為您的私人雲端提供高效能的虛擬化安全保護
您的虛擬資料中心資產需要能抵禦不斷變化的已知或未知威脅的進階防護。 FortiGate-VM 是我們處於市場領先地位、擁有高效能的 FortiGate 新一代防火牆的虛擬化設備,為虛擬資料中心與雲端上的南北、東西流量提供進階防護。 FortiGate-VM 支援領先的管理程式技術以及一系列的私人和公共雲端平台,包括 AWS、Azure、Cisco、Google、IBM、Nuage Networks、OpenStack、Oracle 與 VMware。 憑藉強大的 FortiOS 作業系統以及 FortiGuard 威脅情報服務,FortiGate 的虛擬 NGFW 擁有業界領先的效能,透過單一面板管理您的物理和虛擬網路,為您的虛擬資料中心流量提供多層威脅保護。
Private Cloud News
5/22/2018: Fortinet Expands Fabric-Ready Partner Program with Fabric Connectors. Fabric Connectors provide open, one-click integration with alliance partner technologies to automate security operations, policies and DevOps processes.
5/23/2018: End-to-end security requires multi-vendor automation. To make it easier to use security tools from multiple vendors, as well as bake security into the development process, Fortinet introduces Fabric Connectors and DevOps integration.
5/22/2018: Fortinet Fabric Connectors: Enabling deep Fabric integration with third-party solutions.
私人雲端產品詳情
FortiGate-VM 新一代防火牆可進行快速服務部署,同時為您的虛擬網路與雲端提供進階威脅防護。 FortiGuard 服務為您虛擬資料中心的關鍵任務應用程式與資料提供多層防護,並能有效阻止惡意軟體的橫向移動。 它與 Cisco ACI、Nuage Networks VSP 以及 VMware NSX 等主要 SDN 平台進行整合和協調後,即時可用,並可進行微隔離並對東西流量進行流量監測,以保護虛擬資產。FortiManager 提供具有精細控制與可視性的單一面板,以此來管理和保護物理與虛擬設備、簡化部署並實施一致的安全原則。 Fortinet 虛擬安全產品包括 FortiGate-VM 以及 FortiOS 上用於眾多安全與網路服務的虛擬設備。
功能與優點
經 NSS Labs、Virus Bulletin 和 AV Comparatives 對立測試,使用 FortiGuard 安全防護服務可獲得高評級的多層式保護
支援所有重要管理程式、雲端和 SDN 平台
無可比擬的投資回報 (ROI)、靈活的授權和佈建,支援按需購買
高效能與進階威脅防護相結合,可讓工作負載更靈活敏捷但又不影響安全性
透過微隔離和對應用程式、裝置以及使用者的精細控制,來對虛擬資產進行隔離與防護
增強的多租戶服務能力、對 VM 進行自動佈建與自動縮放,以符合成本效益的方式滿足對新服務的需求
Fabric Connectors:
Fortinet Fabric Connectors 可實現對 Security Fabric 與 SDN/私人雲端、公共雲端以及多合作夥伴技術平台的開放整合。除了便於下載與部署,Fabric Connectors 還可在多供應商環境中實現自動安全防護同步、減少安全管理負擔並可消除安全漏洞。
Fabric Connectors 支援的公共雲端/SDN 包括:
詳細瞭解 Fabric Connectors
FortiGate 虛擬新一代防火牆型號與規格
無論是作為 BYOL 的情況,還是作為按需供應的情況,FortiGate-VM 新一代防火牆均可透過公共雲端服務商場,在私人和公共雲端環境中部署成一個虛擬設備。
「V」系列的 VM 預設不包含 VDOM 授權。 VDOM 授權可以單獨購買。
實際效能可能因網路與系統組態而異。效能指標可使用執行 FOS v5.6.3 的 DELL R740(CPU Intel Xeon Platinum 8168 2.7 GHz、Intel X710 網路介面卡)進行查看。已用 VMware vSphere 6.5 Enterprise Plus 進行測試。SR-IOV 已啟用。
FortiGate-VM 提供適用於 AWS、Azure、Google、Oracle 與 IBM 等主要公共雲端平台的全面進階安全防護,支援自帶授權 (BYOL) 和按需計費(即用即付)。 詳細瞭解適用於公共雲端的 FortiGate-VM 高效能新一代防火牆:
FortiGuard 服务
FortiGuard Services for FortiGate-VM enable you to implement critical security controls and threat remediation within your virtual infrastructure, providing protection for north-south and east-west virtual traffic.
應用程式控制
可對您的客戶正在執行的應用程式獲得無可比擬的即時可視性,並輕鬆實施您可接受的使用原則,進而提高安全性並滿足合規要求。透過 FortiGuard 應用程式控制,您可以快速建立原則來允許、拒絕或限制對應用程式或整個類別的應用程式的存取。
FortiSandbox 雲端
FortiSandbox 雲端服務是一個進階威脅偵測解決方案,可執行動態分析以識別先前未知的惡意軟體。FortiSandbox 雲端產生的可執行情報會反饋到網路中的預防控制機制,進而消除威脅。
Content Disarm & Reconstruction
Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.
安全評級
安全稽核更新服務旨在引導客戶設計、實現並持續維護適合其組織的目標 Security Fabric 的安全狀態。Security Fabric 從根本上是構建於最佳安全實踐之上,透過執行這些稽核檢查,安全團隊將能夠識別 Security Fabric 設定中的關鍵漏洞和組態弱點,並實施最佳實踐建議。
FortiCASB
FortiCASB 是一項原生雲端的雲端存取安全代理程式 (CASB) 訂購服務,旨在為組織使用的雲端服務實現可視性,確保合規性與資料安全,並提供威脅防護。FortiCASB 支援各個主要的 SaaS 服務提供商,透過全面的報告工具,提供對使用者、行為及雲端儲存資料的深入透視。
IP 聲譽評等 & 預防殭屍網路安全服務
FortiGuard IP 聲譽評等服務從 Fortinet 分佈式威脅感測器網路、CERT、MITRE、進行合作的競爭對手以及其他全球資源彙集惡意來源 IP 資料,這些資源共同協作,合力提供關於敵對來源的最新威脅情報。憑藉來自分佈式網路閘道近乎即時的情報,再結合 FortiGuard Labs 的世界級研究,組織可得到更安全的保護並對攻擊實施主動攔截。
工業控制系統
FortiGuard 工業安全服務會持續更新特徵碼,以識別和監控大多數常見的 ICS/SCADA (監控和資料擷取)協定,以實現精細化可見度和控制。另外還對主要 ICS 製造商的應用程式和裝置提供漏洞保護。
垃圾郵件防護
FortiGuard 反垃圾郵件可提供一種全面且多層次的方法,對組織處理的垃圾郵件進行偵測和篩選。雙通道偵測技術可以顯著地減少周邊垃圾郵件數量,給您一個無與倫比的郵件攻擊與感染控制體驗。
適用於 FortiGate 的 FortiGuard 服務 套件組合
企業防護套件組合
提供保護以應對當今進階威脅形勢。它提供 FortiGate 可用的所有 FortiGuard 安全服務,包括:NGFW 應用程式控制和 IPS、網頁篩選、FortiCloud 沙箱、防毒、行動裝置安全、IP 聲譽評等、預防殭屍網路、反垃圾郵件、FortiCare 核心安全服務以及 8x5 或 24x7 小時支援選擇。
統一威脅管理 (UTM) 防護套件組合
傳統 UTM 安全服務包括 NGFW 應用程式控制和 IPS、網頁篩選、防毒、反垃圾郵件、FortiCare 核心安全服務以及 8x5 或 24x7 小時支援選擇
威脅防護套件組合
核心防護技術包括:應用程式控制、IPS、AV、殭屍網路 IP/域以及行動裝置惡意軟體服務。FortiCare 安全服務可提供全天候的支援服務。
Data Sheets
Solution Guides
White Papers
Product Demo
FortiGate-VM is a full-featured FortiGate packaged as a virtual appliance. FortiGate-VM virtual appliance is ideal for monitoring and enforcing virtual traffic on leading virtualization, cloud, and SDN platforms including VMware vSphere, Hyper-V, Xen, KVM, and AWS. FortiGate-VM can be orchestrated in software-defined environments to provide agile and elastic network security services to virtual workloads. Through this demo, you can see how to deploy firewall, intrusion prevention, VPN, antivirus, and other consolidated security functions to virtual workloads, as well as evaluate the easy-to-use web interface and contextual displays.
SDN and Private Cloud Ecosystem
At ADVA Optical Networking, we're creating a new vision for a more connected world. Our award-winning network functions virtualization (NFV) solutions provide our customers with unprecedented choice and flexibility. Our ADVA Ensemble solution suite provides a comprehensive NFV architecture that includes programmable hardware, comprehensive software and end-to-end orchestration solutions.
Amdocs is a leading software and services provider to communications and media companies of all sizes, accelerating the industry’s dynamic and continuous digital transformation. Fortinet VNFs on Amdocs NFV service orchestration platform enable service providers to accelerate innovation and service agility by supporting rapid service chaining and deployment of Fortinet VNFs on customer premises, data centers and public cloud to meet customer preferences and business requirements.
Arista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments.
Big Switch Networks is the market leader in bringing hyperscale-inspired data center networking technologies to a broader audience.
Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.
Cloudify specializes in IT operations automation technology that manages application and network services through open orchestration. The company’s award-winning Cloudify software enhances the velocity and reliability of software deployment, lifecycle management and network functions in cloud-native environments.
Corsa scales security for high capacity networks with Red Armor, a turnkey virtualization platform. The Corsa Red Armor platform is tightly integrated with Fortinet’s FortiGate-VM virtual NGFW to scale traffic inspection capacity seamlessly while maintaining network throughput performance even with full SSL/TLS visibility enabled. This offers unlimited, economical protection for North-South traffic flows at any service provider, enterprise or campus network security zone.
Dell Technologies (NYSE:DELL) is a unique family of businesses that helps organizations and individuals build their digital future and transform how they work and live. The company provides customers with the industry’s broadest and most innovative technology and services portfolio spanning from edge to core to cloud. The Dell Technologies family includes Dell, Dell EMC, Pivotal, RSA, Secureworks, Virtustream and VMware.
Enea develops the software foundation for the connected society. We provide solutions for mobile traffic optimization, subscriber data management, network virtualization, traffic classification, embedded operating systems, and professional services. Solution vendors, systems integrators, and service providers use Enea to create new world-leading networking products and services.
Intel invents at the boundaries of technology to make amazing experiences possible for business and society, and for every person on Earth. To learn more about Intel and our technologies, please visit: www.intel.com
With 50,000+ employees and $51B in global sales in 160 countries, Lenovo is a global leader in providing innovative consumer, commercial and data center technologies. Together with Fortinet, we create solutions that extend security from the Communications Service Provider (CoSP) Core Network to the Edge.
NEC Corporation is a leader in the integration of IT and network technologies that benefit businesses and people around the world.
NoviFlow offers fully programmable networking solutions that can handle complex flows, drive massive throughput, and can scale elegantly. NoviFlow and Fortinet joint solutions accelerate performance and flexibility with on-demand scalability, reduce total solution CAPEX and OPEX and protect TCO.
Nuage Networks, a Nokia Corp subsidiary, brings a unique combination of groundbreaking technologies and unmatched networking expertise to the enterprise and telecommunications industries.
Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform leverages web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.
Pluribus Networks provides data center solutions that allow your business to run unconstrained.
The Refactr DevSecOps automation platform is an all-in-one solution for designing and executing secure automation pipelines that include infrastructure delivery, application configuration, and security actions. Customers can quickly deploy Fortinet’s solutions through pre-built pipelines and leverage existing Fortinet automation content built with open DevOps and security automation tools.
UBiqube is a vendor-agnostic provider of end-to-end network and security orchestration solutions. UBiqube’s MSActivator™ is a multi-tenant software framework enabling the design, automation, and management of services over hybrid communication infrastructures (SDN/NFV/IoT).
VMware is a global leader in cloud infrastructure and business mobility.
- NSX solution brief
- NFV solution brief
- NSX-T solution brief
- Carbon Black Solution brief
- Carbon Black Technical Integration Guide
- Carbon Black Solution Video
常見問題解答
FortiGate-VM 與物理 FortiGate 防火牆有什麼區別?
FortiGate-VM 是屢獲殊榮的物理 FortiGate 產品的虛擬設備形式。 FortiGate-VM 提供與硬體型號一樣的 FortiOS 和 FortiGuard 即時威脅情報,只不過是採用虛擬機的形式。 FortiGate-VM 提供適用於虛擬網路部署的靈活授權和佈建。
對比其他的行業解決方案,FortiGate 虛擬設備有什麼優勢?
在虛擬與物理安全防護上,Fortinet 是市場的領導者。 其出色的能力包括:
- Gartner 2018 年企業防火牆魔力象限領導者
- 以虛擬設備形式提供眾多的網路與安全服務。
- 與 Security Fabric 相整合,提供從物聯網到雲端的廣泛自動化防護。
- 虛擬網域 (VDOM) 提供增強型多租戶服務。
- 市面上效能最高、擴展性最強的的虛擬防火牆。
- 業界最全面的 FortiGuard 安全服務。
- Fabric Connectors 在混合網路上提供自動化安全防護。
Fortinet 可提供哪些不同類型的虛擬設備?
Fortinet 可作為虛擬設備提供眾多 Fabric 網路與安全服務。 除了 FortiGate-VM,還提供以下幾款虛擬設備:
- FortiManager-VM
- FortiAnalyzer-VM
- FortiSIEM-VM
- FortiWeb-VM
- FortiMail-VM
- FortiSandbox-VM
FortiGate-VM 中的虛擬網域 (VDOM) 如何增強多租戶服務能力?
在 FortiGate-VM 中,VDOM 功能可以讓每個 VM 分割其資源,作為多個獨立的防火牆執行,並帶有獨立的安全原則與控制。 這就可以讓單一的 VM 佈建多租戶,並為每個 VDOM 提供精細的安全原則,讓您充分利用規模經濟並降低成本。
我要如何選擇適合我需求的 FortiGate-VM?
在許多管理程式、SDN、雲端技術平台以及在許多不同的 vCPU 模型中都可以使用 FortiGate-VM,它具有眾多的效能規格,可滿足虛擬網路的各種部署需求。 請參閱技術參數表以瞭解詳情。
我可以測試驅動 FortiGate-VM 嗎?
可以。 我們建議您透過 FortiGate-VM 演示 來瞭解 FortiGate 虛擬 NGFW 的強大功能,以及如何部署防火牆、入侵預防、VPN、防毒、將其他整合的安全功能套用到虛擬工作負載中,並體驗易於使用的 Web 介面和內容相關顯示。 若要下載 FortiGate-VM 的免費試用版,請聯絡您當地的 Fortinet 銷售代表。