FortiGate 100D Series Data Sheet

pane of glass — for the industry’s best protection against the most advanced security threats ... plug in compatible wireless access points and IP pho...

0 downloads 47 Views 1003KB Size
DATA SHEET

FortiGate® 100D Series Distributed Enterprise Firewall Next Generation Firewall

FortiGate 100D Series FortiGate 100D, 140D and 140D-POE Validated Security

The Fortinet Enterprise Firewall Solution

One Network OS

Performance

The Fortinet Enterprise Firewall Solution delivers end-to-end network security with one platform, one network security operating system and unified policy management with a single pane of glass — for the industry’s best protection against the most advanced security threats and targeted attacks.

Single Pane of Glass

Universal Platform Support

One Enterprise Firewall Solution across the Extended Enterprise The FortiGate family of network appliances represents the industry’s broadest range of enterprise firewall platforms. FortiGate is based on FortiASIC, a purpose-built integrated architecture that provides extremely high throughput and exceptionally low latency, while delivering industry-leading security effectiveness and consolidation which is routinely validated by independent real-world tests. Targeted for mid-enterprises, the FortiGate 100D series contains superior security inspection functionality, deep visibility and high performance.

FortiGate appliances, interconnected with the Fortinet Security Fabric, form the backbone of the Fortinet Enterprise Solution

forti.net/sf

Highlights Firewall

IPS

FG-100D/140D

2.5 Gbps

310 Mbps

FG-140D-POE

2.5 Gbps

310 Mbps

NGFW

Threat Protection

Interfaces

220 Mbps

200 Mbps

Multiple GE SFP and GE RJ45

220 Mbps

200 Mbps

Multiple GE SFP and GE RJ45, GE RJ45 PoE

Enterprise Traffic Mix

Security Fabric Extensions

FortiAP

FortiClient

FortiToken

FortiSwitch

FortiSandbox

forti.net/fap

forti.net/fct

forti.net/ftk

forti.net/fsw

forti.net/fsa

DATA SHEET: FortiGate 100D Series ®

HARDWARE FortiGate 100D

FortiGate 140D 5

1 2 3 4 5 6 7

8

9 10

CP8

1. 2. 3. 4. 5.

USB Management Port 2x USB Ports Console Port 2x GE RJ45 WAN Ports 1x GE RJ45 Management Port

Shared Media

1U

1 2 3

4 6

7

CP8

32GB

6. 1x GE RJ45 DMZ Port 7. 2x GE RJ45 HA Ports 8. 14x GE RJ45 Switch Ports 9. 2x GE RJ45 Shared Ports 10. 2x GE SFP Shared Ports

8

1. 2. 3. 4.

USB Management Port USB Port Console Port 2x GE RJ45 WAN Ports

5. 6. 7. 8.

1U

32GB

1x GE RJ45 HA Port 1x GE RJ45 Management Port 36x GE RJ45 Switch Ports 2x GE SFP DMZ Ports

FortiGate 140D-POE 5 1 2 3

4 6

7

8

CP8

1. 2. 3. 4. 5.

USB Management Port USB Port Console Port 2x GE RJ45 WAN Ports 1x GE RJ45 HA Port

6. 7. 8. 9.

1U

9

32GB

POE

1x GE RJ45 Management Port 20x GE RJ45 Switch Ports 16x GE RJ45 PoE Ports 2x GE SFP DMZ Ports

Content Processor Powered by FortiASIC CP8

The FortiASIC CP8 content processor works outside of the direct flow of traffic, off-loading critical CPU resources.

Install in Minutes with FortiExplorer §§ Providing high-speed cryptography for encryption and decryption §§ Accelerates signature-based content inspection services such as AV and IPS

The FortiExplorer™ wizard enables you to easily and quickly set up and configure FortiGate platforms with easy-to-follow instructions. The application runs on Windows, Mac OS X desktops and laptops as well as popular mobile devices. Simply connect to the appropriate USB port on the appliance, and be fully protected in minutes.

Power up with PoE Interfaces The FortiGate 140D-POE include PoE interfaces that allow you to plug in compatible wireless access points and IP phones out of the box, providing ease of deployment and lower TCO.

2

www.fortinet.com

DATA SHEET: FortiGate 100D Series ®

SOFTWARE FortiOS Control all the security and networking capabilities across the entire FortiGate platform with one intuitive operating system. Reduce operating expenses and save time with a truly consolidated next generation security platform.

§§ A truly consolidated platform with one OS for all security and networking services for all FortiGate platforms. §§ Industry-leading protection: NSS Labs Recommended, VB100, AV Comparatives and ICSA validated security and performance. §§ Control thousands of applications, block the latest exploits, and filter web traffic based on millions of real-time URL ratings. §§ Detect, contain and block advanced attacks automatically in minutes with integrated advanced threat protection framework. §§ Solve your networking needs with extensive routing, switching, WiFi, LAN and WAN capabilities. §§ Activate all the ASIC-boosted capabilities you need on the fastest firewall platform available.

For more information, please refer to the FortiOS data sheet available at www.fortinet.com

SERVICES FortiGuard™ Security Services

FortiCare™ Support Services

FortiGuard Labs offers real-time intelligence on the threat

Our FortiCare customer support team provides global technical

landscape, delivering comprehensive security updates across

support for all Fortinet products. With support staff in the Americas,

the full range of Fortinet’s solutions. Comprised of security

Europe, Middle East and Asia, FortiCare offers services to meet the

threat researchers, engineers, and forensic specialists, the

needs of enterprises of all sizes:

team collaborates with the world’s leading threat monitoring

§§ Enhanced Support — For customers who need support

organizations, other network and security vendors, as well as law enforcement agencies:

during local business hours only. §§ Comprehensive Support — For customers who need around-

§§ Real-time Updates — 24x7x365 Global Operations research security intelligence, distributed via Fortinet Distributed Network to all Fortinet platforms. §§ Security Research — FortiGuard Labs have discovered over

the-clock mission critical support, including advanced exchange hardware replacement. §§ Advanced Services — For global or regional customers who need an assigned Technical Account Manager, enhanced

170 unique zero-day vulnerabilities to date, totaling millions of

service level agreements, extended software support, priority

automated signature updates monthly.

escalation, on-site visits and more.

§§ Validated Security Intelligence — Based on FortiGuard

§§ Professional Services — For customers with more complex

intelligence, Fortinet’s network security platform is tested and

security implementations that require architecture and design

validated by the world’s leading third-party testing labs and

services, implementation and deployment services, operational

customers globally.

services and more.

Enterprise Bundle FortiGuard Labs delivers a number of security intelligence services to augment the FortiGate firewall platform. You can easily optimize the protection capabilities of your FortiGate with the FortiGuard Enterprise Bundle. This bundle contains the full set of FortiGuard security services plus FortiCare service and support offering the most flexibility and broadest range of protection all in one package.

3

DATA SHEET: FortiGate 100D Series ®

SPECIFICATIONS FORTIGATE 100D

FORTIGATE 140D

FORTIGATE 140D-POE

GE RJ45 Ports

20

40

24

GE RJ45 PoE Ports





16

GE SFP or RJ45 Shared Ports

2





GE SFP Ports



2

2

1/2

1/1

1/1

T1 Port







Console Port

1

1

1

32 GB

32 GB

32 GB

NA

0

0

Hardware Specifications

USB Ports (Client / Server)

Internal Storage Included Transceivers System Performance Firewall Throughput Firewall Latency (64 byte UDP packets)

2.5 Gbps 37 μs

46 μs

Firewall Throughput (Packets Per Second)

300 Kpps

Concurrent Sessions (TCP)

2 Million

New Sessions/Second (TCP)

22,000

Firewall Policies

46 μs

10,000

IPsec VPN Throughput (512 byte packets)

450 Mbps

Gateway-to-Gateway IPsec VPN Tunnels

2,000

Client-to-Gateway IPsec VPN Tunnels

5,000

SSL-VPN Throughput

300 Mbps

Concurrent SSL-VPN Users (Recommended Maximum)

300

IPS Throughput (HTTP / Enterprise Mix) 1

950 / 310 Mbps

SSL Inspection Throughput 2

260 Mbps

Application Control Throughput 3

320 Mbps

NGFW Throughput 4

220 Mbps

Threat Protection Throughput 5

200 Mbps

CAPWAP Throughput 6

1.2 Gbps

Virtual Domains (Default / Maximum)

10 / 10

Maximum Number of FortiAPs (Total / Tunnel Mode)

64 / 32

Maximum Number of FortiTokens

1,000

Maximum Number of Registered FortiClients

600

High Availability Configurations

Active / Active, Active / Passive, Clustering

Dimensions Height x Width x Length (inches) Height x Width x Length (mm) Form Factor Weight

1.75 x 17.01 x 11.73

1.75 x 17.01 x 12.28

44 x 432 x 298

44 x 432 x 312

1.75 x 17.01 x 12.28 44 x 432 x 312

Rack Mount, 1 RU

Rack Mount, 1 RU

Rack Mount, 1 RU

9.5 lbs (4.3 kg)

11.5 lbs (5.2 kg)

11.5 lbs (5.2 kg)

Environment Power Required Maximum Current Total Available PoE Power Budget* Power Consumption (Average / Maximum) Heat Dissipation Operating / Storage Temperature

100–240V AC, 50–60 Hz 110 V / 3 A, 220 V / 1.5 A

110 V / 2 A, 220 V / 1 A





270 W

52.6 W / 63.1 W

44.8 W / 58.7 W

193.4 W / 337.1 W

200.3 BTU/h

1150.2 BTU/h

215.3 BTU/h

110 V / 4 A, 220 V / 2 A

32–104°F (0–40°C) / -31–158°F (-35–70°C)

Operating Altitude

Up to 7,400 ft (2,250 m)

Humidity

10–90% non-condensing

Compliance FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CB Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; USGv6/IPv6 Note: All performance values are “up to” and vary depending on system configuration. IPsec VPN performance is based on 512 byte UDP packets using AES-256+SHA1. 1. IPS performance is measured using 1 Mbyte HTTP and Enterprise Traffic Mix. 2. SSL Inspection is measured with IPS enabled and HTTP traffic, using TLS v1.2 with AES256-SHA. 3. Application Control performance is measured with 64 Kbytes HTTP traffic. 4. NGFW performance is measured with IPS and Application Control enabled, based on Enterprise Traffic Mix. 5. Threat Protection performance is measured with IPS and Application Control and Malware protection enabled, based on Enterprise Traffic Mix. 6. CAPWAP performance is based on 1444 byte UDP packets. For complete, up-to-date and detailed feature set, please refer to the Administration Handbook and FortiOS Datasheet. * Maximum loading on each PoE port is 15.4 W (802.3af).

4

www.fortinet.com

DATA SHEET: FortiGate 100D Series ®

ORDER INFORMATION Product

SKU

Description

FortiGate 100D

FG-100D

20x GE RJ45 ports (including 1x DMZ port, 1x Mgmt port, 2x HA ports, 16x internal switch ports), 2x shared media pairs (including 2x GE RJ45, 2x GE SFP slots), 32 GB onboard storage. Maximum managed FortiAPs (Total / Tunnel) 64 / 32.

FortiGate 140D

FG-140D

40x GE RJ45 (including 36x switch ports, 2x Mgmt/HA ports, 2x WAN ports), 2x GE SFP DMZ slots, 32 GB onboard storage. Maximum managed FortiAPs (Total / Tunnel) 64 / 32.

FortiGate 140D-POE

FG-140D-POE

40x GE RJ45 (including 16x PoE ports, 20x switch ports, 2x Mgmt/HA ports, 2x WAN ports), 2x GE SFP DMZ slots, 32 GB onboard storage. Maximum managed FortiAPs (Total / Tunnel) 64 / 32.

GLOBAL HEADQUARTERS Fortinet Inc. 899 Kifer Road Sunnyvale, CA 94086 United States Tel: +1.408.235.7700 www.fortinet.com/sales

EMEA SALES OFFICE 905 rue Albert Einstein Valbonne 06560 Alpes-Maritimes, France Tel: +33.4.8987.0500

APAC SALES OFFICE 300 Beach Road 20-01 The Concourse Singapore 199555 Tel: +65.6395.2788

LATIN AMERICA SALES OFFICE Sawgrass Lakes Center 13450 W. Sunrise Blvd., Suite 430 Sunrise, FL 33323 United States Tel: +1.954.368.9990

Copyright© 2016 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary and may be significantly less effective than the metrics stated herein. Network variables, different network environments and other conditions may negatively affect performance results and other metrics stated herein. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet and any such commitment shall be limited by the disclaimers in this paragraph and other limitations in the written contract. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests, and in no event will Fortinet be responsible for events or issues that are outside of its reasonable control. Notwithstanding anything to the contrary, Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. FST-PROD-DS-GT1H1 FG-100D-DAT-R13-201610