FortiGate® appliances deliver complete threat protection within a single solution covered by a single device license, enabling customers to deploy any mix of them to complement existing security systems and expand functionality at their own pace without investing in additional hardware or software.
Unified Threat Management (UTM):
Consolidated Security Platform
Fortinet's FortiGate consolidated security platforms provide you with the ability to protect your network with the fastest firewall technology on the market. You also have the freedom to deploy the widest range of security technologies available, to fit your dynamic network environment.
Consolidation Without Compromise
Fortinet pioneered the concept of security consolidation a decade ago, and continues to lead the industry. We integrate multiple technologies on a single security platform to increase your visibility of applications, data and users, while eliminating redundant and ineffective filtering. The result is improved control over your network coupled with increased performance.
Fortinet's purpose-built hardware and software provide industry-leading performance for the most demanding networking environments. Custom FortiASIC™ processors deliver the power you need to detect malicious content at multi-Gigabit speeds We developed our integrated architecture specifically to provide extremely high throughput and exceptionally low latency. Our unique approach minimizes packet processing while accurately scanning the data for threats.
Broad Range of Technologies
FortiGate security platforms include the broadest range of technologies in the industry to give you the flexibility you need to protect your dynamic network. Each FortiGate includes core security technologies such as firewall, intrusion prevention, application control, web content filtering, and VPN, as well as antispyware, WAN optimization, two factor authentication, antispam, and much more.
Visibility and Control of Applications
Our high-performance unified threat management solutions provide the visibility you need to detect hidden threats within legitimate content, even from trusted sources and authorized applications. This unmatched protection means you can allow new applications into your network, but automatically block any malicious content or behavior.
Stop Spam Email
Unsolicited email in the form of spam costs corporations and government agencies billions of dollars every year. Employees spend time sorting and deleting spam from their regular email while servers and networks have to contend with the extra traffic generated. In addition, spam emails are the most common means with which bots propagate, and often contain malware and links to inappropriate sites.
Block Malicious Content
Fortinet® antispam technology offers a wealth of features to detect, tag, quarantine, and block spam messages and their malicious attachments. FortiGate® and FortiWifi™ platforms and FortiClient™ end-point security agents offer integrated antispam functionality as part of their multi-layered protection, backed by the FortiGuard™ Antispam Service. FortiMail™ appliances compliment this functionality with additional features and deployment options that offer an even more effective barrier against the ever-rising volume of spam. FortiMail provides the maximum levels of protection against sophisticated email attacks, and with FortiMail appliance's content archiving functions, assistance with regulatory compliance.
FortiGuard Global Spam Filtering
Fortinet applies a comprehensive, multi-layered approach to guard against spam. Global spam filtering is provided through the FortiGuard Antispam service which has access to the Fortinet Global Threat Intelligence database. The FortiGuard team collects and analyzes a constant flow of sender IP reputation and spam signatures from the large installed base of FortiGate, FortiClient and FortiMail platforms. This global database is constantly updated, enabling FortiGate, FortiClient and FortiMail appliances to detect and filter most prevailing spam. In addition, customized spam filters can be created to filter email for banned words, blocked and allowed email sender addresses, heuristic rules, and highly sophisticated techniques such as Bayesian training in FortiMail.
A large amount of spam is sent everyday by improperly configured or virus-infected host email servers. FortiGuard Antispam Service maintains a global IP reputation database where the reputation of each IP address is updated based on information gathered from multiple sources. IP address reputation properties can include 'whois' information, geographical location, service provider, host server information, and more. In addition, by comparing each sender's historical email volume with their current email volume, FortiGuard Antispam Service updates the reputation of each IP address in real-time, providing a highly effective sender IP address filter.
Stop Malware Infections
Malware infections in networks, servers and endpoint devices cost enterprises, service providers and government agencies billions of dollars every year. You must spend time removing viruses from endpoints and servers, while your organization can lose valuable and sensitive data through spyware and bots that send information undetected from inside the network perimeter to outside command and control servers. In addition, some viruses are capable of taking down your entire network or deleting critical information from servers and databases.
Fortinet antivirus technology combines advanced signature and heuristic detection engines to provide multi-layered, real-time protection against both new and evolving virus, spyware, and other types of malware attacks in web, email, and file transfer traffic. FortiASIC™ Content Processors, integrated into FortiGate® and FortiWifi™ products, accelerates both signature scanning and heuristics/anomaly detection for protection against viruses, while delivering performance that scales from entry-level appliances to multi-gigabit core network or data center platforms.
In addition to three proxy-based antivirus databases, FortiGate security platforms include a high-performance flow-based antivirus option. The flow-based option allows you to scan files of any size while maintaining the highest levels of performance. In addition, flow-based inspection enables scanning of files within compressed files to detect hidden threats. By providing you the flexibility to choose your antivirus engine, you can balance your performance and security requirements for your environment.
Comprehensive Malware Protection
Encryption/decryption capabilities for all common tunneling protocols including PPTP, L2TP, IPSec, SSL and on-demand host integrity checking enable inspection of encrypted content, such as traffic sent over VPN connections. In addition, Fortinet antivirus supports content inspection within SMTP, POP3, IMAP, FTP, HTTP, IM and P2P protocols, and all major compressed file formats. For scanning of endpoint devices, FortiClient end-point security agents extend antivirus protection to remote desktop computers, mobile laptops, and smartphones that may operate outside of the network perimeter.
Fortinet antivirus gets regular updates from FortiGuard Services. The FortiGuard threat research team and global distributed network provides industry-leading antivirus signature updates for comprehensive protection against all types of content-level threats. Automatic updates of antivirus signatures keep FortiGate appliances continuously up to date.
Stop Complex Threats & Malware
Web 2.0 applications, such as Facebook, Twitter and Skype are increasing the volume and complexity of your network traffic, and exposing your organization to a new generation of web-based threats and malware. More than ever, it's important for your business to monitor and control the use of web-based social networking applications cloud-based services in order to safeguard sensitive information and maintain compliance with government regulations and industry best practices.
Block Malicious Content
Traditional firewalls detect and restrict applications by port, protocol and server IP address, and cannot detect malicious content or abnormal behavior in many web-based applications. Fortinet Application Control allows you to identify and control applications on networks and endpoints regardless of port, protocol, and IP address used. It gives you unmatched visibility and control over application traffic, even unknown applications from unknown sources.
Behavioral analysis, end-user association, and application classification can be used to identify and restrict application usage at a granular level. Protocol decoders decrypt and examine network traffic to detect applications attempting to hide their activity through tunneling. Once network traffic is decoded, applications can be identified by their unique signatures and traffic shaping can be applied to restrict or block non-priority applications and traffic.
FortiGuard Application Control Database
Fortinet Application Control leverages one of the largest application signature databases available - the FortiGuard® Application Control Database. This enables you to control more than 1,500 different Web-based applications, software programs, network services and network traffic protocols. FortiGuard Services deliver regularly scheduled updates to FortiGate consolidated security appliances, ensuring that Fortinet Application Control always has the latest signatures available.
Application control is essential to manage the explosion of new Internet-based technologies bombarding networks today. Since all Fortinet security technologies are developed in-house, Fortinet Application Control works seamlessly with other Fortinet security technologies including Intrusion Prevention, Data Loss Prevention, Antivirus, Antispam, and Web Filtering to provide complete content protection for your growing business.
Data Loss Prevention (DLP):
Secure Your Data
Data loss events continue to increase every year, resulting in fines, penalties and loss of revenue for companies worldwide. Many data loss events are caused by trusted employees who frequently send sensitive data into untrusted zones, either intentionally or by accident. Fortinet DLP uses sophisticated pattern matching techniques and user identity to detect and prevent unauthorized communication of sensitive information and files through the network perimeter. Fortinet DLP features include fingerprinting of document files and document file sources, multiple inspection modes (proxy and flow-based), enhanced pattern matching and data archiving.
Intelligent Pattern Matching
Fortinet DLP can monitor numerous Internet, email and instant messaging protocols for sensitive data. It can also search content based on text strings, as well as enhanced pattern matching including wild cards and Perl regular expressions. For example, pattern matching can be used to scan network traffic for sensitive personal information such as social security and credit cards numbers. When it finds a match, it can block sensitive content, pass it on to the intended recipient or archive it with potential leak notifications generated. Fortinet DLP can be used to block sensitive information coming into the network or going out. For example, by blocking content often found in spam email messages, DLP can enhance your incoming data protection measures.
Prevent Data Leaks
Fortinet DLP sensors provide a central location to you to configure and store desired DLP features, and can be used to specify parameters such as document file fingerprints, document file sources, inspection modes, enhanced pattern matching, and archiving preferences. DLP sensors can contain multiple DLP filters, and you can point each of these filters to a configured DLP feature, such as fingerprinting.
You can also enable content archiving to store a record all content, or selected content that passes through a FortiGate unit. DLP sensors can be created to archive sensitive content or content delivered using certain protocols, and you can archive content to a FortiGate or FortiAnalyzer appliance. Archiving DLP content is useful when auditing is required by law, or for simply keeping track of network usage. Full DLP content archiving also saves web pages, email messages, and files in their entirety.
Secure Your Data
Database servers are the most important servers your company owns. They store all the most critical company assets include client details, financial information, human resource details, product designs and more - all the data that keeps your company in business and, as such, they need to be secure. According to one recent Forrester study, 80 percent of data security breaches involve insiders, employees or those with internal access to an organization, putting information at risk. The big challenge for companies today – particularly as email and the Internet make sharing and distributing corporate information easier than ever - is to strike the right balance between providing workers with appropriate access and protecting sensitive information as much as possible.
Intelligent Database Security
Fortinet database security and compliance products offer centrally-managed, enterprise-scale, database hardening; fast, comprehensive policy compliance; vulnerability assessment; and database monitoring and auditing for improved data security across the enterprise. Automatic database discovery finds all databases on the network, including those across subnet and WAN boundaries. 24 x 7 database activity monitoring and auditing captures all forms of database activity, from administrative events to user operations, to detect erroneous or malicious activity.
Accurate Audit Trail
Database auditing records all database activity for complete and accurate audit trails, with independent storage for additional security. Hundreds of pre-installed policies cover standard industry and government requirements and database security best practices, plus a comprehensive set of graphical reports, to deliver out-of-the-box readiness and immediate value. These reports include compliance reporting for important regulations such as PCI-DSS, SOX, GLBA, and HIPAA. Fortinet database security and compliance is available both in one of three FortiDB appliances and as software for a wide variety of enterprise operating systems.
Secure Your Infrastructure
Any enterprise with an internet and intranet that allows its workers access to the Internet and corporate resources installs firewalls to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to. A firewall, working closely with other networking infrastrucutre, examines each network packets to determine whether to forward it toward its destination. A firewall is often installed in a specially designated computer separate from the rest of the network so that no incoming request can get directly at private network resources. Threats have evolved much through the years but firewall is still one of the most fundamental protections for network of any sizes.
Fortinet firewall technology combines ASIC-accelerated stateful inspection with an arsenal of integrated application security engines to quickly identify and block complex threats. FortiGate® firewall protection integrates with other key security features such as VPN, antivirus, intrusion prevention system (IPS), web filtering, antispam and traffic shaping to deliver multi-layered security that scales from SOHO/ROBO appliances to multi-gigabit core network or data center platforms. FortiManager™ and FortiAnalyzer™ turn-key appliances provide centralized management of thousands of FortiGate systems and detailed reporting capabilities for internal auditing and reporting.
Comprehensive Security Solution
Fortinet Firewall technology in the FortiGate Consolidated security appliance fully integrates with other Fortinet security technologies (e.g., antivirus, Web filtering) enables extensive protection profiles for in-depth defense. Built-in Virtual security domains and security zones enable network segmentation by customer, business unit, or any other physical or logical division for increased policy granularity and multi-layered security.
Granular Policy Definition
Fortinet firewall supports three operational modes (transparent, static NAT, and dynamic NAT) adapt to existing infrastructure for deployment versatility. With easily customized application definitions, Fortinet firewall solution delivers additional policy granularity for more accurate protection. In addition, FortiClient end-point security agents integrates with Fortinet firewall solution to extend firewall protection to remote desktop computers, mobile laptops, and smartphones that operate outside the network perimeter.
Defend the Endpoint
Endpoint is an individual devices or computer systems that acts as a network clients. Common endpoints include desktop PCs, laptops, smart phones, tablets and specialized equipment such as bar code readers, point of sale (POS) terminals. Endpoint security includes all of the measures taken to implement security concerning endpoints. These measures include determining the risk required to protect endpoints to protecting the network from the endpoints themselves. It also includes the management and administration of these security measures, including risk management and reporting. Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted.
Comprehensive Security Solution
Fortinet Endpoint Protection offers comprehensive security for your Windows-based and Mac-based desktops, laptops, file servers helping you to safeguard your systems with advanced security technologies all managed from a single management consoles. FortiClient Endpoint Security and FortiMobile Smartphone Security are client-based software solutions designed to provide security features for enterprise computers and mobile devices. When used in connection with FortiGate appliances, FortiClient delivers endpoint control, VPN and integrated threat management for PCs and Laptops. FortiMobile provides VPN, Internet protection, call filtering and address book security features for smartphones.
FortiClient Endpoint Security secures end points by extending Unified Threat Management to remote devices. It enables organizations to deploy business practices requiring secure remote access connectivity for its distributed and mobile workforce, contractors and partners. Working in conjunction with Fortinet's FortiGate® consolidated security appliances, FortiClient focuses on Endpoint Control, WAN optimization, VPN and Identity verificatio, all from a single agent, to support differing remote access security needs.
Secure Mobile Devices
FortiMobile offers a range of security capabilities protect smartphones running the Windows Mobile or Symbian platforms. Features include antivirus scanning, personal firewall, Outlook address book protection (Windows Mobile only), IPSec VPN, SMS antispam and filtering, phone security, and call filtering. Automatic updates from the FortiGuard subscription service, ensure protection against the latest threats.
Intrusion Prevention System (IPS):
Stop Network Intruders
Fortinet IPS technology protects networks from both known and unknown threats, blocking attacks that might otherwise take advantage of network vulnerabilities and unpatched systems. Fortinet understands that your enterprise or service provider network is supporting many different applications, protocols and operating systems at the same time. This diverse infrastructure can complicate maintenance and patching of servers and network devices, resulting in delays and systems that are vulnerable to evolving threats.
Fortinet IPS offers a wide range of features that can be used to monitor and block malicious network activity including: predefined and custom signatures, protocol decoders, out-of-band mode (or one-arm IPS mode), packet logging, and IPS sensors. IPS sensors provide a convenient, centralized location to configure and deploy an arsenal of IPS tools. You can install Fortinet intrusion prevention technology, available in all FortiGate® and FortiWiFi™ platforms, at the edge of your network or within the network core to protect critical business applications from both external and internal attacks.
Backed by automatic, real-time updates delivered by FortiGuard® Services, FortiGate IPS technology leverages a database of thousands of unique attack signatures to stop attacks that might evade conventional firewall defenses, plus anomaly-based detection that enables the system to recognize threats for which no signature has yet been developed. The combination of known and unknown threat prevention, plus tight integration with other Fortinet security technologies, enables FortiGate systems to stop attacks regardless of whether your network is wired or wireless, a partner extranet, or connected to a branch office.
Custom IPS Signatures
Custom IPS signatures can be created to extend protection further. For example, you can use custom IPS signatures to protect unusual or specialized applications, or even custom platforms from known and unknown attacks. In addition, custom IPS signatures can be used for specialized network traffic analysis and pattern matching. For example, if your network is experiencing unusual or unwanted traffic, you can create a custom IPS signature to monitor and understand traffic patterns.
Security for IPv6 Networks
A major transition from IPv4 to IPv6 is under way, now that the pool of available IPv4 addresses has been exhausted. Organizations of all sizes need to understand their preparedness for IPv6, as some legacy devices will never support IPv6 and will need to be replaced. It's essential that organizations deploy network security devices that can deliver the same level of protection for IPv6 content as IPv4.
Industry Leader in IPv6 Secuirty
Fortinet has been a leader in the network security industry with its early support of IPv6, achieving both IPv6-Ready and JITC certifications in 2008. We also earned USGv6 certification in 2011. Because of our commitment to two important customer segments, global telecommunications carriers and the US government, IPv6 compliance has always been a priority for us.
FortiOS Dual-Stack Architecture
FortiOS™, our purpose-built operating system for the FortiGate™ family of consolidated security appliances, delivers the same core network security technologies via IPv6 as it does via IPv4. To be able to support both IPv4 and IPv6, FortiOS implements a dual stack architecture that recognizes and separately routes both IPv4 and IPv6. In addition to routing, most vital FortiOS network and content protection security features are now fully supported in IPv6.
Comprehensive Security Solution
FortiOS uses IPv6 firewall policies to provide Unified Threat Protection (UTP) for IPv6 traffic. Antivirus, web filtering, FortiGuard Web Filtering, email filtering, FortiGuard Email Filtering, data leak prevention (DLP), and VoIP protection features can be enabled in IPv6 firewall policies using normal FortiOS UTM profiles for each UTM feature. This protection is transparent to IPv6 Users.
Fortinet delivers hardware-accelerated IPv6 support with its FortiGate-5000 series chassis-based devices, FortiGate-3000 series appliances and the FortiGate-1240B appliance. BreakingPoint validated the FortGate-5140 chassis' ability to deliver high performance protection for IPv6 traffic as IPv4.
Virtual Private Network (VPN) - IPsec & SSL:
Defend Against Threats
With the number of threats accelerating, secure communications between enterprise networks, businesses and partners, and corporations and mobile workers is now more important than ever. Data breaches, information leaks, and infected networks and systems are costing corporations and government agencies billions of dollars every year.
Secure Your Communications
Fortinet VPN technology allows organizations to establish secure communications and data privacy between multiple networks and hosts using IPSec and secure sockets layer (SSL) VPN protocols. Both VPN services leverage custom FortiASIC™ Network Processors to accelerate encryption and decryption of network traffic. Once the traffic has been decrypted, multiple threat inspections - including antivirus, intrusion prevention, application control, email filtering and web filtering - can be applied and enforced for all content traversing the VPN tunnel.
Flexible and Secure Deployment
IPSec VPN tunneling is typically performed at Layer 3, or lower, of the OSI network model. To enable remote access, the FortiGate® establishes encrypted network connectivity between a remote node and the internal network. SSL VPN configurations are easier to setup and deploy as they communicate at the highest levels in the OSI model, independent of the underlying network architecture. Since the SSL protocol is already built into most web browsers as HTTPS, no additional endpoint configuration is typically required. Conveniently, both SSL and IPSec VPN tunnels may operate simultaneously on the same FortiGate device.
Fortinet IPSec and SSL VPN technologies in FortiGate platforms is tightly integrated with other security features such as firewall, antivirus, web filtering, and intrusion prevention, providing more comprehensive protection than VPN-only security appliances. FortiGate VPN solutions scale to meet the performance requirements of organizations of any size, from SOHO/ROBO and small businesses to large enterprises and service providers. FortiManager™ centralized management appliances provide the ability to manage complex VPN deployments involving thousands of FortiGate systems from a single console.
Secure Your Virtual Environments
FortiGate virtual appliances and virtual domains enable you to deploy consolidated network security to protect your virtual infrastructure. They increase your visibility and control over communications within your virtualized environments.
Fortinet virtual appliances allow you to scale quickly to meet demand and protect intra-virtual machine communications by implementing critical security controls within your virtual infrastructure, running on both VMware and Xen. You have the choice of deploying FortiGate®, FortiManager™, FortiMail, ™ FortiAnalyzer™, FortiWeb™, and FortiScan™ as virtual or physical appliances.
Fortinet virtual and physical appliances also enable you to segment your network into multi-tenant environments. You can create virtual domains and virtual administrative domains to segregate your network into separate domains for subscribers or business units. FortiGate, FortiManager, FortiMail, and FortiWeb appliances and virtual appliances support virtual domains and virtual administrative domains.
Fortinet's virtual solutions provide you unmatched deployment flexibility. You can choose to deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform. Fortinet virtual appliances feature all of the security and networking services found in our physical appliances.
Control and Visibility
FortiManager™ and FortiAnalyzer™ deliver centralized management, visibility, and analysis of your network and current threat profile. Together, they provide the integrated visibility and control you need to secure your physical and virtualized infrastructures. In addition, real-time automatic updates from FortiGuard® services keep your organization protected from the latest threats.
Vulnerability and Compliance Management:
Detect and Secure Vulnerabilities
The proliferation of applications and mobile devices has offered enormous productivity opportunities as well as exposing vulnerabilities that are ripe for exploitation. Organizations of all sizes are grappling with the challenge of providing open access to information while meeting internal and regulatory compliance. Our award winning Vulnerability and Compliance Management (VCM) solutions help to identify compliance requirements and deliver real-time insight into vulnerabilities and security policies, while reducing the pain of manual remediation. To help you address the challenge, Fortinet has created a suite of VCM solutions composed of three main components:
Identify and Assess Risks
The first step in managing your risk is asset discovery and asset prioritization. To properly discover assets, Fortinet VCM solutions use both agentless as well as agent-based tools. The actual scanning is comprehensive and uses administrative privileges to discover hidden information. The next step is to report on all types of real and potential vulnerabilities, allowing you to isolate the risks. You are able to scale the solution anywhere from a few systems to tens of thousands of assets.
Once vulnerabilities are clearly articulated and grouped, the Fortinet VCM solution looks at available remedies such as patches issued by pertinent vendors. It applies these remedies to the known vulnerabilities based on the assigned priority tickets. Moreover, Administrative Domains (ADOMs) enable you to classify assets based on your policies and apply remediation automatically to them. Asset coverage is broad and includes monitoring of operating systems and applications.
Whether your aim is to comply with internal policies or satisfy regulatory requirements, Fortinet helps you achieve your business goals. In addition to readymade templates for industry-wide compliance regimes, the VCM solutions also offer log data and style-sheets to enable custom reporting. Organizations realize quick time-to-value with easy to install, intuitive and standard compliance policies for NIST SCAP, FDCC, PCI-DSS, SOX, GLBA and HIPAA regulations.
Fortinet VCM solutions leverage FortiGuard Services, the industry's gold standard for security research labs. In addition to UTM and IPS signature updates, FortiGuard Services provide comprehensive and continuous updates for vulnerabilities, remediation, patch scan, and configuration benchmarks. Fortinet offers VCM solutions to a range of governmental and non-governmental organizations, from small to large.
Maximize Your WAN Performance
With network traffic growing exponentially, application performance and cost of internet traffic are two of the biggest IT challenges that organizations face. Until now, network managers and administrators lacked a comprehensive solution for monitoring and securing network resources and bandwidth while meeting user expectations for fast and secure application response.
Intelligent Bandwidth Management
WAN optimization reduces bandwidth usage between data centers and clients devices by applying advanced compression algorithm, data caching and other techniques to reduce the transmission of data. This results in more effective use of bandwidth, better application performance and reduces the high costs of WAN links between data centers.
Fortinet combines WAN optimization and Multi-threat protection in the FortiGate consolidated security appliances. This reduces the complexity and maintenance overhead faced by many IT organization. FortiGate appliances support WAN optimization and web caching to improve application performance and security of traffic passing between locations on your wide area network (WAN) or from the Internet to your web servers.
You can also use the FortiGate unit as an explicit web proxy and caching server to improve the performance of your web servers. Fortinet Endpoint solution such as FortiClient and FortiClient Premium supports WAN optimization and fully integrates with the FortiGate consolidated security appliances.
Stop Web-Based Threats
Web-based threats such as phishing, drive-by malware sites and botnets are more sophisticated and targeted than ever before, and with the rise of mobility in the workplace, even more difficult for you to control. The web has become the preferred medium of choice for hackers and thieves looking for new ways to disrupt services steal information and perform malicious activities for financial gain. In addition, employees who visit web sites containing objectionable content can expose your organization to civil or criminal liability.
Block Malicious Traffic
Integrated into all FortiGate® and FortiWifi™ appliances and FortiClient™ endpoint security agents, Fortinet Web Filtering technology gives you the option to explicitly allow web sites, or to pass web traffic uninspected both to and from known-good web sites in order to accelerate traffic flows. You can receive real-time updates from FortiGuard® Web Filtering Services to determine the category and rating of a specific URL. You can also easily add Web sites or URLs to the local URL filtering list using both text and regular expressions.
Intelligent Content Inspection
The Fortinet Web Filtering solution begins with traditional URL blocking lists, but goes further by expanding these methods and allowing their use in combination with other Fortinet security functions resident on all FortiGate consolidated security appliances. Fortinet's web content filtering technology enables a wide variety of actions to inspect, rate, and control perimeter web traffic at a granular level. Using Fortinet web content filtering technology, FortiGate appliances can classify and filter web traffic using multiple pre-defined and custom categories.
To accelerate web traffic and content inspection, all FortiGate devices support Web Cache Communication Protocol (WCCP) which allows the FortiGate to operate as a router or cache engine. Acting as a router, the FortiGate intercepts web browsing requests from client web browsers and forwards them to the cache engine. The cache engine then returns web content to the client as required. When operating as a WCCP cache server, the FortiGate can communicate with other WCCP routers to cache web content, returning requested content to client web browsers as needed.
Web Application Security:
Stop Web-Based Application Threats
A web application used to be any application that uses a web browser as a client. Application simple as a message board or a guest sign-in book on a website, or as complex as a word processor or a spreadsheet through a web browser are typically known as web application. Web technology continues to evolve and native applications are more integrated with the Internet then ever before. Web application is no longer restricted by the web browser and it has become standalone application or even operation system that that fully integrates with internet.
Layered Threat Protection
Fortinet's Web Application Security solutions provide specialized, layered application threat protection for medium and large enterprises, application service providers, and SaaS providers. FortiWeb web application firewall protects your web-based applications and internet-facing data. Automated protection and layered security protects web applications from sophisticated attacks such as SQL Injection, Cross Site Scripting attacks and data loss. Web Vulnerability Assessment module adds scanning capabilities to provide a comprehensive solution to meet your PCI DSS section 6.6 requirements.
Intelligent Load Balancing
The solution drastically reduces the time required to protect your regulated internet-facing data and leverages an intelligent, application-aware load-balancing engine to distribute traffic and route content across multiple web servers. This load balancing increases application performance, improves resource utilization and application stability while reducing server response times. Data compression and Independent SSL encryption processor increase transaction throughput and reduce processing requirements from web servers, providing additional acceleration for web application traffic.
Wireless LAN (WLAN):
Secure Your Wireless Network
Wireless networks are a significant source of risk for most enterprises, due to the lack of robust security technologies and the use of a separate security infrastructure for wireless networks. Fortinet reduces your WLAN risk with a comprehensive, integrated security solution for your wireless and wired networks. We integrate all wired and wireless traffic into a single FortiGate security platform, giving you unmatched visibility and control of all network threats.
Flexible Deployment Options
You have the flexibility to choose between thick and thin access points (APs), all managed by the integrated Wireless Controllers in FortiGate platform that deliver comprehensive, proven threat management and policy enforcement. Fortinet's unique approach allows you to integrate security for your wired and wireless networks quickly and easily. You can manage all policies from a 'single pane of glass' management console, improving protection while simplifying your network. Our wireless security solution consists of three components:
FortiAP Access Points are affordable 802.11n-capable Thin APs that provide integrated security and WiFi client access on both the 2.4 GHz and 5 GHz spectrums. The FortiAP series utilizes industry-leading wireless chip technology that enables the FortiAP to reach wireless association rates as high as 300 Mbps per radio and allows the coverage to extend twice as far as legacy 802.11a/b/g.
FortiWiFi (Thick AP)
FortiWiFi security appliances integrate Thick AP capabilities with the FortiGate comprehensive enterprise-class protection for smaller locations at an affordable price. Each FortiWiFi model is capable of broadcasting up to seven SSIDs or Virtual Access Points (VAPs) enabling multi-tenant environments in a single device.
FortiGate Platforms (Wireless Controller)
Fortinet consolidated security platforms deliver fully integrated security technologies in a single device, delivering increased performance, improved protection, and reduced costs. They act as a wireless controller while providing firewall, VPN, intrusion prevention, application control, web filtering and many other security and network technologies. There are FortiGate platforms for every size network, from small offices to global carriers and service providers.