Description
Fortinet FortiGate-900D Nairobi
The FortiGate 900D series delivers next generation firewall (NGFW) capabilities for mid-sized to large enterprises deployed at the campus or enterprise branch level. Protects against cyber threats with high-powered security processors for optimized network performance, security efficacy, and deep visibility. Fortinet’s Security-Driven Networking approach provides tight integration of the network to the new generation of security. The FortiGate 900D appliance delivers superior performance through a combination of purpose-built FortiASIC™ processors, high port density with 10 GE ports and consolidated security features from the FortiOS™ operating system. It delivers 5 times better next generation firewall performance compared to alternate products and provides the best price/performance in the industry.Fortinet firewall Nairobi delivers next generation firewall (NGFW) capabilities for the network security environment .
This breakthrough threat prevention performance allows organizations to run NSS Labs Recommended intrusion prevention and application control and VB100 certified anti-malware capabilities for deeper inspection. Rich console views and reports together with a flexible policy engine provide the visibility and control to empower employees yet secure your enterprise.Finally, these features of the FortiGate FortiOS Network Security Platform are routinely validated by independent real-world tests and are consistently getting superior ratings in security effectiveness.
The FortiGate 900D reduce the complexity and maximize your ROI by integrating threat protection security capabilities into a single high-performance network security appliance, powered by Fortinet’s Security Processing Unit (SPU).Full visibility into users, devices, applications across the entire attack surface and consistent security policy enforcement irrespective of asset location.Protect against network exploitable vulnerabilities with industry-validated IPS that offers low latency and optimized network performance.Automatically block threats on decrypted traffic using the Industry’s highest SSL inspection performance, including the latest TLS 1.3 standard with mandated ciphers.Proactively block newly discovered sophisticated attacks in real-time with AI-powered FortiGuard Labs and advanced threat protection services included in the Fortinet Security Fabric
Fortinet FortiGate 900D Features
- 5 times next generation firewall performance The FortiGate 900D appliance delivers superior performance through a combination of purpose-built FortiASIC processors, high port density with 10 GE ports and consolidated security features from the FortiOS operating system. It delivers 5 times better next generation firewall performance compared to alternate products and provides the best price/performance in the industry.
- Deeper visibility and top-rated security This breakthrough threat prevention performance allows organizations to run NSS Labs Recommended intrusion prevention and application control and VB100 certified antimalware capabilities for deeper inspection. Rich console views and reports together with a flexible policy engine provide the visibility and control to empower employees yet secure your enterprise. Finally, these features of the FortiGate FortiOS Network Security Platform are routinely validated by independent real-world tests and are consistently getting superior ratings in security effectiveness.
-
Performance
- Firewall throughput (1518-byte UDP): 52 Gbps
- Firewall throughput (512-byte UDP): 52 Gbps
- Firewall throughput (64-byte UDP): 33 Gbps
- VPN throughput (512-bit IPSec): 25 Gbps
- VPN throughput (SSL): 3.6 Gbps
- Firewall latency (64-byte UDP): 3 µs
- Firewall throughput: 49.5 Mpps
- IPS throughput: 8 Gbps
-
Capacity
- Concurrent sessions: 11000000
- New sessions per second: 240000
- Firewall policies: 100000
- Gateway to gateway IPSec VPN Tunnels: 2000
- Client to gateway IPSec VPN tunnels: 50000
- Concurrent SSL VPN users: 10000
- Virtual domains: 10
- Number of FortiAP devices: 512
- Number of FortiToken devices: 1000
- Number of FortiClient devices: 2000
-
Network Processor
Fortinet’s new, breakthrough SPU NP6 network processor works inline with FortiOS functions delivering:
- Superior firewall performance for IPv4/IPv6, SCTP, and multicast traffic with ultra-low latency down to 2 microseconds
- VPN, CAPWAP, and IP tunnel acceleration
- Anomaly-based intrusion prevention, checksum offload, and packet defragmentation
- Traffic shaping and priority queuing
-
Content Processor
The SPU CP8 content processor works outside of the direct flow of traffic, providing high-speed cryptography and content inspection services including:
- Signature-based content inspection acceleration
- Encryption and decryption offloading
-
Security Fabric
The Security Fabric is the cybersecurity platform that enables digital innovations. It delivers broad visibility of the entire attack surface to better manage risk. Its unified and integrated solution reduces the complexity of supporting multiple-point products, while automated workflows increase operational speeds and reduce response times across the Fortinet deployment ecosystem. The Fortinet Security Fabric overs the following key areas under a single management center:
- Security-Driven Networking that secures, accelerates, and unifies the network and user experience
- Zero Trust Network Access that identifies and secures users and devices in real-time, on and off of the network
- Dynamic Cloud Security that protects and controls cloud infrastructures and applications
- AI-Driven Security Operations that automatically prevents, detects, isolates, and responds to cyber threats
-
FortiOS
FortiGates are the foundation of the Fortinet Security Fabric the core is FortiOS. All security and networking capabilities across the entire FortiGate platform are controlled with one intuitive operating system. FortiOS reduces complexity, costs, and response times by truly consolidating next-generation security products and services into one platform.
- A truly consolidated platform with a single OS and pane-of-glass for across the entire digital attack surface.
- Industry-leading protection: NSS Labs Recommended, VB100, AV Comparatives, and ICSA validated security and performance.
- Leverage the latest technologies such as deception-based security.
- Control thousands of applications, block the latest exploits, and filter web traffic based on millions of real-time URL ratings in addition to true TLS 1.3 support.
- Automatically prevent, detect, and mitigate advanced attacks within minutes with an integrated AI-driven security and advanced threat protection.
- Improve and unify the user experience with innovative SD-WAN capabilities with the ability to detect, contain, and isolate threats with automated segmentation.
- Utilize SPU hardware acceleration to boost network security performance.
Interfaces
- 2 x 10Gb Ethernet – SFP
- 16 x 1000Base-T – RJ-45
- 16 x 1000Base-X – SFP (mini-GBIC)
- 2 x 1000Base-T (management) – RJ-45
- 1 x console – RJ-45
- 2 x USB – Type A
- 1 x USB – Type B