FortiGate: Next Generation Firewall (NGFW)

High threat protection performance with automated visibility to stop attacks

Gartner 2017 Magic Quadrant for Enterprise Firewalls
Available in:
  • Appliance
  • Virtual Machine
  • Cloud

FortiGate: Next-Generation Firewall

As security architects consider how to provide comprehensive threat protection for their enterprises, including intrusion prevention, web filtering, anti-malware and application control, they face a major complexity hurdle managing these point products with no integration and lack of visibility. Gartner estimates that by 2019 80% of enterprise traffic will be encrypted and 50% of attacks targeting enterprise will be hidden in encrypted traffic.

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance including encrypted traffic. FortiGate reduces complexity with automated visibility into applications, users and network and provides security ratings to adopt security best practices. 

 

Fortigate: Next-Generation News

5/01/2018: The Security Risks Presented by Complex Networks.  Regardless of the industry, vertical, or market segment they compete in, your customers’ network architectures are becoming more distributed and complex.

 

2/27/2018:  Fortinet Delivers Third Generation of Network Security with the Evolution of its Security Fabric.  FortiOS 6.0 delivers more than 200 new capabilities across Security Fabric to automate security operations and protect the digital attack surface

2/05/2018:  Fortinet introduces Industry's fastest 100 Gbps+ Next Generation Firewall appliance. New FortiGate 6000F series delivers the performance and interface options to scale the enterprise edge. 

 


FortiGate: Next-Generation Firewall Videos

FortiGate Next Generation Firewall with Security Fabric Demo

Our latest FOS 6.0 delivers best threat protection, automated visibility and integration with security fabric

Watch Now

An Interview with John Maddison, Fortinet SVP of Products and Solutions

An Interview with John Maddison, Fortinet SVP of Products and Solutions

John Maddison shares Fortinet’s recent recognition as a leader in the Gartner’s Enterprise Firewall Magic Quadrant.

Watch Now

FortiOS 6.0 and Security Fabric Q&A with Michael Xie

FortiOS 6.0 and Security Fabric Q&A with Michael Xie

In this Secure Insights video, Michael Xie talks about the innovations in FortiOS 6.0 and the evolution of the Fortinet Security Fabric announced at Accelerate18.

Watch Now

FortiGate: Next-Generation Firewall Product Details

FortiGate enterprise firewalls offer flexible deployments from the network edge to the core, data center, internal segment, and the Cloud. FortiGate enterprise firewalls leverages purpose-built security processors (SPUs) that delivers scalable performance of advanced security services like Threat Protection, SSL inspection, and ultra-low latency for protecting internal segments and mission critical environments.

FortiGate NGFW provides automated visibility into cloud applications, IoT devices and automatically discovers end to end topology view of the enterprise network. FortiGate is a core part of security fabric and validated security protect the enterprise network from known and unknown attacks. 

 

Features and Benefits

high performance icon

High-performance threat protection

Industry's highest threat protection and SSL inspection performance to protect from malware attacks hiding in encrypted traffic 
icon vulnerability

Validated security effectiveness

Independently certified and continous threat intelligence updates provide robust protection from known and unknown attacks
icon benefits secure choice

Protect mission critical applications

Highly scalable segmentation and ultra-low latency to protect network segments 
icon benefits management

Continuous risk assessment via automation

Leverage automated workflow and auditing features to deal with scarce security staff and continuously maintain compliance posture 
Icon security fabric

Security Fabric integration

Intelligently share threats across the entire digital attack surface to provide quick and automated protection 
platform support icon

Enterprise class security management

Deliver consistent security policy -- Single pane-of-glass to manage security assets irrespective of location and form factor

FortiGate: Next-Generation Firewalls Models and Specifications

FortiGate NGFW is available in many different models to meet your needs ranging from entry-level hardware appliances to ultra high-end appliances to meet the most demanding threat protection performance requirements.  This ensures that enterprise campus, core data-center, or internal segments, FortiGate can fit seamlessly into your environment.  

FortiGate: Chassis-based NGFW

Threat Protection
80 Gbps
SSL Inspection Throughput
100 Gbps
Network Interfaces
Multiple 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28
Threat Protection
40 Gbps
SSL Inspection Throughput
50 Gbps
Network Interfaces
Multiple 10 GE SFP+/SFP, 40 GE QSFP+, 100 GE CFP2/QSFP28
Threat Protection
35 Gbps
SSL Inspection Throughput
50 Gbps
Network Interfaces
Multiple 10 GE SFP+/SFP, 40 GE/100 GE QSFP28
Threat Protection
13.5 Gbps
SSL Inspection Throughput
17 Gbps
Network Interfaces
2x 40GE QSFP+, 2x 10GE SFP+, 2x GE RJ45

Please see the product page for more information on these and many more Product features.  

FortiGate: Ultra high-end NGFW



Threat Protection
60 Gbps
SSL Inspection Throughput
90 Gbps
Network Interfaces
Multiple 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45
Threat Protection
100 Gbps
SSL Inspection Throughput
130 Gbps
Network Interfaces
Multiple 40/100 GE QSFP28, 1/10/25 GE SFP28, 1/10 GE SFP+ and GE RJ45

Please see the product page for more information on these and many more Product features.  

FortiGate: High-end NGFW

Threat Protection
20 Gbps
SSL Inspection Throughput
32 Gbps
Network Interfaces
10x 100GE QSFP28, 16x 10GE SFP+, 2x GE RJ45
Threat Protection
13.5 Gbps
SSL Inspection Throughput
30 Gbps
Network Interfaces
Multiple 40/100 GE QSFP+/QSFP28, 10 GE SFP+ and GE RJ45
Threat Protection
13 Gbps
SSL Inspection Throughput
23 Gbps
Network Interfaces
Multiple 100 GE CFP2, 40 GE QSFP+, 10 GE SFP+ and/or multiple GE SFP/RJ45 depending on variants
Threat Protection
13 Gbps
SSL Inspection Throughput
24 Gbps
Network Interfaces
Multiple 40 GE QSFP+, 10 GE SFP+ and GE SFP
Threat Protection
15 Gbps
SSL Inspection Throughput
20 Gbps
Network Interfaces
Multiple GE RJ45 and 10 GE SFP+ / GE SFP slots
Threat Protection
13 Gbps
SSL Inspection Throughput
22 Gbps
Network Interfaces
Multiple 10 GE SFP+ | Multiple GE SFP and GE RJ45
Threat Protection
13 Gbps
SSL Inspection Throughput
19 Gbps
Network Interfaces
Multiple 10 GE SFP+ | Multiple GE SFP and GE RJ45
Threat Protection
5.4 Gbps
SSL Inspection Throughput
6 Gbps
Network Interfaces
10x 10GE SFP+, 2x 10GE SFP+ bypass, 34x GE RJ45
Threat Protection
5.4 Gbps
SSL Inspection Throughput
12.5 Gbps
Network Interfaces
6x 10GE SFP+, , 34x GE RJ45
Threat Protection
5 Gbps
SSL Inspection Throughput
10.5 Gbps
Network Interfaces
8x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
Threat Protection
4 Gbps
SSL Inspection Throughput
6 Gbps
Network Interfaces
4x 10GE SFP+/GE SFP, 16x GE SFP, 18x GE RJ45
Threat Protection
4 Gbps
SSL Throughput Inspection
4 Gbps
Network Interfaces
2x 10 GE SFP+, 16x GE SFP, 18x GE RJ45

Please see the product page for more information on these and many more Product features.  

FortiGate: Mid-range NGFW

Threat Protection
3 Gbps
SSL Inspection Throughput
4 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP and 10 GE SFP+ slots
Threat Protection
3 Gbps
SSL Inspection Throughput
4 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP, 10 GE SFP+ slots and bypass GE RJ45 pairs
Threat Protection
3 Gbps
SSL Inspection Throughput
3.5 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP and 10 GE SFP+ Slots
Threat Protection
4.7 Gbps
SSL Inspection Throughput
6.8 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP and 10 GE SFP+ Slots
Threat Protection
3 Gbps
SSL Throughput Inspection
6.8 Gbps
Network Interfaces
Multiple GE RJ45 and GE SFP Slots
Threat Protection
1.2 Gbps
SSL Throughput Inspection
1 Gbps
Network Interfaces
Multiple GE RJ45, GE SFP Slots
Threat Protection
250 Mbps
SSL Throughput Inspection
190 Mbps
Network Interfaces
Multiple GE RJ45, GE SFP Slots | PoE/+ Variants

Please see the product page for more information on these and many more Product features.  

FortiGate: Entry-level NGFW

Threat Protection
270 Mbps
SSL Inspection Throughput
300 Mbps
Network Interfaces
Multiple GE RJ45 | WiFi Variants
Threat Protection
250 Mbps
SSL Inspection Throughput
180 Mbps
Network Interfaces
Multiple GE RJ45 | Varients with internal storage | Variants with PoE/+ interfaces
Threat Protection
200 Mbps
SSL Throughput Inspection
175 Mbps
Network Interfaces
Multiple GE RJ45 | WiFi variants | Variants with internal storage | Variants with PoE/+ interfaces
Threat Protection
160 Mbps
SSL Throughput Inspection
185 Mbps
Network Interfaces
Multiple GE RJ45 | WiFi Variants | Variants with dual radios | Variants with internal storage
Threat Protection
150 Mbps
SSL Throughput Inspection
160 Mbps
Network Interfaces
Multiple GE RJ45 | WiFi Variants
Threat Protection
25 Mbps
SSL Throughput Inspection
18 Mbps
Network Interfaces
10x GE RJ45

Please see the product page for more information on these and many more Product features.  

FortiGuard Security Services for FortiGate: Next-Generation Firewalls

FortiGate NGFW receives continuous threat intelligence updates from FortiGuard Labs security services. Intrusion prevention, anti-malware, cloud sand-box, application control and web filtering protects enterprises from known and unknown advanced attacks.

FG Application Control

Application Control

Improve security and meet compliance with easy enforcement of your acceptable use policy through unmatched, real-time visibility into the applications your users are running. With FortiGuard Application Control, you can quickly create policies to allow, deny, or restrict access to applications or entire categories of applications.

FG Web Filtering

Web Filtering

Protects your organization by blocking access to malicious, hacked, or inappropriate websites.

Icon cloudsandbox

FortiSandbox Cloud

FortiSandbox Cloud Service is an advanced threat detection solution that performs dynamic analysis to identify previously unknown malware. Actionable intelligence generated by FortiSandbox Cloud is fed back into preventive controls within your network—disarming the threat.

FG Antivirus

Antivirus

FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.

FG Intrusion Prevention

Intrusion Prevention

FortiGuard IPS protects against the latest network intrusions by detecting and blocking threats before they reach network devices.

FortiGate: Next-Generation Firewall Demo

FortiGate Next-Generation Firewall Demo

This full working demo lets you explore the many features of our FortiGate Next-Generation Firewall (NGFW). You’ll quickly see how FortiGate allows you to enable threat protection features such as IPS, Web-Filtering, Anti-Malware, Cloud Sand-box and SSL inspection to stop known and unknown threats. FortiGate also provides the full visibility and identifies applications, users and devices to identify issues quickly and intuitively. Be sure to check out our Security Fabric features to provide end to end topology view, security ratings based on the best practices and automation to reduce complexity. 

Access the demo

Next-Generation Firewalls | NGFW | FortiGate

NSS Labs DCIPS 2018 SVM and Report

NSS Labs’ Data Center Intrusion Prevention Systems (DCIPS) focuses on data center environments, especially vulnerabilities commonly found in servers. The Security Value Map (SVM) shows that FortiGate IPS achieved the highest cumulative blocking rate at 98.73% and the lowest TCO at $3 per protected Mbps. Fortinet builds world-class IPS appliances and another “Recommended” IPS rating from NSS Labs proves this.

NSS Labs DCSG 2017 SVM and Report

NSS Labs’ DCSG test is a comprehensive Data Center Security Gateway (DCSG) test, including several tests to measure relevant security effectiveness and Intrusion Prevention (IPS) performance using live exploits including “weaponized” exploits (97.9% and 98% block rate respectively for Fortinet FortiGate 7060E and FortiGate 3000D) and resistance to evasion techniques (100% block rate for Fortinet). The FortiGate 7060E and 3000D both achieved “Recommended” status, with a leading combination of Security Effectiveness and Value per protected Megabit Per Second (Mbps) in the NSS Labs Security Value Map (SVM).

NSS Labs NGFW 2017 SVM

FortiGate 3200D and 600D enterprise firewalls both offer a winning combination of security effectiveness, performance, and value, earning Fortinet its fourth consecutive NSS Labs NGFW Recommended rating. Fortinet excelled in continuous live testing, blocking 99.71% of exploits used in active attack campaigns every day and delivered the highest performance scores with 18.5 Gbps throughput and an average latency of 4.6 microseconds, regardless of packet size and including real-world traffic processing.

NSS Labs Breach Prevention Systems (BPS) Test 2017

NSS Labs introduced a new group test, BPS focused on detecting and blocking exploits, advanced malware, and evasions. This helps validate the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Security Fabric consisting of FortiSandbox, FortiGate, FortiMail, and FortiClient integrated together, earned a Recommended award by achieving a block rate of 99.6% and offering the lowest 3-year TCO.

NSS Labs NGFW 2016 SVM

NSS Labs’ Next Generation Firewall (NGFW) real-world testing reveals that Fortinet delivers a winning combination of security, network performance, and total cost of ownership (TCO). Fortinet was nearly perfect; scoring 99.6% in overall security effectiveness. The FortiGate 3200D was rated by NSS at 19 Gbps, 37% above its data sheet specifications, with excellent TCO where the value increased based on actual performance compared to the claimed specifications.

NSS Labs 2015 Next Generation IPS Test

In 2015, NSS Labs conducted a group test of next generation IPS solutions to assess their abilities to identify both the applications and the users on their internal networks, protect the enterprise user against threats/exploits, and catch sophisticated attacks while producing as few false positives as possible. Demonstrating 99% effectiveness and superior value, Fortinet FortiGate earned the NSS Labs Recommendation.

FortiGate: Next-Generation Firewall Alliance Partners

For a complete list of all the Alliance partners go to www.fortinet.com/fabricready.

Below is a list of current FortiGate Next-Generation Firewall Alliance Partners:

AlgoSec

AlgoSec

The leading provider of business-driven security management solutions, AlgoSec helps over 1,500 enterprises align security with their business processes, to make their organizations more agile, secure and compliant.

  

Amazon Web Services

Amazon Web Services

AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.

Solution brief

Learn more on the Fortinet-AWS alliance

    

Arista

Arista

Arista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments.

Solution brief

  

Cisco

Cisco

Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.

    

Google Cloud Platform

Google Cloud Platform

Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.

Solution brief

    

IBM Security

IBM

IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.

  

FireMon

FireMon

FireMon solutions deliver continuous visibility into and control over network security infrastructure, policies, and risk.

  

Nozomi Networks

Nozomi Networks

Nozomi Networks is a leading provider of real-time visibility, advanced monitoring capabilities, and strong security for industrial control networks supporting critical infrastructure. Nozomi has been deployed in some of the largest industrial installations, providing some of the fastest return-on–investment in the industry.

  

Nuage Networks

Nuage Networks

Nuage Networks, a Nokia Corp subsidiary, brings a unique combination of groundbreaking technologies and unmatched networking expertise to the enterprise and telecommunications industries.

Solution brief

      

Oracle

Oracle

Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.

Solution brief

    

Tufin

Tufin

Tufin leads the Security Policy Orchestration market, enabling enterprises to centrally manage, visualize, and control security policies across hybrid cloud and physical network environments.

  


VMware

VMware is a global leader in cloud infrastructure and business mobility.