Overview:
The FortiGate 3700D high performance, high capacity data center firewall provides exceptional performance of 160 Gbps and ultra-low latency, ensuring your data center security solution doesn't become your data center bottleneck.
Eliminate Security Bottlenecks
It delivers this breakthrough performance and protection in a compact 3U form factor with four 40 GE and 28 10 GE interfaces that preserves scarce rack space while maximizing capacity. Powered by the new FortiASIC NP6 processor, the FortiGate 3700D is the first data center appliance to deliver performance parity for IPv4 and IPv6 traffic and dramatically increases VPN performance, enabling you to keep pace with your evolving network.
Flexible Deployment
The FortiGate 3700D gives you the flexibility to choose the firewall personality that best fits your requirements at the Edge or Core. You can take advantage of the high port density for physical segmentation of your network, as well as the virtual domains (VDOMs) for virtual segmentation.
Performance and Reliability for High Bandwidth Networks
- Breakthrough IPv4 to IPv6 firewall performance parity
- Flexible firewall personalities enable deployment at the Edge or Core
- Compact 3U footprint conserves rack space and minimizes energy consumption
- Freedom to add integrated security technologies (such as IPS, App Control, VPN)
- Cloud-ready multi-tenant support and APIs for rapid orchestration
- FortiOS 5 delivers the most complete, battle-tested set of security functions to protect your network and data
Highlights |
160 Gbps |
30 Gbps |
Multiple 40 GE QSFP+, 10 GE SFP+, GE SFP and GE RJ45 |
Hardware:
Interfaces
- USB Management Port
- USB Port
- Console Port
- 2x GE RJ45 Management Ports
- 4x 40 GE QSFP Slots
- 20x 10 GE SFP+ / GE SFP Slots
- 8x 10 GE SFP+ Slots (Ultra-low latency)
Powered by FortiASICs
- Custom FortiASIC processors deliver the power you need to detect malicious content at multi-Gigabit speeds
- Other security technologies cannot protect against today' s wide range of content and connection-based threats because they rely on general-purpose CPUs, causing a dangerous performance gap
- FortiASIC processors pr ovide the performance needed to block emerging threats, meet rigorous third-party certifications, and ensure that your network security solution does not become a network bottleneck
Network Processor
Fortinet's new, breakthrough FortiASIC NP6 network processor works inline with FortiOS functions delivering:
- Superior firewall performance for IPv4/IPv6, SCTP and multicast traf fic with ultra-low latency down to 3 microseconds
- VPN, CAPWAP and IP tunnel acceleration
- Anomaly-based intrusion prevention, checksum of fload and packet defragmentation
- Traf fic shaping and priority queuing
Content Processor
The FortiASIC CP8 content processor works outside of the direct flow of traffic, providing high-speed cryptography and content inspection services including:
- Signature-based content inspection acceleration
- Encryption and decryption offloading
40 GE Connectivity for Core Infrastructure
High speed connectivity is essential for network security segmentation at the core of data networks. The FortiGate 3700D provides one of the highest 40 GE and 10 GE port densities in the market, simplifying network designs without relying on additional devices to bridge desired connectivity.
Software:
FortiOS
Control all the security and networking capabilities across the entire
FortiGate platform with one intuitive operating system. Reduce
operating expenses and save time with a truly consolidated next
generation security platform.
- A truly consolidated platform with one OS for all security and networking services for all FortiGate platforms.
- Industry-leading protection: NSS Labs Recommended, VB100, AV Comparatives and ICSA validated security and performance.
- Control thousands of applications, block the latest exploits, and filter web traffic based on millions of real-time URL ratings.
- Detect, contain and block advanced attacks automatically in minutes with integrated advanced threat protection framework.
- Solve your networking needs with extensive routing, switching, WiFi, LAN and WAN capabilities.
- Activate all the ASIC-boosted capabilities you need on the fastest firewall platform available.
Services:
FortiGuard Security Services
FortiGuard Labs offers real-time intelligence on the threat landscape, delivering comprehensive security updates across the full range of Fortinet's solutions. Comprised of security threat researchers, engineers, and forensic specialists, the team collaborates with the world's leading threat monitoring organizations, other network and security vendors, as well as law enforcement agencies:
- Real-time Updates — 24x7x365 Global Operations research security intelligence, distributed via Fortinet Distributed Network to all Fortinet platforms.
- Security Research — FortiGuard Labs have discovered over 170 unique zero-day vulnerabilities to date, totaling millions of automated signature updates monthly
- Validated Security Intelligence — Based on FortiGuard intelligence, Fortinet's network security platform is tested and validated by the world's leading third-party testing labs and customers globally.
FortiCare Support Services
Our FortiCare customer support team provides global technical support for all Fortinet products. With support staff in the Americas, Europe, Middle East and Asia, FortiCare offers services to meet the needs of enterprises of all sizes:
- Enhanced Support — For customers who need support during local business hours only.
- Comprehensive Support — For customers who need around- the-clock mission critical support, including advanced exchange hardware replacement.
- Advanced Services — For global or regional customers who need an assigned Technical Account Manager, enhanced service level agreements, extended software support, priority escalation, on-site visits and more.
- Professional Services — For customers with more complex security implementations that require architecture and design services, implementation and deployment services, operational services and more.
Enterprise Bundle
FortiGuard Labs delivers a number of security intelligence services to augment the FortiGate firewall platform.
You can easily optimize the protection capabilities of your FortiGate with the FortiGuard Enterprise Bundle. This
bundle contains the full set of FortiGuard security services plus FortiCare service and support offering the most
flexibility and broadest range of protection all in one package.
Specifications:
FortiGate 3700D Specifications |
40 GE QSFP Slots |
4 |
10 GE SFP+ / GE SFP Slots |
20 |
10 GE SFP+ Slots (Ultra-low Latency) |
8 |
GE RJ45 Management Ports |
2 |
USB Ports (Client / Server) |
1 / 1 |
Console Port |
1 |
Internal Storage |
960 GB |
Included Transceivers |
2x SFP+ (SR 10GE) |
Firewall Throughput (1518 / 512 / 64 byte, UDP) |
160 / 160 / 110 Gbps |
IPv6 Firewall Throughput (1518 / 512 / 86 byte, UDP) |
160 / 160 / 110 Gbps |
Firewall Latency (64 byte, UDP) |
2 µs |
Firewall Throughput (Packet per Second) |
165 Mpps |
Concurrent Sessions (TCP) |
50 Million |
New Sessions/Second (TCP) |
400,000 |
Firewall Policies |
100,000 |
IPsec VPN Throughput (512 byte) |
100 Gbps |
Gateway-to-Gateway IPsec VPN Tunnels |
40,000 |
Client-to-Gateway IPsec VPN Tunnels |
64,000 |
SSL-VPN Throughput |
10 Gbps |
Concurrent SSL-VPN Users (Recommended Maximum) |
30,000 |
IPS Throughput (HTTP / Enterprise Mix) 1 |
57 / 22 Gbps |
SSL Inspection Throughput 2 |
24 Gbps |
Application Control Throughput 3 |
36 Gbps |
NGFW Throughput 4 |
14 Gbps |
Threat Protection Throughput 5 |
12 Gbps |
CAPWAP Throughput 6 |
22 Gbps |
Virtual Domains (Default / Maximum) |
10 / 500 |
Maximum Number of FortiAPs (Total / Tunnel Mode) |
4,096 / 1,024 |
Maximum Number of FortiTokens |
5,000 |
Maximum Number of Registered FortiClients |
20,000 |
High Availability Configurations |
Active / Active, Active / Passive, Clustering |
Height x Width x Length (inches) |
5.25 x 17.2 x 22.8 |
Height x Width x Length (mm) |
133 x 437 x 579 |
Weight |
46.9 lbs (21.3 kg) |
Form Factor |
3 RU |
AC Power Supply |
100–240V AC, 50–60 Hz |
DC Power Supply (FG-3700D-DC) |
48–72V DC |
Power Consumption (Average / Maximum) |
725 / 870 W |
Heat Dissipation |
2,970 BTU/h |
Redundant Power Supplies |
Yes, Hot Swappable |
Operating Temperature |
32–104°F (0–40°C) |
Storage Temperature |
-31–158°F (-35–70°C) |
Humidity |
20–90% non-condensing |
Operating Altitude |
Up to 7,400 ft (2,250 m) |
Compliance |
FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CB |
Certifications |
ICSA Labs: Firewall, IPsec, IPS, Antivirus, |
|
SSL-VPN |
Note: All performance values are "up to" and vary depending on system configuration. IPsec VPN performance is based on 512 byte UDP packets using AES-256+SHA1.
1. IPS performance is measured using 1 Mbyte HTTP and Enterprise Traffic Mix.
2. SSL
Inspection is measured with IPS enabled and HTTP traffic, using TLS v1.2 with AES256-SHA.
3. Application Control performance is measured with 64 Kbytes HTTP traffic.
4. NGFW performance is measured with IPS and Application Control enabled, based on
Enterprise Traffic Mix.
5. Threat Protection performance is measured with IPS and Application Control and Malware protection enabled, based on Enterprise Traffic Mix.
6. CAPWAP performance is based on 1444 byte UDP packets.
Documentation:
Download the Fortinet FortiGate 3700D Data Sheet (PDF).