For Support:
+91-9885129292
server dealers hyderabad

firewall

List of Latest firewall Models

Overview
Protects against known exploits, malware and malicious URLs using continuous threat intelligence provided by FortiGuard Labs security services
Protects against unknown attacks using dynamic analysis and provides automated mitigation to stop targeted attacks

Performance
Delivers industry’s best threat protection performance and ultra-low latency using purpose-built security processor(SPU) technology
Provides industry-leading performance and protection for SSL encrypted traffic

Networking
  • Delivers extensive network interface flexibility with multiple high-speed interface modules 
  • High performance VPN capabilities to inter-connect on-premise 
  • data centers with hosted data center resources in hybrid or public cloud
  • Enables flexible deployment modes that fit into organizations’evolving network infrastructure
Security Fabric
Enables Fortinet and Fabric-ready partners’ products to collaboratively integrate and provide end-to-end security across the entire attack surface
Overview
The FortiGate 7060E is a 8U 19-inch rackmount 6-slot chassis with a 80Gbps fabric and 1Gbps base backplane designed by Fortinet. The fabric backplane provides network data communication and the base backplane provides management and synch communication among the chassis slots.

FortiGate 7060E front panel
The chassis is managed by two redundant management modules. Each module includes an Ethernet connection as well as two switchable console ports that provide console connections to the modules in the chassis slots. The active management module controls chassis cooling and power management and provides an interface for managing the modules installed in the chassis

FIM modules
  • FIM modules are hot swappable interface modules that provide data and management interfaces, base
  • backplane switching and fabric backplane session-aware load balancing for the chassis. The FIM modules
  • include an integrated switch fabric and DP2 processors to load balance millions of data sessions over the chassis
  • fabric backplane to FPM processor modules. The following FIM modules are available:
  • The FIM-7901E includes thirty-two front panel 10GigE SFP+ fabric channel interfaces (A1 to A32). These interfaces are connected to 10Gbps networks. These interfaces can also be configured to operate as Gigabit Ethernet
  • interfaces using SFP transceivers.
  • The FIM-7904E includes eight front panel 40GigE QSFP+ fabric channel interfaces (B1 to B8). These interfaces are
  • connected to 40Gbps networks. Using 40GBASE-SR4 multimode QSFP+ transceivers, each QSFP+ interface can
  • also be split into four 10GBASE-SR interfaces and connected to 10Gbps networks.
  • The FIM-7910E (shown in FIM modules on page 6) includes four front panel 100GigE CFP2 fabric channel
  • interfaces (C1 to C4). These interfaces can be connected to 100Gbps networks. Using 100GBASE-SR10 multimode
  • CFP2 transceivers, each CFP2 interface can also be split into ten 10GBASE-SR interfaces and connected to 10Gbps networks.
  • The FIM-7920E includes four front panel 100GigE QSFP28 fabric channel interfaces (C1 to C4). These interfaces can be connected to 100Gbps networks. Using a 100GBASE-SR4 QSFP28 or 40GBASE-SR4 QSFP+ transceiver, each QSFP28 interface can also be split into four 10GBASE-SR interfaces and connected to 10Gbps networks
FortiGate 7040E Chassis
The FortiGate 7040E is a 6U 19-inch rackmount 4 slot chassis with a 80Gbps fabric and 1Gbps base backplane designed by Fortinet. The fabric backplane provides network data communication and the base backplane provides management and synch communication among the chassis slots. Power is provided to the chassis using three hot swappable 2+1 redundant 100 240 VAC, 50-60 Hz power supply units (PSUs). You can also optionally add a fourth PSU. The FortiGate 7040E can also be equipped with three or four DC PSUs allowing you to connect the chassis to  48V DC power.

FPM 7620E FPM modules
The FPM-7620E modules are hot swappable processor modules that provide FortiOS firewalling and security services. The FPM modules function as workers, processing sessions load balanced to them by the FIM  modules.FPM modules include multiple NP6 network processors and CP9 content processors to accelerate traffic.

FortiGate 7040E back panel
The FortiGate-7040E chassis back panel provides access to three hot swappable cooling fan trays and three hot swappable AC or DC PSUs. A fourth slot is available for including a fourth PSU for additional redundancy. At least two PSUs (PWR1 and PWR2) must be connected to power. PWR4 is a backup power supply. You can add
FortiGate 7030E
The FortiGate 7030E is a 6U 19 inch rackmount 3-slot chassis with a 80Gbps fabric and 1Gbps base backplane designed by Fortinet. The fabric backplane provides network data communication and the base backplane provides management and synch communication among the chassis slots.

FortiGate 7030E front panel
The FortiGate 7030E chassis is managed by a single management module that includes an Ethernet  connection as well as two switchable console ports that provide console connections to the modules in the chassis slots. The management module controls chassis cooling and power management and provides an interface for managing the modules installed in the chassis. The standard configuration of the FortiGate-7030E includes one FIM (interface) module in chassis slot 1 and two FPM (processing) modules in chassis slots 3 and 4. The front panel also includes a sealed blank panel. Breaking the seal or removing the panel voids your FortiGate 7030E warranty.

FortiGate 7030E schematic
The FortiGate 7030E chassis schematic below shows the communication channels between chassis components including the management module (MGMT), the FIM (called FIM1) and the FPMs (FPM3 and FPM4).

The management module (MGMT, with Intelligent Platform Management Bus (IPMB) address 0x20) communicates with all modules in the chassis over the base backplane. Each module, including the management module includes a Shelf Management Controller (SMC). These SMCs support IPMB communication between the management module and the FIM and FPMs for storing and sharing sensor data that the management module uses to control chassis cooling and power distribution. The base backplane also supports serial communications to allow console access from the management module to all modules, and 1Gbps Ethernet communication for management and heartbeat communication between modules.

FIM1 (IPMB address 0x82) is the FIM in slot 1. The interfaces of this module connect the chassis to data networks and can be used for Ethernet management access to chassis components. The FIM includes DP2 processors that distribute sessions over the Integrated Switch Fabric (ISF) to the NP6 processors in the FPMs. Data sessions are communicated to the FPMs over the 80Gbps chassis fabric backplane.

FPM3 and FPM4 (IPMB addresses 0x86 and 0x88) are the FPM processor modules in slots 3 and 4. These worker modules process sessions distributed to them by the FIM. FPMs include NP6 processors to offload sessions from the FPM CPU and CP9 processors that accelerate content processing.
FortiGate 5001E and FortiGate 5001E1 security system
The FortiGate 5001E security system is a high-performance Advanced Telecommunications Computing Architecture (ATCA) compliant FortiGate security system that can be installed in any ATCA chassis that can provide sufficient power and cooling. The FortiGate-5001E1 security system adds an internal 480 GByte SSD log disk. In all other ways the FortiGate-5001E and the FortiGate-5001E1 are identical.

The FortiGate 5001E security system contains two front panel 40GigE QSFP+ fabric channel interfaces, two front panel 10GigE SFP+ fabric channel interfaces, two base backplane 1Gbps base channel interfaces, and two fabric backplane 40Gbps interfaces. The front panel SFP+ interfaces can also operate as Gigabit Ethernet interfaces using SFP transceivers. Use the front panel interfaces for connections to your networks and the backplane interfaces for communication across the ATCA chassis backplane. The FortiGate-5001E also includes two front panel 10/100/1000BASE-T out of band management Ethernet interfaces, one RJ45 front panel serial console port, and one front panel USB port.

Front panel components
From the FortiGate-5001E front panel you can view the status of the front panel LEDs to verify that the board is functioning normally. You also connect the FortiGate-5001E to your 40-gigabit network using the front panel QSFP+ connectors and to your 10-gigabit network using the front panel SFP+ or SFP  connectors. The front panel also includes two Ethernet management interfaces, an RJ-45 console port for connecting to the FortiOS CLI and a USB port. The USB port can be used with any USB key for backing up and restoring configuration files.
Overview:
Ultra High-Performance Network Security
Digital enterprises are processing vast amounts of encrypted traffic and content rich data along with an increased emphasis on optimized user experiences. The digital attack surface has spawned new, complex forms of attacks that require advanced protection to be applied at anytime, anywhere the threat is discovered. Today’s next-generation firewalls (NGFWs) must reliably handle large volumes of network and cloud traffic, provide consolidated advanced security in a smaller, more efficient physical footprint, and accommodate new security requirements such as extensive inspection of encrypted traffic for sophisticated malware without impacting performance.

The new FortiGate 6000 NGFW appliances feature the latest Fortinet innovation, to deliver leading edge security, performance, and connectivity for the most demanding network needs. The 6000 series combines unprecedented threat protection and SSL inspection performance in an easy to manage, compact appliance.
Overview:
Ultra High-Performance Network Security
Digital enterprises are processing vast amounts of encrypted traffic and content rich data along with an increased emphasis on optimized user experiences. The digital attack surface has spawned new, complex forms of attacks that require advanced protection to be applied at anytime, anywhere the threat is discovered. Today’s next-generation firewalls (NGFWs) must reliably handle large volumes of network and cloud traffic, provide consolidated advanced security in a smaller, more efficient physical footprint, and accommodate new security requirements such as extensive inspection of encrypted traffic for sophisticated malware without impacting performance.

The new FortiGate 6000 NGFW appliances feature the latest Fortinet innovation, to deliver leading edge security, performance, and connectivity for the most demanding network needs. The 6000 series combines unprecedented threat protection and SSL inspection performance in an easy to manage, compact appliance.
Security Fabric
The Security Fabric allows security to dynamically expand andadapt as more and more workloads and data are added. Security seamlessly follows and protects data, users, and applications as they move between IoT, devices, and cloud environment throughout the network. FortiGates are the foundation of Security Fabric, expanding security via visibility and control by tightly integrating with other Fortinet security products and Fabric-Ready Partner solutions.

FortiOS
Control all the security and networking capabilities across the entire FortiGate platform with one intuitive operating system. Reduce operating expenses and save time with a truly consolidated nextgeneration security platform. 
  • Powered by SPU
  • Custom SPU processors deliver the power you need to detect malicious content at multi-Gigabit speeds
  • Other security technologies cannot protect against today’s wide range of content- and connection-based
  • threats because they rely on general-purpose CPUs, causing a dangerous performance gap SPU processors provide the performance needed to block emerging threats, meet rigorous third-party certifications, and ensure that your network security solution does not become a network bottleneck
Overview:
The FortiGate 3900E series delivers high performance threat protection for mid-sized to large enterprises and service providers, with the flexibility to be deployed at the Internet or cloud edge, in the data center core or internal segments. The multiple high-speed interfaces, high port density, industry-leading security efficacy and high throughput of the 3900E series keeps your network connected and secure.

Security
Protects against known exploits, malware and malicious URLs using continuous threat intelligence provided by FortiGuard Labs security services
Protects against unknown attacks using dynamic analysis and provides automated mitigation to stop targeted attacks

Performance
  • Delivers industry's best threat protection performance and ultra-low latency using purpose-built security processor (SPU) technology
  • Unprecedented 1 Terabit/second network firewall throughput in an appliance form factor for FortiGate 3980E
  • Provides industry-leading performance and protection for SSL encrypted traffic

Certification
  • Independently tested and validated best security effectiveness and performance
  • Received unparalleled third-party certifications from NSS Labs, ICSA, Virus Bulletin and AV Comparatives

Networking
  • Delivers extensive routing, high-speed interfaces, and high performance VPN capabilities to address performance and connectivity needs of large-scale data center and cloud applications
  • Enables flexible deployment such as Next Generation Firewall and Secure SD-WAN
Overview:
Fortinet's FortiGate 3800D Series are the only security appliances capable of delivering an unprecedented 300+ Gbps throughput, while also featuring 100 GE interface ports and IPv4 to IPv6 performance parity integral in supporting next generation fabric.

Fortinet Enterprise Firewall Solution
The Fortinet Enterprise Firewall Solution delivers end-to-end network security with one platform, one network security operating system and unified policy management with a single pane of glass — for the industry's best protection against the most advanced security threats and targeted attacks.

Future-Proofing the Next Generation Data Center
They deliver their breakthrough performance and protection in a compact 3U form factor with six 100 GE interfaces that preserve scarce rack space while maximizing capacity. Powered by the new FortiASIC NP6 processor, the FortiGate 3800D Series allow customers to build 100G data centers without worrying about high speed connectivity or throughput of the core firewall.
  • Flexible Deployment
  • The FortiGate 3800D Series give you the flexibility to choose the firewall personality that best fits your requirements at the Edge or Core. You can take advantage of the high port density for physical segmentation of your network, as well as the virtual domains (VDOMs) for virtual segmentation.
  • Industry-leading 10x data center firewall offers exceptional throughput and ultra-low latency
  • Highly available and Virtual Domain (VDOM) support for multi-tenant data center environment
  • Integrated high-speed 10 GE+ port delivers maximum flexibility and scalability
  • Intuitive management interface enables broad and deep visibility and control
  • NSS Labs Recommended consolidated security delivers top-rated protection
Overview:
The FortiGate 3700D high performance, high capacity data center firewall provides exceptional performance of 160 Gbps and ultra-low latency, ensuring your data center security solution doesn't become your data center bottleneck.

Eliminate Security Bottlenecks
It delivers this breakthrough performance and protection in a compact 3U form factor with four 40 GE and 28 10 GE interfaces that preserves scarce rack space while maximizing capacity. Powered by the new FortiASIC NP6 processor, the FortiGate 3700D is the first data center appliance to deliver performance parity for IPv4 and IPv6 traffic and dramatically increases VPN performance, enabling you to keep pace with your evolving network.

Flexible Deployment
The FortiGate 3700D gives you the flexibility to choose the firewall personality that best fits your requirements at the Edge or Core. You can take advantage of the high port density for physical segmentation of your network, as well as the virtual domains (VDOMs) for virtual segmentation.
  • Performance and Reliability for High Bandwidth Networks
  • Breakthrough IPv4 to IPv6 firewall performance parity
  • Flexible firewall personalities enable deployment at the Edge or Core
  • Compact 3U footprint conserves rack space and minimizes energy consumption
  • Freedom to add integrated security technologies (such as IPS, App Control, VPN)
  • Cloud-ready multi-tenant support and APIs for rapid orchestration
  • FortiOS 5 delivers the most complete, battle-tested set of security functions to protect your network and data
Overview:
Today’s data centers require security appliances that deliver exceptional performance, deployment flexibility and extensive security features, to protect the most demanding network environments. The FortiGate 3200D device is ideally suited for network segmentation and internal network threat protection in data centers with its 48 10 GE interfaces.

10 Times Data Center Firewall Performance
The FortiGate 3200D appliance provides up to 80 Gbps of firewall throughput through the use of innovative FortiASIC processors and the latest generation of multi-core CPUs. Impressive consolidated security performance and support for a variety of configurations ensure that essential security functions keep up with the rest of your network.

Future-proof Security
The system also provides technologies that include robust networking capabilities and extensible security features, all managed from an intuitive management console with deep insight offerings, enabling you to keep pace with your evolving network.

Features & Benefits
  • Industry-leading 10x data center firewall offers exceptional throughput and ultra-low latency
  • Highly available and Virtual Domain (VDOM) support for multi-tenant data center environment
  • Integrated high-speed 10 GE+ port delivers maximum flexibility and scalability
  • Intuitive management interface enables broad and deep visibility and control
  • NSS Labs Recommended consolidated security delivers top-rated protection
Overview:
Today’s data centers require security appliances that deliver exceptional performance, deployment flexibility and extensive security features, to protect the most demanding network environments. The FortiGate 3100D device is ideally suited for network segmentation and internal network threat protection in data centers with its 32 10 GE interfaces.

10 Times Data Center Firewall Performance
The FortiGate 3100D appliance provides up to 80 Gbps of firewall throughput through the use of innovative FortiASIC processors and the latest generation of multi-core CPUs. Impressive consolidated security performance and support for a variety of configurations ensure that essential security functions keep up with the rest of your network.

Future-proof Security
The system also provides technologies that include robust networking capabilities and extensible security features, all managed from an intuitive management console with deep insight offerings, enabling you to keep pace with your evolving network.

Features & Benefits
  • Industry-leading 10x data center firewall offers exceptional throughput and ultra-low latency
  • Highly available and Virtual Domain (VDOM) support for multi-tenant data center environment
  • Integrated high-speed 10 GE+ port delivers maximum flexibility and scalability
  • Intuitive management interface enables broad and deep visibility and control
  • NSS Labs Recommended consolidated security delivers top-rated protection
Overview:
Today’s data centers require security appliances that deliver exceptional performance, deployment flexibility and extensive security features, to protect the most demanding network environments. The FortiGate 3100D device is ideally suited for network segmentation and internal network threat protection in data centers with its 32 10 GE interfaces.

10 Times Data Center Firewall Performance
The FortiGate 3100D appliance provides up to 80 Gbps of firewall throughput through the use of innovative FortiASIC processors and the latest generation of multi-core CPUs. Impressive consolidated security performance and support for a variety of configurations ensure that essential security functions keep up with the rest of your network.

Future-proof Security
The system also provides technologies that include robust networking capabilities and extensible security features, all managed from an intuitive management console with deep insight offerings, enabling you to keep pace with your evolving network.

Features & Benefits
  • Industry-leading 10x data center firewall offers exceptional throughput and ultra-low latency
  • Highly available and Virtual Domain (VDOM) support for multi-tenant data center environment
  • Integrated high-speed 10 GE+ port delivers maximum flexibility and scalability
  • Intuitive management interface enables broad and deep visibility and control
  • NSS Labs Recommended consolidated security delivers top-rated protection
Security Fabric
The Security Fabric allows security to dynamically expand and adapt as more and more workloads and data are added. Security seamlessly follows and protects data, users, and applications as they move between IoT, devices, and cloud environments throughout the network. FortiGates are the foundation of Security Fabric, expanding security via visibility and control by tightly integrating with other Fortinet security products and Fabric-Ready Partner solutions

FortiOS
Control all the security and networking capabilities across the entire FortiGate platform with one intuitive operating system. Reduce operating expenses and save time with a truly consolidated nextgeneration security platform.
Overview
The FortiGate network appliances represent the enterprise firewall platforms. FortiGate is based on FortiASIC, a purpose-built integrated architecture, that provides extremely high throughput and exceptionally low latency, while delivering excellent security effectiveness and consolidation. Targeted for large enterprises, the FortiGate 2000E delivers high NGFW and SSL inspection performance along with high port density and dual power supply for maximum flexibility.
Overview:
Every day you’re on the lookout for sophisticated attacks designed to penetrate your organization and steal valuable information. At the same time, you need to increase network speeds and capacities to accommodate the proliferation of consumergrade applications and devices. To adequately defend against threats across such a broad range of applications and devices- without slowing down your network- you need a high performance next generation/edge firewall (NGFW) appliance for deep inspection, visibility and control.

Breakthrough Performance
The FortiGate-1500D high performance next generation/edge firewall delivers best in class performance with an exceptional 80 Gbps of firewall and 11 Gbps of next generation threat protection. Custom hardware, including the latest FortiASIC™ NP6 processors, and the consolidated security features of the FortiOS™ 5 network security platform make the difference in enabling protection of your applications and network without affecting availability or performance.

Deeper Visibility
With powerful intrusion prevention, application control and antimalware intelligence, the FortiGate-1500D allows you to look deeper into your content, applications, user and device behavior. Rich console views and reports together with a flexible policy engine provide the visibility and control you need to empower employees yet secure your enterprise.
  • Next Generation Visibility and Control
  • Powerful application and threat inspection
  • Breakthrough performance, and superior cost per gigabit protected
  • User- and device-based views and policies
  • Freedom to add more functions like Advanced Threat
  • Protection and Secure Web Gateway
  • FortiOS 5, the most complete, battletested set of security functions to protect your network and data
Overview:
Enterprises require a high-speed, high-capacity firewall to stay ahead of ever-increasing network performance requirements as well as continued evolution of the threat landscape, at data center and campus locations.

Eliminate Security Bottlenecks
With 52 Gbps of firewall throughput and low latency, the FortiGate 1200D represents an excellent entry model for small data centers and delivers a high-performance, high-capacity data center firewall. IPv6 parity, 10 GE ports and dramatic increases in VPN performance enable you to keep pace with your evolving network.

Deeper Visibility
At the same time, 11 Gbps of next generation threat prevention performance allows you to run top-rated intrusion prevention, application control and antimalware capabilities for deeper inspection of content, applications, user and device activity. Rich console views and reports together with a flexible policy engine provide the visibility and control to empower employees yet secure your enterprise.

Breakthrough Performance
This breakthrough performance — including 10x data center and 5x next generation performance — is made possible by custom hardware, including the latest FortiASIC™ NP6 and CP8 processors, as well as the consolidated security features of the FortiOS network security platform.
  • High Performance, Reliability and Security
  • 10x data center and 5x next generation performance
  • Top rated security capabilities
  • Flexible firewall personalities for core or edge deployment
  • Low latency and IPv6 parity
NP Direct
By removing the Internal Switch Fabric, the NP Direct architecture provides direct access to the SPU-NP for the lowest latency forwarding. NGFW deployments require some attention to network design to ensure optimal use of this technology

Content Processor
The SPU CP8 content processor works outside of the direct flow of traffic, providing high-spee cryptography and content inspection
services including:
Signature-based content inspection acceleration
Encryption and decryption offloading

FortiOS
Control all the security and networking capabilities across the entire FortiGate platform with one intuitive operating system. Reduce operating expenses and save time with a truly consolidated next generation security platform. 

FortiCare Support Services
Our FortiCare customer support team provides global technical support for all Fortinet products. With support staff in the Americas, Europe, Middle East and Asia, FortiCare offers services to meet the needs of enterprises of all sizes:
Enhanced Support — For customers who need support during local business hours only.
Comprehensive Support — For customers who need aroundthe-clock mission critical support, including advanced exchange hardware replacement.
Advanced Services — For global or regional customers who need an assigned Technical Account Manager, enhanced service level agreements, extended software support, priority
escalation, on-site visits and more.
Professional Services — For customers with more complex security implementations that require architecture and design services, implementation and deployment services, operational services and more.
Overview:
With network bandwidth requirements doubling every 18 months and increases in sophisticated cyber threats, enterprise organizations with large branch offices know they need high-speed network security that also delivers highly effective next generation security.

5 Times Next Generation Firewall Performance
The FortiGate 900D appliance delivers superior performance through a combination of purpose-built FortiASIC™ processors, high port density with 10 GE ports and consolidated security features from the FortiOS™ operating system. It delivers 5 times better next generation firewall performance compared to alternate products and provides the best price/performance in the industry.

Deeper Visibility and Top-rated Security
This breakthrough threat prevention performance allows organizations to run NSS Labs Recommended intrusion prevention and application control and VB100 certified antimalware capabilities for deeper inspection. Rich console views and reports together with a flexible policy engine provide the visibility and control to empower employees yet secure your enterprise.

Finally, these features of the FortiGate FortiOS Network Security Platform are routinely validated by independent real-world tests and are consistently getting superior ratings in security effectiveness.

Features & Benefits
  • 5 times faster hardware accelerated next generation firewall offers best-in-class price/performance ratio
  • Integrated high port density delivers maximum flexibility and scalability
  • NSS Labs Recommended NGFW and NGIPS with consolidated security delivers top-rated protection
  • Application control plus identity and device-based policy enforcement provides more granular protection
  • Intuitive management interface enables broad and deep visibility that scales from a single FortiGate to thousands
Overview:
With network bandwidth requirements doubling every 18 months and increases in sophisticated cyber threats, enterprise organizations with large branch offices know they need high-speed network security that also delivers highly effective next generation security.

Superior Next Generation Firewall Performance
The FortiGate 800D appliance delivers superior performance through a combination of purpose-built FortiASIC processors, high port density with 10 GE ports and consolidated security features from the FortiOS operating system. It delivers better next generation firewall performance compared to alternate products and provides the best price/performance in the industry.

Deeper Visibility and Top-rated Security
  • This breakthrough threat prevention performance allows organizations to run NSS Labs Recommended intrusion prevention and application control and VB100 certified antimalware capabilities for deeper inspection. Rich console views and reports together with a flexible policy engine provide the visibility and control to empower employees yet secure your enterprise.
  • Finally, these features of the FortiGate FortiOS Network Security Platform are routinely validated by independent real-world tests and are consistently getting superior ratings in security effectiveness.
Overview:
With network bandwidth requirements doubling every 18 months and increases in sophisticated cyber threats, enterprise organizations with large branch offices know they need high-speed network security that also delivers highly effective next generation security.

Superior Next Generation Firewall Performance
The FortiGate 800D appliance delivers superior performance through a combination of purpose-built FortiASIC processors, high port density with 10 GE ports and consolidated security features from the FortiOS operating system. It delivers better next generation firewall performance compared to alternate products and provides the best price/performance in the industry.

Deeper Visibility and Top-rated Security
  • This breakthrough threat prevention performance allows organizations to run NSS Labs Recommended intrusion prevention and application control and VB100 certified antimalware capabilities for deeper inspection. Rich console views and reports together with a flexible policy engine provide the visibility and control to empower employees yet secure your enterprise.
  • Finally, these features of the FortiGate FortiOS Network Security Platform are routinely validated by independent real-world tests and are consistently getting superior ratings in security effectiveness.
Security Fabric
The Security Fabric allows security to dynamically expand and adapt as more and more workloads and data are added. Security seamlessly follows and protects data, users, and applications as they move between IoT, devices, and cloud environments throughout the network. FortiGates are the foundation of Security Fabric, expanding security via visibility and control by tightly integrating with other Fortinet security products and Fabric-Ready Partner solutions.

FortiOS
Control all the security and networking capabilities across the entire FortiGate platform with one intuitive operating system. Reduce operating expenses and save time with a truly consolidated nextgeneration security platform. 

Network Processor
  • Fortinet’s new, breakthrough SPU NP6 network processor works inline with FortiOS functions delivering:
  • Superior firewall performance for IPv4/IPv6, SCTP and multicast traffic with ultra-low latency down to 2 microseconds
  • VPN, CAPWAP and IP tunnel acceleration
  • Anomaly-based intrusion prevention, checksum offload and
  • packet defragmentation
  • Traffic shaping and priority queuing
Security
Protects against known exploits, malware and malicious websites using continuous threat intelligence provided by FortiGuard Labs security services
Identify thousands of applications including cloud applications for deep inspection into network traffic
Protects against unknown attacks using dynamic analysis and provides automated mitigation to stop targeted attacks

Performance
Delivers industry’s best threat protection performance and ultra-low latency using purpose-built security processor (SPU) technology
Provides industry-leading performance and protection for SSL encrypted traffic

Networking
Delivers extensive routing, switching, wireless controller and high performance IPsec VPN capabilities to consolidate networking and security functionality
Enables flexible deployment such as Next Generation Firewall and Secure SD-WAN

Management
Single Pane of Glass with Network Operations Center (NOC) view provides 360° visibility to identify issues quickly and intuitively
Predefined compliance checklist analyzes the deployment and highlights best practices to improve overall security posture
Security
Protects against known exploits, malware and malicious websites using continuous threat intelligence provided by FortiGuard Labs security services
Identify thousands of applications including cloud applications for deep inspection into network traffic
Protects against unknown attacks using dynamic analysis and provides automated mitigation to stop targeted attacks

Performance
Delivers industry’s best threat protection performance and ultra-low latency using purpose-built security processor (SPU) technology
Provides industry-leading performance and protection for SSL encrypted traffic

Networking
Delivers extensive routing, switching, wireless controller and high performance IPsec VPN capabilities to consolidate networking and security functionality
Enables flexible deployment such as Next Generation Firewall and Secure SD-WAN

Management
Single Pane of Glass with Network Operations Center (NOC) view provides 360° visibility to identify issues quickly and intuitively
Predefined compliance checklist analyzes the deployment and highlights best practices to improve overall security posture
Overview:
The Fortinet Enterprise Firewall Solution
The FortiGate 100E series delivers next generation firewall capabilities for mid-sized to large enterprises, with the flexibility to be deployed at the campus or enterprise branch. Protect against cyber threats with security processor powered high performance, security efficacy and deep visibility.

Security
Protects against known exploits, malware and malicious websites using continuous threat intelligence provided by FortiGuard Labs security services
Identify thousands of applications including cloud applications for deep inspection into network traffic
Detects unknown attacks using dynamic analysis and provides automated mitigation to stop targeted attacks

Performance
Delivers industry’s best threat protection performance and ultra-low latency using purpose built-security processor (SPU) technology
Provides industry-leading performance and protection for SSL encrypted traffic

Networking
Delivers an extensive routing, switching, wireless controller and high performance IPsec VPN capabilities to consolidate networking and security functionality
Enables flexible deployment such as Next Generation Firewall and Secure SD-WAN
Install in Minutes with FortiExplorer
The FortiExplorer  wizard enables easy setup and configuration coupled with easy-to-follow instructions. FortiExplorer runs on popular mobile devices like Android and iOS. Using FortiExplorer is as simple as starting the application and connecting to the appropriate USB port on the FortiGate. By using FortiExplorer, you can be up and running and protected in minutes.

3G/4G WAN Connectivity
The FortiGate 90E includes USB ports that allow you to plug in a compatible third-party 3G/4G USB modem, providing additional WAN connectivity or a redundant link for maximum reliability

Compact and Reliable Form Factor
Designed for small environments, you can simply place the FortiGate 90E on a desktop. It is small, lightweight yet highly reliable with superior MTBF (Mean Time Between Failure), minimizing the chance of a network disruption.

Security Fabric
The Security Fabric allows security to dynamically expand and adapt as more and more workloads and data are added. Security seamlessly follows and protects data, users, and applications as they move between IoT, devices, and cloud environments throughout the network.
Overview:
The Fortinet Enterprise Firewall Solution
The FortiGate 100E series delivers next generation firewall capabilities for mid-sized to large enterprises, with the flexibility to be deployed at the campus or enterprise branch. Protect against cyber threats with security processor powered high performance, security efficacy and deep visibility.

Security
Protects against known exploits, malware and malicious websites using continuous threat intelligence provided by FortiGuard Labs security services
Identify thousands of applications including cloud applications for deep inspection into network traffic
Detects unknown attacks using dynamic analysis and provides automated mitigation to stop targeted attacks

Performance
Delivers industry’s best threat protection performance and ultra-low latency using purpose built-security processor (SPU) technology
Provides industry-leading performance and protection for SSL encrypted traffic

Networking
Delivers an extensive routing, switching, wireless controller and high performance IPsec VPN capabilities to consolidate networking and security functionality
Enables flexible deployment such as Next Generation Firewall and Secure SD-WAN
Install in Minutes with FortiExplorer
The FortiExplorer  wizard enables easy setup and configuration coupled with easy-to-follow instructions. FortiExplorer runs on popular mobile devices like Android and iOS. Using FortiExplorer is as simple as starting the application and connecting to the appropriate USB port on the FortiGate. By using FortiExplorer, you can be up and running and protected in minutes.

3G/4G WAN Connectivity
The FortiGate 90E includes USB ports that allow you to plug in a compatible third-party 3G/4G USB modem, providing additional WAN connectivity or a redundant link for maximum reliability

Compact and Reliable Form Factor
Designed for small environments, you can simply place the FortiGate 90E on a desktop. It is small, lightweight yet highly reliable with superior MTBF (Mean Time Between Failure), minimizing the chance of a network disruption.

Security Fabric
The Security Fabric allows security to dynamically expand and adapt as more and more workloads and data are added. Security seamlessly follows and protects data, users, and applications as they move between IoT, devices, and cloud environments throughout the network.
Overview:
The Fortinet Enterprise Firewall Solution
The FortiGate 100E series delivers next generation firewall capabilities for mid-sized to large enterprises, with the flexibility to be deployed at the campus or enterprise branch. Protect against cyber threats with security processor powered high performance, security efficacy and deep visibility.
  • Security
  • Protects against known exploits, malware and malicious websites using continuous threat intelligence provided by FortiGuard Labs security services
  • Identify thousands of applications including cloud applications for deep inspection into network traffic
  • Detects unknown attacks using dynamic analysis and provides automated mitigation to stop targeted attacks

Performance
Delivers industry’s best threat protection performance and ultra-low latency using purpose built-security processor (SPU) technology
Provides industry-leading performance and protection for SSL encrypted traffic

Networking
Delivers an extensive routing, switching, wireless controller and high performance IPsec VPN capabilities to consolidate networking and security functionality
Enables flexible deployment such as Next Generation Firewall and Secure SD-WAN
Overview:
The FortiGate/FortiWiFi 30E are compact, cost effective, all-in-one security appliances that deliver Fortinet’s Connected UTM. Ideal for small business, remote, customer premise equipment (CPE) and retail networks, these appliances offer the network security, connectivity and performance you need.

High Performance Network Security
Built on the foundation FortiOS 5, the FortiGate/FortiWiFi 30E series provides an integrated set of essential security technologies to protect all of your applications and data. You get advanced threat protection, including firewall, application control, advanced threat protection, IPS, VPN, and web filtering, all from one device that’s easy to deploy and manage. With our FortiGuard® security subscription services you’ll have automated protection against today’s sophisticated threats.

Advanced Features
The FortiGate/FortiWiFi 30E offers beyond the industry’s best firewall with the latest in Advanced Threat Protection including Sandboxing and anti-bot protection, Feature Select Options for simplifying configurations and deployments, and Contextual Visibility for enhanced reporting and management.

VDOMs on the FortiGate/FortiWiFi 30E let you segment networks to enable guest and employee access, or protect things like cardholder data. You get the flexibility to match your business needs and meet compliance standards like PCI and HIPAA.
Security Fabric
The Security Fabric allows security to dynamically expand and adapt as more and more workloads and data are added. Security seamlessly follows and protects data, users, and applications as they move between IoT, devices, and cloud environments throughout the network. FortiGates are the foundation of Security Fabric, expanding security via visibility and control by tightly integrating with other Fortinet security products and Fabric-Ready Partner solutions.

FortiOS
Control all the security and networking capabilities across the entire FortiGate platform with one intuitive operating system. Reduce operating expenses and save time with a truly consolidated nextgeneration security platform.
Simplified management and lower costs
Get visibility into and control over activity across your network. Gain insight into users, apps, devices, threats, files, and vulnerabilities.

Unified security services and task automation
Our integrated approach to threat defense reduces capital and operating costs as well as administrative complexity by consolidating multiple security services in a single platform. Automate security tasks to increase agility and speed remediation.

Wide range of sizes and form factors
We have the platform for you: standalone options for small and midsize businesses, ruggedized appliances for extreme environments, midsize appliances for security at the Internet edge, and high-performance appliances for enterprise data centers.

Highly effective in threat protection
Highly effective threat prevention and a full contextual awareness of users, infrastructure, applications, and content help you detect multi vector threats and automate the defense response.

Low cost of ownership
Effective breach detection with low total cost of ownership offers protection value. Discover, understand, and stop malware and emerging threats missed by other security layers.
Superior business resiliency and protection
Gain business resiliency through superior security with sustained performance. The Firepower 2100 Series has an innovative dual multicore CPU architecture that optimizes firewall, cryptographic, and threat inspection functions simultaneously. Now, achieving security doesn’t come at the expense of network performance. 

Optimized performance and port density
Firewall throughput speeds from 2 Gbps to 8.5 Gbps. Support for sixteen (16) 1 GE ports on the low-end models. The high-end models support up to twenty-four (24) 1 GE ports or up to sixteen (16) 10 GE ports. All in a 1RU form factor. 

Innovative architecture
With its unique dual-CPU, multicore architecture, the 2100 maintains throughput performance when threat inspection is activated by routing different workloads to different chips. And enabling the threat protection features does not affect the firewall throughput.

Management to meet your needs
Cisco Firepower NGFW is now even less time-consuming to configure and less costly to manage. You can choose from local, centralized, and cloud-based managers that fit your environment and the way you work.
Better security, faster speeds, smaller footprint
Stop more threats with our fully integrated next-generation firewall (NGFW) platform. The 4100 Series’ 1-rack-unit size is ideal at the Internet edge and in high-performance environments. It shows you what’s happening on your network, detects attacks earlier so you can act faster, and reduces management complexity.

Performance and density optimized
Key capabilities include support for 1/10/40 Gigabit Ethernet interfaces, up to 60 Gbps stateful firewall throughput, low latency, and a 1 RU form factor.

Unified management
Reduce complexity and simplify operations. Consolidate all security functions in a single management interface. It automatically prioritizes security events, recommends tailored security protections, and tracks and contains malware infections.
Modular security platform for service providers 
This carrier-grade platform is ideal for data centers and other high-performance settings that require low latency and high throughput. Deliver scalable, consistent security to workloads and data flows across physical, virtual, and cloud environments. With tightly integrated services, the Firepower 9000 Series lowers costs and supports open, programmable networks. 

Scalable multiservice security
Eliminate security gaps. Integrate and provision multiple Cisco and Cisco partner security services dynamically across the network fabric. See and correlate policy, traffic, and events across multiple services. 

Expandable security modules
Flexibly scale your security performance. Meet business agility needs and enable rapid provisioning. 

Carrier-grade performance
NEBS-compliant configurations available. Elevate threat defense and network performance with low-latency, large flow handling, and orchestration of security services. Protect Evolved Programmable Network, Evolved Services Platform, and Application Centric Infrastructure architectures.
Overview:
Meet the industry’s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER Services delivers integrated threat defense for the entire attack continuum - before, during, and after an attack - by combining the proven security capabilities of the Cisco ASA firewall with the industry-leading Sourcefire threat and advanced malware protection features together in a single device. The solution uniquely extends the capabilities of the Cisco ASA 5500-X Series Next-Generation Firewalls beyond what today’s NGFW solutions are capable of.

Superior Multilayered Protection
Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA with FirePOWER Services features these comprehensive capabilities:
  • Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
  • Granular Application Visibility and Control (AVC) supports more than 3,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
  • The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.
  • Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
  • AMP provides industry-leading breach detection effectiveness, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.
Unprecedented Network Visibility
  • Cisco ASA with FirePOWER Services is centrally managed by the Cisco FireSIGHT Management Center. Management Center provides security teams with comprehensive visibility into and control over activity within the network. Such visibility includes users, devices, communication between virtual machines, vulnerabilities, threats, client-side applications, files, and websites. Holistic, actionable indications of compromise (IoCs) correlate detailed network and endpoint event information and provide further visibility into malware infections.
  • Management Center also provides content awareness with malware file trajectory that aids infection scoping and root cause determination to speed time to remediation.
  • Cisco Security Manager provides scalable and centralized network operations workflow management. It integrates a powerful suite of capabilities; including policy and object management, event management, reporting, and troubleshooting for Cisco ASA firewall functions. For small-scale and simple deployments, the Cisco Adaptive Security Device Manager (ASDM) is available to provide on-device, GUI-based firewall network operations management.
  • Cisco’s enterprise-class management tools help administrators reduce complexity with unmatched visibility and control across NGFW deployments.
Reduced Costs and Complexity
  • Cisco ASA with FirePOWER Services incorporates an integrated approach to threat defense, reducing capital and operating costs and administrative complexity. It smoothly integrates with the existing IT environment, work stream, and network fabric. The purpose-built appliance family is highly scalable, performs at up to multigigabit speeds, and provides consistent and robust security across branch, Internet edge, and data centers in both physical and virtual environments.
  • With Cisco FireSIGHT Management Center, administrators can streamline operations to correlate threats, assess their impact, automatically tune security policy, and easily attribute user identities to security events. Management Center continually monitors how the network is changing over time. New threats are automatically assessed to determine which can affect your business. Response efforts are then focused on remediation, and network defenses are adapted to changing threat conditions. Critical security activities such as policy tuning are automated, saving time and effort, while protections and countermeasures are maintained in an optimal state.
  • Cisco FireSIGHT Management Center integrates easily with third-party security solutions through the eStreamer API to streamline operation workflows and fit existing network fabrics.
Overview:
Meet the industry’s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER Services delivers integrated threat defense for the entire attack continuum - before, during, and after an attack - by combining the proven security capabilities of the Cisco ASA firewall with the industry-leading Sourcefire threat and advanced malware protection features together in a single device. The solution uniquely extends the capabilities of the Cisco ASA 5500-X Series Next-Generation Firewalls beyond what today’s NGFW solutions are capable of.

Superior Multilayered Protection
Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA with FirePOWER Services features these comprehensive capabilities:
  • Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
  • Granular Application Visibility and Control (AVC) supports more than 3,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
  • The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.
  • Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
  • AMP provides industry-leading breach detection effectiveness, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.
Superior Multilayered Protection
Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA with FirePOWER Services features these comprehensive capabilities:

  • Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
  • Granular Application Visibility and Control (AVC) supports more than 3,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
  • The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.
  • Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
  • AMP provides industry-leading breach detection effectiveness, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.
Unprecedented Network Visibility
Cisco ASA with FirePOWER Services is centrally managed by the Cisco FireSIGHT Management Center. Management Center provides security teams with comprehensive visibility into and control over activity within the network. Such visibility includes users, devices, communication between virtual machines, vulnerabilities, threats, client-side applications, files, and websites. Holistic, actionable indications of compromise (IoCs) correlate detailed network and endpoint event information and provide further visibility into malware infections.
Overview:
Meet the industry’s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER Services delivers integrated threat defense for the entire attack continuum - before, during, and after an attack - by combining the proven security capabilities of the Cisco ASA firewall with the industry-leading Sourcefire threat and advanced malware protection features together in a single device. The solution uniquely extends the capabilities of the Cisco ASA 5500-X Series Next-Generation Firewalls beyond what today’s NGFW solutions are capable of

Superior Multilayered Protection
Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA with FirePOWER Services features these comprehensive capabilities:
  • Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
  • Granular Application Visibility and Control (AVC) supports more than 3,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
  • The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.
  • Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
  • AMP provides industry-leading breach detection effectiveness, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.

Reduced Costs and Complexity
Cisco ASA with FirePOWER Services incorporates an integrated approach to threat defense, reducing capital and operating costs and administrative complexity. It smoothly integrates with the existing IT environment, work stream, and network fabric. The purpose-built appliance family is highly scalable, performs at up to multigigabit speeds, and provides consistent and robust security across branch, Internet edge, and data centers in both physical and virtual environments.
Unprecedented Network Visibility
Cisco ASA with FirePOWER Services is centrally managed by the Cisco FireSIGHT Management Center. Management Center provides security teams with comprehensive visibility into and control over activity within the network. Such visibility includes users, devices, communication between virtual machines, vulnerabilities, threats, client-side applications, files, and websites. Holistic, actionable indications of compromise (IoCs) correlate detailed network and endpoint event information and provide further visibility into malware infections.

Management Center also provides content awareness with malware file trajectory that aids infection scoping and root cause determination to speed time to remediation.

Cisco Security Manager provides scalable and centralized network operations workflow management. It integrates a powerful suite of capabilities; including policy and object management, event management, reporting, and troubleshooting for Cisco ASA firewall functions. For small-scale and simple deployments, the Cisco Adaptive Security Device Manager (ASDM) is available to provide on-device, GUI-based firewall network operations management.

Cisco’s enterprise-class management tools help administrators reduce complexity with unmatched visibility and control across NGFW deployments.

Reduced Costs and Complexity
Cisco ASA with FirePOWER Services incorporates an integrated approach to threat defense, reducing capital and operating costs and administrative complexity. It smoothly integrates with the existing IT environment, work stream, and network fabric. The purpose-built appliance family is highly scalable, performs at up to multigigabit speeds, and provides consistent and robust security across branch, Internet edge, and data centers in both physical and virtual environments.

With Cisco FireSIGHT Management Center, administrators can streamline operations to correlate threats, assess their impact, automatically tune security policy, and easily attribute user identities to security events. Management Center continually monitors how the network is changing over time. New threats are automatically assessed to determine which can affect your business. Response efforts are then focused on remediation, and network defenses are adapted to changing threat conditions. Critical security activities such as policy tuning are automated, saving time and effort, while protections and countermeasures are maintained in an optimal state.

Cisco FireSIGHT Management Center integrates easily with third-party security solutions through the eStreamer API to streamline operation workflows and fit existing network fabrics.
Overview:
Meet the industry’s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER Services delivers integrated threat defense for the entire attack continuum - before, during, and after an attack - by combining the proven security capabilities of the Cisco ASA firewall with the industry-leading Sourcefire threat and advanced malware protection features together in a single device. The solution uniquely extends the capabilities of the Cisco ASA 5500-X Series Next-Generation Firewalls beyond what today’s NGFW solutions are capable of

Superior Multilayered Protection
Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA with FirePOWER Services features these comprehensive capabilities:
  • Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
  • Granular Application Visibility and Control (AVC) supports more than 3,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
  • The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.
  • Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
  • AMP provides industry-leading breach detection effectiveness, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.

Reduced Costs and Complexity
Cisco ASA with FirePOWER Services incorporates an integrated approach to threat defense, reducing capital and operating costs and administrative complexity. It smoothly integrates with the existing IT environment, work stream, and network fabric. The purpose-built appliance family is highly scalable, performs at up to multigigabit speeds, and provides consistent and robust security across branch, Internet edge, and data centers in both physical and virtual environments.
Superior business resiliency and protection
Gain business resiliency through superior security with sustained performance. The Firepower 2100 Series has an innovative dual multicore CPU architecture that optimizes firewall, cryptographic, and threat inspection functions simultaneously. Now, achieving security doesn’t come at the expense of network performance.

Optimized performance and port density
Firewall throughput speeds from 2 Gbps to 8.5 Gbps. Support for sixteen (16) 1 GE ports on the low-end models. The high-end models support up to twenty-four (24) 1 GE ports or up to sixteen (16) 10 GE ports. All in a 1RU form factor. 

Innovative architecture
With its unique dual-CPU, multicore architecture, the 2100 maintains throughput performance when threat inspection is activated by routing different workloads to different chips. And enabling the threat protection features does not affect the firewall throughput.

Integration adds value
Further strengthen your defenses. Share intelligence, context, and policy controls by integration with third-party and other Cisco security solutions. Enable automatic device quarantining and rapid threat containment with Cisco ISE.
Superior business resiliency and protection
Gain business resiliency through superior security with sustained performance. The Firepower 2100 Series has an innovative dual multicore CPU architecture that optimizes firewall, cryptographic, and threat inspection functions simultaneously. Now, achieving security doesn’t come at the expense of network performance. 

Features and benefits
Threat-focused NGFW
Improve business resiliency and maintain performance with superior threat defense. Apply granular application control. Protect against malware. Shrink time to detection and remediation. Reduce complexity with the on-device management interface.

Optimized performance and port density
Firewall throughput speeds from 2 Gbps to 8.5 Gbps. Support for sixteen (16) 1 GE ports on the low-end models. The high-end models support up to twenty-four (24) 1 GE ports or up to sixteen (16) 10 GE ports. All in a 1RU form factor. 

Innovative architecture
With its unique dual-CPU, multicore architecture, the 2100 maintains throughput performance when threat inspection is activated by routing different workloads to different chips. And enabling the threat protection features does not affect the firewall throughput.
Overview:
Business resiliency is job one for network operations teams. And business resiliency requires security. Your network isn’t really up – your IT environment isn’t delivering customer value – if you’re fighting a pervasive breach. But when it comes to next-generation firewalls (NGFWs), organizations are often forced to choose between security and network throughput performance.

The Cisco Firepower NGFW (next-generation firewall) is the industry’s first fully integrated, threat-focused next-gen firewall with unified management. It uniquely provides advanced threat protection before, during, and after attacks.

The Cisco Firepower 2100 Series NGFW appliances deliver business resiliency through superior threat defense. They provide sustained network performance when threat inspection features are activated to keep your business running securely. And they are now simpler to manage for improved IT efficiency and a lower total cost of ownership.

The Firepower 2100 Series NGFW sustains its throughput performance as threat services are added. They do this by uniquely incorporating an innovative dual multi-core CPU architecture that optimizes firewall, cryptographic, and threat inspection functions simultaneously. They won’t become a network bottleneck or lose effectiveness like competitors when threat inspection is turned on. Now, achieving security doesn’t come at the expense of network performance.

Benefits
  • Ensure business resiliency through superior security with sustained performance
  • Eliminate the performance costs of activating IPS
  • Get twice the port density and performance vs. similarly priced competition
  • Go from connection to protection in 5 minutes with low touch provisioning
  • Save on power and space costs with a 1RU form factor
Overview:
Business resiliency is job one for network operations teams. And business resiliency requires security. Your network isn’t really up – your IT environment isn’t delivering customer value – if you’re fighting a pervasive breach. But when it comes to next-generation firewalls (NGFWs), organizations are often forced to choose between security and network throughput performance.

The Cisco Firepower 2100 Series appliances can be deployed either as a Next-Generation Firewall (NGFW) or as a Next-Generation IPS (NGIPS). They are perfect for the Internet edge and all the way in to the data center. Four new models are available.
  • The Firepower 2110 and 2120 models offer 1.9 and 3 Gbps of firewall throughput, respectively. They provide increased port density and can provide up to sixteen (16) 1 Gbps ports in a 1 rack unit (RU) form factor.
  • The Firepower 2130 and 2140 models provide 5 and 8.5 Gbps of firewall throughput, respectively. These models differ from the others in that they can be customized through the use of network modules, or NetMods. They can provide up to twenty-four (24) 1 Gbps ports in a 1 RU appliance, or to provide up to twelve (12) 10 Gbps ports.
  • Firepower 2100 NGFWs uniquely provide sustained performance when supporting threat functions, such as IPS. This is done using an innovative dual multi-core architecture. Layer 2 and 3 functionality is processed on one NPU (Network Processing Unit). Threat inspection and other services are processed on a separate multi-core x86 CPU. By splitting the workload, we eliminate the performance degradation that you see with competing solutions when turning on threat inspection.

Benefits
  • Ensure business resiliency through superior security with sustained performance
  • Eliminate the performance costs of activating IPS
  • Get twice the port density and performance vs. similarly priced competition
  • Go from connection to protection in 5 minutes with low touch provisioning
  • Save on power and space costs with a 1RU form factor
Better security, faster speeds, smaller footprint
Stop more threats with our fully integrated next-generation firewall (NGFW) platform. The 4100 Series’ 1-rack-unit size is ideal at the Internet edge and in high-performance environments. It shows you what’s happening on your network, detects attacks earlier so you can act faster, and reduces management complexity.

Overview:
Most next-generation firewalls (NGFWs) focus heavily on enabling application control, but little on their threat defense capabilities. To compensate, some NGFW’s will try to supplement their first-generation intrusion prevention with a series of non-integrated add-on products. However, this approach does little to protect your business against the risks posed by sophisticated attackers and advanced malware. Further, once you do get infected, they offer no assistance in scoping the infection, containing it, and remediating quickly.
  • Stop more threats with our fully integrated next-generation firewall (NGFW) appliance. The 4100 Series’ 1-rack-unit size is ideal at the Internet edge and in high-performance environments. It shows you what’s happening on your network, detects attacks earlier so you can act faster, and reduces management complexity.
  • What you need is an integrated, threat-centric next-generation firewall. One that not only delivers granular application control, but also provides effective security against the threats posed by sophisticated and evasive malware attacks.
  • The Cisco Firepower Next-Generation Firewall (NGFW) is the industry’s first fully integrated, threat-focused NGFW. It delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.
  • It can be deployed on Cisco Firepower 2100 Series, 4100 Series, and 9300 appliances to provide a performance and density optimized NGFW security platform for Internet edge and other high-performance environments.
Overview:
Most next-generation firewalls (NGFWs) focus heavily on enabling application control, but little on their threat defense capabilities. To compensate, some NGFW’s will try to supplement their first-generation intrusion prevention with a series of non-integrated add-on products. However, this approach does little to protect your business against the risks posed by sophisticated attackers and advanced malware. Further, once you do get infected, they offer no assistance in scoping the infection, containing it, and remediating quickly.

Stop more threats with our fully integrated next-generation firewall (NGFW) appliance. The 4100 Series’ 1-rack-unit size is ideal at the Internet edge and in high-performance environments. It shows you what’s happening on your network, detects attacks earlier so you can act faster, and reduces management complexity.

What you need is an integrated, threat-centric next-generation firewall. One that not only delivers granular application control, but also provides effective security against the threats posed by sophisticated and evasive malware attacks.

The Cisco Firepower Next-Generation Firewall (NGFW) is the industry’s first fully integrated, threat-focused NGFW. It delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.

It can be deployed on Cisco Firepower 2100 Series, 4100 Series, and 9300 appliances to provide a performance and density optimized NGFW security platform for Internet edge and other high-performance environments.

Benefits
  • Stop more threats – both known and unknown – with the industry’s most effective threat protection
  • Gain more insight into and control over the users, applications, devices, threats, and vulnerabilities in your network
  • Detect earlier and act faster by shrinking malware time to detection from months down to hours and enable quicker remediation
  • Reduce Complexity and simplify your operations by consolidating all security functions into a single management interface
  • Get more from your network by integrating with other Cisco security and network solutions
Overview:
Most next-generation firewalls (NGFWs) focus heavily on enabling application control, but little on their threat defense capabilities. To compensate, some NGFW’s will try to supplement their first-generation intrusion prevention with a series of non-integrated add-on products. However, this approach does little to protect your business against the risks posed by sophisticated attackers and advanced malware. Further, once you do get infected, they offer no assistance in scoping the infection, containing it, and remediating quickly.
  • What you need is an integrated, threat-centric next-generation firewall. One that not only delivers granular application control, but also provides effective security against the threats posed by sophisticated and evasive malware attacks.
  • The Cisco Firepower Next-Generation Firewall (NGFW) is the industry’s first fully integrated, threat-focused NGFW. It delivers comprehensive, unified policy management of firewall functions, application control, threat prevention, and advanced malware protection from the network to the endpoint.
  • It can be deployed on Cisco Firepower 2100 Series, 4100 Series, and 9300 appliances to provide a performance and density optimized NGFW security platform for Internet edge and other high-performance environments.
Overview:
The SonicWall Network Security services platform (NSsp) High-End Firewall series takes an innovative approach to threat detection and prevention by combining appliance-based protection with cloud intelligence in a reliable, high-performance platform. Designed for large distributed enterprises, data centers and service providers, the NSsp High-End series consolidates advanced security technologies that deliver proven, scalable protection for millions of connections from the most advanced threats without slowing performance.

SUPERIOR THREAT PREVENTION AND PERFORMANCE
  • Block more attacks with patent-pending Real-Time Deep Memory Inspection (RTDMITM) & Patented Real-Free Deep Packet Inspection (RFDPI®) technology
  • Combine cloud-based and on-box threat prevention featuring multi-engine sandboxing
  • industry-validated high security effectiveness
  • Get high-speed performance with 40-Gigabit Ethernet ports
  • Security that scales to protect millions of encrypted connections
  • Decrypt and inspect TLS/SSL and SSH traffic in real time

NETWORK CONTROL AND FLEXIBILITY
  • Leverage powerful SonicOS operating system
  • Gain application intelligence and control
  • Segment your network into zones
  • Deploy at the network edge or data center core
Overview:
The SonicWall Network Security services platform (NSsp) High-End Firewall series takes an innovative approach to threat detection and prevention by combining appliance-based protection with cloud intelligence in a reliable, high-performance platform. Designed for large distributed enterprises, data centers and service providers, the NSsp High-End series consolidates advanced security technologies that deliver proven, scalable protection for millions of connections from the most advanced threats without slowing performance.

SUPERIOR THREAT PREVENTION AND PERFORMANCE
  • Block more attacks with patent-pending Real-Time Deep Memory Inspection (RTDMITM) & Patented Real-Free Deep Packet Inspection (RFDPI®) technology
  • Combine cloud-based and on-box threat prevention featuring multi-engine sandboxing
  • Industry-validated high security effectiveness
  • Get high-speed performance with 40-Gigabit Ethernet ports
  • Security that scales to protect millions of encrypted connections
  • Decrypt and inspect TLS/SSL and SSH traffic in real time

NETWORK CONTROL AND FLEXIBILITY
  • Leverage powerful SonicOS operating system
  • Gain application intelligence and control
  • Segment your network into zones
  • Deploy at the network edge or data center core
Overview:
The SonicWall Network Security appliance (NSa) series provides organizations that range in scale from mid-sized networks to distributed enterprises and data centers with advanced threat prevention in a highperformance security platform. Utilizing innovative deep learning technologies in the SonicWall Capture Cloud Platform, the NSa series delivers the automated real-time breach detection and prevention organizations need. 

Network control and flexibility
At the core of the NSa series is SonicOS, SonicWall’s feature-rich operating system. SonicOS provides organizations with the network control and flexibility they require through application intelligence and control, real-time visualization, an intrusion prevention system (IPS) featuring sophisticated anti-evasion technology, high-speed virtual private networking (VPN) and other robust security features. Using application intelligence and control, network administrators can identify and categorize productive applications from those that are unproductive or potentially dangerous, and control that traffic through powerful applicationlevel policies on both a per-user and a per-group basis (along with schedules and exception lists). Business-critical applications can be prioritized and allocated more bandwidth while non essential applications are bandwidthlimited. Real-time monitoring and visualization provides a graphical representation of applications, users and bandwidth usage for granular insight into traffic across the network. 

Secure, High-speed Wireless
Combine an NSa series next-generation firewall with a SonicWall SonicWave 802.11ac Wave 2 wireless access point to create a highspeed wireless network security solution. NSa series firewalls and SonicWave access points both feature 2.5 GbE ports that enable multi-gigabit wireless throughput offered in Wave 2 wireless technology. The firewall scans all wireless traffic coming into and going out of the network using deep packet inspection technology and then removes harmful threats such as malware and intrusions, even over encrypted connections. Additional security and control capabilities such as content filtering, application control and intelligence and Capture Advanced Threat Protection can be run on the wireless network to provide added layers of protection.
Overview:
The SonicWall Network Security appliance (NSa) series provides organizations that range in scale from mid-sized networks to distributed enterprises and data centers with advanced threat prevention in a highperformance security platform. Utilizing innovative deep learning technologies in the SonicWall Capture Cloud Platform, the NSa series delivers the automated real-time breach detection and prevention organizations need. 

Network control and flexibility
At the core of the NSa series is SonicOS, SonicWall’s feature-rich operating system. SonicOS provides organizations with the network control and flexibility they require through application intelligence and control, real-time visualization, an intrusion prevention system (IPS) featuring sophisticated anti-evasion technology, high-speed virtual private networking (VPN) and other robust security features. Using application intelligence and control, network administrators can identify and categorize productive applications from those that are unproductive or potentially dangerous, and control that traffic through powerful applicationlevel policies on both a per-user and a per-group basis (along with schedules and exception lists). Business-critical applications can be prioritized and allocated more bandwidth while non essential applications are bandwidthlimited. Real-time monitoring and visualization provides a graphical representation of applications, users and bandwidth usage for granular insight into traffic across the network. 

Secure, High-speed Wireless
Combine an NSa series next-generation firewall with a SonicWall SonicWave 802.11ac Wave 2 wireless access point to create a highspeed wireless network security solution. NSa series firewalls and SonicWave access points both feature 2.5 GbE ports that enable multi-gigabit wireless throughput offered in Wave 2 wireless technology. The firewall scans all wireless traffic coming into and going out of the network using deep packet inspection technology and then removes harmful threats such as malware and intrusions, even over encrypted connections. Additional security and control capabilities such as content filtering, application control and intelligence and Capture Advanced Threat Protection can be run on the wireless network to provide added layers of protection.
Overview:
The SonicWall Network Security appliance (NSa) series provides organizations that range in scale from mid-sized networks to distributed enterprises and data centers with advanced threat prevention in a highperformance security platform. Utilizing innovative deep learning technologies in the SonicWall Capture Cloud Platform, the NSa series delivers the automated real-time breach detection and prevention organizations need. 

Network control and flexibility
At the core of the NSa series is SonicOS, SonicWall’s feature-rich operating system. SonicOS provides organizations with the network control and flexibility they require through application intelligence and control, real-time visualization, an intrusion prevention system (IPS) featuring sophisticated anti-evasion technology, high-speed virtual private networking (VPN) and other robust security features. Using application intelligence and control, network administrators can identify and categorize productive applications from those that are unproductive or potentially dangerous, and control that traffic through powerful applicationlevel policies on both a per-user and a per-group basis (along with schedules and exception lists). Business-critical applications can be prioritized and allocated more bandwidth while non essential applications are bandwidthlimited. Real-time monitoring and visualization provides a graphical representation of applications, users and bandwidth usage for granular insight into traffic across the network. 

Secure, High-speed Wireless
Combine an NSa series next-generation firewall with a SonicWall SonicWave 802.11ac Wave 2 wireless access point to create a highspeed wireless network security solution. NSa series firewalls and SonicWave access points both feature 2.5 GbE ports that enable multi-gigabit wireless throughput offered in Wave 2 wireless technology. The firewall scans all wireless traffic coming into and going out of the network using deep packet inspection technology and then removes harmful threats such as malware and intrusions, even over encrypted connections. Additional security and control capabilities such as content filtering, application control and intelligence and Capture Advanced Threat Protection can be run on the wireless network to provide added layers of protection.
Overview:
The SonicWall Network Security appliance (NSa) series provides organizations that range in scale from mid-sized networks to distributed enterprises and data centers with advanced threat prevention in a highperformance security platform. Utilizing innovative deep learning technologies in the SonicWall Capture Cloud Platform, the NSa series delivers the automated real-time breach detection and prevention organizations need. 

Network control and flexibility
At the core of the NSa series is SonicOS, SonicWall’s feature-rich operating system. SonicOS provides organizations with the network control and flexibility they require through application intelligence and control, real-time visualization, an intrusion prevention system (IPS) featuring sophisticated anti-evasion technology, high-speed virtual private networking (VPN) and other robust security features. Using application intelligence and control, network administrators can identify and categorize productive applications from those that are unproductive or potentially dangerous, and control that traffic through powerful applicationlevel policies on both a per-user and a per-group basis (along with schedules and exception lists). Business-critical applications can be prioritized and allocated more bandwidth while non essential applications are bandwidthlimited. Real-time monitoring and visualization provides a graphical representation of applications, users and bandwidth usage for granular insight into traffic across the network. 

Secure, High-speed Wireless
Combine an NSa series next-generation firewall with a SonicWall SonicWave 802.11ac Wave 2 wireless access point to create a highspeed wireless network security solution. NSa series firewalls and SonicWave access points both feature 2.5 GbE ports that enable multi-gigabit wireless throughput offered in Wave 2 wireless technology. The firewall scans all wireless traffic coming into and going out of the network using deep packet inspection technology and then removes harmful threats such as malware and intrusions, even over encrypted connections. Additional security and control capabilities such as content filtering, application control and intelligence and Capture Advanced Threat Protection can be run on the wireless network to provide added layers of protection.
Overview:
Exceptional security and stellar performance at a disruptively low TCO
  • The SonicWALL TZ series of next generation firewalls (NGFW) is ideally suited for any organization that requires enterprise-grade network protection.
  • SonicWALL TZ series firewalls provide broad protection with advanced security services consisting of onbox and cloud-based anti-malware, anti-spyware, application control, intrusion prevention system (IPS), and URL filtering. To counter the trend of encrypted attacks, the SonicWALL TZ series has the processing power to inspect encrypted SSL connections against the latest threats.
  • Backed by the SonicWALL Global Response Intelligent Defense (GRID) network, the SonicWALL TZ series delivers continuous updates to maintain a strong network defense against cybercriminals. The SonicWALL TZ series is able to scan every byte of every packet on all ports and protocols with almost zero latency and no file size limitations.
  • The SonicWALL TZ series features Gigabit Ethernet ports, optional integrated 802.11ac wireless, IPSec and SSL VPN, failover through integrated 3G/4G support, load balancing and network segmentation. The SonicWALL TZ series UTM firewalls also provide fast, secure mobile access over Apple iOS, Google Android, Amazon Kindle, Windows, MacOS and Linux platforms.
  • The SonicWALL Global Management System (GMS) enables centralized deployment and management of SonicWALL TZ series firewalls from a single system.
Managed security for distributed environments
Schools, retail shops, remote sites, branch offices and distributed enterprises need a solution that integrates with their corporate firewall. SonicWALL TZ series firewalls share the same code base—and same protection—as our flagship SuperMassive next-generation firewalls. This simplifies remote site management, as every administrator sees the same user interface (UI). GMS enables network administrators to configure, monitor and manage remote SonicWALL firewalls through a single pane of glass. By adding highspeed, secure wireless, the SonicWALL TZ series extends the protection perimeter to include customers and guests frequenting the retail site or remote
The SOHO offers affordable UTM firewalls for home and small businesses
Protect your organization with highly effective intrusion prevention, anti-malware, content/URL filtering and application control with the business-grade SonicWall TZ Series Unified Threat Management (UTM) firewalls. Eliminate network bottlenecks and increase productivity while also providing secure access to a broad range of mobile devices, including laptops, smartphones and tablets. Confidently deploy this secure, sophisticated small-business firewall appliance in a wide range of organizations, such as retail, branch/remote offices or home offices. With a SonicWall TZ Series firewall, you can be assured your wired and wireless networks are protected by a secure, sophisticated and widely deployed security platform.

Features
SonicWall TZ Series Unified Threat Management (UTM) firewalls deliver high performance and proven best-in-class protection to small businesses with integrated intrusion prevention, anti-malware and content/URL filtering capabilities.

Full-featured, advanced security
Deliver full-featured security that combines intrusion prevention, gateway anti-virus, anti-spyware, content filtering and anti-spam services, with intuitive, easy-to-use SonicWall TZ Series firewalls.
 
Fast, reliable, enhanced performance
Examine all wired and wireless traffic for threats, without slowing down your network, using the patented1 SonicWall Reassembly-Free Deep Packet Inspection (RFDPI) technology. TZ Series firewalls also ensure bandwidth for critical business applications, while blocking unproductive applications.
 
Broad, flexible, remote access
Provide mobile users with native VPN remote access clients for Apple iOS, Google Android, Windows 8.1, Mac OS® X, Kindle Fire and Linux, via your small-business firewall. This unique client also supports the firewall's capability to decontaminate threats from VPN traffic.
Overview:
Exceptional security and stellar performance at a disruptively low TCO
The SonicWALL TZ series of next generation firewalls (NGFW) is ideally suited for any organization that requires enterprise-grade network protection.

SonicWALL TZ series firewalls provide broad protection with advanced security services consisting of onbox and cloud-based anti-malware, anti-spyware, application control, intrusion prevention system (IPS), and URL filtering. To counter the trend of encrypted attacks, the SonicWALL TZ series has the processing power to inspect encrypted SSL connections against the latest threats.

Backed by the SonicWALL Global Response Intelligent Defense (GRID) network, the SonicWALL TZ series delivers continuous updates to maintain a strong network defense against cybercriminals. The SonicWALL TZ series is able to scan every byte of every packet on all ports and protocols with almost zero latency and no file size limitations.

The SonicWALL TZ series features Gigabit Ethernet ports, optional integrated 802.11ac wireless, IPSec and SSL VPN, failover through integrated 3G/4G support, load balancing and network segmentation. The SonicWALL TZ series UTM firewalls also provide fast, secure mobile access over Apple iOS, Google Android, Amazon Kindle, Windows, MacOS and Linux platforms.

The SonicWALL Global Management System (GMS) enables centralized deployment and management of SonicWALL TZ series firewalls from a single system.

Managed security for distributed environments
Schools, retail shops, remote sites, branch offices and distributed enterprises need a solution that integrates with their corporate firewall. SonicWALL TZ series firewalls share the same code base—and same protection—as our flagship SuperMassive next-generation firewalls. This simplifies remote site management, as every administrator sees the same user interface (UI). GMS enables network administrators to configure, monitor and manage remote SonicWALL firewalls through a single pane of glass. By adding highspeed, secure wireless, the SonicWALL TZ series extends the protection perimeter to include customers and guests frequenting the retail site or remote
Overview:
The Dell SonicWALL TZ is an affordable, yet high-performing, line of enterprise-level firewalls designed for small and medium-sized businesses, remote and branch offices, and retail point-of-sale locations. SonicWALL TZ series offer these use cases an abundance of protection features as well as advanced security services that leverage on-box and cloud-based anti-malware, antispyware, intrusion prevention system, and URL filtering. Dell’s new line of firewalls are also specced to handle encrypted attacks as it is equipped with the processing punch needed to inspect encrypted SSL connections against the most recent threats. 

For this review, we will be looking at the TZ500, which is one of the models Dell targets towards SMB buyers. SonicWALL, which was acquired by Dell back in 2012, has been a market leader in advanced network security, secure remote access, email security for quite some time now, so their newest firewall is a welcomed addition to the StorageReview lab. Compared to the top offering TZ600 model, it features slightly lower throughput, less 1 GbE Copper interfaces (8 vs. 10), and doesn’t have a rear expansion slot. That being said, it certainly offers enough enterprise-grade protection and performance to halt cyberattacks all the while helping to expend to control of your company’s network. The SonicWALL TZ series also features Dell’s Global Management System (GMS), which allows administrators to deploy and manage SonicWALL TZ series firewalls from a single system at the central office.

The SonicWALL TZ500 comes equipped with optional integrated 802.11ac wireless, IPSec and SSL VPN, failover through integrated 3G/4G support, load balancing and network segmentation, all of which combine advanced networking features with advanced security to boast a pretty impressive package.
Overview:
The Dell SonicWALL TZ is an affordable, yet high-performing, line of enterprise-level firewalls designed for small and medium-sized businesses, remote and branch offices, and retail point-of-sale locations. SonicWALL TZ series offer these use cases an abundance of protection features as well as advanced security services that leverage on-box and cloud-based anti-malware, antispyware, intrusion prevention system, and URL filtering. Dell’s new line of firewalls are also specced to handle encrypted attacks as it is equipped with the processing punch needed to inspect encrypted SSL connections against the most recent threats. 

For this review, we will be looking at the TZ500, which is one of the models Dell targets towards SMB buyers. SonicWALL, which was acquired by Dell back in 2012, has been a market leader in advanced network security, secure remote access, email security for quite some time now, so their newest firewall is a welcomed addition to the StorageReview lab. Compared to the top offering TZ600 model, it features slightly lower throughput, less 1 GbE Copper interfaces (8 vs. 10), and doesn’t have a rear expansion slot. That being said, it certainly offers enough enterprise-grade protection and performance to halt cyberattacks all the while helping to expend to control of your company’s network. The SonicWALL TZ series also features Dell’s Global Management System (GMS), which allows administrators to deploy and manage SonicWALL TZ series firewalls from a single system at the central office.

The SonicWALL TZ500 comes equipped with optional integrated 802.11ac wireless, IPSec and SSL VPN, failover through integrated 3G/4G support, load balancing and network segmentation, all of which combine advanced networking features with advanced security to boast a pretty impressive package.
Overview:
The SonicWall Network Security services platform (NSsp) 12000 series takes a modern approach to threat detection and prevention by combining cloud intelligence with appliance-based protection in a scalable, high-speed platform. Designed for large distributed enterprises, data centers and service providers, NSsp series next-generation firewalls (NGFWs) leverage innovative deep learning security technologies in the Capture Cloud Platform to deliver proven protection from the most advanced threats without slowing performance

Network control and flexibility
At the core of the NSsp series is SonicOS, SonicWall’s feature-rich operating system. SonicOS provides organizations with the network control and flexibility they require through application intelligence and control, real-time visualization, an intrusion prevention system (IPS) featuring sophisticated anti-evasion technology, high-speed virtual private networking (VPN) and additional security features.

Simplified management and reporting
Ongoing management, monitoring and reporting of network activity are handled through the SonicWall Global Management System (GMS), providing administrators with an intuitive single pane of glass dashboard for managing all aspects of the network in real time. Together, the simplified deployment and setup along with the ease of management enable organizations to lower their total cost of ownership and realize a high return on investment.
Overview:
The SonicWall Network Security services platform (NSsp) 12000 series takes a modern approach to threat detection and prevention by combining cloud intelligence with appliance-based protection in a scalable, high-speed platform. Designed for large distributed enterprises, data centers and service providers, NSsp series next-generation firewalls (NGFWs) leverage innovative deep learning security technologies in the Capture Cloud Platform to deliver proven protection from the most advanced threats without slowing performance

Network control and flexibility
At the core of the NSsp series is SonicOS, SonicWall’s feature-rich operating system. SonicOS provides organizations with the network control and flexibility they require through application intelligence and control, real-time visualization, an intrusion prevention system (IPS) featuring sophisticated anti-evasion technology, high-speed virtual private networking (VPN) and additional security features.

Simplified management and reporting
Ongoing management, monitoring and reporting of network activity are handled through the SonicWall Global Management System (GMS), providing administrators with an intuitive single pane of glass dashboard for managing all aspects of the network in real time. Together, the simplified deployment and setup along with the ease of management enable organizations to lower their total cost of ownership and realize a high return on investment.
Features
SonicOS Platform The SonicOS architecture is at the core of every SonicWall physical and virtual firewall including the NSv and NSa Series, SuperMassive Series and TZ Series. Refer to the SonicWall SonicOS Platform datasheet for the complete list of features and capabilities. Automated breach prevention NSv delivers complete advanced threat protection, including high-performance intrusion and malware prevention, and cloud-based sandboxing with SonicWall’s RTDMI technology

Zone protection
NSv strengthens internal security by enabling segmentation of the network into multiple security zones, with intrusion prevention service keeping threats from propagating across the zone boundaries. Creating and applying access rules and NAT policies to traffic passing through the various interfaces, it can allow or deny internal or external network access based on various criteria.

Secure communication
NSv ensures the data exchange between groups of virtual machines is done securely, including isolation, confidentiality, integrity, and information flow control within these networks via the use of segmentation.

Data confidentiality
NSv blocks information theft and illegitimate access to protected data and services. 
Features
SonicOS Platform The SonicOS architecture is at the core of every SonicWall physical and virtual firewall including the NSv and NSa Series, SuperMassive Series and TZ Series. Refer to the SonicWall SonicOS Platform datasheet for the complete list of features and capabilities. Automated breach prevention NSv delivers complete advanced threat protection, including high-performance intrusion and malware prevention, and cloud-based sandboxing with SonicWall’s RTDMI technology

Zone protection
NSv strengthens internal security by enabling segmentation of the network into multiple security zones, with intrusion prevention service keeping threats from propagating across the zone boundaries. Creating and applying access rules and NAT policies to traffic passing through the various interfaces, it can allow or deny internal or external network access based on various criteria.

Secure communication
NSv ensures the data exchange between groups of virtual machines is done securely, including isolation, confidentiality, integrity, and information flow control within these networks via the use of segmentation.

Data confidentiality
NSv blocks information theft and illegitimate access to protected data and services.
Features
SonicOS Platform The SonicOS architecture is at the core of every SonicWall physical and virtual firewall including the NSv and NSa Series, SuperMassive Series and TZ Series. Refer to the SonicWall SonicOS Platform datasheet for the complete list of features and capabilities. Automated breach prevention NSv delivers complete advanced threat protection, including high-performance intrusion and malware prevention, and cloud-based sandboxing with SonicWall’s RTDMI technology

Zone protection
NSv strengthens internal security by enabling segmentation of the network into multiple security zones, with intrusion prevention service keeping threats from propagating across the zone boundaries. Creating and applying access rules and NAT policies to traffic passing through the various interfaces, it can allow or deny internal or external network access based on various criteria.

Secure communication
NSv ensures the data exchange between groups of virtual machines is done securely, including isolation, confidentiality, integrity, and information flow control within these networks via the use of segmentation.

Data confidentiality
NSv blocks information theft and illegitimate access to protected data and services.
Features
SonicOS Platform The SonicOS architecture is at the core of every SonicWall physical and virtual firewall including the NSv and NSa Series, SuperMassive Series and TZ Series. Refer to the SonicWall SonicOS Platform datasheet for the complete list of features and capabilities. Automated breach prevention NSv delivers complete advanced threat protection, including high-performance intrusion and malware prevention, and cloud-based sandboxing with SonicWall’s RTDMI technology

Zone protection
NSv strengthens internal security by enabling segmentation of the network into multiple security zones, with intrusion prevention service keeping threats from propagating across the zone boundaries. Creating and applying access rules and NAT policies to traffic passing through the various interfaces, it can allow or deny internal or external network access based on various criteria.

Secure communication
NSv ensures the data exchange between groups of virtual machines is done securely, including isolation, confidentiality, integrity, and information flow control within these networks via the use of segmentation.

Data confidentiality
NSv blocks information theft and illegitimate access to protected data and services.
Overview:
Superior user experience
SonicWave APs take advantage of the capabilities in 802.11ac Wave 2 plus features such as band steering and a built-in 2.5 GbE port to deliver highspeed wireless performance. Other features, including 4x4 MU-MIMO and beamforming, improve performance in higher density environments when using bandwidth-intensive applications such as HD multimedia, and cloud and mobile apps.

Each SonicWave access point includes three radios. One operates in the less crowded 5 GHz frequency band, reducing interference from other devices while strengthening signal reliability. Another operates in the 2.4 GHz band to support legacy 802.11b/g/n clients. The third radio is dedicated to security and performs rogue AP detection, passive scanning and packet capturing. With four transmitting and four receiving antennas plus support for 4x4 MU-MIMO, SonicWave APs are engineered to optimize signal quality, range and reliability for wireless devices including Wave 2-enabled clients.

For organizations with a substantial long-term investment in 802.11n, the SonicWALL SonicPoint N2 features an enterprise wireless chipset, dual radios, high-speed performance and all the advantages that SonicWALL Wireless Network Security solutions offer.

Comprehensive threat prevention
SonicWall firewalls scan all wireless traffic coming into and going out of the network using deep packet inspection technology and then remove harmful threats such as malware and intrusions, even over SSL/ TLS encrypted connections. Other security and control capabilities such as content filtering, application control and intelligence and Capture Advanced Threat Protection provide added layers of protection. The Wireless Network Security solution also integrates additional security-related features including wireless intrusion detection and prevention, virtual access point segmentation, wireless guest services, RF monitoring and wireless packet capture.
Overview:
Superior user experience
SonicWave APs take advantage of the capabilities in 802.11ac Wave 2 plus features such as band steering and a built-in 2.5 GbE port to deliver highspeed wireless performance. Other features, including 4x4 MU-MIMO and beamforming, improve performance in higher density environments when using bandwidth-intensive applications such as HD multimedia, and cloud and mobile apps.

Each SonicWave access point includes three radios. One operates in the less crowded 5 GHz frequency band, reducing interference from other devices while strengthening signal reliability. Another operates in the 2.4 GHz band to support legacy 802.11b/g/n clients. The third radio is dedicated to security and performs rogue AP detection, passive scanning and packet capturing. With four transmitting and four receiving antennas plus support for 4x4 MU-MIMO, SonicWave APs are engineered to optimize signal quality, range and reliability for wireless devices including Wave 2-enabled clients.

For organizations with a substantial long-term investment in 802.11n, the SonicWALL SonicPoint N2 features an enterprise wireless chipset, dual radios, high-speed performance and all the advantages that SonicWALL Wireless Network Security solutions offer.

Comprehensive threat prevention
SonicWall firewalls scan all wireless traffic coming into and going out of the network using deep packet inspection technology and then remove harmful threats such as malware and intrusions, even over SSL/ TLS encrypted connections. Other security and control capabilities such as content filtering, application control and intelligence and Capture Advanced Threat Protection provide added layers of protection. The Wireless Network Security solution also integrates additional security-related features including wireless intrusion detection and prevention, virtual access point segmentation, wireless guest services, RF monitoring and wireless packet capture.
Overview:
Superior user experience
SonicWave APs take advantage of the capabilities in 802.11ac Wave 2 plus features such as band steering and a built-in 2.5 GbE port to deliver highspeed wireless performance. Other features, including 4x4 MU-MIMO and beamforming, improve performance in higher density environments when using bandwidth-intensive applications such as HD multimedia, and cloud and mobile apps.

Each SonicWave access point includes three radios. One operates in the less crowded 5 GHz frequency band, reducing interference from other devices while strengthening signal reliability. Another operates in the 2.4 GHz band to support legacy 802.11b/g/n clients. The third radio is dedicated to security and performs rogue AP detection, passive scanning and packet capturing. With four transmitting and four receiving antennas plus support for 4x4 MU-MIMO, SonicWave APs are engineered to optimize signal quality, range and reliability for wireless devices including Wave 2-enabled clients.

For organizations with a substantial long-term investment in 802.11n, the SonicWALL SonicPoint N2 features an enterprise wireless chipset, dual radios, high-speed performance and all the advantages that SonicWALL Wireless Network Security solutions offer.

Comprehensive threat prevention
SonicWall firewalls scan all wireless traffic coming into and going out of the network using deep packet inspection technology and then remove harmful threats such as malware and intrusions, even over SSL/ TLS encrypted connections. Other security and control capabilities such as content filtering, application control and intelligence and Capture Advanced Threat Protection provide added layers of protection. The Wireless Network Security solution also integrates additional security-related features including wireless intrusion detection and prevention, virtual access point segmentation, wireless guest services, RF monitoring and wireless packet capture.
Overview:
Superior user experience
SonicWave APs take advantage of the capabilities in 802.11ac Wave 2 plus features such as band steering and a built-in 2.5 GbE port to deliver highspeed wireless performance. Other features, including 4x4 MU-MIMO and beamforming, improve performance in higher density environments when using bandwidth-intensive applications such as HD multimedia, and cloud and mobile apps.

Each SonicWave access point includes three radios. One operates in the less crowded 5 GHz frequency band, reducing interference from other devices while strengthening signal reliability. Another operates in the 2.4 GHz band to support legacy 802.11b/g/n clients. The third radio is dedicated to security and performs rogue AP detection, passive scanning and packet capturing. With four transmitting and four receiving antennas plus support for 4x4 MU-MIMO, SonicWave APs are engineered to optimize signal quality, range and reliability for wireless devices including Wave 2-enabled clients.

For organizations with a substantial long-term investment in 802.11n, the SonicWALL SonicPoint N2 features an enterprise wireless chipset, dual radios, high-speed performance and all the advantages that SonicWALL Wireless Network Security solutions offer.

Comprehensive threat prevention
SonicWall firewalls scan all wireless traffic coming into and going out of the network using deep packet inspection technology and then remove harmful threats such as malware and intrusions, even over SSL/ TLS encrypted connections. Other security and control capabilities such as content filtering, application control and intelligence and Capture Advanced Threat Protection provide added layers of protection. The Wireless Network Security solution also integrates additional security-related features including wireless intrusion detection and prevention, virtual access point segmentation, wireless guest services, RF monitoring and wireless packet capture.
SonicWall wireless firewalling
When a wireless device uses a SonicWall SonicPoint ACe wireless access point to communicate with a wireless device on anothersubnet or on a completely different network, traffic between the devices is forced to traverse the SonicWall network security appliance. This traversal enables security services to be enforced by SonicOS. Standard practice for wireless firewalling (where one wireless client is communicating with another) bypasses many of the critical security services. The following illustration shows the standard practice for wireless firewalling.

Deployment requirements
SonicOS firmware
• SonicWall SonicPoint ACe access points are centrally managed by SonicWall network security appliances running the following versions of SonicOS:
• SonicOS 5.9.1.6 or a higher 5.9 release
• SonicOS 6.2.5.1 or higher
Power source
• Use the supplied power adaptor or an 802.3at compliant PoE injector or a PoE switch capable of providing 25 watts of power to each SonicPoint ACe.
Internet connectivity
• An active Internet connection is required for your firewall to download the latest SonicPoint firmware.
Gigabit Ethernet connectivity
• 802.11ac wireless hardware requires more bandwidth than a single (or even dual) 10/100 Ethernet connection can handle. Gigabit Ethernet connectivity between the WLAN and the LAN is required to take full advantage of 802.11ac speed.
FIREWALLS
SonicWall next-generation firewalls ensure that every byte of every packet coming into and going out of your network is inspected while maintaining high performance and low latency. By leveraging the SonicWall Capture Threat Network, we deliver superior protection for today and tomorrow.

Wireless Network Security
Build a high-speed wireless network security solution that safeguards your wireless traffic from threats and delivers wired-like network security and performance.

Security Subscriptions
Protect your organization from advanced security threats, gain greater security control, enhance productivity and lower costs with SonicWall network security services and add-ons to our firewall hardware.

WAN Acceleration
Eliminate performance bottlenecks from data and file sharing applications and give users LAN-like application performance over your WAN by optimizing the bandwidth you already have.

Cloud App Security
SonicWall Cloud App Security is a cloud service that provides CASB-like functionality, delivering real-time discovery, visibility and control of cloud application usage on the network.
Overview:
Build a secure wireless network that safeguards your wireless traffic from threats and optimizes performance, with the SonicPoint Wireless Security Access Point Series. Combine SonicPoint Series 802.11ac wireless access points with industry-leading SonicWall firewalls to create a wireless network security solution that delivers wired-like network security and performance.

GET FAST PERFORMANCE
SonicPoint Series wireless access points give you fast wireless access with enhanced signal quality and reliability. Take advantage of the capabilities in 802.11ac to achieve gigabit wireless performance. With support for IEEE 802.11a/b/g/n/ac standards, the SonicPoint Series enables your organization to use apps such as video and voice in higher density environments.

SIMPLIFY DEPLOYMENT AND MANAGEMENT
SonicPoints are simple to deploy into your new or existing network. SonicWall firewalls have a built-in wireless controller that automatically detects and configures SonicPoints across your network, easing setup. SonicPoints integrate tightly with SonicWall firewalls to offer a single pane of glass for wireless management and monitoring.
Product Description

Juniper Networks SRX300 line of services gateways delivers a next-generation networking and security solution that supports the changing needs of cloud-enabled enterprise networks. Whether rolling out new services and applications across locations, connecting to the cloud, or trying to achieve operational efficiency, the SRX300 line helps organizations realize their business objectives while providing scalable, easy to manage, secure connectivity and advanced threat mitigation capabilities. Next-generation firewall and unified threat management (UTM) capabilities also make it easier to detect and proactively mitigate threats to improve the user and application experience.

The SRX300 line consists of four models:
  • SRX300: Securing small branch or retail offices, the SRX300 Services Gateway consolidates security, routing, switching, and WAN connectivity in a small desktop device. The SRX300 supports up to 1 Gbps firewall and 300 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
  • SRX320: Securely connecting small distributed enterprise branch offices, the SRX320 Services Gateway consolidates security, routing, switching, and WAN connectivity in a small desktop device. The SRX320 supports up to 1 Gbps firewall and 300 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
  • SRX340: Securely connecting midsize distributed enterprise branch offices, the SRX340 Services Gateway consolidates security, routing, switching, and WAN connectivity in a 1 U form factor. The SRX340 supports up to 3 Gbps firewall and 600 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
  •  SRX345: Best suited for midsize to large distributed enterprise branch offices, the SRX345 Services Gateway consolidates security, routing, switching, and WAN connectivity in a 1 U form factor. The SRX345 supports up to 5 Gbps firewall and 800 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
Highlights

  • The SRX300 line of services gateways consists of secure routers that bring high performance and proven deployment capabilities to enterprises that need to build a worldwide network of thousands of remote sites. Ethernet, serial, T1/E1, ADSL2/2+, VDSL2, and 3G/4G LTE wireless are all available options for WAN or Internet connectivity to link sites. Industry best, high-performance IPsec VPN solutions provide comprehensive encryption and authentication capabilities to secure intersite communications. Multiple form factors with Ethernet switching support on native Gigabit Ethernet ports allow costeffective choices for mission-critical deployments. Juniper Networks Junos® automation and scripting capabilities and Junos Space Security Director reduce operational complexity and simplify the provisioning of new sites.
  • The SRX300 line of devices recognizes more than 3,500 Layer 3-7 applications, including Web 2.0 and evasive peer-to-peer (P2P) applications like Skype, torrents, and others. Correlating application information with user contextual information, the SRX300 line can generate bandwidth usage reports, enforce access control policies, prioritize and rate-limit traffic going out of WAN interfaces, and proactively secure remote sites. This optimizes resources in the branch office and improves the application and user experience.
  • The SRX300 line enables agile SecOps through automation capabilities that support Zero Touch Deployment, Python scripts for orchestration, and event scripting for operational management.
  • services gateways run Juniper Networks Junos operating system, a proven, carrier-hardened network OS that powers the top 100 service provider networks around the world. The rigorously tested, carrier-class, rich routing features such as IPv4/ IPv6, OSPF, BGP, and multicast have been proven in over 15 years of worldwide deployments.
SRX550 Overview

The SRX550 Services Gateway is an all-in-one solution that consolidates security, routing, switching, and WAN connectivity into a single 2 U device. It is a robust, highly flexible device for next-generation security, delivering enterprise-class networking for protecting today’s medium-to-large branch locations and supporting up to 5.5 Gbps firewall, 1 Gbps IPsec VPN, and 800 Mbps intrusion prevention system (IPS).

The SRX550 supports next-generation firewall capabilities such as IPS, application visibility and control, and unified threat management (UTM) features including antivirus, antispam, and enhanced Web filtering. Integrated security intelligence offers adaptive threat protection against Command and Control (C&C)-related botnets, malware, and Web application threats. The SRX550 also enforces policies based on GeoIP data from Juniper-provided feeds. IT organizations can use their own custom and third-party feeds for advanced threat protection.

The SRX550 is optimized for securing and connecting midsize or large branch locations that are geographically dispersed. It provides cost-effective, scalable integration of routing, security, and other midrange applications for branch sites. IT staff can deploy and manage SRX550 appliances in dispersed sites using the centralized Junos Space Security Director management platform.

NSS Labs, the world’s leading information security company, recommends the SRX550 because it delivers outstanding performance—even under the highest loads—in an architecture that consolidates next-generation firewall security with rich networking capabilities.
SRX1500 Overview
  • The foundation for strong business growth is secure connectivity that can scale to protect your key assets. The SRX1500 Services Gateway delivers that connectivity to help your business meet its goals. Whether rolling out new services and applications, connecting to the cloud, meeting compliance requirements, or improving operational efficiency, the SRX1500 keeps your network scalable, secure, and easy to manage.
  • A high-performance security appliance, the SRX1500 protects distributed enterprise campus locations and serves as a perimeter firewall for small to midsize data centers.
  • The combination of hardware and software architectures on the SRX1500 delivers very high performance in a small, 1 U form factor. The SRX1500 performs ultra-fast, high-speed firewalling and intrusion protection that can extend to protect end-user devices. Firewall performance remains consistent across different application profiles and usage patterns. Unified threat management (UTM) and intrusion prevention system (IPS) capabilities make it easier to detect intrusions, enforce policies, and proactively mitigate threats to improve the user and application experience.

The SRX1500 Services Gateway is optimized for:
  • Securing the enterprise data center perimeter or distributed enterprise campus locations with up to 2000 users
  • Reducing traffic processing times for deterministic, latency-sensitive environments such as financial services networks.
  • Enabling users to easily audit both the network and devices to ensure regulatory compliance.
  •  Improving network performance and optimizing application experience through SD-WAN.
Overview
  • The SRX4000 line of services gateways brings you integrated security and networking features for protecting next-generation services and applications. These gateways are designed for small to medium-sized enterprise campuses and data centers. They can also serve as secure routers and VPN concentrators, as well as offer SD-WAN capabilities.
  • SRX4000 Services Gateways set a new benchmark for price and performance while enabling secure migration into hybrid clouds.

The SRX4000 line includes two models, each of which delivers market-leading performance, scalability, and security services in a compact, 1 U platform:
  • The SRX4100 supports up to 20 Gbps IMIX and 5 Gbps next-generation firewall performance
  •  The SRX4200 supports up to 40 Gbps IMIX and 10 Gbps next-generation firewall performance.
Advanced Threat Protection
Advanced threat protection includes malware protection with Juniper Sky ATP, security intelligence via Spotlight Secure, policy enforcement based on GeoIP data, UTM (including IPS, application security with AppSecure, user role-based firewall controls, antivirus, antispam, and Web filtering), NAT, and QoS.
Overview
  • The SRX4000 line of services gateways brings you integrated security and networking features for protecting next-generation services and applications. These gateways are designed for small to medium-sized enterprise campuses and data centers. They can also serve as secure routers and VPN concentrators, as well as offer SD-WAN capabilities.
  • SRX4000 Services Gateways set a new benchmark for price and performance while enabling secure migration into hybrid clouds.

The SRX4000 line includes two models, each of which delivers market-leading performance, scalability, and security services in a compact, 1 U platform:
  • The SRX4100 supports up to 20 Gbps IMIX and 5 Gbps next-generation firewall performance.
  • The SRX4200 supports up to 40 Gbps IMIX and 10 Gbps next-generation firewall performance.

Both models offer eight 10GbE small form-factor pluggable plus (SFP+) front-panel ports.
  • The SRX4100 and SRX4200 also support Juniper Sky Advanced Threat Prevention (ATP), a cloud-based service that continuously adapts to an ever-changing threat landscape to provide a dynamic anti-malware solution.
  • To protect against Command and Control (C&C)-related botnets and Web application threats, the SRX4000 line features integrated security intelligence and policy enforcement based on GeoIP data provided by Juniper feeds. Our commitment to open standards enables users to leverage custom and third-party feeds to defend against advanced malware and other threats.
Overview
  • The high-performance SRX4600 next-generation firewall offers fast, scalable protection for enterprise private cloud, campus networks, cloud service providers, and telcos. With integrated malware prevention and a full suite of next-generation services, the SRX4600 is optimized to provide consistent protection across private cloud environments.
  • Fortification against advanced threats and zero-day attacks is ensured with real-time updates to IPS signatures, industry-leading antivirus and URL filtering, expansive application visibility, user identification, and deep content inspection.
  • As the center point of your defense, the SRX4600 offers unprecedented command over your security system with “single pane of glass” management through Junos Space Security Director.
  • The SRX4600 strengthens your security posture while simplifying your physical environment by integrating security, high-performance routing, and SD-WAN into a single, compact 1 U device.
Overview
The SRX5400 Services Gateway is a next-generation security platform ideally suited for large enterprise, service provider, and public sector networks. Based on a sophisticated architecture and using high-performance line cards, the SRX5400 provides unrivaled connectivity, performance, and service integration.

The Service Process Card 3 (SPC3) with advanced security acceleration enhances the SRX5400 to deliver the power you need for the most demanding use cases, including high-end data centers, IoT, and 5G.

The SRX5400 represents the most open, scalable security platform in the industry. Integrated threat intelligence offers adaptive, customized protection against command and control (C&C)-related botnets and malware, as well as dynamic policy enforcement based on GeoIP and threat data, with intelligence from Juniper-provided feeds. In companies that have their own threat collection capabilities, you can also leverage the SRX5400 as an enforcement point for custom and third-party feeds, protecting against advanced threats unique to your industry.

Superior price/performance and a small footprint make the SRX5400 ideal for securing enterprise edges and data centers, service provider infrastructures, and next-generation services and applications.

The SRX5400 supports firewall performance of up to 480 Gbps, with advanced anti-threat capabilities and an unprecedented 42 million concurrent user sessions on a highly reliable system, with six-nines availability. It offers 10GbE, 40GbE, and 100GbE connectivity options for maximum flexibility.
Comprehensive Security
  • Comprehensive protection includes multigigabit firewall; open, actionable threat intelligence via Spotlight Secure; dynamic policy enforcement based on GeoIP and Command & Control (C&C) threat data; and support for custom and third-party threat feeds.
Advanced Security Services
  • Advanced security services include IPS, application security (AppSecure), user role-based firewall controls, UTM (antivirus, antispam, Web filtering), Network Address Translation (NAT), and quality of service (QoS).
Scalable Performance
  • Scalable performance enables additional services without degradation.
Interface Flexibility
  • Interface flexibility meets the needs of any network
Network Segmentation
  • Network segmentation allows administrators to tailor security and policies.
Robust Routing Engine
  • Robust RE separates data and control planes to allow deployment of consolidated routing and security devices.
Carrier-Class Reliability
  • System and network resiliency ensures six nines of carrier-class reliability from redundant hardware and components, as well as Junos OS software.
Overview
The SRX5800 Services Gateway is an award-winning, next-generation security platform based on an innovative architecture that provides outstanding performance, scalability, and service integration.

The Service Process Card 3 (SPC3) with advanced security acceleration enhances the SRX5800 to deliver the power you need for the most demanding use cases, including high-end data centers, IoT, and 5G.

Ideally suited for service provider, large enterprise, and public sector networks, the SRX5800 supports 2 Tbps firewall, six nines of carrier-grade reliability, more than 100 Gbps intrusion prevention system (IPS), and an industry record-breaking 100 million concurrent user sessions.

The SRX5800 delivers the industry’s most open and scalable threat intelligence platform. Integrated threat intelligence offers adaptive, customized protection against command and control (C&C)-related botnets and malware, as well as dynamic policy enforcement based on GeoIP and threat data, with intelligence from Juniper-provided feeds. In companies that have their own threat collection capabilities, you can also leverage the SRX5800 as an enforcement point for custom and third-party feeds, protecting against advanced threats unique to your industry.

Equipped with a full range of integrated security features, the massively scalable SRX5800 Services Gateway gives you an optimal solution for securing large enterprise data centers, hosted or colocated data centers, and service provider infrastructures.
Overview
WatchGuard Firebox T15 delivers complete enterprise-level network security for small office/home office and retail environments. Offering optional web filtering, intrusion prevention, antivirus and more. It can be used as a stand-alone solution or centrally managed from corporate headquarters. Flexible management tools and WatchGuard’s RapidDeploy technology enable administrators to quickly set up the Firebox T15 at remote locations so businesses can ensure that they protect where they connect. Firebox T15 provides 400 Mbps firewall throughput and three 1-Gigabit Ethernet ports. WatchGuard Dimension provides visibility into network activity and security events at no additional cost. Wireless models are available.

Details
The WatchGuard Firebox T Series appliances bring enterprise-level network security to the small office/branch office and small retail environments that matches the reality of today's distributed work style. They can be used as a stand-alone solution or centrally managed from corporate headquarters. Flexible management tools and WatchGuard's RapidDeploy technology enable administrators to quickly set up a T Series device at remote locations so businesses can ensure that they protect everywhere they connect. T Series appliances sustain up to 1.2 Gbps firewall throughput and come in wired and wireless versions. WatchGuard Dimension, which provides real-time visibility into network activity and security events, is included at no additional cost.
  • Ideal for Small office/home office and small retail environments
  • Recommended User Count: 5
  • Firewall Throughput: 400 Mbps
  • VPN Throughput: 150 Mbps
  • UTM Throughput: 90 Mbps
  • Concurrent Sessions: 100,000
  • 1 Year Standard Support
TOTAL NETWORK PROTECTION
Small businesses and remote locations have long been thought of as soft targets for attackers. WatchGuard Firebox T35 and T55 tabletop appliances bring enterprise-level network security to those small office/branch office and small retail environments that matches the reality of today’s distributed work style. Our unique product architecture enables smaller businesses to leverage best-in-class security services – from URL filtering and intrusion prevention to application control and data loss prevention – minus the cost and complexity of managing multiple single-point solutions.

QUICK AND SIMPLE DEPLOYMENT
Cloud-based RapidDeploy technology, a configuration and deployment tool that comes standard with WatchGuard Firebox appliances, enables IT staff to create and store configuration data in the cloud – public or private – and have a new appliance directly shipped to its destination. Once the device arrives, it can connect to the cloud for a secure download of its configuration settings, saving staff travel time and money. This technology is particularly advantageous for large distributed enterprises where managing a multitude of devices efficiently across multiple locations and geographies is critical.

EASY TO MANAGE AND UNDERSTAND
Firebox T Series appliances are not only easy to initially configure and deploy, they are also designed with an emphasis on centralized management, making ongoing policy and network management simple and straightforward. WatchGuard Dimension, which is included with purchase, provides a suite of big data visibility and reporting tools that instantly identify and distill key network security threats, issues and trends so you can take immediate preventive or corrective action. Security is complex, running it doesn’t have to be.

FEATURES & BENEFITS
  • Wireless versions of the T35 and T55 use 802.11ac operating in the 2.4 GHz and 5GHz bands for high performance and superior reliability.
  • All logging and reporting functions included with purchase, with over 100 dashboards and reports including PCI and HIPAA.
  • 5 Gigabit Ethernet ports support high-speed LAN backbone infrastructures & gigabit WAN connections.
  • PoE port to power a peripheral device such as a WatchGuard Secure Wi-Fi Access Point, allowing administrators to extend the reach of their networks without having to run costly AC power to the remote device.
TOTAL NETWORK PROTECTION
Small businesses and remote locations have long been thought of as soft targets for attackers. WatchGuard Firebox T35 and T55 tabletop appliances bring enterprise-level network security to those small office/branch office and small retail environments that matches the reality of today’s distributed work style. Our unique product architecture enables smaller businesses to leverage best-in-class security services – from URL filtering and intrusion prevention to application control and data loss prevention – minus the cost and complexity of managing multiple single-point solutions.

QUICK AND SIMPLE DEPLOYMENT
Cloud-based RapidDeploy technology, a configuration and deployment tool that comes standard with WatchGuard Firebox appliances, enables IT staff to create and store configuration data in the cloud – public or private – and have a new appliance directly shipped to its destination. Once the device arrives, it can connect to the cloud for a secure download of its configuration settings, saving staff travel time and money. This technology is particularly advantageous for large distributed enterprises where managing a multitude of devices efficiently across multiple locations and geographies is critical.

EASY TO MANAGE AND UNDERSTAND
Firebox T Series appliances are not only easy to initially configure and deploy, they are also designed with an emphasis on centralized management, making ongoing policy and network management simple and straightforward. WatchGuard Dimension, which is included with purchase, provides a suite of big data visibility and reporting tools that instantly identify and distill key network security threats, issues and trends so you can take immediate preventive or corrective action. Security is complex, running it doesn’t have to be.

FEATURES & BENEFITS
  • Wireless versions of the T35 and T55 use 802.11ac operating in the 2.4 GHz and 5GHz bands for high performance and superior reliability.
  • All logging and reporting functions included with purchase, with over 100 dashboards and reports including PCI and HIPAA.
  • 5 Gigabit Ethernet ports support high-speed LAN backbone infrastructures & gigabit WAN connections.
  • PoE port to power a peripheral device such as a WatchGuard Secure Wi-Fi Access Point, allowing administrators to extend the reach of their networks without having to run costly AC power to the remote device.
TOTAL NETWORK PROTECTION
Small businesses and remote locations have long been thought of as soft targets for attackers. WatchGuard Firebox T35 and T55 tabletop appliances bring enterprise-level network security to those small office/branch office and small retail environments that matches the reality of today’s distributed work style. Our unique product architecture enables smaller businesses to leverage best-in-class security services – from URL filtering and intrusion prevention to application control and data loss prevention – minus the cost and complexity of managing multiple single-point solutions.

QUICK AND SIMPLE DEPLOYMENT
Cloud-based RapidDeploy technology, a configuration and deployment tool that comes standard with WatchGuard Firebox appliances, enables IT staff to create and store configuration data in the cloud – public or private – and have a new appliance directly shipped to its destination. Once the device arrives, it can connect to the cloud for a secure download of its configuration settings, saving staff travel time and money. This technology is particularly advantageous for large distributed enterprises where managing a multitude of devices efficiently across multiple locations and geographies is critical.

EASY TO MANAGE AND UNDERSTAND
Firebox T Series appliances are not only easy to initially configure and deploy, they are also designed with an emphasis on centralized management, making ongoing policy and network management simple and straightforward. WatchGuard Dimension, which is included with purchase, provides a suite of big data visibility and reporting tools that instantly identify and distill key network security threats, issues and trends so you can take immediate preventive or corrective action. Security is complex, running it doesn’t have to be.

FEATURES & BENEFITS
  • Wireless versions of the T35 and T55 use 802.11ac operating in the 2.4 GHz and 5GHz bands for high performance and superior reliability.
  • All logging and reporting functions included with purchase, with over 100 dashboards and reports including PCI and HIPAA.
  • 5 Gigabit Ethernet ports support high-speed LAN backbone infrastructures & gigabit WAN connections.
  • PoE port to power a peripheral device such as a WatchGuard Secure Wi-Fi Access Point, allowing administrators to extend the reach of their networks without having to run costly AC power to the remote device.
Overview
Small businesses and remote locations have long been thought of as soft targets for attackers. The WatchGuard T55 Firebox Firewall tabletop appliance bring enterprise-level network security to those small office/branch office and small retail environments that matches the reality of today's distributed work style.Perfect as stand-alone solutions for a small office, The WatchGuard T55 Firebox Firewall are ideal for larger organizations that want to extend easy-to-use, full UTM protection for remote workers and smaller sites. With WatchGuard Total Security Services, this appliance are small-footprint, cost-effective security powerhouses that deliver nearly every feature present in WatchGuard’s higher end UTM appliances, including all security capabilities such as ransomware protection and data loss prevention.

Key Features
  • Includes a one (1) year standard support licence subscription.
  • Boosts five (5) Gigabit Ethernet RJ45 LAN interfaces.
  • No need to compromise protection for strong performance or vice versa.
  • Support high-speed LAN backbone infrastructures and Gigabit WAN connections.
  • Best-of-breed security components into one platform for stronger security at big cost savings.
  • Firewall throughput up to 1Gbps and VPN throughput upto 360Mbps to keep traffic moving.
  • Brings enterprise-level network security to small offices and retail environments.
  • Cloud-based RapidDeploy technology taking the delay out of the firewall deployment process.
  • Allows small businesses to have access to enterprise-grade security.
Overview:
  • Get Industry-leading Performance with the Firebox T70
  • Many organizations today are dependent on fast, reliable and secure Internet connectivity, but are struggling to find network security solutions that can keep up with their ever growing needs. While many rack-mount solutions can keep up with today’s fastest fiber-to-the-premises speeds, there are not currently any tabletop security appliances available that have this capability, especially when running with additional security services enabled. This makes it difficult for SMBs and distributed enterprises to harness these powerful Internet speeds with the complete UTM protection they require.

The Fastest Tabletop Available
The WatchGuard Firebox T70 is the fastest performing tabletop appliance available on the market today. The T70 is the only tabletop appliance that is capable of running full UTM services at over 1 gigabit per second, enabling you to keep up with lightning-fast fiber broadband speeds.

The WatchGuard Firebox T70 will make network slowdown concerns a thing of the past, with blazing-fast performance capable of delivering full UTM protection at over 1 gigabit per second. With the release of the WatchGuard Firebox T70 tabletop network security appliance, customers can now enjoy the fast throughput that they want, with the industry-leading security that they need. The WatchGuard T70 is also one of the only tabletop appliances available today that provides users two Power-over-Ethernet (PoE) ports enabling power to peripheral devices, such as wireless access points and security cameras.
Overview:
Up to 8 Gbps firewall throughput, 2.6 Gbps UTM throughput
Because smaller companies are generally less protected and easier to break into, small business has become the new big target for cyber attacks. The Firebox® M270 and M370 firewalls are specifically engineered to defend all types of small businesses against attacks that are no less fierce than those targeting larger organizations. Our unique product architecture enables SMBs to leverage best-in-class security services – from URL filtering and intrusion prevention to application control and data loss prevention - without the cost and complexity of running multiple single-point solutions. The M270 and M370 are part of WatchGuard’s award-winning Firebox security platform. The platform not only provides the most complete suite of unified security controls on the market today, it has consistently been the first to offer solutions for addressing new and evolving network threats including advanced malware and ransomware.

Blazing Fast Performance
Firebox M270 and M370 Unified Threat Management (UTM) solutions are up to 3 times faster than competing products with all security layers turned on, and up to 94 percent faster performing HTTPS inspection, according to the independent test lab Miercom. This ensures you never have to compromise network security for performance.

Quick And Simple Deployment
SMBs usually have smaller, less technical staff, which can make network expansion challenging. RapidDeploy – a powerful, cloud-based deployment and configuration tool – comes standard with WatchGuard Firebox appliances. With it, IT staff can create and store configuration data in the cloud – public or private – and have the appliance directly shipped to its destination. Once the device arrives, it can connect to the cloud for a secure download of its configuration settings, saving your staff travel time and money.

Easy To Manage And Understand
The M270 and M370 are not only easy to initially configure and deploy, they are also designed with an emphasis on centralized management, making ongoing policy and network management simple and straightforward. WatchGuard Dimension, included with purchase, provides a suite of big data visibility and reporting tools that instantly identify and distill key network security threats, issues and trends so you can take immediate preventive or corrective action. Security is complex, running it doesn’t have to be.
Interfaces and Modules :
  • Hardware Accelerated : 10 GE SFP+ Slots 2
  • Hardware Accelerated GE SFP Slots : 16
  • Hardware Accelerated GE RJ45 Ports : 16
  • GE RJ45 Management / HA Ports : 2
  • USB Ports (Client / Server) : 1 / 2
  • Console Port : 1
  • Onboard Storage : 1x 256 GB SSD
  • Included Transceivers : 0

System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 4.2 Gbps
  • NGFW Throughput : 4 Gbps
  • Threat Protection Throughput : 3 Gbps

System Performance and Capacity:
  • IPv4 Firewall Throughput(1518 / 512 / 64 byte, UDP) : 52 / 52 / 33 Gbps
  • IPv6 Firewall Throughput(1518 / 512 / 86 byte, UDP) : 52 / 52 / 33 Gbps
  • Firewall Latency (64 byte, UDP) : 3 ?s
  • Firewall Throughput (Packet per Second) : 49.5 Mpps
  • Concurrent Sessions (TCP) : 11 Million
  • New Sessions/Second (TCP) : 280,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) : 25 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 2,000
  • Client-to-Gateway IPsec VPN Tunnels : 50,000
  • SSL-VPN Throughput : 3.6 Gbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode) : 10,000
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 3.9 Gbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 2,400
  • SSL Inspection Concurrent Session(IPS, avg. HTTPS) : 800,000
  • Application Control Throughput (HTTP 64K) : 10 Gbps
  • CAPWAP Throughput (1444 byte, UDP) : 11 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 64
  • Maximum Number of FortiAPs (Total / Tunnel) : 1024 / 512
  • Maximum Number of FortiTokens : 5,000
  • High Availability Configurations : Active-Active, Active-Passive, Clustering
  • Power Input : 100–240V AC, 50–60 Hz, 300 W Redundant
  • Power Consumption (Average / Maximum): 135 W / 187.2 W
  • Current (Maximum): 100V/5A, 240V/3A
  • Heat Dissipation:638.75 BTU/h
  • Redundant Power Supplies: Yes (Hot Swappable)
  • Operating Environment and Certifications:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 49.9 dBA
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Compliance : FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB
  • Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; USGv6/IPv6
Dimensions and Power:
  • Height x Width x Length (inches): 1.75 x 17.22 x 18.24
  • Height x Width x Length (mm) : 44.45 x 437.5 x 463.2
  • Weight : 20.24 lbs (9.18 kg)
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU
Interfaces and Modules:
  • Hardware Accelerated 10 GE SFP+ Slots : 2
  • Hardware Accelerated GE SFP Slots : 8
  • Hardware Accelerated GE RJ45 Ports : 20
  • Accelerated GE RJ45 Bypass Interfaces : 4
  • GE RJ45 Management / HA Ports : 2
  • USB Ports (Client / Server) : 1 / 2
  • Console Port : 1
  • Onboard Storage : 1x 240 GB SSD
  • Included Transceivers : 2x SFP (SX 1 GE)

System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 4.2 Gbps
  • NGFW Throughput : 4 Gbps
  • Threat Protection Throughput : 3 Gbps
System Performance and Capacity:
  • IPv4 Firewall Throughput(1518 / 512 / 64 byte, UDP):36 / 36 / 22 Gbps
  • IPv6 Firewall Throughput(1518 / 512 / 86 byte, UDP):36 / 36 / 22 Gbps
  • Firewall Latency (64 byte, UDP) : 3 ?s
  • Firewall Throughput (Packet per Second) : 33 Mpps
  • Concurrent Sessions (TCP) : 5 Million
  • New Sessions/Second (TCP) : 280,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) : 20 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels: 2,000
  • Client-to-Gateway IPsec VPN Tunnels : 50,000
  • SSL-VPN Throughput : 2.2 Gbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode) : 5,000
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 3.9 Gbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 2,400
  • SSL Inspection Concurrent Session(IPS, avg. HTTPS) : 380,000
  • Application Control Throughput (HTTP 64K) : 9 Gbps
  • CAPWAP Throughput (1444 byte, UDP) : 5.5 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 64
  • Maximum Number of FortiAPs (Total / Tunnel) : 1024 / 512
  • Maximum Number of FortiTokens : 5,000
  • High Availability Configurations : Active-Active, Active-Passive, Clustering

Dimensions and Power:
  • Height x Width x Length (inches) : 1.75 x 17.0 x 16.4
  • Height x Width x Length (mm): 44.45 x 432 x 416
  • Weight : 19.0 lbs (8.6 kg)
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU
  • Wall Mountable : No
  • Power Input : 100–240V AC, 50–60 Hz
  • Power Consumption (Average / Maximum) : 128 W / 187 W
  • Current (Maximum) : 110V/7A, 220V/3.5A
  • Heat Dissipation : 636 BTU/h
  • Redundant Power Supplies (Hot Swappable) optional

Operating Environment and Certifications:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 55 dBA
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Compliance : FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB
  • Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; USGv6/IPv6
  • FORTIGATE 60F 
  • Hardware Specifications :
  • GE RJ45 WAN / DMZ Ports : 2 / 1 
  • GE RJ45 Internal Ports : 7 
  • GE RJ45 FortiLink Ports : 2 
  • Wireless Interface : 0 
  • USB Ports : 1 
  • Console (RJ45) : 1 
  • Internal Storage : 0
  • FORTIGATE 61F 
  • Hardware Specifications
  • GE RJ45 WAN / DMZ Ports : 2 / 1 
  • GE RJ45 Internal Ports : 7 
  • GE RJ45 FortiLink Ports : 2
  • Wireless Interface : 0
  • USB Ports  : 1 
  • Console (RJ45) : 1 
  • Internal Storage : 1 x 128 GB SSD 
  • FORTIWIFI 60F 
  • Hardware Specifications
  • GE RJ45 WAN / DMZ Ports : 2 / 1 
  • GE RJ45 Internal Ports 7 
  • GE RJ45 FortiLink Ports 2 
  • Wireless Interface : 802.11 a/b/g/n/ac-W2 
  • USB Ports : 1 
  • Console (RJ45) : 1 
  • Internal Storage : 0
  • FORTIWIFI 61F
  • Hardware Specifications
  • GE RJ45 WAN / DMZ Ports : 2 / 1
  • GE RJ45 Internal Ports : 7
  • GE RJ45 FortiLink Ports : 2
  • Wireless Interface : 802.11 a/b/g/n/ac-W2
  • USB Ports : 1
  • Console (RJ45) : 1
  • Internal Storage : 1 x 128 GB SSD
  • System Performance — Enterprise Traffic Mix :
  • IPS Throughput : 1.4 Gbps
  • NGFW Throughput : 1 Gbps
  • Threat Protection Throughput : 700 Mbps
  • System Performance :
  • Firewall Throughput(1518 / 512 / 64 byte UDP packets) : 10/10/6 Gbps
  • Firewall Latency (64 byte UDP packets) : 4 ?s
  • Firewall Throughput (Packets Per Second) : 9 Mpps
  • Concurrent Sessions (TCP) : 700,000
  • New Sessions/Second (TCP) : 35,000
  • Firewall Policies : 5000
  • IPsec VPN Throughput (512 byte) : 6.5 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 200
  • Client-to-Gateway IPsec VPN Tunnels : 500
  • SSL-VPN Thro 9ughput :00 Mbps
  • Concurrent SSL-VPN Users(Recommended Maximum Tunnel Mode) : 200
  • SSL Inspection Throughput(IPS avg. HTTPS) : 750 Mbps
  • SSL Inspection CPS (IPS avg. HTTPS) : 400
  • SSL Inspection Concurrent Session (IPS avg. HTTPS) : 55,000
  • Application Control Throughput (HTTP 64K) : 1.8 Gbps
  • CAPWAP Throughput (HTTP 64K) : 8 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 16
  • Maximum Number of FortiAPs (Total / Tunnel Mode) : 30 / 10
  • Maximum Number of FortiTokens : 500
  • High Availability Configurations : Active / Active Active / Passive Clustering
  • Dimensions :
  • Height x Width x Length (inches) : 1.5 x 8.5 x 6.3
  • Height x Width x Length (mm) : 38.5 x 216 x 160 mm
  • Weight  : 2.23 lbs (1.01 kg)
  • Form Factor : Desktop
  • Hardware Specifications
  • GE RJ45 Switch Ports : 5
  • GE RJ45 WAN Ports : 2
  • USB Ports : 1
  • Console (RJ45) : 1
  • System Performance — Enterprise Traffic Mix :
  • IPS Throughput : 350 Mbps
  • NGFW Throughput : 220 Mbps
  • Threat Protection Throughput : 160 Mbps
  • System Performance :
  • Firewall Throughput : 2.5 Gbps
  • Firewall Latency (64 byte UDP packets) : 180 ?s
  • Firewall Throughput (Packets Per Second): 375 Kpps
  • Concurrent Sessions (TCP) : 1.8 Million
  • New Sessions/Second (TCP) : 21000
  • Firewall Policies : 5000
  • IPsec VPN Throughput (512 byte) : 90 Mbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 200
  • Client-to-Gateway IPsec VPN Tunnels : 250
  • SSL-VPN Throughput : 100 Mbps
  • Concurrent SS-VPN Users (Recommended Maximum Tunnel Mode) : 200
  • SSL Inspection Throughput (IPS avg. HTTPS) : 150 Mbps
  • SSL Inspection CPS (IPS avg. HTTPS) : 140
  • SSL Inspection Concurrent Session (IPS avg. HTTPS) : 75000
  • Application CoLntrol Throughput (HTTP 64K) : 450 Mbps
  • CAPWAP Throughput (HTTP 64K) : 1.2 Gbps
  • Virtual Domains (Default / Maximum) : 5 / 5
  • Maximum Number of FortiSwitches Supported : 8
  • Maximum Number of FortiAPs (Total / Tunnel Mode) : 10 / 5
  • Maximum Number of FortiTokens : 500
  • High Availability Configurations : Active/Active Active/Passive Clustering
  • Dimensions :
  • Height x Width x Length (inches) : 1.44 x 8.52 x 5.5
  • Height x Width x Length (mm) : 36.5 x 216 x 140
  • Weight  : 2.015 lbs(0.914 kg)
  • Form Factor : Desktop
  • Hardware Specifications
  • GE RJ45 Switch Ports : 5
  • GE RJ45 WAN Ports : 2
  • USB Ports : 1
  • Console (RJ45) : 1
  • System Performance — Enterprise Traffic Mix :
  • IPS Throughput : 350 Mbps
  • NGFW Throughput : 220 Mbps
  • Threat Protection Throughput : 160 Mbps
  • System Performance :
  • Firewall Throughput : 2.5 Gbps
  • Firewall Latency (64 byte UDP packets) : 180 ?s
  • Firewall Throughput (Packets Per Second) : 375 Kpps
  • Concurrent Sessions (TCP) : 1.8 Million
  • New Sessions/Second (TCP) : 21000
  • Firewall Policies : 5000
  • IPsec VPN Throughput (512 byte) : 90 Mbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 200
  • Client-to-Gateway IPsec VPN Tunnels : 250
  • SSL-VPN Throughput : 100 Mbps
  • Concurrent SSL-VPN Users (Recommended Maximum Tunnel Mode) : 200
  • SSL Inspection Throughput (IPS avg. HTTPS) : 150 Mbps
  • SSL Inspection CPS (IPS avg. HTTPS) : 140
  • SSL Inspection Concurrent Session (IPS avg. HTTPS) : 75,000
  • Application Control Throughput (HTTP 64K) : 450 Mbps
  • CAPWAP Throughput (HTTP 64K) : 1.2 Gbps
  • Virtual Domains (Default / Maximum) : 5 / 5
  • Maximum Number of FortiSwitches Supported : 8
  • Maximum Number of FortiAPs (Total / Tunnel Mode) : 10 / 5
  • Maximum Number of FortiTokens : 500
  • High Availability Configurations : Active/Active Active/Passive Clustering
  • Dimensions
  • Height x Width x Length (inches) : 1.44 x 8.52 x 5.5
  • Height x Width x Length (mm) : 36.5 x 216 x 140
  • Form Factor :  Desktop
Interfaces and Modules:
  • 10 GE SFP+ Slots : 2
  • GE RJ45 Interfaces : 8
  • GE SFP Slots : 8
  • GE RJ45 Management Ports : 2
  • USB Ports : 2
  • RJ45 Console Port : 1
  • Local Storage : 2x 240 GB SSD
  • Included Transceivers : 2x SFP (SX 1 GE)

System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 10 Gbps
  • NGFW Throughput : 9.5 Gbps
  • Threat Protection Throughput : 7 Gbps

System Performance and Capacity:
  • IPv4 Firewall Throughput(1518 / 512 / 64 byte, UDP):36 / 36 / 27 Gbps
  • IPv6 Firewall Throughput(1518 / 512 / 64 byte, UDP):36 / 36 / 27 Gbps
  • Firewall Latency (64 byte, UDP) : 2 ?s
  • Firewall Throughput (Packet per Second) : 40.5 Mpps
  • Concurrent Sessions (TCP) : 8 Million
  • New Sessions/Second (TCP) : 450,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) : 20 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 2,000
  • Client-to-Gateway IPsec VPN Tunnels : 50,000
  • SSL-VPN Throughput : 7 Gbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode) :10,000
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 8 Gbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 5,500
  • SSL Inspection Concurrent Session(IPS, avg. HTTPS) : 800,000
  • Application Control Throughput (HTTP 64K) : 15 Gbps
  • CAPWAP Throughput (HTTP 64K) : 18 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 96
  • Maximum Number of FortiAPs (Total / Tunnel) : 1,024 / 512
  • Maximum Number of FortiTokens : 5,000
  • High Availability Configurations : Active-Active, Active-Passive, Clustering

Dimensions and Power :
  • Height x Width x Length (inches) : 1.75 x 17.0 x 15.0
  • Height x Width x Length (mm) : 44.45 x 432 x 380
  • Weight : 16.1 lbs (7.3 kg)
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU
  • Power Consumption (Average / Maximum) : 129 W / 244 W
  • Power Source : 100–240V 50–60Hz
  • Current (Maximum) : 6A @ 100V
  • Heat Dissipation : 832 BTU/h
  • Redundant Power Supplies (Hot Swappable) : optional

Operating Environment and Certifications:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 59 dBA
  • Operating Altitude Up to : 9,843 ft (3,000 m)
  • Compliance : FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB
  • Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; USGv6/IPv6
Interfaces and Modules:
  • 10 GE SFP+ Slots : 2
  • GE RJ45 Interfaces : 8
  • GE SFP Slots : 8
  • GE RJ45 Management Ports : 2
  • USB Ports : 2
  • RJ45 Console Port : 1
  • Local Storage : 2x 240 GB SSD
  • Included Transceivers : 2x SFP (SX 1 GE)

System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 7.9 Gbps
  • NGFW Throughput : 5 Gbps
  • Threat Protection Throughput : 4.7 Gbps
System Performance and Capacity:
  • IPv4 Firewall Throughput(1518 / 512 / 64 byte, UDP) : 36 / 36 / 22 Gbps
  • IPv6 Firewall Throughput(1518 / 512 / 64 byte, UDP) : 36 / 36 / 22 Gbps
  • Firewall Latency (64 byte, UDP) : 2 ?s
  • Firewall Throughput (Packet per Second) : 33 Mpps
  • Concurrent Sessions (TCP) : 8 Million
  • New Sessions/Second (TCP) : 300,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) : 20 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 2,000
  • Client-to-Gateway IPsec VPN Tunnels : 50,000
  • SSL-VPN Throughput : 5 Gbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode):10,000
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 5.7 Gbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 3,500
  • SSL Inspection Concurrent Session(IPS, avg. HTTPS) : 800,000
  • Application Control Throughput (HTTP 64K) : 14 Gbps
  • CAPWAP Throughput (1444 byte, UDP) : 18 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 72
  • Maximum Number of FortiAPs (Total / Tunnel) : 512 / 256
  • Maximum Number of FortiTokens : 5,000
  • Maximum Number of Registered Endpoints : 2,000
  • High Availability Configurations : Active-Active, Active-Passive, Clustering

Dimensions and Power :
  • Height x Width x Length (inches) : 1.75 x 17.0 x 15.0
  • Height x Width x Length (mm) : 44.45 x 432 x 380
  • Weight : 16.1 lbs (7.3 kg) 
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU
  • Power Consumption (Average / Maximum) : 95 W / 193 W 105 W / 200 W
  • Power Input : 100–240V, 50–60Hz
  • Current (Maximum) : 6A
  • Heat Dissipation : 613 BTU/h
  • Redundant Power Supplies (Hot Swappable) : optional

Operating Environment and Certifications:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 43 dBA
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Compliance : FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB
  • Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; USGv6/IPv6
Interfaces and Modules:
  • GE RJ45 Interfaces : 16
  • GE SFP Slots : 16
  • GE RJ45 Management Ports : 2
  • USB Ports : 2
  • RJ45 Console Port : 1
  • Local Storage : 2x 240 GB SSD
  • Included Transceivers : 2x SFP (SX 1 GE)

System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 7.8 Gbps
  • NGFW Throughput : 6 Gbps
  • Threat Protection Throughput : 5 Gbps

System Performance and Capacity:
  • IPv4 Firewall Throughput(1518 / 512 / 64 byte, UDP) : 32 / 32 / 24 Gbps
  • IPv6 Firewall Throughput(1518 / 512 / 64 byte, UDP) : 32 / 32 / 24 Gbps
  • Firewall Latency (64 byte, UDP) : 3 ?s
  • Firewall Throughput (Packet per Second) : 36 Mpps
  • Concurrent Sessions (TCP) : 4 Million
  • New Sessions/Second (TCP) : 450,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) :  20 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels  : 2,000
  • Client-to-Gateway IPsec VPN Tunnels : 50,000
  • SSL-VPN Throughput : 4.5 Gbps
  • Concurrent SSL-VPN Users (Recommended Maximum, Tunnel Mode) : 5,000
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 4.8 Gbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 4,000
  • SSL Inspection Concurrent Session (IPS, avg. HTTPS) : 300,000
  • Application Control Throughput (HTTP 64K) : 12 Gbps
  • CAPWAP Throughput (1444 byte, UDP) : 14.8 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 72
  • Maximum Number of FortiAPs (Total / Tunnel)  : 512 / 256
  • Maximum Number of FortiTokens  : 5,000
  • High Availability Configurations : Active-Active, Active-Passive, Clustering

Dimensions and Power:
  • Height x Width x Length (inches) : 1.75 x 17.0 x 15.0
  • Height x Width x Length (mm) : 44.45 x 432 x 380
  • Weight : 16.4 lbs (7.4 kg) 16.9 lbs (7.9 kg)
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU
  • Power Consumption (Average / Maximum) : 109 W / 214 W 115 W / 221 W
  • Power Input : 100–240V, 50–60Hz
  • Current (Maximum) : 6A
  • Heat Dissipation : 730 BTU/h 754 BTU/h
  • Redundant Power Supplies (Hot Swappable) : optional

Operating Environment and Certifications:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 48 dBA
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Compliance : FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB
  • Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; USGv6/IPv6
Interfaces and Modules:
  • GE RJ45 Interfaces : 16
  • GE SFP Slots : 16
  • GE RJ45 Management Ports : 2
  • USB Ports : 2
  • RJ45 Console Port : 1
  • Local Storage : 2x 240 GB SSD
  • Included Transceivers : 2x SFP (SX 1 GE)

System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 5 Gbps
  • NGFW Throughput : 3.5 Gbps
  • Threat Protection Throughput : 3 Gbps
System Performance and Capacity:
  • IPv4 Firewall Throughput(1518 / 512 / 64 byte, UDP) : 32 / 32 / 20 Gbps
  • IPv6 Firewall Throughput(1518 / 512 / 64 byte, UDP) : 32 / 32 / 20 Gbps
  • Firewall Latency (64 byte, UDP) : 3 ?s
  • Firewall Throughput (Packet per Second) : 30 Mpps
  • Concurrent Sessions (TCP) : 4 Million
  • New Sessions/Second (TCP) : 300,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) : 20 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 2,000
  • Client-to-Gateway IPsec VPN Tunnels : 50,000
  • SSL-VPN Throughput : 2.5 Gbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode):5,000
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 3.9 Gbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 2,500
  • SSL Inspection Concurrent Session (IPS, avg. HTTPS) : 340,000
  • Application Control Throughput (HTTP 64K) : 7 Gbps
  • CAPWAP Throughput (1444 byte, UDP) : 5 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 72
  • Maximum Number of FortiAPs (Total / Tunnel) : 512 / 256
  • Maximum Number of FortiTokens : 5,000
  • High Availability Configurations : Active-Active, Active-Passive, Clustering

Dimensions and Power:
  • Height x Width x Length (inches) : 1.75 x 17.0 x 15.0
  • Height x Width x Length (mm) : 44.45 x 432 x 380
  • Weight : 16.1 lbs (7.3 kg) 16.6 lbs (7.6 kg)
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU
  • Power Consumption (Average / Maximum) : 90 W / 173 W 95 W / 180 W
  • Power Input : 100V–240V AC, 50–60Hz
  • Current (Maximum) : 6A
  • Heat Dissipation : 570 BTU/h 614 BTU/h
  • Redundant Power Supplies (Hot Swappable) : optional

Operating Environment and Certifications:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 48 dBA
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Compliance : FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB
  • Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; USGv6/IPv6
Hardware Specifications:
  • GE RJ45 WAN Interfaces : 2
  • GE RJ45 Management/HA Ports : 2
  • GE RJ45 Ports : 14
  • GE SFP Slots : 4
  • USB port : 1
  • Console (RJ45): 1
  • Local Storage : 1x 480 GB SSD
  • Included Transceivers : 0

System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 2.2 Gbps
  • NGFW Throughput : 1.8 Gbps
  • Threat Protection Throughput : 1.2 Gbps
System Performance:
  • Firewall Throughput(1518 / 512 / 64 byte UDP packets) : 20 / 20 / 9 Gbps
  • Firewall Latency (64 byte UDP packets) : 3 ?s
  • Firewall Throughput (Packets Per Second) : 13.5 Mpps
  • Concurrent Sessions (TCP) : 2 Million
  • New Sessions/Second (TCP) : 135,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) : 7.2 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 2,000
  • Client-to-Gateway IPsec VPN Tunnels : 10,000
  • SSL-VPN Throughput : 900 Mbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode) : 500
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 820 Mbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 1,000
  • SSL Inspection Concurrent Session(IPS, avg. HTTPS) : 240,000
  • Application Control Throughput (HTTP 64K) : 3.5 Gbps
  • CAPWAP Throughput (1444 byte, UDP) : 1.5 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 64
  • Maximum Number of FortiAPs (Total / Tunnel Mode) : 256 / 128
  • Maximum Number of FortiTokens : 5,000
  • High Availability Configurations : Active / Active, Active / Passive, Clustering
Dimensions:
  • Height x Width x Length (inches) : 1.75 x 17.0 x 11.9
  • Height x Width x Length (mm) : 44.45 x 432 x 301
  • Weight : 11.9 lbs (5.4 kg) 12.12 lbs (5.5 kg)
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU
Environment:
  • Power Input :100–240V AC, 50–60 Hz
  • Maximum Current : 110 V / 3 A, 220 V / 0.42 A
  • Power Consumption (Average / Maximum) : 70.98 / 109.9 W
  • Heat Dissipation : 374.9 BTU/h
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 31.1 dBA
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Compliance : FCC Part 15B, Class A, CE, RCM, VCCI, UL/cUL, CB, BSMI
  • Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; IPv6
Hardware Specifications:
  • GE RJ45 Ports : 12
  • GE RJ45 Management/HA/DMZ Ports : 1 / 2 / 1
  • GE SFP Slots : 4
  • 10 GE SFP+ Slots : 2
  • GE RJ45 WAN Ports : 2
  • GE RJ45 or SFP Shared Ports : 4
  • USB Port : 1
  • Console Port : 1
  • Internal Storage : 1x 480 GB SSD
  • Included Transceivers : 0

System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 2.6 Gbps
  • NGFW Throughput : 1.6 Gbps
  • Threat Protection Throughput : 1 Gbps

System Performance:
  • Firewall Throughput(1518 / 512 / 64 byte UDP packets) : 20 / 18 / 10 Gbps
  • Firewall Latency (64 byte UDP packets) : 5 ?s
  • Firewall Throughput (Packets Per Second) : 15 Mpps
  • Concurrent Sessions (TCP) : 1.5 Million
  • New Sessions/Second (TCP) : 56,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) : 11.5 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 2,500
  • Client-to-Gateway IPsec VPN Tunnels : 16,000
  • SSL-VPN Throughput  : 1 Gbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode) : 500
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 1 Gbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 1,800
  • SSL Inspection Concurrent Session(IPS, avg. HTTPS) : 135,000
  • Application Control Throughput (HTTP 64K) : 2.2 Gbps
  • CAPWAP Throughput (HTTP 64K) : 15 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 24
  • Maximum Number of FortiAPs(Total / Tunnel Mode) : 128 / 64
  • Maximum Number of FortiTokens : 5,000
  • High Availability Configurations : Active / Active, Active / Passive, Clustering

Dimensions:
  • Height x Width x Length (inches) : 1.73 x 17 x 10
  • Height x Width x Length (mm) : 44 x 432 x 254
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU
  • Weight : 7.25 lbs (3.29 kg) 7.56 lbs (3.43 kg)

Environment:
  • Power Required : 100–240V AC, 50-60
  • Maximum Current : 100V / 1A, 240V / 0.5A
  • Power Consumption (Average / Maximum) : 35.1 W / 38.7 W 35.3 W / 39.1 W
  • Heat Dissipation : 119.77 BTU/h 121.13 BTU/h
  • Redundant Power Supplies : Yes
Environment:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Humidity : 10–90% non-condensing
  • Noise Level : 40.4 dBA
  • Compliance : FCC Part 15B, Class A, CE, RCM, VCCI, UL/cUL, CB, BSMI
  • Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; IPv6
Hardware Specifications:
  • GE RJ45 Ports : 14 
  • GE RJ45 Management/HA/DMZ Ports : 1 / 2 
  • GE SFP Slots : 0 
  • GE RJ45 PoE/+ Ports : 0
  • GE RJ45 WAN Ports : 2 
  • GE RJ45 or SFP Shared Ports : 2 
  • USB Port : 1 
  • Console Port : 1 
  • Internal Storage : 0
  • Included Transceivers : 0 
System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 500 Mbps
  • NGFW Throughput : 360 Mbps
  • Threat Protection Throughput : 250 Mbps

System Performance:
  • Firewall Throughput (1518 / 512 / 64 byte UDP packets) : 7.4 / 7.4 / 4.4 Gbps
  • Firewall Latency (64 byte UDP packets) : 3 ?s
  • Firewall Throughput (Packets Per Second) : 6.6 Mpps
  • Concurrent Sessions (TCP)  : 2 Million
  • New Sessions/Second (TCP) : 30,000
  • Firewall Policies : 10,000
  • IPsec VPN Throughput (512 byte) : 4 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 2,000
  • Client-to-Gateway IPsec VPN Tunnels : 10,000
  • SSL-VPN Throughput : 250 Mbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode) : 500
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 130 Mbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 130
  • SSL Inspection Concurrent Session (IPS, avg. HTTPS) : 125,000
  • Application Control Throughput (HTTP 64K) : 1 Gbps
  • CAPWAP Throughput (1444 byte, UDP) : 1.5 Gbps
  • Virtual Domains (Default / Maximum) : 10 / 10
  • Maximum Number of FortiSwitches Supported : 24
  • Maximum Number of FortiAPs (Total / Tunnel Mode) : 64 / 32
  • Maximum Number of FortiTokens : 5,000
  • High Availability Configurations : Active / Active, Active / Passive, Clustering

Dimensions:
  • Height x Width x Length (inches) : 1.75 x 17 x 10 1.75 x 17 x 10 1.75 x 17 x 10 1.75 x 17 x 15.5
  • Height x Width x Length (mm) : 44.45 x 432 x 254 44.45 x 432 x 254 44.45 x 432 x 254 44.45 x 432 x 394
  • Form Factor (supports EIA / non-EIA standards) : Rack Mount, 1 RU Rack Mount, 1 RU Rack Mount, 1 RU Rack Mount, 1 RU
  • Weight : 7.28 lbs (3.3 kg) 7.28 lbs (3.3 kg) 7.28 lbs (3.3 kg) 12.4 lbs (5.6 kg)
Environment:
  • Power Input : 100–240V AC, 50–60 Hz
  • Maximum Current :  100V / 0.52A, 240V / 0.22A 100V / 0.59A, 240V / 0.25A 100V / 0.52A, 240V / 0.22A 100V / 5A
  • Total Available PoE Power Budget* — — — 400 W
  • Power Consumption (Average / Maximum) : 23.0 W / 28.6 W; 51.9 VA 24.8 W / 33.8 W; 59.2 VA 24.4 W / 28.6 W; 51.9 VA 477.1 W / 500.0 W
  • Heat Dissipation : 97.6 BTU/h 115.3 BTU/h 97.6 BTU/h 1706.07 BTU/h
Interfaces and Modules:
  • 40/100 GE QSFP28 Slots : 4
  • 1/10/25 GE SFP28 Slots : 24
  • 10 GE SFP+ Slots : 3
  • GE RJ45 Management Ports : 2
  • USB Ports : 1
  • Console Port : 1
  • Internal Storage : 2x 1 TB NVMe (for 6301F and 6501F only)
  • Included Transceivers : 2x SFP+ (SR 10 GE)

System Performance — Enterprise Traffic Mix :
  • IPS Throughput : 110 Gbps 
  • NGFW Throughput : 90 Gbps 
  • Threat Protection Throughput : 60 Gbps 
System Performance and Capacity:
  • Firewall Throughput (1518 / 512 / 64 byte, UDP) : 239 / 238 / 135 Gbps 
  • Firewall Latency (64 byte, UDP) : 5 ?s 
  • Firewall Throughput (Packet per Second): 202.5 Mpps 
  • Concurrent Sessions (TCP) 120 Million : 200 Million
  • New Sessions/Sec (TCP) : 2 Million 
  • Firewall Policies : 200,000 
  • IPsec VPN Throughput (512 byte) :  96 Gbps 
  • Gateway-to-Gateway IPsec VPN Tunnels : 16,000 
  • Client-to-Gateway IPsec VPN Tunnels : 90,000 
  • SSL-VPN Throughput  : 9 Gbps 
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode) : 30,000
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 66 Gbps 
  • SSL Inspection CPS (IPS, avg. HTTPS) : 30,000 
  • SSL Inspection Concurrent Session(IPS, avg. HTTPS) : 10 Million 
  • Application Control Throughput (HTTP 64K) : 150 Gbps 
  • CAPWAP Throughput (1444 byte, UDP) : N/A 
  • Virtual Domains (Default / Maximum) : 10 / 500
  • Maximum Number of FortiSwitches Supported : 256
  • Maximum Number of FortiAPs (Total / Tunnel Mode) : N/A
  • High Availability Configurations : Supported

Dimensions and Power:
  • Height x Width x Length (inches) :  5.20 x 17.20 x 26.185.3 x 17.2 x 27.3
  • Height x Width x Length (mm) : 132 x 437 x 665 
  • Weight : 67.68 lbs (30.7 kg) 
  • Form Factor (supports EIA/non-EIA standards) : Rack Mount, 3 RU
  • AC Power Supply : 100–240V AC, 50–60 Hz
  • Redundant Power Supplies : 2+1 Redundant, Hot Swappable
Operating Environment and Certifications:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 57.43 dBA
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Compliance : FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB
Interfaces and Modules:
  • 40/100 GE QSFP28 Slots : 4
  • 1/10/25 GE SFP28 Slots : 24
  • 10 GE SFP+ Slots : 3
  • GE RJ45 Management Ports : 2
  • USB Ports : 1
  • Console Port : 1
  • Internal Storage : 2x 1 TB NVMe (for 6301F and 6501F only)
  • Included Transceivers : 2x SFP+ (SR 10 GE)
System Performance — Enterprise Traffic Mix:
  • IPS Throughput : 170 Gbps
  • NGFW Throughput : 150 Gbps
  • Threat Protection Throughput : 100 Gbps

System Performance and Capacity :
  • Firewall Throughput(1518 / 512 / 64 byte, UDP) :  239 / 238 / 135 Gbps
  • Firewall Latency (64 byte, UDP) : 5 ?s
  • Firewall Throughput (Packet per Second) : 202.5 Mpps
  • Concurrent Sessions (TCP) : 200 Million
  • New Sessions/Sec (TCP) : 3 Million
  • Firewall Policies : 200,000
  • IPsec VPN Throughput (512 byte) : 160 Gbps
  • Gateway-to-Gateway IPsec VPN Tunnels : 16,000
  • Client-to-Gateway IPsec VPN Tunnels : 90,000
  • SSL-VPN Throughput :9 Gbps
  • Concurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode) : 30,000
  • SSL Inspection Throughput (IPS, avg. HTTPS) : 110 Gbps
  • SSL Inspection CPS (IPS, avg. HTTPS) : 50,000
  • SSL Inspection Concurrent Session(IPS, avg. HTTPS) : 18 Million
  • Application Control Throughput (HTTP 64K) : 220 Gbps
  • CAPWAP Throughput (1444 byte, UDP) : N/A
  • Virtual Domains (Default / Maximum) : 10 / 500
  • Maximum Number of FortiSwitches Supported : 256
  • Maximum Number of FortiAPs(Total / Tunnel Mode) : N/A
  • High Availability Configurations : Supported

Dimensions and Power:
  • Height x Width x Length (inches): 5.20 x 17.20 x 26.18 5.3 x 17.2 x 27.3
  • Height x Width x Length (mm) : 132 x 437 x 665 133 x 437 x 694
  • Weight : 78.26 lbs (35.5 kg) / 79.59 lbs (36.1 kg)
  • Form Factor (supports EIA/non-EIA standards) : Rack Mount, 3 RU
  • AC Power Supply : 100–240V AC, 50–60 Hz
  • Power Consumption (Average / Maximum) : (1,308 / 1,548 W) / (1,328 / 1,568 W)
  • Current (Maximum) :  20A@240VAC
  • Redundant Power Supplies : 2+1 Redundant, Hot Swappable

Operating Environment and Certifications:
  • Operating Temperature : 32–104°F (0–40°C)
  • Storage Temperature : -31–158°F (-35–70°C)
  • Humidity : 10–90% non-condensing
  • Noise Level : 57.43 dBA
  • Operating Altitude Up to : 7,400 ft (2,250 m)
  • Compliance : FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB