Description
The FortiGate Next-Generation Firewall 90G series is a perfect choice for establishing robust, security-driven networks at any scale, particularly for distributed enterprise locations. Its transformational capabilities are supported by an array of AI/ML-based FortiGuard security services and the integrated Security Fabric platform, providing an automated, comprehensive defense against threats for all use cases. The 90G series stands out as the industry’s first to incorporate both integrated SD-WAN and zero-trust network access (ZTNA) within a Next-Generation Firewall (NGFW) solution, all powered by a single operating system. Its ability to autonomously regulate, verify, and facilitate user access to applications ensures a consistent and smooth user experience. This platform leverages FortiOS, Fortinet’s high-performance operating system, which drives the convergence of network and security services across the Fortinet Security Fabric. Its deployment flexibility enhances consistency and context-aware security posture across network, endpoint, and multi-cloud settings. Whether deployed in physical, virtual, container, or cloud form, FortiOS provides a versatile solution. This capability enables the consolidation of various technologies and use cases into a unified operating system, providing scalability and best-in-class abilities. FortiOS bolsters the Fortinet Security Fabric’s capacity to provide advanced AI/ML-powered services, inline advanced sandbox detection, integrated ZTNA enforcement, and more. It protects all hybrid deployment models, including hardware, software, and Software-as-a-Service with SASE. It enhances visibility and control, and facilitates a simplified, single policy and management framework. Its centralized management feature accommodates large-scale networks with interactive drill-down and topology viewers that display real-time status, quick protection against threats and abuses through on-click remediation, and a unique threat score system that correlates threats with users for prioritized investigations. With its custom Security Processing Unit (SPU), Fortinet’s 90G series firewall outperforms traditional firewalls which often struggle against modern content- and connection-based threats. This capability is due to conventional firewalls’ reliance on generic hardware and CPUs, which can lead to a performance gap. Fortinet’s SPU provides the necessary power—up to 520Gbps—to identify and block emerging threats without becoming a performance bottleneck. The Secure SD-WAN ASIC SP5 combines a RISC-based CPU with Fortinet’s proprietary SPU for unmatched performance. It offers rapid application identification and steering, bolstering business operations. IPsec VPN performance is accelerated, resulting in an optimal user experience on direct internet access. It also enables top-tier NGFW Security and Deep SSL Inspection without sacrificing performance, and extends security to the access layer, enabling accelerated and integrated switch and access point connectivity for SD-Branch transformation. System Performance and Capacity: The Firewall throughput measures 28 Gbps for 1518 byte UDP packets, 28 Gbps for 512 byte UDP packets, and 27.9 Gbps for 64 byte UDP packets. The Firewall latency is a speedy 3.23 μs for 64 byte UDP packets. It can handle a massive 41.85 million packets per second. The capacity for concurrent TCP sessions is 1.5 million, and it can establish up to 124,000 new TCP sessions per second. It supports up to 5000 firewall policies. VPN Capabilities: The IPsec VPN throughput is 25 Gbps for 512 byte packets. It can handle 200 Gateway-to-Gateway IPsec VPN tunnels and up to 2500 Client-to-Gateway IPsec VPN tunnels. The SSL-VPN throughput is impressive at 1.4 Gbps. It can support up to 200 concurrent SSL-VPN users in tunnel mode. SSL Inspection and Application Control: The SSL Inspection throughput averages 2.6 Gbps for HTTPS when IPS is enabled. It can handle 1400 SSL Inspection CPS (Connections Per Second) with IPS for average HTTPS. It can manage 300,000 concurrent SSL Inspection sessions with IPS for average HTTPS. The Application Control throughput for HTTP 64K is 6.7 Gbps. Additional Capabilities: The CAPWAP throughput for HTTP 64K is a whopping 23.6 Gbps. It supports 10 virtual domains by default, with a maximum of 10.