Fortinet FortiGate 900D – Security Appliance
FORTINET FORTIGATE-900D / FG-900D NGFW UTM FIREWALL SECURITY APPLIANCE]
The FortiGate 900D delivers next generation firewall capabilities for mid-sized to large enterprises, with the flexibility to be deployed at the campus or data center edge. Protects against cyber threats with security processor powered high performance, security efficacy and deep visibility.
- Recommended for 750-1000 User Network
- Threat Protection Throughput: 3 Gbps
- Site-to-Site VPN Tunnels: 10,000
- Concurrent Sessions: 11,000,000
The FortiGate 900D delivers next generation firewall capabilities for mid-sized to large enterprises, with the flexibility to be deployed at the campus or data center edge. Protects against cyber threats with security processor powered high performance, security efficacy and deep visibility.
Security
- Protects against known exploits, malware and malicious websites using continuous threat intelligence provided byFortiGuard Labs security services
- Identify thousands of applications including cloud applications for deep inspection into network traffic
- Protects against unknown attacks using dynamic analysis and provides automated mitigation to stop targeted attacks
Performance
- Delivers industry s best threat protection performance and ultra-low latency using purpose-built security processor (SPU)technology
- Provides industry-leading performance and protection for SSL-encrypted traffic
Certification
- Independently tested and validated best security effectiveness and performance
- Received unparalleled third-party certifications from NSS Labs,ICSA, Virus Bulletin and AV Comparatives
Networking
- Delivers extensive routing, switching, wireless controller and high performance IPsec VPN capabilities to consolidate networking and security functionality
- Enables flexible deployment such as Next Generation Firewall and Internal Segmentation Firewall
Management
- Single Pane of Glass with Network Operations Center (NOC)view provides 360° visibility to identify issues quickly and intuitively
- Predefined compliance checklist analyzes the deployment and highlights best practices to improve overall security posture
Security Fabric
- Enables Fortinet and Fabric-ready partners products to collaboratively integrate and provide end-to-end security across the entire attack surface
- Automatically builds Network Topology visualizations which discover IoT devices and provide complete visibility into Fortinet and Fabric-ready partner products
NP Direct
By removing the Internal Switch Fabric, the NP Direct architecture provides direct access to the SPU-NP for the lowest latency forwarding. NGFW deployments require some attention to network design to ensure optimal use of this technology.
Powered by SPU
- Custom SPU processors deliver the power you need to detect malicious content at multi-Gigabit speeds
- Other security technologies cannot protect against today s wide range of content- and connection-based threats because they rely on general-purpose CPUs,causing a dangerous performance gap
- SPU processors provide the performance needed to block emerging threats, meet rigorous third-party certifications, and ensure that your network security solution does not become a network bottleneck
Network Processor
Fortinet s new, breakthrough SPU NP6 network processor works in line with FortiOS functions delivering:
- Superior firewall performance for IPv4/IPv6, SCTP and multicast traffic with ultra-low latency down to 2 microseconds
- VPN, CAPWAP and IP tunnel acceleration
- Anomaly-based intrusion prevention, checksum offload and packet defragmentation
- Traffic shaping and priority queuing
Content Processor
The SPU CP8 content processor works outside of the direct flow of traffic, providing high-speed cryptography and content inspection services including:
- Signature-based content inspection acceleration
- Encryption and decryption offloading
10 GE Connectivity
High speed connectivity is essential for network security segmentation. The FortiGate 900D provides 10 GE slots that simplify network designs without relying on additional devices to bridge desired connectivity.