Security startup FortiNet has announced the FortiGate-5000 "appliance", one of the most highly-integrated multi-function security systems yet to reach the market.
The 5000 has been designed for use in large networks such as blue-chip enterprises, carriers and managed service providers, and comprises firewall, anti-virus, intrusion detection/prevention, and content and Web filtering in a single, chassis/blade-based system.
FortiNet cleverly chose to announce the product on the day that research company IDC identified the company as the revenue share leader in the market for a new category of all-in-one security hardware it has dubbed "unified threat management" (UTM) appliances. In its report, IDC predicts these devices will eventually supplant conventional piecemeal protection by single-function devices such as firewalls.
The family consists of the two-blade slot FortiGate-5020, the five-blade slot FortiGate-5050, and 14-blade slot FortiGate-5140. Customers can "populate" slots with different blades offering security functions as desired. The system complies with the AdvancedTCA industry standard that specifies a range of hardware standards for next-generation carrier-class equipment.
The basic 5001 blade is rated by the company as being able to handle 3Gbit/s for Firewall traffic, 600Mbit/s for 3DES IPSec VPN, 400Mbit/s for IPS and 200Mbit/s for anti-virus scanning. By comparison, the top-of-the-range 5140 model can combine blades to manage the firewall element at up to 42Gbit/s throughput.
One unusual feature of its design is its ASIC-based design - based on the custom FortiASIC chip - which the company claims dramatically improves security performance, especially where scanning traffic inline. FortiNet also uses its own technology, rather than buying in components such as the anti-virus engine from a third party.
FortiNet hopes its single licence model for features such as anti-virus protection will give it a competitive advantage. The 5000 is kept up-to-date with virus signatures through its FortiProtect service, which customers subscribe to regardless of the number of users on their network.