Transcription
DATA SHEETFortiGate 1800F SeriesNext Generation FirewallSegmentationSecure Web GatewayIPSMobile SecurityFG-1800F / -DC and 1801F / -DCThe FortiGate 1800F series delivers high-performance threat protection and SSL inspectionfor large enterprises and service providers, with the flexibility to be deployed at the enterprise/cloud edge, in the data center core or internal segments. The multiple high-speed interfaces,high port density, superior security efficacy, and high throughput of the 1800F series keep yournetwork connected and secure.Securityn Identifies thousands of applications inside network trafficfor deep inspection and granular policy enforcementnnProtects against malware, exploits, and maliciouswebsites in both encrypted and non-encrypted trafficPrevent and detect against known and unknown attacksusing continuous threat intelligence from AI-poweredFortiGuard Labs security servicesPerformancen Delivers industry’s best threat protection performance andultra-low latency using purpose-built security processor(SPU) technologynProvides industry-leading performance and protection forSSL encrypted trafficCertificationn Independently tested and validated best securityeffectiveness and performancenReceived unparalleled third-party certifications from NSSLabsNetworkingn Delivers advanced networking capabilities that seamlesslyintegrate with advanced layer 7 security and virtualdomains (VDOMs) to offer extensive deploymentflexibility, multi-tenancy and effective utilization ofresourcesnDelivers high-density, flexible combination of varioushigh-speed interfaces to enable best TCO for customersfor data center and WAN deploymentsManagementn Includes a management console that is effective, simpleto use, and provides comprehensive network automationand visibility.nnProvides Zero Touch Integration with Security Fabric’sSingle Pane of Glass ManagementPredefined compliance checklist analyzes the deploymentand highlights best practices to improve overall securitypostureSecurity Fabricn Enables Fortinet and Fabric-ready partners’ productsto provide broader visibility, integrated end-to-enddetection, threat intelligence sharing, and automatedremediationFirewallIPSNGFWThreat Protection198 Gbps17 Gbps11 Gbps9.1 GbpsInterfacesMultiple GE RJ45, 25 GE SFP28 / 10 GE SFP / GE SFP and40 GE QSFP slotsRefer to specification table for details1
DATA SHEET FortiGate 1800F SeriesDEPLOYMENTN ext GenerationFirewall (NGFW)§ Reduce the complexity and maximize your ROI byintegrating threat protection security capabilities intoa single high-performance network security appliance,powered by Fortinet’s Security Processing Unit (SPU)§ Full visibility into users, devices, applications acrossthe entire attack surface and consistent security policyenforcement irrespective of asset location§ Protect against network exploitable vulnerabilities withIndustry-validated IPS security effectiveness, low latencyand optimized network performance§ Automatically block threats on decrypted traffic using theIndustry’s highest SSL inspection performance, includingthe latest TLS 1.3 standard with mandated ciphers§ Proactively block newly discovered sophisticatedattacks in real-time with AI-powered FortiGuard Labsand advanced threat protection services included in theFortinet Security FabricSegmentationI PS§ Purpose-built security processors delivering industryvalidated IPS performance with high throughput and lowlatency§ Deploy virtual patches at the network level to protectagainst network exploitable vulnerabilities and optimizenetwork protection time§ Deep packet inspection at wire speeds offers unparalleledthreat visibility into network traffic including trafficencrypted with the latest TLS 1.3§ Proactively block newly discovered sophisticated attacksin real-time with advanced threat protection provided bythe intelligence services of the Fortinet Security Fabric Mobile Securityfor 4G, 5G, and IOT§ SPU accelerated, high performance CGNAT and IPv6migration option including: NAT44, NAT444, NAT64/DNS64, NAT46 for 4G Gi/sGi and 5G N6 connectivity andsecurity§ Segmentation that adapts to any network topology,delivering end-to-end security from the branch level todata centers and extending to multiple clouds§ RAN Access Security with highly scalable and bestperforming IPsec aggregation and control security gateway(SecGW)§ Reduce security risks by improving network visibility fromthe components of the Fortinet Security Fabric, whichadapt access permissions to current levels of trust andenforce access control effectively and efficiently§ User plane security enabled by full Threat Protection andvisibility into GTP-U inspection§ Delivers defense in depth security powered by highperformance L7 inspection and remediation by Fortinet’sSPU, while delivering third party validated TCO of perprotected Mbps§ 4G and 5G security for user and data plane traffic includingSCTP, GTP-U and SIP that provides protection againstattacks§ High-speed interfaces to enable deployment flexibility§ Protects critical business applications and helps implementany compliance requirements without network redesignsSecure WebGateway (SWG)§ Secure web access from both internal and external risks,even for encrypted traffic at high performance§ Enhanced user experience with dynamic web and videocaching§ Block and control web access based on user or usergroups across URL’s and domains§ Prevent data loss and discover user activity to known andunknown cloud applications§ Block DNS requests against malicious domains§ Multi-layered advanced protection against zero-daymalware threats delivered over the webFortiClientVPN ionFortiManagerSingle redSecurity & Log ManagementData Center Deployment (IPS/NGFW, Intent-based Segmentation)2
DATA SHEET FortiGate 1800F SeriesHARDWAREFortiGate 1800F SeriesFortiGate 4161820SFP 2821232527292224262830QSFP 06CAUTION/ATTENTIONSHOCK HAZARD. DISCONNECT ALL POWER SOURCES.RISQUE D’ÉLECTROCUTION. DÉBRANCHEZ TOUTES LESSOURCES D’ALIMENTATION.PSU2Interfaces1.2.3.4.5.6.2 x GE RJ45 MGMT Ports2 x 10 GE SFP / GE SFP HA Slots16 x GE RJ45 Ports8 x GE SFP Slots12 x 25 SFP28 / 10 GE SFP / GE SFP Slots4 x 40 GE QSFP SlotsHyperscale Firewall LicenseEmpower organizations by unlocking further performanceboosts with this perpetual license. The Hyperscale FirewallLicense will enable the hardware acceleration of CGNATfeatures by utilizing the latest SPU NP7. These featuresinclude hardware session setup, firewall session logging, andNAT.PSU1Hardware FeaturesNP7CP92UTPM40GE25GEDUALAC/ /2TBDCDUALNetwork ProcessorFortinet’s new, breakthrough SPU NP7 network processorworks inline with FortiOS functions delivering:§ Superior firewall performance for IPv4/IPv6, SCTP andmulticast traffic with ultra-low latency§ VPN, CAPWAP and IP tunnel acceleration§ Anomaly-based intrusion prevention, checksum offload,and packet defragmentation§ Traffic shaping and priority queuingPowered by SPUnnn3Fortinet’s custom SPU processorsdeliver the power you need to detectmalicious content at multi-GigabitspeedsOther security technologies cannot protect againsttoday’s wide range of content- and connectionbased threats because they rely on general-purposeCPUs, causing a dangerous performance gapSPU processors provide the performance neededto block emerging threats, meet rigorous third-partycertifications, and ensure that your network securitysolution does not become a network bottleneckContent ProcessorFortinet’s ninth generation custom SPU CP9 contentprocessor works outside of the direct flow of traffic andaccelerates the inspection.Trusted Platform Module (TPM)The FortiGate 1800F Series features a dedicated modulethat hardens physical networking appliances by generating,storing, and authenticating cryptographic keys. Hardwarebased security mechanisms protect against malicioussoftware and phishing attacks.
DATA SHEET FortiGate 1800F SeriesFORTINET SECURITY FABRICSecurity FabricThe industry’s highest-performing cybersecurity platform,powered by FortiOS, with a rich ecosystem designed tospan the extended digital attack surface, delivering fullyautomated, self-healing network security.Fabric ManagementCenterFabric SecurityOperationsNOCSOC§ Broad: Coordinated detection and enforcement across theentire digital attack surface and lifecycle with convergednetworking and security across edges, clouds, endpoints,and usersAdaptive CloudSecurity§ Integrated: Integrated and unified security, operation,and performance across different technologies, location,deployment options, and the richest ecosystemZero TrustAccessFORTI OS§ Automated: Context aware, self-healing network andsecurity posture leveraging cloud-scale and advanced AIto automatically deliver near-real-time, user-to-applicationcoordinated protection across the FabricThe Fabric empowers organizations of any size to secure andsimplify their hybrid infrastructure on the journey to systemFortiGuardThreat IntelligenceFortiOS Operating SystemFortiOS, Fortinet’s leading operating system enable theconvergence of high performing networking and securityacross the Fortinet Security Fabric delivering consistent andcontext-aware security posture across network endpoint, andclouds. The organically built best of breed capabilities andunified approach allows organizations to run their businesseswithout compromising performance or protection, supportsseamless scalability, and simplifies innovation consumption.The release of FortiOS 7 dramatically expands the FortinetSecurity Fabric’s ability to deliver consistent security acrosshybrid deployment models of Hardware, Software, andSoftware As-a-Service with SASE and ZTNA, among others.SERVICESFortiGuard Security ServicesFortiGuard Labs offer real-time intelligence on the threatlandscape, delivering comprehensive security updates acrossthe full range of Fortinet’s solutions. Comprised of securitythreat researchers, engineers, and forensic specialists, theteam collaborates with the world’s leading threat monitoringorganizations and other network and security vendors, as wellas law enforcement agencies.FortiCare ServicesFortinet is dedicated to helping our customers succeed, andevery year FortiCare services help thousands of organizationsget the most from their Fortinet Security Fabric solution. Wehave more than 1000 experts to help accelerate technologyimplementation, provide reliable assistance through advancedsupport, and offer proactive care to maximize security andperformance of Fortinet deployments.4
DATA SHEET FortiGate 1800F 0F/-DCFG-1801F/-DCInterfaces and ModulesHardware Accelerated GE RJ45 Ports16Dimensions and PowerHardware Accelerated GE SFP Slots8Height x Width x Length (inches)3.5 x 17.25 x 21.1Hardware Accelerated 25 GE SFP28 /10 GE SFP / GE SFP Slots12Height x Width x Length (mm)88.4 x 438 x 536Hardware Accelerated 40GE QSFP Slots4GE RJ45 Management Ports210 GE SFP / GE SFP HA Slots2USB 3.0 Port1Console RJ45 Port1Onboard StorageTrusted Platform Module (TPM)Included Transceivers –WeightForm Factor(supports EIA/non-EIA standards)AC Power SupplyAC Current (Maximum)DC Power Supply2x 1 TB NVMe SSDYes2x SFP (SR 10 GE)Power Consumption(Average / Maximum)Heat DissipationIPS Throughput 217 GbpsOperating Environment and CertificationsNGFW Throughput 2, 411 GbpsOperating TemperatureThreat Protection Throughput 2, 59.1 GbpsStorage TemperatureHumiditySystem Performance and CapacityIPv4 Firewall Throughput(1518 / 512 / 64 byte, UDP)198 / 197 / 140 GbpsIPv6 Firewall Throughput(1518 / 512 / 86 byte, UDP)198 / 197 / 140 GbpsFirewall Latency (64 byte, UDP)Firewall Throughput (Packet per Second)Concurrent Sessions (TCP)New Sessions/Second (TCP)3.22 μs210 Mpps750 000 / 2 Million*100 000IPsec VPN Throughput (512 byte) 155 GbpsGateway-to-Gateway IPsec VPN Tunnels20 000Client-to-Gateway IPsec VPN Tunnels100 000SSL-VPN Throughput11 GbpsConcurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode)10 000SSL Inspection CPS (IPS, avg. HTTPS) 3Application Control Throughput(HTTP 64K) 234 GbpsMaximum Number of FortiSwitchesSupportedMaximum Number of FortiAPs(Total / Tunnel)Operating Altitude20A410.9 W / 459.1 W414.9 W / 463.1 W1854.84 BTU/h1906.70 BTU/hYes, Hot Swappable32 –104 F (0 –40 C)-31 –158 F (-35 –70 C)10%–90% non-condensing62.74 dBASide and Front to BackUp to 7400 ft (2250 m)ComplianceFCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CBCertificationsICSA Labs: Firewall, IPsec, IPS, Antivirus,SSL-VPN; USGv6/IPv6* Requires Hyperscale Firewall License26.5 Gbps10 / 2501964096 / 2048Maximum Number of FortiTokens20 000Maximum Number of RegisteredFortiClients--High Availability ConfigurationsActive-Active, Active-Passive, ClusteringNote: All performance values are “up to” and vary depending on system configuration.1. IPsec VPN performance test uses AES256-SHA256.2. IPS (Enterprise Mix), Application Control, NGFW and Threat Protection are measured withLogging enabled.3. SSL Inspection performance values use an average of HTTPS sessions of different ciphersuites.5-48V to -60V DC95001.3 MillionVirtual Domains (Default / Maximum)100–240VAC, 50/60 Hz7A@100VAC, 3A@240VAC12 GbpsSSL Inspection Concurrent Session(IPS, avg. HTTPS) 3CAPWAP Throughput (HTTP 64K)Forced Airflow12 Million / 40 Million*Firewall PoliciesSSL Inspection Throughput(IPS, avg. HTTPS) 3Noise Level30.4 lbs (13.8 kg)Rack Mount, 2RUDC Current (Maximum)Redundant Power SuppliesSystem Performance — Enterprise Traffic Mix30.2 lbs (13.7 kg)4. NGFW performance is measured with Firewall, IPS and Application Control enabled.5. Threat Protection performance is measured with Firewall, IPS, Application Control andMalware Protection enabled.
DATA SHEET FortiGate 1800F SeriesORDERING INFORMATIONProductSKUDescriptionFortiGate 1800FFG-1800F4 x 40GE QSFP slots, 12 x 25GE SFP28 /10GE SFP slots, 2x10GE SFP HA slots, 8 x GESFP slots, 18 x GE RJ45 ports. SPU NP7 and CP9 accelerated, dual AC power supplies.FortiGate 1801FFG-1801F4 x 40GE QSFP slots, 12 x 25GE SFP28 /10GE SFP slots, 2x10GE SFP HA slots, 8 x GESFP slots, 18 x GE RJ45 ports, 2x1TB on board SSD storage. SPU NP7 and CP9 accelerated,dual AC power supplies.FortiGate 1800F-DCFG-1800F-DC4 x 40GE QSFP slots, 12 x 25GE SFP28 /10GE SFP slots, 2x10GE SFP HA slots, 8 x GESFP slots, 18 x GE RJ45 ports. SPU NP7 and CP9 accelerated, dual DC power supplies.FortiGate 1801F-DCFG-1801F-DC4 x 40GE QSFP slots, 12 x 25GE SFP28 /10GE SFP slots, 2x10GE SFP HA slots, 8 x GESFP slots, 18 x GE RJ45 ports, 2x1TB on board SSD storage. SPU NP7 and CP9 accelerated,dual DC power supplies.Hyperscale Firewall License FG1KF2KFLIC-FGT-HYPSC-1K2KHyperscale Firewall License for FortiGate FG1800F/FG1801F/ FG2600F/ FG2601F Series forhardware acceleration.Optional AccessoriesSKUDescription1 GE SFP LX Transceiver ModuleFN-TRAN-LX1 GE SFP LX transceiver module for all systems with SFP and SFP/SFP slots.1 GE SFP RJ45 Transceiver ModuleFN-TRAN-GC1 GE SFP RJ45 transceiver module for all systems with SFP and SFP/SFP slots.1 GE SFP SX Transceiver ModuleFN-TRAN-SX1 GE SFP SX transceiver module for all systems with SFP and SFP/SFP slots.10 GE SFP Transceiver Module, Short RangeFN-TRAN-SFP SR10 GE SFP transceiver module, short range for all systems with SFP and SFP/SFP slots.10 GE SFP Transceiver Module, Long RangeFN-TRAN-SFP LR10 GE SFP transceiver module, long range for all systems with SFP and SFP/SFP slots.10 GE SFP Active Direct Attach Cable, 10m/32.8ftSP-CABLE-ADASFP 10 GE SFP active direct attach cable, 10m / 32.8 ft for all systems with SFP and SFP/SFP slots.10 GE Copper SFP RJ45 Transceiver (30m Range)FN-TRAN-SFP GC10 GE SFP RJ45 transceiver module.10 Gbase-ER SFP TransceiversFN-TRAN-SFP ER10 GE SFP transceiver module, extended range.25 GE SFP28 Transceiver Module, Long RangeFN-TRAN-SFP28-LR25 GE SFP28 transceiver module, long range for all systems with SFP28 slots.25 GE/10 GE Dual Rate SFP28 Transceiver Module, Short RangeFN-TRAN-SFP28-SR25 GE/10 GE dual rate SFP28 transceiver module, short range for all systems with SFP28/SFP slots.40 GE QSFP Transceivers, Short RangeFN-TRAN-QSFP SR40 GE QSFP transceivers, short range for all systems with QSFP slots.40 GE QSFP Transceivers, Short Range, BiDiFG-TRAN-QSFP SR-BIDI40 GE QSFP transceivers, short range BiDi for systems with QSFP slots.40 GE QSFP Transceivers, Long RangeFN-TRAN-QSFP LR40 GE QSFP transceivers, long range for all systems with QSFP slots.40 GE QSFP to 4x 10 GE SFP optical breakout, 1 meterFG-TRAN-QSFP-4XSFP40 GE QSFP parallel breakout MPO to 4x LC connectors, 1 m reach, transceivers notincluded.Rack Mount Sliding RailsSP-FG3040B-RAILRack mount sliding rails for FG-1000C/-DC, FG-1100/1101E, FG-1200D, FG-1500D/-DC, FG1800F, FG-2000E, FG-2500E, FG-3040B/-DC, FG-3140B/-DC, FG-3240C/-DC, FG-3000D/DC, FG-3100D/-DC, FG-3200D/-DC, FG-3400/3401E, FG-3600/3601E, FG-3700D/-DC,FG-3700DX, FG-3810D/-DC and FG-3950B/-DC.AC Power SupplySP-FG1800F-PSAC power supply for FG-1800/1801F.DC Power SupplySP-FG1800F-DC-PSDC power supply for FG-1800/1801F and FG-2600/2601.40GE QSFP Passive Direct Attach Cable 1mSP-CABLE-FS-QSFP 140GE QSFP Passive Direct Attach Cable, 1m for Systems with QSFP slots.40GE QSFP Passive Direct Attach Cable 3mSP-CABLE-FS-QSFP 340GE QSFP Passive Direct Attach Cable, 3m for Systems with QSFP slots.40GE QSFP Passive Direct Attach Cable 5mSP-CABLE-FS-QSFP 540GE QSFP Passive Direct Attach Cable, 5m for Systems with QSFP slots.6
DATA SHEET FortiGate 1800F SeriesBUNDLESBundlesFortiGuardBundleFortiGuard Labs deliversa number of securityintelligence services toaugment the FortiGatefirewall platform. Youcan easily optimize theprotection capabilities ofyour FortiGate with one ofthese FortiGuard Bundles.FortiCareEnterprise ProtectionUnified Threat ProtectionAdvanced ThreatProtection24x724x724x7FortiGuard App Control Service FortiGuard IPS Service FortiGuard Advanced Malware Protection (AMP) — Antivirus,Mobile Malware, Botnet, CDR, Virus Outbreak Protection andFortiSandbox Cloud Service FortiGuard Web and Video1 Filtering Service FortiGuard Antispam Service FortiGuard Security Rating Service FortiGuard IoT Detection Service FortiGuard Industrial Service FortiConverter Service 1. Available when running FortiOS 7.0www.fortinet.comCopyright 2022 Fortinet, Inc. All rights reserved. Fortinet , FortiGate , FortiCare and FortiGuard , and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet.All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables,different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a bindingwritten contract, signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expresslyidentified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, andguarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. Fortinet disclaims in full anycovenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.Fortinet is committed to driving progress and sustainability for all through cybersecurity, with respect for human rights and ethical business practices, making possible a digital world you can always trust. You represent and warrant to Fortinet that you will not useFortinet’s products and services to engage in, or support in any way, violations or abuses of human rights, including those involving censorship, surveillance, detention, or excessive use of force. Users of Fortinet products are required to comply with the Fortinet /assets/legal/EULA.pdf) and report any suspected violations of the EULA via the procedures outlined in the Fortinet Whistleblower Policy i/19775/Whistleblower Policy.pdf).FG-1800F-DAT-R25-20220602
and highlights best practices to improve overall security posture Security Fabric n Enables Fortinet and Fabric-ready partners' products to provide broader visibility, integrated end-to-end . a single high-performance network security appliance, powered by Fortinet's Security Processing Unit (SPU) § Full visibility into users, devices .
