New Fortinet security fabric enhances intelligence, awareness

In addition to the new fabric itself, the security vendor announces two of its key components, a new 6000 level firewall and Fortinet’s new CP9 content processor for deep packet inspection.

Security vendor Fortinet has announced its next-generation Security Fabric. The new architecture is designed to better integrate its offerings to deal with the network security requirements ranging from handling the Internet of Things to the massive number of today’s advanced attacks. Fortinet also announced its new FortiGate 6000E enterprise firewall, powered by its next generation FortiASIC CP9 content processor.

fortinet-security-fabric_FINAL“Before we referred to our architecture as a platform,” said John Maddison, Fortinet’s SVP of Products and Solutions. “It’s only with the latest FortiOS that we could enhance the architecture to the degree that we have. Platforms remain the word of the day among other vendors, but we really have coverage from the endpoint throughout the whole network.”

Maddison said that the new Fabric moves beyond platforms in the way that brings traditionally autonomous systems together into a single architecture, which in addition to being scalable, open and secure, has the awareness to allow its components to act on their own with actionable intelligence.

“We have had global intelligence before, but the difference here is that now the individual products don’t have to go back to a central system but can take action on the basis of peer to peer information,” Maddison said. “There is much greater awareness of security pieces. Once we put a device in, it talks to other elements in the fabric on a peer to peer basis. It’s fully aware. This lets the management system create a better visual representation of the network.”

That awareness in particular, is what differentiates the architecture as a Fabric rather than a platform or a product, Maddison said.

“This creates a single entity, where everything can exchange threat information with the sandbox. You can track where a file went in seconds.” All this takes place through single pane of glass management as well.

Another key attribute of the Fabric is that the products of other security vendors can easily be enabled to work together with Fortinet’s own.

“We are opening up APIs across the fabric so that other partners can connect into it,” Maddison said. “We are also making it easy to approve other vendors being connected to the Fabric.” Fortinet made the first such formal announcement, with endpoint protection provider Carbon Black. Maddison said others will soon be forthcoming, however.

“Our many existing partners are basically already part of the Fabric,” he said. “We will go through a formal certification process, but that will be pretty quick.”

Fortinet also launched the FortiGate 6040E next-generation firewall, the first in their new 6000 series of ultra-high throughput enterprise firewalls.

FG-6040E_Fortinet_FINAL

The FortiGate 6040E

“This is our first product with our new CP9 content processor,” Maddison said. “It has 320 Gbps of enterprise firewall throughput, and 80 Gbps throughput with all next-gen firewall features enabled. Networking parts need a lot of processing power, and the CP9 has dramatic increases in next-gen file protection. It is four times faster than the current CP8, and ten times faster from an SSL connections point of view.”

The FortiGate 6040E is available in six bundles, with different interface configuration options tailored to match individual customer needs. Maddison said that while it can support the network security requirements of very large enterprises, it is not exclusive to that market.

“We see it as relevant to enterprises of all sizes,” he said. “They need a lot more performance today to segment the network internally, and deliver aggregate performance.”

Fortinet also announced the launch of two new FortiGate 2000E series enterprise firewalls, the FortiGate 2000E and 2500E. These also leverage the new CP9 technology to deliver increased VPN capabilities, deep content inspection and advanced application controls.

The FortiGate 6040E, 2000E, and 2500E will all be available in Q2 2016.