Fortinet unveiled the FortiGate 1800F Next-Generation Firewall (NGFW) powered by NP7, the company’s seventh-generation network processor, to enable today’s largest enterprises to achieve true internal segmentation as well as unprecedented scale, performance, detection, and enforcement capabilities.
Flat Networks Fall Flat When Attacked
Digital Innovation is disrupting enterprise organizations, creating new services and business opportunities while also causing increased risk across all industries. Explosive adoption of IoT and mobile devices, as well as applications and services from multiple clouds, are pushing the attack surface beyond the traditional network boundaries. An expanding and fragmented attack surface is undermining the ability of network security leaders to maintain network performance, security, reliability, and availability.
In today’s data centers, many enterprise architectures have been built on a high-performance routing and switching infrastructure without integrating security. To facilitate flexibility and agility in this type of environment, networks have become progressively flatter and more open, which means security implementation within the internal network is, in most cases, basic and limited to Virtual LANs and Layer 4 access lists. Therefore, in the event of a security breach, once beyond the security perimeter, hackers can easily move about and freely gain access to credentials, resources, and data. More, the lack of security infrastructure within the internal network also significantly limits the enterprise’s visibility into suspicious traffic behaviors and data flows, which hinders the ability to detect a breach.
Many have turned to internal segmentation as a way to regain control over their burgeoning networks, and to improve visibility and security.
Internal Segmentation Requires Extreme Performance
A new challenge has emerged for enterprises trying to successfully segment their network: security performance. Today’s enterprises face unprecedented performance demands on their infrastructure that often cannot be matched by existing security solutions. For a majority of enterprises, traditional security appliances that are built with off-the-shelf CPUs and hardware to process security traffic have become an infrastructure bottleneck, resulting in degraded user and application experience. Simply put, yesterday’s security performance is no longer enough to secure and enable enterprises at the pace of today’s business innovation.
To meet the extraordinary demands of data center security and enable a Security-Driven Networking approach, Fortinet is introducing the FortiGate 1800F NGFW.
FortiGate 1800F Delivers High Performance Internal Segmentation
The FortiGate 1800F is powered by NP7, the seventh generation of Fortinet’s purpose-built network processor specifically engineered to enable large enterprises to handle unprecedented levels of data and application demands. NP7 offers today’s largest organizations the ability to segment and launch services, manage internal and external risks, and preserve user experience. FortiGate 1800F, is an integral part of the Fortinet Security Fabric, and enables several of the highest Security Compute Ratings to-date:
Specifications FortiGate 1800 Industry Average Security Compute Rating PA-3260 SG-5600 FPR-2130Firewall 195Gbps 14Gbps 14x 10Gbps 23Gbps 10GbpsIPsec Performance 60Gbps 4.3Gbps 14x 4.8Gbps 6.5Gbps 1.6GbpsConcurrent Connections 12M 2.73M 4x 3M 3.2M 2MConnections per Second 500k 113k 4x 114k 185k 40kThreat Protection 10Gbps 3.6Gbps 3x 4.4Gbps 2.78Gbps N/ASSL Inspection 15Gbps 0.735Gbps 20x N/A N/A 0.735Gbps
FortiGate 1800F NGFW Use Cases and Benefits:
Fortinet’s FortiGate 1800F NGFW is engineered for large enterprises to quickly and securely drive digital innovation by offering capabilities to meet the huge capacity and performance demands of critical business operations such as:
• Managing Internal Security Risks: Most firewalls simply cannot perform fast enough to enable internal segmentation. With multiple high speed 40G interfaces and the industry’s best threat protection performance with a Security Compute Rating of 3x, FortiGate 1800F enables enterprises to properly segment their network to manage internal security risks. Additionally, FortiGate 1800F intelligently adapts to segmented users, devices, and applications – regardless of their location, whether on-premise or in multiple clouds – providing automated threat detection and enforcement.
• Accelerating the Cloud On-Ramp: IPsec encryption must be high performing to enable and accelerate the cloud on-ramp for organizations adopting multiple clouds for IaaS and SaaS services. FortiGate 1800F offers the highest Security Compute Rating of 14x for IPsec encryption when benchmarked against competitors, enabling the required speed, scale, and availability organizations need when on-ramping to the cloud.
• Removing Blind Spots: With as much as 60 percent of encrypted traffic containing malware, SSL inspection performance has become critical to properly secure the network. FortiGate 1800F offers the industry’s highest SSL inspection performance with a Security Compute Rating of 20x, as well as support for the industry’s latest TLS 1.3 standard, to eliminate network blind spots by enabling full visibility of clear-text and encrypted network flows.
• Securing Services Across Hybrid Architectures: Traditional software-based security solutions have low performance and high latency, which increases time to service and provides a poor user experience. The FortiGate 1800F’s hardware-accelerated Virtual Extension LAN (VXLAN) feature enables massively scalable, adaptable internal segmentation and allows super-fast communication between enormously scaled services, such as compute, storage, and applications that are co-hosted on physical and virtual platforms. This allows organizations that leverage a highly scalable virtual services architecture to launch services and applications in the most agile fashion possible to increase productivity and revenue opportunities.
• Enabling Secure Advanced Research: Organizations often transition their research to AI and ML simulations to allow for faster discovery of their objectives. For example, pharmaceuticals can measure the effectiveness of new drugs or develop drugs faster with reduced risks and potentially with lower costs.
AI/ML simulations require the transfer of huge datasets (e.g. 1 TB files), called an elephant flow, that today’s data centers struggle to securely transfer, bringing research and collaboration to a crawl. The performance capabilities of FortiGate 1800F allow research organizations to perform big data analysis and natural language processing at unprecedented speeds where a single elephant flow can reach up to 40Gbps.
Just as important, with FortiGate 1800F NGFWs, these elephant flows are secured using high-performance encryption to ensure privacy and compliance. Fortinet’s Commitment to Industry-Leading Segmentation SolutionsIn the September 2019 Gartner report, “Critical Capabilities for Network Firewalls,” Fortinet received the highest score for the “Enterprise Data Center” use case.
The score includes parameters associated with “firewalls protecting the enterprise data center, and firewalls doing segmentation inside the enterprise data center.” Fortinet believes this result highlights its dedication to helping customers manage internal risks with industry-leading segmentation solutions. With the introduction of its FortiGate 1800Fand NP7, Fortinet is well positioned to even further help customers meet these escalating business needs.
NP7 Secures Tomorrow’s Hyperscale Data Centers
The adoption of digital innovation has ushered in an era of huge transformation within data centers. To remain competitive in this era of explosive demands for unprecedented scale, availability, and application delivery requirements, some of the largest enterprises in the world are developing hyperscale architectures within their data centers that are capable of rapidly expanding to millions of physical and virtual instances in order to meet massive demand.
With unmatched scale, performance, acceleration, and internal segmentation capabilities, the speed and agility that NP7 offers provides these large organizations the ability to develop and segment services, manage internal and external risks, and preserve user experience. NP7 will also power future FortiGate appliances to enable agile, high-performance security for hyperscale data centers.