FortiGate -3700D High Performance Data Center Firewall



Similar documents
FortiGate. Accelerated security for mid-enterprise and branch office. Designed for today s network security requirements

FortiGate/FortiWiFi -60C Series Integrated Threat Management for Small Networks

FortiGate 200D Series

FortiGate 100D Series

FortiGate/FortiWiFi 90D Series

FortiGate/FortiWiFi 60D Series

FortiGate/FortiWiFi -90D Series Enterprise-Grade Protection for Smaller Networks

FortiGate 3700D. The Fortinet Enterprise Firewall Solution. One Enterprise Firewall Solution across the Extended Enterprise. Highlights. forti.

FortiGate 1500D. The Fortinet Enterprise Firewall Solution. One Enterprise Firewall Solution across the Extended Enterprise. Highlights. forti.

FortiAuthenticator TM User Identity Management and Single Sign-On

FortiCore A-Series. SDN Security Appliances. Highlights. Securing Software Defined Networking (SDN) Architectures. Key Features & Benefits

FortiSwitch. Data Center Switches. Highlights. High-performance and resilient managed data center switch. Key Features & Benefits.

How To Get A Fortinet Security System For Free

Improving Profitability for MSSPs Targeting SMBs

FortiVoice Enterprise

FortiCarrier Systems Specialized Security for Service Providers

Fortinet FortiGate App for Splunk

FortiGate -3040B/3140B 10-GbE Consolidated Security Appliances

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Network Firewall (INFW)

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

FortiGate /FortiWiFi -80 Series Enterprise-Class Protection for Branch Offices

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

Disaster Recovery with Global Server. Load Balancing

SDN Security for VMware Data Center Environments

FortiSwitch B and C-Series

Overview. Where other. Fortinet protects against the fullspectrum. content- and. without sacrificing performance.

Use FortiWeb to Publish Applications

FortiDDoS DDoS Attack Mitigation Appliances

5 ½ Things That Make a Firewall Next Gen WHITE PAPER

MSSP Advanced Threat Protection Service

FortiSandbox. Multi-layer proactive threat mitigation

Securing the Data Center

FortiVoice Enterprise

Keeping the Store Open: Fighting the Cyber Criminal in the Retail World

Fortinet Secure Wireless LAN

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

FortiADC E-Series. Application Delivery Controllers. Features and Benefits. Reliable and Robust Load Balancing and Application Delivery

The Fortinet Advanced Threat Protection Framework

FortiDDoS DDoS Attack Mitigation Appliances

Transforming Your WiFi Network Into A Secure Wireless LAN A FORTINET WHITE PAPER. Fortinet White Paper

High performance security for low-latency networks

Fortinet s Data Center Solution

WHITE PAPER. Empowering the MSSP. Part 2: End To End Security Services Ecosystem

FortiDDoS. DDoS Attack Mitigation Appliances. Advanced DDoS Protection for Enterprise Data Centers. The Ever-Changing DDoS Attack

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

The Enterprise Cloud Rush

Scalable. Reliable. Flexible. High Performance Architecture. Fault Tolerant System Design. Expansion Options for Unique Business Needs

FortiWeb TM. Web Application Firewall. Unmatched Protection for Web Applications. Emerging Threats Create New Challenges

McAfee Network Security Platform A uniquely intelligent approach to network security

Fortigate Features & Demo

Coyote Point Equalizer

Extreme Security Threat Protection G2 - Intrusion Prevention Integrated security, visibility, and control for next- generation network protection

FortiOS TM Carrier 4.0 Software

FortiWeb. Web Application Firewall. Unmatched Protection for Web Applications. Emerging Threats Create New Challenges. FortiWeb DATA SHEET

Place graphic in this box

Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall

IBM Security Network Protection

Check Point 4800 Appliance

Check Point taps the power of virtualization to simplify security for private clouds

FortiOS Handbook WAN Optimization, Web Cache, Explicit Proxy, and WCCP for FortiOS 5.0

Load Balancing Microsoft Exchange 2013 with FortiADC

Load Balancing Microsoft Exchange 2013 with FortiADC

QuickSpecs. Models HP TippingPoint S8010F Next Generation Firewall Appliance

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

SecureSphere Appliances

FortiMail. Comprehensive Security. Comprehensive Security

INDEPENDENT VALIDATION OF FORTINET SOLUTIONS. NSS Labs Real-World Group Tests

Sophos SG Series Appliances

WAN Optimization, Web Cache, Explicit Proxy, and WCCP. FortiOS Handbook v3 for FortiOS 4.0 MR3

Secure Access Architecture

Deliver More Applications for More Users

FortiGate Series 10-Gigabit Ready FortiGate Consolidated Security Systems

McAfee Network Security Platform A uniquely intelligent approach to network security

Ixia Director TM. Powerful, All-in-One Smart Filtering with Ultra-High Port Density. Efficient Monitoring Access DATA SHEET

1Fortinet. 2How Logtrust. Firewall technologies from Fortinet offer integrated, As your business grows and volumes of data increase,

McAfee Network Security Platform A uniquely intelligent approach to network security

The On-Demand Application Delivery Controller

Internal Network Firewall (INFW) Protecting your network from the inside out

FortiAP Wireless Access Points

WHITE PAPER. Empowering the MSSP. Part 3: Monetizing Fortinet s Ecosystem in a Multi-Tenant Cloud Service

Ixia xstream TM 10. Aggregation, Filtering, and Load Balancing for qgbe/10gbe Networks. Aggregation and Filtering DATA SHEET

FortiGate Virtual Appliances Consolidated Security for Virtual Environments

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

Panorama. Panorama provides network security management beyond other central management solutions.

Imperva SecureSphere Appliances

WHITE PAPER. Securing ICS Infrastructure for NERC Compliance and beyond

High Availability. FortiOS Handbook v3 for FortiOS 4.0 MR3

FortiOS Handbook - PCI DSS Compliance VERSION 5.4.0

APV9650. Application Delivery Controller

Appliance Comparison Chart

Cisco Intrusion Detection System Services Module (IDSM-2)

FortiSandbox. Multi-layer proactive threat mitigation

High Performance NGFW Extended

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

Virtualized Security: The Next Generation of Consolidation

Check Point Appliance

The Evolution of the Enterprise And Enterprise Security

Transcription:

FortiGate -3700D High Performance Data Center Firewall Data centers, cloud providers, carriers and service providers need a high-speed, high-capacity firewall to stay ahead of ever-increasing network performance requirements and continued evolution of the threat landscape. Eliminate Security Bottlenecks The FortiGate-3700D high performance, high capacity data center firewall provides exceptional performance of 160 Gbps and ultra-low latency, ensuring your data center security solution doesn t become your data center bottleneck. It delivers this breakthrough performance and protection in a compact 3U form factor with four 40- GbE and 28 10-GbE interfaces that preserves scarce rack space while maximizing capacity. Powered by the new FortiASIC NP6 processor, the FortiGate-3700D is the first data center appliance to deliver performance parity for IPv4 and IPv6 traffic and dramatically increases VPN performance, enabling you to keep pace with your evolving network. Flexible Deployment The FortiGate-3700D gives you the flexibility to choose the firewall personality that best fits your requirements at the Edge or Core. You can take advantage of the high port density for physical segmentation of your network, as well as the virtual domains (VDOMs) for virtual segmentation. The FortiOS 5 security operating system also allows you to deploy additional layers of integrated protection, such as IPS or NGFW to match your risk and performance profiles. Key Features & Benefits 160 Gbps throughput, ultralow latency Custom FortiASIC NP6 processors 4 x 40-GbE and 28 x 10-GbE ports Network segmentation Single pane of glass management Eliminates performance bottlenecks with high performance, compact data center firewall Delivers best-in-class performance including breakthrough IPv4 / IPv6 performance parity High speed, high density ports keep pace with evolving data center needs Enables physical or virtual segmentation based on architecture, services, function, or policies Reduces management complexity with consolidated view of all security functions Performance and Reliability for High Bandwidth Networks Breakthrough IPv4 to IPv6 firewall performance parity Flexible firewall personalities enable deployment at the Edge or Core Compact 3U footprint conserves rack space and minimizes energy consumption Freedom to add integrated security technologies (such as IPS, App Control, VPN) Cloud-ready multi-tenant support and APIs for rapid orchestration FortiOS 5 delivers the most complete, battle-tested set of security functions to protect your network and data FortiCare Worldwide 24x7 Support support.fortinet.com FortiGuard Threat Research & Response www.fortiguard.com www.fortinet.com

hardware 2 1 3 4 5 6 7 Interfaces 1 2 3 USB Management Port Console Port USB Port 4 5 6 7 2 x GbE RJ45 Management Ports 4 x 40-GbE QSFP Slots 20 x 10-GbE SFP+ / GbE SFP Slots 8 x 10-GbE SFP+ Slots (Ultra-low latency) Network Processor Powered by FortiASICs Custom FortiASIC processors deliver the power you need to detect malicious content at multi-gigabit speeds Other security technologies cannot protect against today s wide range of content- and connection-based threats because they rely on generalpurpose CPUs, causing a dangerous performance gap FortiASIC processors provide the performance needed to block emerging threats, meet rigorous thirdparty certifications, and ensure that your network security solution does not become a network bottleneck Fortinet s new, breakthrough FortiASIC NP6 network processor works inline with FortiOS functions delivering: Superior firewall performance for IPv4/IPv6, SCTP and multicast traffic with ultralow latency down to 2 microseconds VPN, CAPWAP and IP tunnel acceleration Anomaly-based intrusion prevention, checksum offload and packet defragmentation Traffic shaping and priority queuing Content Processor The FortiASIC CP8 content processor works outside of the direct flow of traffic, providing high-speed cryptography and content inspection services including: Signature-based content inspection acceleration Encryption and decryption offloading 40-GbE Connectivity for Core Infrastructure High speed connectivity is essential for network security segmentation at the core of data networks. The FortiGate-3700D provides one of the highest 40-GbE and 10-GbE port densities in the market, simplifying network designs without relying on additional devices to bridge desired connectivity. 2

DEPLOYMENT Next-Generation Perimeter Security Firewalls alone aren t enough to block today s blended threats & attacks. Data Centers require multi-layered security technologies that examine entire packet flows, from content inspection through reassembly, stopping threats at the perimeter. The FortiGate-3700D offers these critical functionality without compromising performance & scalability. Data Center Core Security Today s high-speed data centers require not only perimeter security but also network protection between various network segments at the core. The FortiGate-3700D meets the requirement as a security gateway with superior next generation firewall performance and features. High density 10G interfaces allow connectivity between the segments without the need of bridging devices. MSSP Solution The FortiGate-3700D delivers comprehensive security for Managed Security Service Providers (MSSPs). The full suite of Fortinet integrated management applications including granular reporting features offer unprecedented visibility into the security posture of customers while identifying their highest risks. 3

SOFTWARE FEATURES FortiOS Dashboard - Single Pane of Glass Management Unique Visibility and Control FortiOS allows greater traffic visibility and more consistent, granular control over users, devices, applications and sensitive data. Dashboard widgets allow you to quickly view and understand real-time network activities and threat situations. Ease of Use FortiOS lowers operational costs and reduces IT staff workload. Single pane of glass management and centralized analysis ensure consistent policy creation and enforcement while minimizing deployment and configuration challenges. Comprehensive Systems Integration Integration with external systems are possible with wide range of interfacing protocols support and certified solution partners. You can rely on facilities such as SNMP, sflow and syslog for monitoring purposes. Integration with provisioning systems and custom portals is possible with Web Service APIs via FortiManager. Scripting using various scripting languages is supported by manipulating CLI commands. Proven with Industry Validation FortiGate holds more industry certifications than competitive products, assuring feature quality and providing you best-of-breed protection. Robust Virtual Systems FortiOS Virtual Domains (VDOMs) is proven method of dividing a FortiGate unit/cluster into two or more virtual units that function as independent units. It has the industry s most comprehensive virtualization capabilities to meet today s complex MSSP deployments. Identity Centric Enforcement FortiOS supports both local and remote authentication services such as LDAP, RADIUS and TACACS+ to identify users and apply appropriate access policies and security profiles accordingly. It can simplify identity based implementations and provide a seamless user authorization experience with single sign-on capabilities. FortiOS has strong PKI and certificate-based authentication services while also integrating an internal two factor authentication server for additional security. 4

SOFTWARE FEATURES Extensive Network Support FortiOS meets numerous network design requirements. A wealth of routing, multicasting and network resiliency protocols are supported for interoperating with other networking devices. Flexible Role-based Administration Access profiles can be defined to provide granular access to VDOMs and system functionalities. This is valuable in facilitating compliant enterprise-class security operation workflows. Superior IPS capabilities Over 4000 IPS signatures enables you to stop attacks that evade more conventional firewalls. Behavior-based heuristics recognize zero day threats for which no signature has been created. Application Control Advanced application control lets you define and enforce policies for thousands of applications running across networks regardless of port or the protocol used for communication. Powerful Policy Management Two types of policy management views - global and section view - are available to suit your preferences. Policy objects can be easily edited from the policy table. Available management features include policy object search, tagging, sorting and filtering. With FortiManager integration, you have the ability to set up sophisticated policy implementation and provisioning workflows to meet compliance or operational requirements. FortiAnalyzer enables complete and accurate configuration audit trails to reside externally for secured storage. Beyond Next Generation Firewall Capabilities FortiOS supports various value-adding components to the network that is unique in the market. This includes in-box token server, wireless controller and vulnerability scanner. These features simplify network design and deployment while also providing more secure implementations without incurring additional cost. Broad IPv6 Support Maintaining security for both IPv4 and IPv6 traffic will be crucial to the success of mixed networks. Malware and network threats are independent of IPv4 or IPv6. FortiOS is able to use IPv6 security policies to provide access control and UTM protection for IPv6 traffic. FortiOS has been successfully evaluated as compliant with core protocol and interoperability tests defined by IPv6 Ready Logo Phase 2. World-Class Technical Support and Documentation Fortinet FortiCare support offerings provide comprehensive global support for all Fortinet products and services. You can rest assured your Fortinet security products are performing optimally and protecting your users, applications, and data around the clock. More Features with FortiCarrier Software License SIP/IMS signaling firewall protects internal infrastructure and service against malicious messages and overload while providing NAT services and redundancy, providing VoIP edge scalability and a platform for managed security services MMS security - content scanning and protection (keyword blocking, antivirus, file-type blocking, antispam detection) with per-user services provide enhanced end-user security for increased uptime and higher customer satisfaction GTP firewall delivers protocol anomaly detection and prevention with multiple filter options for end-to-end security *For complete,up-to-date & detailed feature set, please refer to the Administration Handbook and FortiOS Datasheet 5

Specifications Interfaces & Modules 40-GbE QSFP Slots 4 10-GbE SFP+ / GbE SFP Slots 20 10-GbE SFP+ Slots (Ultra-low latency) 8 GbE RJ45 Management Ports 2 USB Ports (Client / Server) 1 / 1 Console Port 1 Internal Storage 960 GB Dimensions & Power Height x Width x Length Weight Form Factor AC Power Supply Power Consumption (Avg / Max) Heat Dissipation Redundant Power Supplies 5.25 x 17.2 x 22.8 in (133 x 437 x 579 mm) 46.9 lbs (21.3 kg) 3 RU 100-240 VAC, 50-60 Hz 725 / 870 W 2,970 BTU/h Yes, Hot Swappable System Performance & Capacity Firewall Throughput (1518 / 512 / 64 byte, UDP) 160 / 160 / 110 Gbps IPv6 Firewall Throughput (1518 / 512 / 86 byte, UDP) 160 / 160 / 110 Gbps Firewall Latency (64 byte, UDP) 2 µs Firewall Throughput (Packet per Second) 165 Mpps Concurrent Sessions (TCP) 44 Million New Sessions/Sec (TCP) 300,000 Firewall Policies 100,000 IPSec VPN Throughput (512 byte) 100 Gbps Gateway-to-Gateway IPSec VPN Tunnels 10,000 Client-to-Gateway IPSec VPN Tunnels 64,000 SSL-VPN Throughput 6 Gbps Concurrent SSL-VPN Users (recommended Max) 30,000 IPS Throughput 23 Gbps Antivirus Throughput (Proxy Based / Flow Based) 7.5 / 18 Gbps Virtual Domains (Default / Max) 10 / 500 Max Number of FortiAPs (Total / Tunnel Mode) 4,096 / 1,024 Max Number of FortiTokens 5,000 Max Number of Registered FortiClients 8,000 High Availability Configurations Active / Active, Active / Passive, Clustering Operating Environment & Certifications Operating Temperature Storage Temperature Humidity Compliance Certifications 32-104 F (0-40 C) -31-158 F (-35-70 C) 20 to 90% non-condensing FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CB ICSA Labs: Firewall, IPSec, IPS, Antivirus, SSL VPN Note: All performance values are up to and vary depending on system configuration. Antivirus performance is measured using 44 Kbyte HTTP files. IPS performance is measured using 1 Mbyte HTTP files. Note: All performance values are up to and vary depending on system configuration. Antivirus performance is measured using 44 Kbyte HTTP files. IPS performance is measured using 1 Mbyte HTTP files. Order Information Appliance FortiGate-3700D FG-3700D 4 x 40GE QSFP+ slots, 28 x 10GE SFP+ slots, 2 x GE RJ45 Management, 960 GB onboard storage, Dual AC power Supplies Accessories SFP LX Transceiver Module FG-TRAN-LX Transceiver LX module for all FortiGate models with SFP interfaces with LC connector SFP Gig Copper Transceiver Module FG-TRAN-GC Transceiver Base-T (Copper) module for all FortiGate models with SFP interfaces, supports 10/100/1000 operation with RJ45 connector SFP SX Transceiver Module FG-TRAN-SX Transceiver SX module for all FortiGate models with SFP interfaces SFP+ Transceiver Module FG-TRAN-SFP+SR 10-Gig transceiver, short range SFP+ module for all FortiGate models with SFP+ interfaces with LC connector SFP+ Long Range Transceiver Module FG-TRAN-SFP+LR 10-Gig transceiver, SFP+, Long Range QSFP+ Transceiver Module FG-TRAN-QSFP+SR 40GE transceiver, QSFP+, Short Range GLOBAL HEADQUARTERS EMEA SALES OFFICE APAC SALES OFFICE LATIN AMERICA SALES OFFICE Fortinet Inc. 1090 Kifer Road Sunnyvale, CA 94086 United States Tel: +1.408.235.7700 Fax: +1.408.235.7737 120 rue Albert Caquot 06560, Sophia Antipolis, France Tel: +33.4.8987.0510 Fax: +33.4.8987.0501 300 Beach Road #20-01 The Concourse Singapore 199555 Tel: +65.6513.3730 Fax: +65.6223.6784 Prol. Paseo de la Reforma 115 Int. 702 Col. Lomas de Santa Fe, C.P. 01219 Del. Alvaro Obregón México D.F. Tel: 011-52-(55) 5524-8480 Copyright 2013 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, and FortiGuard, are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance metrics contained herein were attained in internal lab tests under ideal conditions, and performance may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to the performance metrics herein. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet s internal lab tests. Fortinet disclaims in full any guarantees. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. Certain Fortinet products are licensed under U.S. Patent No. 5,623,600. FST-PROD-DS-GT37K FG-3700D-DAT-R2-201311

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information