Fortinet - FortiGate 1800F with new NP7 processor announced

Digital innovation is advancing at a rapid pace. It gives businesses and individuals alike unprecedented access to data, rich streaming media and business-critical applications. It also enables dynamic connectivity between individual devices, networks, branch offices and multiple clouds - and the lightning-fast speed and massive scalability demanded of data centres. These massive data centre architectures require ever-increasing bandwidth and throughput to support things like segmentation of massively scalable services co-hosted on physical and virtualised infrastructure.

It is no exaggeration to say that these demands on today's data centres are completely transforming today's digital landscape.

Flat network efficiency - Is it worth the security trade-off?

Due to the speed at which applications, workflows and transactions must run, and to meet the need for interoperability and communication between devices, many organisations are turning to flat, open networks to speed up transactions, applications and workflows. And a growing number of these networks are built around a high-performance routing and switching infrastructure that does not include security due to the performance limitations of traditional security solutions. Instead, they rely on VLANs and Layer 4 access lists to do the heavy lifting required to protect these environments.

From a security perspective, this can be disastrous. By breaching the network perimeter of a flat network, hackers can establish a beachhead and then move laterally to gain access to credentials, resources and data. And worse, the lack of an internal security infrastructure also severely limits visibility into the organisation's traffic patterns and data flows, further hindering the ability to detect a breach. Because of this, the average time to identify a threat on today's networks is 197 days, with an additional 69 days required to contain and remediate. The problem is even worse for small to medium-sized enterprises, which have fewer security resources at their disposal, as the dwell time can exceed two years.

To address these security challenges while maintaining an architectural design that provides flexibility and the need for accelerated interoperability between all IT resources, these flat networks require segmentation and automated workflows. This ensures that each device connecting to the network is identified and assigned only to the resources it needs to do its job, and that individual or groups of devices can communicate securely and risk-free over an open infrastructure by automatically implementing secured workflows that can keep pace with network and application performance requirements.

Accelerating security performance in the data centre

As new environments, applications and workflows have outpaced the performance of traditional security solutions, organisations looking to manage unprecedented user usage of online services while maintaining a superior customer experience are faced with two choices: Either they slow down their networks and let the user experience suffer, or they sacrifice security to maintain performance.

Both are terrible options.

The problem is that traditional security applications built with standard CPUs and hardware to process network and security traffic are now an infrastructure bottleneck. Simply put, yesterday's security performance is no longer sufficient to secure and enable businesses to operate at the pace of today's business innovation. But you can't achieve tomorrow's performance and protection with yesterday's technology.

Introducing the new Fortinet FortiGate 1800F Next-Generation Firewall (NGFW).

To address this challenge, Fortinet has developed and launched its breakthrough 7th generation network processor - NP7 - and announced the FortiGate 1800F NGFW appliance. The FortiGate 1800F will be the first of many FortiGate NGFWs powered by NP7.

FortiGate 1800F enables a security-managed network approach and is designed to enable large enterprises to handle unprecedented levels of data and application demands. The FortiGate 1800F Series provides today's largest enterprises with the ability to segment and launch services, manage internal and external risk, and maintain the user experience.

FortiGate 1800F is also an integral part of the Fortinet Security Fabric, enabling several of the highest Security Compute Ratings* to meet the industry's exceptional data centre security requirements.

Built around our new NP7 processor, the newly announced FortiGate 1800F delivers advanced security performance and scalability unmatched by any other solution on the market. Compared to the industry average, the FortiGate 1800F supports multiple 40G elephant flows**, offers a Security Compute Rating of 14x firewall performance, 14x higher IPSec performance, 4x more concurrent connections and a remarkable 20x increase in SSL encrypted traffic inspection compared to similar solutions.

Fortinet's NP7 provides unmatched scaling, performance and acceleration capabilities for securing large enterprise data centres and associated ultra-high-performance use cases. The speed and agility offered by NP7 provides a significant performance boost for the massive capacity requirements these large enterprises face today.

According to John Maddison, EVP of Products and CMO at Fortinet, "The FortiGate 1800F powered by NP7 has a Security Compute Rating that is 3x to 20x faster than our competitor's comparable product. This enables our customers to deploy FortiGate 1800F as an internal segmentation firewall and effectively strengthen their security posture.

This advancement is also fundamental to Fortinet's security-driven network approach, which not only inspects traffic - including encrypted traffic - in real time, but also provides full visibility of network flows through powerful SSL inspection of encrypted traffic, including the industry's latest TLS 1.3 standard for automated threat protection.

All of this requires processing power that is simply not available using standard CPUs and hardware, even if you implement tricks like hardware component chaining or software shortcuts like parallel processing to compensate for inherent hardware performance limitations. Instead, security tools require specialised hardware designed to support complex environments, so organisations don't have to choose between performance and protection.

FortiGate 1800F NGFW use cases and benefits:

Fortinet's FortiGate 1800F NGFW is designed for large enterprises to drive digital innovation quickly and securely by providing features that meet the enormous capacity and performance requirements of critical business operations:

• Internal Security Risk Management: Most firewalls simply cannot operate fast enough to enable internal segmentation. With multiple 40G high-speed interfaces and the industry's best threat protection performance with a Security Compute Rating of 3x, FortiGate 1800F enables organisations to properly segment their network to manage internal security risks. In addition, FortiGate 1800F intelligently adapts to segmented users, devices and applications - regardless of their location, whether on-premises or across multiple clouds - enabling automated threat detection and enforcement.
• Cloud On-Ramp Acceleration: IPsec encryption must be high-performance to enable and accelerate cloud on-ramp for organisations deploying multiple clouds for IaaS and SaaS services. FortiGate 1800F offers the highest Security Compute Rating of 14x for IPsec encryption compared to competitors, enabling the speed, scalability and availability that enterprises need as they move to the cloud.
• Removing blind spots: With up to 60 per cent of encrypted traffic containing malware, SSL inspection performance is critical to properly securing the network. FortiGate 1800F offers the industry's highest SSL inspection performance with a Security Compute Rating of 20x, as well as support for the industry's latest TLS 1.3 standard to eliminate network blind spots by providing full visibility of plaintext and encrypted network flows.
• Securing services across hybrid architectures: Traditional software-based security solutions have low performance and high latency, which increases time to service delivery and provides a poor user experience. The FortiGate 1800F's hardware-accelerated Virtual Extension LAN (VXLAN) feature enables massively scalable, adaptive internal segmentation and enables super-fast communication between hugely scaled services such as compute, storage and applications co-hosted on physical and virtual platforms. This enables organisations using a highly scalable virtual services architecture to roll out services and applications in the most agile way to increase productivity and revenue opportunities.
• Enables safe advanced research: companies often shift their research to AI and ML simulations to achieve their goals faster. For example, pharmaceuticals can measure the efficacy of new drugs or develop drugs faster, with lower risks and potentially lower costs. AI/ML simulations require the transfer of huge data sets (e.g. 10+ TB files), known as elephant flows, which today's data centres struggle to transfer securely, stalling research and collaboration. FortiGate 1800F's performance capabilities enable research organisations to perform big data analytics and natural language processing at unprecedented speeds, with a single elephant stream reaching up to 40 Gbps. Just as importantly, these elephant streams on FortiGate 1800F NGFWs are secured by high-performance encryption to ensure data privacy and regulatory compliance.

Securing the new era of digital innovation

The advent of digital innovation has ushered in an era of significant and ongoing change in data centres. To remain competitive in this era of explosive demands for unprecedented scale, availability and application delivery, some of the world's largest companies are developing architectures --- hyperscale architectures -- in their data centres that are capable of rapidly expanding to millions of physical and virtual instances to meet massive demand.

With their unmatched scale, performance, acceleration, internal segmentation capabilities, speed and agility, NP7-powered FortiGate 1800F NGFWs provide these large enterprises with the ability to evolve and segment services, manage internal and external risk, and maintain the user experience. NP7 will also power future FortiGate appliances to enable agile, high-performance security for hyperscale data centres and other environments where hyperscale, hyper-connectivity and hyper-performance are at stake.

*Security Compute Rating is the benchmark (performance multiplier) that compares the performance of Fortinet's purpose-built ASIC-based FortiGate NGFW against the industry average of competing products in different categories that fall in the same price range and use generic CPUs for networking and security functions.

**An elephant flow is a single session that consumes a large amount of bandwidth.