The document is a datasheet that describes the FortiGate-5000 Series, which are 10-Gigabit ready consolidated security systems that offer high performance, scalability, and security. They utilize modular blades and can scale up to 560 Gbps of firewall throughput. The systems run the FortiOS 4.0 operating system and leverage FortiASIC processors to accelerate security services like firewall, VPN, antivirus, and intrusion prevention. They are suitable for securing large enterprise, service provider, and carrier networks by providing unified security across the network.
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallShilaThak
The FortiGate 1500D series delivers high-performance next-generation firewall (NGFW) capabilities for large enterprises and service providers. With multiple high-speed interfaces, high-port density, and high-throughput, ideal deployments are at the enterprise edge, hybrid data center core, and across internal segments. The FortiGate 1500D Firewall is a compact, Network Security Appliance ideal for use as both a Next-Generation Firewall and High-Performance Data Center Firewall at the Enterprise Edge. It delivers up to 80 Gbps firewall throughput and ultra-low latency as well as 11 Gbps next-generation threat protection and control over more than 3000 discrete applications
OpSource‘s Managed Hosting platform combines highly scalable infrastructure and technical expertise to deliver a scalable, flexible, and reliable platform for mission-critical hosted applications.
Fortinet Ürün ailesine dair her tür bilgiyi edinebilirsiniz.
www.guneybilisim.com
https://www.linkedin.com/company/guneybilisim/
https://twitter.com/guney_bilisim
FortiGate 1500D Series Delivers High-Performance Next-Generation FirewallShilaThak
The FortiGate 1500D series delivers high-performance next-generation firewall (NGFW) capabilities for large enterprises and service providers. With multiple high-speed interfaces, high-port density, and high-throughput, ideal deployments are at the enterprise edge, hybrid data center core, and across internal segments. The FortiGate 1500D Firewall is a compact, Network Security Appliance ideal for use as both a Next-Generation Firewall and High-Performance Data Center Firewall at the Enterprise Edge. It delivers up to 80 Gbps firewall throughput and ultra-low latency as well as 11 Gbps next-generation threat protection and control over more than 3000 discrete applications
OpSource‘s Managed Hosting platform combines highly scalable infrastructure and technical expertise to deliver a scalable, flexible, and reliable platform for mission-critical hosted applications.
Fortinet Ürün ailesine dair her tür bilgiyi edinebilirsiniz.
www.guneybilisim.com
https://www.linkedin.com/company/guneybilisim/
https://twitter.com/guney_bilisim
TOPDANMARK ● Industry: Insurance ● Location: Ballerup, Denmark ● Number of Employees: 2500 CHALLENGE ● Load-balance high volumes of encrypted traffic ● Enforce security policy as easily and cost-effectively as possible ● Simplify development and testing of new services SOLUTION ● Cisco ACE 4710 Application Control Engine RESULTS ● Greatly simplified processing of encrypted web traffic and policy enforcement ● Increased web server performance ● Accelerated migration between development, testing, and production environments
Este es el currículu vitae de Luis Miguel delgado, que se dedica al marketing online, SEO y desarrollo con WordPress.
Puedes ver a todo lo que me dedico con mi desarrollo profesional.
TOPDANMARK ● Industry: Insurance ● Location: Ballerup, Denmark ● Number of Employees: 2500 CHALLENGE ● Load-balance high volumes of encrypted traffic ● Enforce security policy as easily and cost-effectively as possible ● Simplify development and testing of new services SOLUTION ● Cisco ACE 4710 Application Control Engine RESULTS ● Greatly simplified processing of encrypted web traffic and policy enforcement ● Increased web server performance ● Accelerated migration between development, testing, and production environments
Este es el currículu vitae de Luis Miguel delgado, que se dedica al marketing online, SEO y desarrollo con WordPress.
Puedes ver a todo lo que me dedico con mi desarrollo profesional.
Python's "batteries included" philosophy means that it comes with an astonishing amount of great stuff. On top of that, there's a vibrant world of third-party libraries that help make Python even more wonderful. We'll go on a breezy, example-filled tour through some of my favorites, from treasures in the standard library to great third-party packages that I don't think I could live without, and we'll touch on some of the fuzzier aspects of the Python culture that make it such a joy to be part of.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
How world-class product teams are winning in the AI era by CEO and Founder, P...
Forti gate 5101c
1. DATASHEET
FortiGate -5000 Series ®
10-Gigabit Ready FortiGate Consolidated
Security Systems
Unmatched Performance, Scalability, and Security
FortiGate-5000 series chassis-based security systems offer unmatched
performance, reliability, and scalability for your high-speed service provider,
large enterprise or telecommunications carrier network. Native 10-GbE support
and a highly-flexible AdvancedTCA™ (ATCA)-compliant architecture enable the FortiOS™ 4.0 Software
FortiGate-5000 series to protect complex, multi-tenant cloud-based security-as- Redefines Networks Security
a-service and infrastructure-as-a-service environments. Purpose-built by Fortinet, FortiOS 4.0 is a purpose-built
the FortiGate-5000 series integrates modular carrier-class hardware components operating system that leverages
the power of specialized FortiASIC
with advanced FortiASIC™ acceleration and consolidated security from the hardware to offer increased levels
FortiOS™ operating system. of security and performance.
Fortinet developed FortiOS 4.0
Carrier-Class High-Performance Hardware software solely for FortiGate
consolidated security platforms.
By adding modular blades, a FortiGate-5000 series system can scale to deliver FortiOS software enables a
up to 560 Gbps of firewall throughput, the fastest throughput available, and up comprehensive suite of security
to 280 million concurrent sessions. Advanced networking blades such as the services – firewall, VPN, intrusion
FortiSwitch-5003B and FortiSwitch-5203B distribute traffic to multiple FortiGate prevention, anti-malware,
antispam, web filtering, application
security blades, enabling wire-speed firewall performance at 10-Gigabit Ethernet control, data loss prevention,
(10-GbE), GbE, and 10/100 link speeds. vulnerability management, and
endpoint network access control.
Modular Scalability
Since the FortiGate-5000 series hardware is composed of multiple security and The FortiASIC™ Advantage
networking blades, scalability for future growth comes standard. With three chassis FortiASIC processors power
models and an array of network and security options to choose from, FortiGate-5000 FortiGate platforms. With exclusive
hardware, the purpose built, high-
series systems scale easily with your business plans and security requirements into the performance network, security, and
future. content processors use intelligent
and proprietary digital engines
to accelerate resource-intensive
security services.
Features Benefits
Hardware Accelerated Performance FortiASIC processors provide assurance that the
security device will not become a bottleneck in
the network
FortiGate-5020 System Unified Security Architecture FortiGate consolidated security provides better
protection and lowered costs over multiple point
security products
Centralized Management FortiManager and FortiAnalyzer centralized
management and reporting appliances simplify
FortiGate-5140B System FortiGate-5060 System the deployment, monitoring, and maintenance of
your security infrastructure
2. Secure large enterprise, service provider, and carrier networks.
CENTRALIZED MANAGEMENT
CENTRALIZED REPORTING
Next-Generation Perimeter Security
VoI
Firewalls alone aren’t enough to block today’s P
VO
IP
MA CAL
blended threats. When single packets are CORPORATE NA L
GER
examined by point products with no concern LAN
for multi-vector attacks, blended threats often R&D
pass undetected. Combining content inspection
firewall technology with gateway antivirus SAL
ES
and intrusion prevention allows packet flows
to be tracked. Fortinet multi-layered security WE
SER B / EM
VER AI
S L
technologies examine entire packet flows,
from content inspection through reassembly, MULTI-THREAT SECURITY
stopping threats at the perimeter before
corporate resources are compromised.
AIL
/ EM RS
EB ERVE
AIL W S
/ EM RS
EB ERVE
W S MSSP Core Security
The FortiGate-5000 Series delivers
AIL AIL
EM S
B / ER
WE SERV
EM S
B / ER
comprehensive security for Managed Security
WE SERV
AG
EM
ENT
G
Service Providers (MSSPs). The full suite of
AN TIN
TER RAL
IZE
DM
ED
REP
OR
ASIC-accelerated security modules allows for
CEN CEN
T LIZ
DA
TA CEN
TRA
customizable features for specific customers,
while virtualization features like Virtual Domains
AIL
EM S
B / ER
WE SERV
(VDOMs) provide up to 7,000 separate security
domains. Finally, the full suite of Fortinet
Y
integrated management applications—including
RIT
ECU
REA
TS granular reporting features—offer unprecedented
I-TH
ULT
M visibility into the security posture of customers
while identifying their highest risks.
Secure Messaging CENTRALIZED MANAGEMENT
Email is an essential corporate communication CENTRALIZED REPORTING
tool. Malware has adapted to this trend and
email is now a primary vector of transmission VO
IP
MA CAL
NA L
for malware threats. Instant messaging and CORPORATE GER
LAN
other social media are also quickly becoming
Vo
IIIP
a primary propagation vector as adoption
rates increase. As with any new technology, IM
Em
ai
l
introduces security risks in the form of a new
P2
IM
P
generation of malware that could potentially
W SER
EB V
infect corporate resources. By combining
/ E ERS
M
AI
L
Fortinet antispam technology, application MULTI-THREAT SECURITY
control, antivirus scanning, and web filtering,
customers can secure email and other
messaging, preventing costly data breaches.
3. FortiGate-5000 Series Chassis
Highly-flexible ATCA-compliant architecture.
Technical Specifications FortiGate-5020 FortiGate-5060 FortiGate-5140B
ATCA Chassis
Available Slots 2 6 14
High Availability Backplane Fabric Built-in Built-in Built-in
Dual Switch Module Support No Yes Yes
Max Firewall Throughput 44 Gbps 240 Gbps 560 Gbps
Max Concurrent Sessions (TCP) 4 Million 120 Million 280 Million
Max New Sessions/Sec (TCP) 100,000 1.41 Million 3.29 Million
Max IPSec VPN Throughput 17 Gbps 132 Gbps 308 Gbps
Max IPS Throughput 7 Gbps 56.4 Gbps 131.6 Gbps
Dimensions
Height x Width x Length 5.25 x 17 x 15.5 in (13.3 x 43.2 x 39.4 cm) 8.86 x 17.64 x 18.82 in (22 x 44.8 x 47.8 cm) 22.63 x 19 x 22.6 in (57.5 x 48.3 x 57.4 cm)
Weight 35.5 lb (16.1 Kg) 38 (17.3 Kg) 84 lb (38 Kg)
Environment
Power Required AC DC/AC1 DC/AC1
Chassis Power Consumption (Avg) - 350 W 530 W
Heat Dissipation - 1194 BTU/h 1808 BTU/h
Operating Temperature 32 – 104 F (0 – 40 C) 41 – 104 F (5 – 40 C) 32 – 104 F (0 – 40 C)
Storage Temperature -13 – 158 F (-35 – 70 C) 23 – 131 F (-5 – 55 C) -13 – 158 F (-35 – 70 C)
Humidity 5 to 90% non-condensing 5 to 85% non-condensing 5 to 90% non-condensing
Compliance
Certifications FCC Part 15 Class A, C-Tick, VCCI, CE, BSMI, UL/cUL
Note: All performance values are “up to” and vary depending on system configuration.
Optional FortiGate-5053B Power Supply Shelf used to provide AC power to the FortiGate-5060 and FortiGate-5140B chassis.
1
FortiGate-5020 Security System
The FortiGate-5000 series of consolidated
security systems also include
Multiple Deployment Modes (Transparent/Routing)
Backplane Switch Fabric
Advanced Layer-2/3 Routing Capabilities
High Availability (Active/Active, Active/Passive, Clustering)
Virtual Domains (VDOMs)
Data Center Traffic Optimization
FortiGate-5060 Security System Traffic Shaping and Prioritization
WAN Optimization
Multiple Device Authentication Options
Management Options
Local Web-Based Management Interface
Command Line Management Interface (CLI)
Local Event Logging (Memory / Disk if available)
Centralized Management (FortiManager Appliance Required)
Centralized Event Logging (FortiAnalyzer Appliance Required)
FortiGate-5140B Security System
4. FortiGate-5000 Series Security Blades
Provide FortiOS consolidated security protections.
FortiGate-5001B Security Blade
FortiSwitch-5203B Networking/Security Blade FortiGate-5101C Security Blade
Technical Specifications FortiGate- FortiSwitch- FortiGate-
Security Blades 5001B 5203B2 5101C
Interfaces and Storage
10-GbE SFP+ Ports 8 10 4
10/100/1000 Base-T Ports 2 1 2
Total Ports 10 11 6
FortiASIC Network Processor
8 8 4
Accelerated Ports
Local Storage 64 GB 64 GB 64 GB
Performance
Firewall Throughput (1518 byte UDP packets) 40 Gbps 40 Gbps 40 Gbps
Firewall Throughput (512 byte UDP packets) 40 Gbps 40 Gbps 40 Gbps
Firewall Throughput (64 byte UDP packets) 40 Gbps 40 Gbps 10 Gbps
Firewall Latency (64 byte UDP packets) 4 μs 4 μs 7 μs
Firewall Throughput (Packets Per Second) 60 Mpps 60 Mpps 15 Mpps
Concurrent Sessions (TCP) 20 Million 20 Million 10 Million
New Sessions/Sec (TCP) 170,000 170,000 235,000
Firewall Policies (System / VDOM) 100,000 / 50,000
IPSec VPN Throughput (512 byte packets) 17 Gbps 17 Gbps 22 Gbps
Gateway-to-Gateway IPSec VPN Tunnels (System / VDOM) 10,000 / 5,000
Client-to-Gateway IPSec VPN Tunnels 64,000
SSL-VPN Throughput 530 Mbps 530 Mbps 970 Mbps
Concurrent SSL-VPN Users (Recommended Max) 20,000 20,000 25,000
IPS Throughput 7.8 Gbps 7.8 Gbps 9.4 Gbps
Antivirus Throughput (Proxy Based / Flow Based) 2 / 2.5 Gbps 2 / 2.5 Gbps 2 / 5 Gbps
Virtual Domains (Default / Max) 10 / 500 10 / 500 10 / 500
Max Number of FortiAPs 1,024
Max Number of FortiTokens 5,000
Unlimited User Licenses Yes
Environment
Power Consumption (Avg/Max) 187 / 225 W 210 / 250 W 197 / 236 W
Heat Dissipation (Avg) 768 BTU/h 853 BTU/h 805 BTU/h
Operating Temperature 32 – 104 deg F (0 – 40 deg C)
Storage Temperature -13 – 158 deg F (-35 – 70 deg C)
Humidity 20 to 90% non-condensing
Compliance
Certifications ICSA Labs: Firewall, IPSec, IPS, Antivirus, SSL VPN
Compliance FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CB
Note: All performance values are “up to” and vary depending on system configuration. Antivirus performance is measured using 44 Kbyte HTTP files. IPS performance is measured using 1 Mbyte HTTP files.
1 Higher performance number combines performance provided by AMC modules.
2
Operating in standalone mode.
5. FortiSwitch-5000 Series Networking Blades
Provide advanced switching and load-balancing services.
FortiSwitch-5003B Networking Blade FortiSwitch-5203B Networking/Security Blade
Technical Specifications FortiSwitch-5003B FortiSwitch-5203B3
Interfaces
Fabric Channel Interfaces 8x 10-GbE SFP+ 8x 10-GbE SFP+
Base Channel Interfaces 2x 10-GbE SFP+ 2x 10-GbE SFP+
Management Interfaces 1x 10/100/1000 1x 10/100/1000
Transceivers Included 2x 10-GbE SFP+ SR 2x 10-GbE SFP+ SR
Total Switching Throughput 225 Gbps 300 Gbps
10-GbE Backplane Fabric Support Yes Yes
GbE Backplane Fabric Support Yes Yes
Environment
Power Consumption (Avg/Max) 150 / 180 W 210 / 250 W
Heat Dissipation 614 BTU/h 853 BTU/h
Operating Temperature 32 – 104 deg F (0 – 40 deg C)
Storage Temperature -13 – 158 deg F (-35 – 70 deg C)
Humidity 20 to 90% non-condensing
Compliance
Certifications ICSA Labs: Firewall, IPSec, IPS, Antivirus, SSL VPN
Compliance FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CB
3
Operating in distributed mode.
FortiController-5103B
Technical Specifications FortiController-5103B
Interfaces
Fabric Channel Interfaces 8x 10-GbE SFP+
Base Channel Interfaces 2x 10-GbE SFP+
Management Interfaces 1x 10/100/1000
Transceivers Included 2x 10-GbE SFP+ SR
Traffic Throughput 60 Gbps
Concurrent Sessions (TCP) 110 Million
New Sessions/Sec (TCP) 1.26 Million
10-GbE Backplane Fabric Support Yes
GbE Backplane Fabric Support Yes
Environment
Power Consumption (Avg/Max) 213 / 255 W
Heat Dissipation 754 BTU/h
Operating Temperature 32 – 104 deg F (0 – 40 deg C)
Storage Temperature -13 – 158 deg F (-35 – 70 deg C)
Humidity 20 to 90% non-condensing
Compliance
ICSA Labs: Firewall, IPSec,
Certifications
IPS, Antivirus, SSL VPN
FCC Part 15 Class A, C-Tick,
Compliance
VCCI, CE, UL/cUL, CB
6. FortiOS Security Services
FIREWALL ANTIVIRUS / ANTISPYWARE INTRUSION PREVENTION SYSTEM (IPS)
ICSA Labs Certified (Corporate Firewall) Includes Antispyware and Worm Prevention: ICSA Labs Certified (NIPS)
NAT, PAT, Transparent (Bridge) HTTP/HTTPS SMTP/SMTPS Protection From Over 3000 Threats
Routing Mode (RIP, OSPF, BGP, Multicast) POP3/POP3S IMAP/IMAPS Protocol Anomaly Support
Policy-Based NAT FTP IM Protocols Custom Signature Support
Virtual Domains (NAT/Transparent mode) Flow-Based Antivirus Scanning Mode Automatic Attack Database Update
VLAN Tagging (802.1Q) Automatic “Push” Content Updates IPv6 Support
Group-Based Authentication & Scheduling File Quarantine Support
SIP/H.323 /SCCP NAT Traversal Databases: Standard, Extended, Extreme, Flow APPLICATION CONTROL
WINS Support IPv6 Support Identify and Control Over 1,800 Applications
Explicit Proxy Support (Citrix/TS etc.) Control Popular Apps Regardless of Port/Protocol:
VoIP Security (SIP Firewall/RTP Pinholing) AOL-IM Yahoo MSN KaZaa
Granular Per-Policy Protection Profiles ICQ Gnutella BitTorrent MySpace
Identity/Application-Based Policy WinNY Skype eDonkey Facebook
Vulnerability Management
IPv6 Support (NAT/Transparent mode)
VIRTUAL PRIVATE NETWORK (VPN) WEB FILTERING DATA LOSS PREVENTION (DLP)
ICSA Labs Certified (IPSec) 76 Unique Categories Identification and Control Over Sensitive Data in Motion
PPTP, IPSec, and SSL Dedicated Tunnels FortiGuard Web Filtering Service Categorizes over 2 Billion Web Built-in Pattern Database
SSL-VPN Concentrator (incl. iPhone client support) pages RegEx-based Matching Engine for Customized Patterns
DES, 3DES, and AES Encryption Support HTTP/HTTPS Filtering Configurable Actions (block/log)
SHA-1/MD5 Authentication Web Filtering Time-Based Quota Supports IM, HTTP/HTTPS, and More
PPTP, L2TP, VPN Client Pass Through URL/Keyword/Phrase Block Many Popular File Types Supported
Hub and Spoke VPN Support URL Exempt List International Character Sets Supported
IKE Certificate Authentication (v1 & v2) Content Profiles
IPSec NAT Traversal Blocks Java Applet, Cookies, Active X ANTISPAM
Automatic IPSec Configuration MIME Content Header Filtering Support for SMTP/SMTPS, POP3/POP3S, IMAP/IMAPS
Dead Peer Detection IPv6 Support Real-Time Blacklist/Open Relay Database Server
RSA SecurID Support MIME Header Check
SSL Single Sign-On Bookmarks HIGH AVAILABILITY (HA) Keyword/Phrase Filtering
SSL Two-Factor Authentication Active-Active, Active-Passive IP Address Blacklist/Exempt List
LDAP Group Authentication (SSL) Stateful Failover (FW and VPN) Automatic Real-Time Updates From FortiGuard Network
Device Failure Detection and Notification
NETWORKING/ROUTING Link Status Monitor ENDPOINT COMPLIANCE AND CONTROL
Multiple WAN Link Support Link failover Monitor & Control Hosts Running FortiClient Endpoint Security
PPPoE Support Server Load Balancing
DHCP Client/Server LOGGING/MONITORING/VULNERABILITY
Policy-Based Routing WAN OPTIMIZATION Local Event Logging
Dynamic Routing for IPv4 and IPv6 (RIP, OSPF, BGP, & Multi- Bi-directional / Gateway to Client/Gateway Log to Remote Syslog/WELF Server
cast for IPv4) Integrated Caching and Protocol Optimization Graphical Real-Time and Historical Monitoring
Multi-Zone Support Accelerates CIFS/FTP/MAPI/HTTP/HTTPS/Generic TCP SNMP Support
Route Between Zones Email Notification of Viruses And Attacks
Route Between Virtual LANs (VDOMS) VIRTUAL DOMAINS (VDOMs) VPN Tunnel Monitor
Multi-Link Aggregation (802.3ad) Separate Firewall/Routing Domains Optional FortiAnalyzer Logging / Reporting
IPv6 Support (Firewall, DNS, Transparent Mode, SIP, Dynamic Separate Administrative Domains Optional FortiGuard Analysis and Management Service
Routing, Admin Access, Management) Separate VLAN Interfaces
VRRP and Link Failure Control 10 VDOM License Std. (more can be added) MANAGEMENT/ADMINISTRATION
sFlow Client
Console Interface (RS-232)
TRAFFIC SHAPING WebUI (HTTP/HTTPS)
USER AUTHENTICATION OPTIONS Policy-based Traffic Shaping Telnet / Secure Command Shell (SSH)
Local Database Application-based and Per-IP Traffic Shaping Command Line Interface
Windows Active Directory (AD) Integration Differentiated Services (DiffServ) Support Role-Based Administration
External RADIUS/LDAP Integration Guarantee/Max/Priority Bandwidth Multi-language Support: English, Japanese, Korean, Spanish,
Xauth over RADIUS for IPSEC VPN Shaping via Accounting, Traffic Quotas Chinese (Simplified & Traditional), French
RSA SecurID Support Multiple Administrators and User Levels
LDAP Group Support Upgrades and Changes via TFTP and WebUI
WIRELESS CONTROLLER
Unified WiFi and Access Point Management System Software Rollback
DATA CENTER OPTIMIZATION Automatic Provisioning of APs Configurable Password Policy
Web Server Caching Optional FortiManager Central Management
On-wire Detection and Blocking of Rogue APs
TCP Multiplexing
Virtual APs with Different SSIDs
HTTPS Offloading
Multiple Authentication Methods
WCCP Support
Note: The list above is comprehensive and may contain FortiOS features which are not available on all FortiGate appliances.
Consult FortiGate system documentation to determine feature availability.