection
4.7 Gbps
SSL Inspection Throughput
6.8 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP and 10 GE SFP+ Slots
Threat Protection
5 Gbps
SSL Inspection Throughput
4.8 Gbps
Network Interfaces
Multiple GE RJ45 and Multiple GE SFP Slots
Threat Protection
3 Gbps
SSL Throughput Inspection
6.8 Gbps
Network Interfaces
Multiple GE RJ45 and GE SFP Slots
Threat Protection
1.2 Gbps
SSL Throughput Inspection
1 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP Slots
Threat Protection
1 Gbps
SSL Throughput Inspection
1 Gbps
Network Interfaces
2 x 10GE SFP+ Slots, 18 x GE RJ45 and 8x 1GE SFP and 4x GE RJ45/SFP Shared Media Pairs
Threat Protection
250 Mbps
SSL Throughput Inspection
130 Mbps
Network Interfaces
Multiple GE RJ45, GE SFP Slots | PoE/+ Variants

Please see the product page for more information on these and many more Product features.  

FortiGate: Entry-level NGFW

Threat Protection
250 Mbps
SSL Inspection Throughput
180 Mbps
Network Interfaces
Multiple GE RJ45 | Varients with internal storage | Variants with PoE/+ interfaces
Threat Protection
700 Mbps
SSL Throughput Inspection
750 Mbps
Network Interfaces
Multiple GE RJ45 | Variants with internal storage
Threat Protection
200 Mbps
SSL Throughput Inspection
175 Mbps
Network Interfaces
Multiple GE RJ45 | WiFi variants | Variants with internal storage | Variants with PoE/+ interfaces
Threat Protection
160 Mbps
SSL Throughput Inspection
185 Mbps
Network Interfaces
Multiple GE RJ45 | WiFi Variants | Variants with dual radios | Variants with internal storage
Threat Protection
150 Mbps
SSL Throughput Inspection
160 Mbps
Network Interfaces
Multiple GE RJ45 | WiFi Variants
Threat Protection
25 Mbps
SSL Throughput Inspection
18 Mbps
Network Interfaces
10x GE RJ45

Please see the product page for more information on these and many more Product features.  

Virtual Machines

Throughput
12 Gbps
vCPU
1x vCPU core, (up to) 2 GB RAM
Throughput
12 Gbps
vCPU
1x vCPU core, (up to) 2 GB RAM
Throughput
15 Gbps
vCPU
2x vCPU cores, (up to) 4 GB RAM
Throughput
28 Gbps
vCPU
4x vCPU cores, (up to) 6 GB RAM
Throughput
33 Gbps
vCPU
8x vCPU cores, (up to) 12 GB RAM
Throughput
36 Gbps
vCPU
16x vCPU cores, (up to) 24 GB RAM
Throughput
50 Gbps
vCPU
32x vCPU cores, (up to) 48 GB RAM
vCPU
Unlimited vCPU cores and RAM

“V” Series VMs do not include VDOM licenses by default.  VDOM licenses can be added separately.

Actual performance may vary depending on the network and system configuration.

Performance metrics were observed using a DELL R740 (CPU Intel Xeon Platinum 8168 2.7 GHz, Intel X710 network adapters), running FOS v5.6.3. Tested with VMware vSphere 6.5 Enterprise Plus. SR-IOV is enabled.

Fortinet Customers and Partners emphasize the value-proposition of FortiGate Next-Generation Firewalls in Gartner Peer Insights Reviews for Network Firewalls.

FortiGate Next-Generation Firewalls offer flexible deployments from the network edge to the core, data center, internal segments, and to multiple clouds, leveraging purpose-built security processors (SPUs) that deliver high performance of advanced security services like threat protection, SSL inspection, IPS without fearing degradation for mission-critical environments. FortiGate NGFW provide seamless integration with multiple clouds and allow secure delivery of business applications and services.

FortiGate NGFW provides automated and full visibility into all internal segments, applications, and network flows to detect and remediate any malware and pave the way for consistent security policies irrespective of the location of assets. FortiGate NGFW was the first vendor to offer the support for the latest standard of encryption called TLS 1.3 that provides a stronger security framework and make Fortinet customers future ready.

FortiGate NGFW has been Recognized as a Leader in the Gartner Magic Quadrant for Network Firewalls. This is the 10th time Fortinet is recognized in the MQ for Network Firewalls.

FortiGate NGFW has received 6th consecutive “Recommended” rating in NSS Labs 2019 NGFW Group Test and continue to earn positive feedback from users on Gartner Peer Insights.

Here is what some of our customers had to say about FortiGate NGFW.

 

“Fortinet FortiGate is well suited for any sized business to protect its internal network”

Software Engineer, Knowledge Specialist, company size- $50M-$250M, Education Industry

“We have two firewalls, one at each datacenter. They are configured as active-passive. All traffic coming and going passes through them for the entire organization. This ensures that all packets to and from users are managed and controlled. If you have straight forward needs, this thing is a good workhourse. We are not in the console every day. It is mostly set it and forget it for us. If this is what you need, it's not a bad solution.”

 

“Powerful CLI Functions, API Integrations And Advanced Features”

Security Analyst, Security and Risk Management, company size- $50M-$250M, Services industry

“We use Enterprise Firewall in our location about 3+. This product is quite successful in terms of integration in terms of architecture. The API provided by the manufacturer allows highly successful integration. Designed with the safety of integration in mind. We are able to define permissions through the role-based API. Firewall Next Generation has firewall features. It includes advanced features for security. Especially our firewall and automation tool integration works smoothly. We are able to successfully block the intelligence data we feed on the firewall. It performs very successfully in high traffic. However, the log stream is about an hour behind. The use and management of the product are not very difficult and complex. The functions and functionality of the commands on SIEM include the utilities for the admin who manage the product.”

 

“Easy Implementation, Simple GUI”

Network Engineer, company size- $500M-$1B, Manufacturing industry

“We have been using Fortinet Firewall for quite a some time now. We are running FortiOS 6.0.4 which is performing exceptionally well. The GUI is Easy to operate and we are loving the product so far.”

 

“Are You Thinking For A Firewall Solution ? No Need To Think Twice Go For It The FortiGate”

Server Administrator, Infrastructure and Operations, company size- $50M-$250M, Healthcare industry

“FortiGate offers several sizing options to suit any size organization from small businesses to large enterprises. The licensing options are flexible as well, allowing organizations to choose their level of protection. Options include antivirus, web filtering, DNS filtering, application control, intrusion prevention, anti-spam, web application firewall, and SSL inspection. They also include a cloud sandbox with their offering.”

 

“The Most Stable And Versatile Product With Outstanding Features And Superb Performance”

Project Manager, company size- $3B-$10B, Construction industry

“If I talk about my overall experience I would say it is an outstanding product that can be implemented easily and considered to be the integral part of business. It is helpful in achieving our goals. It provides us easy ways of handling system. It is no doubt the most reliable product. It offers a great support with its efficient team gives quick response to our questions.”

 

“Top-Level Performance, Top-Level NGF Firewall Features”

Security Engineer, Security & Risk Management, company size- $50M-$250M, Services industry

“Next Generation is one of the most successful Firewall products with Firewall feature. The antivirus engine is highly successful against high-level threats. You can start the automation process by detecting the same threats via the log. It also performs successfully in high traffic. When you complete segmentation correctly, the visibility level will begin to increase. The product has many successful capabilities, such as SSL inspection and bandwidth setting at the Application level. The product logs have official support for many SIEM systems. Syslog sends and sends log in quality. You can raise awareness in your incident response processes by producing various alerts over SIEM.”

 

“Fight With The Cyber Threats With Peace Of Mind”

Vice President, in the Finance Industry, company size- $10B-$30B, Finance industry

“After POC different fire walls available in the market ,Our network security team found Fort gate Firewall is the best gadget available FortiGate This device receives continuous threat and intelligence updates from FG Labs security services. Intrusion prevention, anti-malware, and , application control and web filtering protects your enterprises from known and unknown advanced attacks.”

 

 
Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.

Next-Generation Firewall Use Cases

Reducing complexity by consolidating products to save costs is a top concern for many enterprises. Equally important is ensuring secure access of resources from private and public clouds without the fear of encrypted malware. Achieving granular visibility of devices, users, real-time threat information, and automation are paramount to ensuring that attacks are handled in a timely manner.  

Reducing Complexity

Reduce Complexity

Consolidate products and services to reduce complexity. With industry-leading threat protection and FortiGuard Labs services, you can reduce costs and maximize your return on investment (ROI).

 

 

 

Encrypted Cloud Access

Encrypted Cloud Access

Achieve comprehensive visibility and policy controls by inspecting all types of traffic, from clear-text to encrypted, and implement intrusion prevention system (IPS) protection.

Visibility and Automation

Visibility and Automation

Gain access to network and security events for contextual visibility, and simplify operations with automated processes.

Intent-based Segmentation Use Cases

Intent-based segmentation allows network operators to create security domains or segments based in accordance with business intent. Intent-based segmentation is the ability to deploy threat protection wherever it is needed, both on-premises and in all cloud instances, to reduce risk, achieve compliance, and protect business-critical applications.

Reduce Attack Surface

Effectively manage attack vectors with microsegments, industry-leading threat protection, and FortiGuard Labs services.

Regulatory Compliance

Regulatory Compliance

Meet compliance and regulatory requirements, such as PCI DSS, PII, HIPPA, and GDPR.    

Trusted Application Access

Trusted Application Access

Improve your security posture by securing business applications and implementing adaptive access control.

FortiGuard Security Services for FortiGate: Next-Generation Firewalls

FortiGate next-generation firewalls (NGFWs) are the backbone for a security-driven network.  Given the mission-critical role these play in any environment, Fortinet fortifies our leading NGFW's with best-in-class security, support, and cloud-based automation and management. 

Read on to find out how Fortinet subscriptions and services can help you get the most out of your FortiGate NGFW's:

Effective best-in-class security requires timely, global intelligence combined with fast decision-making and response across all critical vectors. Fortinet offers proven and one of the most certified artificial intelligence-driven protection available in the market today powered by FortiGuard Labs.

For customers implementing FortiGates as NGFWs, here’s how FortiGuard subscriptions can help:

  • Application Control: Fortinet boasts one of the largest applications database to safeguard your organization from risky application and allows you visibility and control of applications running in your network
  • Intrusion Prevention: Stop unwanted attempts to access your network that target vulnerabilities and configuration gaps. We block over 10 million intrusion attempts per minute.
  • Advanced Threats: Stop malicious files and payloads moving into your network with FortiGuard’s leading advanced malware, antivirus, and sandboxing capabilities. We stop over 35,000 malicious files per minute.

FortiGuard

Industry Leading AI-driven Protection and Intelligence

FortiCare

World-class Global Support and Professional Services

Mission critical security-driven networks deserve the best support available.  FortiCare provides 24x7 support options to help keep your FortiGates up and running.  We also have services to help you recover in the rare moments when bigger bumps seem to come out of nowhere such as our Premium RMA options with 4-hour replacements. 

Want faster resolution?  Choose our Advanced Support option.

Need help to get going with new deployments and integrations?  FortiCare can do it, too, with Professional Services and Resident Engineers!  Contact Sales to find out how.

Delivering world-class security is not all that we do! We can help our customers lower their total cost of ownership (TCO) and simplify day-to-day security operations through our FortiOps services, which provide cloud-based management, visibility, and automation across their Fortinet Security Fabric.

FortiOps

Cloud-based Management, Visibility, and Operations

Pro-Tips

  • Keep it simple and save some money too! Choose the Unified Protection Bundle for your FortiGates that includes 24x7 FortiCare, all the FortiGuard Services you see here, and more. Customers looking to also lower their TCO can add FortiOps options a-la-carte or order the Enterprise Protection Bundle for the most comprehensive and cost-effective protection and operations for their NGFW.
  • Don’t forget to add FortiCare Advanced Support and Premium RMA for the fastest way to recover from unexpected bumps. We have global team of experts standing by to assist you and global depots to get you parts fast!

Resources

Fuse Community


Product Demo

This full working demo lets you explore the many features of our FortiGate Next-Generation Firewall (NGFW). You’ll quickly see how FortiGate allows you to enable threat protection features such as IPS, Web-Filtering, Anti-Malware, Cloud Sand-box and SSL inspection to stop known and unknown threats. FortiGate also provides the full visibility and identifies applications, users and devices to identify issues quickly and intuitively. Be sure to check out our Security Fabric features to provide end to end topology view, security ratings based on the best practices and automation to reduce complexity. 

NSS Labs Next Generation Intrusion Prevention Systems (NGIPS) 2019

NSS Labs’ Next Generation Intrusion Prevention Systems (NGIPS) focuses on security effectiveness and TCO for NGIPS solutions across selected vendors tested. The Security Value Map (SVM) shows that FortiGate NGIPS achieved a cumulative blocking rate of 99.18% for FortiGate 100F and the lowest TCO at $2 per protected Mbps. Fortinet builds world-class NGIPS appliances that requires highest possible performance, best of breed security and having another “Recommended” IPS rating from NSS Labs is just another proof point.

NSS Labs Next Generation Intrusion Prevention Systems (NGIPS) 2019

 

NSS Labs 2019 NGFW Group Test Results


With these reports, you can see Fortinet’s NGFW strong performance results that were conducted with new traffic mix (70% HTTPS + 30% HTTP) . Fortinet’s NGFW demonstrated high NGFW/SSL performance and low TCO.

Please review the comparative reports to learn more:

 

NSS Labs Breach Prevention Systems (BPS) Test 2019

NSS Labs BPS focuses on both detecting and blocking of exploits, advanced malware, and evasions which is critical in reducing the risk of breaches. This test helps emphasize the importance in the automation of the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Breach Protection tested solution consists of FortiSandbox, FortiGate, and FortiClient integrated together, earned a Recommended award by achieving an overall Security Effectiveness of 97.8% and offering the lowest 3-year TCO.

 

NSS Labs NGFW/SSL 2018 SVM and Report

NSS Labs Next Generation Firewall (NGFW) focuses on enterprise edge and internal segments along with growing need of SSL inspection. The Security Value Map (SVM) shows that FortiGate 500E achieved high cumulative blocking rate at 99.3% and the lowest TCO at $2.00 per protected Mbps. FortiGate 500E also received high SSL inspection performance and a very minimal performance degradation based on our purpose-built security processor technology. Fortinet received fifth consecutive NSS Labs NGFW “Recommended” rating showcase the consistency and commitment to customer need.

NSS labs 2018 SVM diagram

NSS Labs NGFW 2018 Comparative Reports

NSS Labs NGFW Comparative reports provide detailed comparison of all 10 participated vendors for security, performance and total cost of ownership (TCO). With these reports, you can compare Fortinet’s outstanding results with Palo Alto Networks, Checkpoint, Cisco and many other vendors. In several areas, Fortinet showcased the best results:  

  • High SSL Inspection Performance with industry's least performance degradation
  • Fortinet delivered 100% block rate for live exploits
  • Fortinet showcased highest value among all vendors
  • NGFW performance is 30% better than claimed in data sheet
  • Fortinet delivered best ultra-low latency across different packet sizes

Security - NGFW Comparative Report

Performance - NGFW Comparative Report

TCO - NGFW Comparative Report

SVM - NGFW Comparative Report

NSS Labs DCIPS 2018 SVM and Report

NSS Labs’ Data Center Intrusion Prevention Systems (DCIPS) focuses on data center environments, especially vulnerabilities commonly found in servers. The Security Value Map (SVM) shows that FortiGate IPS achieved the highest cumulative blocking rate at 98.73% and the lowest TCO at $3 per protected Mbps. Fortinet builds world-class IPS appliances and another “Recommended” IPS rating from NSS Labs proves this.

NSS Labs DCSG 2017 SVM and Report

NSS Labs’ DCSG test is a comprehensive Data Center Security Gateway (DCSG) test, including several tests to measure relevant security effectiveness and Intrusion Prevention (IPS) performance using live exploits including “weaponized” exploits (97.9% and 98% block rate respectively for Fortinet FortiGate 7060E and FortiGate 3000D) and resistance to evasion techniques (100% block rate for Fortinet). The FortiGate 7060E and 3000D both achieved “Recommended” status, with a leading combination of Security Effectiveness and Value per protected Megabit Per Second (Mbps) in the NSS Labs Security Value Map (SVM).

NSS Labs NGFW 2017 SVM

FortiGate 3200D and 600D enterprise firewalls both offer a winning combination of security effectiveness, performance, and value, earning Fortinet its fourth consecutive NSS Labs NGFW Recommended rating. Fortinet excelled in continuous live testing, blocking 99.71% of exploits used in active attack campaigns every day and delivered the highest performance scores with 18.5 Gbps throughput and an average latency of 4.6 microseconds, regardless of packet size and including real-world traffic processing.

NSS Labs Breach Prevention Systems (BPS) Test 2017

NSS Labs introduced a new group test, BPS focused on detecting and blocking exploits, advanced malware, and evasions. This helps validate the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Security Fabric consisting of FortiSandbox, FortiGate, FortiMail, and FortiClient integrated together, earned a Recommended award by achieving a block rate of 99.6% and offering the lowest 3-year TCO.

NSS Labs NGFW 2016 SVM

NSS Labs’ Next Generation Firewall (NGFW) real-world testing reveals that Fortinet delivers a winning combination of security, network performance, and total cost of ownership (TCO). Fortinet was nearly perfect; scoring 99.6% in overall security effectiveness. The FortiGate 3200D was rated by NSS at 19 Gbps, 37% above its data sheet specifications, with excellent TCO where the value increased based on actual performance compared to the claimed specifications.

NSS Labs 2015 Next Generation IPS Test

In 2015, NSS Labs conducted a group test of next generation IPS solutions to assess their abilities to identify both the applications and the users on their internal networks, protect the enterprise user against threats/exploits, and catch sophisticated attacks while producing as few false positives as possible. Demonstrating 99% effectiveness and superior value, Fortinet FortiGate earned the NSS Labs Recommendation.

FortiGate: Next-Generation Firewall Alliance Partners

For a complete list of all the Alliance partners go to www.fortinet.com/fabricready.

Below is a list of current FortiGate Next-Generation Firewall Alliance Partners: