Today, the firewall is very important in network security. But there is a new concept called NGFW(Next-Generation Firewall).What is next-generation firewall? What are the features of NGFW of Fortinet? How do we choose the next-generation firewall of Fortinet?
A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory)
FortiGate: Fortinet’s Next-Generation Firewall
FortiGate next-generation firewalls (NGFWs) utilize purpose-built security processors and threat intelligence security services from AI-powered FortiGuard labs to deliver top-rated protection, high performance inspection of clear-texted and encrypted traffic. Next-generation firewalls reduce cost and complexity with full visibility into applications, users and networks and provides best of breed security. As an integral part of the Fortinet Security Fabric next-generation firewalls can communicate within Fortinet’s comprehensive security portfolio as well as third-party security solutions in a multivendor environment to share threat intelligence and improve security posture.
As enterprises consider how to provide comprehensive visibility and advanced layer 7 security, including threat protection, intrusion prevention, web filtering and application control, they face a major complexity hurdle managing these point products with no integration and lack of visibility. Gartner estimates that by 2019 80% of enterprise traffic will be encrypted and 50% of attacks targeting enterprise will be hidden in encrypted traffic to infiltrate networks or exfiltrate data, therefore employing HTTPS inspection is a requisite.
Fortinet’s Next-Generation Firewall Use Cases
Reducing complexity by consolidating products to save costs is a top concern for many enterprises. Equally important is ensuring secure access of resources from private and public clouds without the fear of encrypted malware. Achieving granular visibility of devices, users, real-time threat information, and automation are paramount to ensuring that attacks are handled in a timely manner.
Intent-based Segmentation Use Cases
Intent-based segmentation allows network operators to create security domains or segments based in accordance with business intent. Intent-based segmentation is the ability to deploy threat protection wherever it is needed, both on-premises and in all cloud instances, to reduce risk, achieve compliance, and protect business-critical applications.
This table shows the models of Fortinet’s Next-Generation Firewall
|Virtual Machines||Entry-level NGFW||Mid-range NGFW||High-end NGFW||Ultra high-end NGFW||
|FortiGate-VM00||FortiGate 80E||FortiGate 900D||FortiGate 3980E||FortiGate 6300F||FortiGate 7060E|
|FortiGate-VM01||FortiGate 60F||FortiGate 800D||FortiGate 3960E||FortiGate 6500F||FortiGate 7040E|
|FortiGate-VM01V||FortiGate 60E||FortiGate 600E||FortiGate 3800D||FortiGate 7030E|
|FortiGate-VM02||FortiGate 50E||FortiGate 500E||FortiGate 3700D||FortiGate 5001E|
|FortiGate-VM02V||FortiGate 30E||FortiGate 400E||FortiGate 3600E|
|FortiGate-VM04||FortiGate 60D – Rugged||FortiGate 300E||FortiGate 3400E|
|FortiGate-VM04V||FortiGate 200E||FortiGate 3300E|
|FortiGate-VM08||FortiGate 100F||FortiGate 3200D|
|FortiGate-VM08V||FortiGate 100E||FortiGate 3100D|
|FortiGate -VMULV||FortiGate 1200D|
Hope this can help you know more about the Next-Generation Firewall of Fortinet.
If you’re interested in Fortinet’s Next-Generation Firewall, welcome to contact us (firstname.lastname@example.org) or order now: Fortinet Network Security Platforms