Fortinet, a provider of network security appliances and unified threat management services, has launched in the Philippines the FortiGate 3700D, a new high-performance, compact network firewall appliance for enterprise data centers, large service providers, cloud providers and carriers.
Claimed by the company as the world’s fastest data center firewall appliance, the Fortigate 3700D boasts four 40GbE (QSFP+) and 28 10GbE (SFP+) ports, can achieve up to 160 Gigabits per second (Gbps) firewall throughput. With the use of a new custom network processor (NP6) ASIC, the new appliance can deliver best-in-class performance, low latency, and IPv4 to IPv6 performance parity.
“Fortigate 3700D is a network security appliance that is more designed for data center security requirement. It provides high processing performance and firewall throughput and supports cloud computing and virtual domains,” says Nap Castillo, Regional Technical Consultant, Fortinet International, Inc.
Leveraging the FortiOS 5, which serves as the foundation for the company’s FortiGate network security platforms, FortiGate 3700D can be used across large or small enterprise infrastructures and multiple application personalities.
FortiOS 5 permits flexible deployment models within the data center such as core firewall, which provides very high performance firewall with ultra low latency or edge firewall. This setup can be used to serve internal or external communities with varying trust levels using different firewall personalities, including firewall + VPN, firewall + IPS, NGFW, advanced threat protection, and more.
“Our product portfolio has around 97% uniform functionalities from small and medium businesses to telcos and large enterprises. The FortiGate 3700D is the first model that we are introducing for the data center firewall space. Even though this is the first time, we do have models that can also be offered to data center customers,” said Castillo.
The company also claims that the FortiGate 3700D is the only appliance that has the lowest total cost of ownership (TCO) at 62 cents per megabits per second (Mbps). “The value for money would be very high. This is the data center firewall trend and requirement nowadays,” said Castillo. “For data center or cloud computing, we need to secure two parts: the edge of the data center which is facing the Internet or other networks and the core wherein we host our internal servers or computers. The performance requirement for the core part of the data center is much higher because this is where the 10Gbps backbone is, now that the 40Gbps and 100Gbps are being adopted by most of data center nowadays.”
Castillo explains that the FortiGate 3700D can be virtualized in such a way that one virtual domain can be configured as a data center edge firewall and another virtual domain will be configured for data center core firewall.
“We are now moving away from 1Gbps and 10Gbps interfaces, we are at the same time entering into the year of 40Gbps and 100Gbps interfaces or throughput requirements. And for cloud computing capability, we should be able to support the rapid or exponential growth of this technology,” said Castillo.
High capacity is another enhancement to the FortiGate 3700D. “With the rapid growth of high-speed interfaces, the performance of the firewall should be able to cope with these interfaces,” said Castillo “If you’re using a 40Gbps interface, but your processing is 100Mbps, there would be a bottleneck. Throughput should always go up together with the interface of the firewall.”
“As customers build new or redesign data centers, they incorporate network segmentation into the architecture,” adds Jeff Castillo, Country Manager, Fortinet Philippines. “Fortinet offers physical, hybrid or virtual network segmentation via its virtual domain (VDOM) capability.”
Castillo adds that the Fortigate 3700D is suitable for multi-tenant deployment. “There is the multi-tenant support which can provision a separate firewall for each customer.” Castillo explained that some of their clients, especially the telcos, have offered management security services to their customers which are the reason why they buy virtual domain licenses. This way, he notes, it will look like their customers will have their own firewall with a guaranteed performance based on its configurations.
As for migration issues, Castillo said Fortinet has tools that help customers convert their configurations from a non-Fortinet device to Fortinet device. If the configurations are very complex, Fortinet also offers some professional services that can help clients migrate their configurations. “Actually we have done that a lot. With the help of our tool called FortiConverter, and protective services team, we can help the customers migrate to a new appliance.”
