Fortinet : Unveils New FortiGate 1800F Appliance and NP7 Network Processor

Enabling High Performance and Dynamic Internal Segmentation in the Data Center

Digital innovation is proceeding at a breakneck pace. It is enabling organizations and individuals alike to have unprecedented access to data, rich streaming media, and business-critical applications. It is also enabling dynamic connectivity between individual devices, networks, branch offices, and multiple clouds - as well as the lightning-fast speed and massive scalability required by data centers. These massive data center architectures require ever-increasing bandwidth and throughput to support things like segmenting massively scalable services co-hosted on physical and virtualized infrastructure.

It is not an overstatement to declare that these demands on today's data centers are completely transforming today's digital landscape.

Flat Networks Efficiency - Is it Worth the Security Tradeoff?

Because of the rate at which applications, workflows, and transactions need to occur, and to accommodate the need for interoperability and communication between devices, many organizations are reverting to flat, open networks to accelerate transactions, applications, and workflows. And a growing number of these networks are being built around high-performance routing and switching infrastructure that don't include security due to the performance limitations inherent of traditional security solutions. Instead, they are relying on VLANs and Layer 4 access lists to do the heavy lifting required to protect these environments.

From a security perspective, this can be disastrous. Breaching the network perimeter of a flat network allows hackers to establish a beachhead and then move laterally to gain access to credentials, resources, and data. And worse, the lack of an internal security infrastructure also significantly limits the organization's visibility into traffic behaviors and data flows, which further hinders the ability to detect a breach. It's the reason why the average mean time to identify a threat in today's networks is 197 days, with another 69 days required to contain and eliminate it. And for small to medium-sized businesses that have fewer security resources available, the problem is even worse, with dwell times exceeding two years.

To address these security challenges while maintaining an architectural design that offers flexibility and the need for accelerated interoperability between all IT resources, these flat networks require segmentation and automated workflows. This ensures that any device connecting to the network is identified and assigned to only those resources it requires to do its job, and that individual or groups of devices can securely communicate across an open infrastructure without exposure to risk through the implementation of automatically secured workflows that can keep pace with network and application performance demands.

Accelerating Security Performance in the Data Center

Because new environments, applications, and workflows have outpaced the performance abilities of traditional security solutions, organizations seeking to handle the unprecedented user consumption of online services while maintaining an excellent customer experience are left with two choices: either slow down their networks and make the user experience suffer, or sacrifice security to maintain performance.

Both of those are terrible options.

The problem is that traditional security appliances built with off-the-shelf CPUs and hardware to process network and security traffic are now an infrastructure bottleneck. Simply put, yesterday's security performance is no longer enough to secure and enable enterprises to operate at the pace of today's business innovation. But you can't achieve the performance and protections of tomorrow using yesterday's technology.

Introducing the New Fortinet FortiGate 1800F Next-Generation Firewall (NGFW)

To address this challenge, Fortinet has engineered and released its groundbreaking 7^th Generation Network Processor - NP7, and introduced the FortiGate 1800F NGFW appliance. The FortiGate 1800F will be the first of many FortiGate NGFWs that are powered by NP7.

FortiGate 1800F enables a Security-driven Networking approach and is engineered to enable large enterprises to handle unprecedented levels of data and application demands. FortiGate 1800F series offer today's largest organizations the ability to segment and launch services, manage internal and external risks, and preserve user experience.

FortiGate 1800F is also an integral part of the Fortinet Security Fabric, and enables several of the highest Security Compute Ratings * to meet the industry's extraordinary data center security demands.

The newly released FortiGate 1800F, built around our new NP7 processor, provides advanced levels of security performance and scalability that no other solution on the market is able to match. Compared to the industry average, the FortiGate 1800F supports multiple 40G elephant flows**, provides a Security Compute Rating of 14X the firewall performance, 14X greater IPSec performance, 4X more concurrent connections, and a remarkable 20X increase in the inspection of SSL-encrypted traffic over comparable solutions.

Fortinet's NP7 provides unmatched scale, performance, and acceleration capabilities for securing large enterprise data centers and related ultra-high-performance use cases. The speed and agility that NP7 offers provides significant performance increases for the massive capacity requirements these large enterprises face today.

According to John Maddison, EVP of Products and CMO at Fortinet, 'The FortiGate 1800F powered by NP7 has a Security Compute Rating ranging from 3x to 20x faster than the comparable product from our competition. This allows our customers to deploy FortiGate 1800F as an internal segmentation firewall and effectively strengthen their security posture.'

This advancement is also fundamental to Fortinet's Security-Driven Networking approach that not only inspects traffic - even encrypted traffic - in real time, but also provides full visibility of network flows through high-performance SSL inspection of encrypted traffic, including the industry's latest TLS 1.3 standard for automated threat protection.

All of this requires processing power that is simply unavailable using off-the-shelf CPUs and hardware, even if you implement tricks like chaining hardware components together or implement software shortcuts such as parallel processing to compensate for inherent hardware performance limitations. Instead, security tools require specialized hardware designed to support complex environments, so organizations don't have to make a Sophie's Choice between performance and protection.

FortiGate 1800F NGFW Use Cases and Benefits:

Fortinet's FortiGate 1800F NGFW is engineered for large enterprises to quickly and securely drive digital innovation by offering capabilities to meet the huge capacity and performance demands of critical business operations such as:

Managing Internal Security Risks: Most firewalls simply cannot perform fast enough to enable internal segmentation. With multiple high speed 40G interfaces and the industry's best threat protection performance with a Security Compute Rating of 3x, FortiGate 1800F enables enterprises to properly segment their network to manage internal security risks. Additionally, FortiGate 1800F intelligently adapts to segmented users, devices, and applications - regardless of their location, whether on-premise or in multiple clouds - providing automated threat detection and enforcement.

Accelerating the Cloud On-Ramp: IPsec encryption must be high performing to enable and accelerate the cloud on-ramp for organizations adopting multiple clouds for IaaS and SaaS services. FortiGate 1800F offers the highest Security Compute Rating of 14x for IPsec encryption when benchmarked against competitors, enabling the required speed, scale, and availability organizations need when on-ramping to the cloud.

Removing Blind Spots: With as much as 60 percent of encrypted traffic containing malware, SSL inspection performance has become critical to properly secure the network. FortiGate 1800F offers the industry's highest SSL inspection performance with a Security Compute Rating of 20x, as well as support for the industry's latest TLS 1.3 standard, to eliminate network blind spots by enabling full visibility of clear-text and encrypted network flows.

Securing Services Across Hybrid Architectures: Traditional software-based security solutions have low performance and high latency, which increases time to service and provides a poor user experience. The FortiGate 1800F's hardware-accelerated Virtual Extension LAN (VXLAN) feature enables massively scalable, adaptable internal segmentation and allows super-fast communication between enormously scaled services, such as compute, storage, and applications that are co-hosted on physical and virtual platforms. This allows organizations that leverage a highly scalable virtual services architecture to launch services and applications in the most agile fashion possible to increase productivity and revenue opportunities.

Enabling Secure Advanced Research: Organizations often transition their research to AI and ML simulations to allow for faster discovery of their objectives. For example, pharmaceuticals can measure the effectiveness of new drugs or develop drugs faster with reduced risks and potentially with lower costs. AI/ML simulations require the transfer of huge datasets (e.g. 10+ TB files), called an elephant flow, that today's data centers struggle to securely transfer, bringing research and collaboration to a crawl. The performance capabilities of FortiGate 1800F allow research organizations to perform big data analysis and natural language processing at unprecedented speeds where a single elephant flow can reach up to 40Gbps. Just as important, with FortiGate 1800F NGFWs, these elephant flows are secured using high-performance encryption to ensure privacy and compliance.

Securing the New Age of Digital Innovation

The adoption of digital innovation has ushered in an era of significant and ongoing transformation within data centers. To remain competitive in this era of explosive demands for unprecedented scale, availability, and application delivery requirements, some of the largest enterprises in the world are developing architectures --- hyperscale architectures -- within their data centers that are capable of rapidly expanding to millions of physical and virtual instances in order to meet massive demand.

With its unmatched scale, performance, acceleration, internal segmentation capabilities, and speed and agility, NP7-powered FortiGate 1800F NGFWs provide these large organizations with the ability to develop and segment services, manage internal and external risks, and preserve user experience. NP7 will also power future FortiGate appliances to enable agile, high-performance security for hyperscale data centers and other environments where hyperscale, hyperconnectivity, and hyperperformance are table stakes.

*Security Compute Rating is the benchmark (performance multiplier) that compares Fortinet's purpose-built ASIC-based FortiGate NGFW performance vs the industry average of competing products across various categories that fall within the same price band that utilize generic CPUs for networking and security capabilities.

**An elephant flow is a single session that consumes a large amount of bandwidth.

Don't miss Fortinet's upcoming global virtual event for cybersecurity and networking professionals to learn more about our latest product announcements. Sign up here.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.

Click here for more information about the new FortiGate 1800F and here for more information about the next-generation Fortinet NP7 processor. The combination offers unprecedented performance and FortiGate's wide range of market-leading security solutions and service.