WIXLIB

Next Generation FirewallInternal Segmentation FirewallData Center Firewall and IPSCarrier-Class FirewallFortiGate 6000F Series FortiGate 6300F, 6301F, 6500F and 6501FThe FortiGate 6000F series delivers high performance threat protection for large enterprises and serviceproviders, with the flexibility to be deployed at the Internet or cloud edge, in the data center core orinternal segments. The multiple high-speed interfaces, high port density, industry-leading securityefficacy and high throughput of the 6000F series keeps your network connected and secure.Security§§ Protects against known exploits, malware and malicious URLsusing continuous threat intelligence provided by FortiGuardLabs security services§§ Protects against unknown attacks using dynamic analysis andprovides automated mitigation to stop targeted attacksNetworking§§ Delivers extensive network interface flexibility with the first1/10/25 G interface support in the industry§§ With uplinks in typical data centers moving to 100 GE, thecombination of 1/10/25 and 40/100 GE interfaces providessuperior interface flexibility and TCO for customersPerformance§§ Next Generation of Fortinet Distribution Processors (DP3)introduces a revolutionary load balancing architecture providingboth resiliency and ultra high connection rate support§§ Delivers industry’s best threat protection performance andultra-low latency using purpose-built security processor(SPU) technology§§ Provides industry-leading performance and protection for SSLencrypted trafficManagementCertification§§ Independently tested and validated best security effectivenessand performance§§ Single Pane of Glass with Network Operations Center (NOC)view provides 360 visibility to identify issues quicklyand intuitivelySecurity Fabric§§ Enables Fortinet and Fabric-ready partners’products to collaboratively integrate andprovide end-to-end security across the entireattack 9 Gbps239 GbpsIPSNGFWThreat ProtectionNetwork Interfaces110 Gbps90 Gbps60 GbpsMultiple 40/100 GE QSFP28, 1/10/25 GE SFP28,1/10 GE SFP and GE RJ45170 Gbps150 Gbps100 GbpsMultiple 40/100 GE QSFP28, 1/10/25 GE SFP28,1/10 GE SFP and GE RJ45Refer to specification table for detailsDATA SHEET

FortiGate 6000F Series DEPLOYMENTN ext GenerationFirewall (NGFW)§§ Security gateway to the Internetfor enterprises§§ Enforce security policies withgranular control and visibility ofI nternal SegmentationFirewall (ISFW)§§ Segmentation solution for end-to-endlow latency firewall for data center edgecompliance requirementsand core§§ High port density and acceleratedtraffic processing capacity, todiscrete applicationsprotect multiple segments withoutintrusion prevention beyond port and§§ High availability, high throughput andprotection against threats while meetingusers and devices for thousands of§§ Identify and stop threats with powerfulD ata Center Firewalland IPS (DCFW-IPS)§§ High session scale for accommodatinglarge network and user traffic forInternet and cloud-facing data centerscompromising performance§§ High-speed interfaces for future-proof§§ Deploy transparently and rapidlyprotocol that examines the actualinto existing environments withcontent of your network trafficminimal disruptionconnectivity while compact sizecontributes to greener data centers§§ Performance optimized IPS engine todetect and deter latest known and zeroday threats Carrier-ClassFirewall (CCFW)CAMPUSFortiGate 6300F/6500F deployment inlarge campus networks (NGFW, ISFW)FortiSandboxAdvanced ThreatProtectionFortiAPSecure AccessPoint§§ Reliable high capacity firewall designedfor service providersFortiSwitchSwitching§§ Powered by multiple SPU NetworkProcessors that accelerate processingfor both IPv4 and IPv6 traffic§§ Supports Carrier License upgrade thatFortiGateNGFWFortiClientEndpoint teISFWunlocks features and protocol supportfor mobile networks such as GTPFortiAnalyzerLogging, Analysis,Reportingand SCTP§§ High-speed interfaces for future-proofconnectivityFortiClientVPN ClientDATACENTERFortiGate 6300F/6500F deployment indata center (DCFW-IPS/NGFW, rCentralizedManagementFortiAnalyzerLogging, Analysis,Reporting2www.fortinet.com

FortiGate 6000F Series HARDWAREFortiGate 6300F/6301F/6500F/6501FSSD2FAN 1FAN 2FAN rrier/2TBInterfaces1. Console Port2. USB Port3. 2x GE RJ45, 1x 1/10 GE SFP Management Ports4. 2x 10 GE SFP HA Slots5. 24x 1/10/25 GE SFP28 Slots6. 4x 40/100 GE QSFP28 SlotsNetwork ProcessorPowered by SPU§§ Custom SPU processors deliver thepower you need to detect maliciouscontent at multi-Gigabit speeds§§ Other security technologies cannot protect againsttoday’s wide range of content- and connection-basedthreats because they rely on general-purpose CPUs,causing a dangerous performance gap§§ SPU processors provide the performance neededto block emerging threats, meet rigorous third-partycertifications, and ensure that your network securitysolution does not become a network bottleneckFortinet’s new, breakthrough SPU NP6 network processor worksinline with FortiOS functions delivering:§§ Superior firewall performance for IPv4/IPv6, SCTP and multicasttraffic with ultra-low latency down to 2 microseconds§§ VPN and IP tunnel acceleration§§ Anomaly-based intrusion prevention, checksum offload andpacket defragmentation§§ Traffic shaping and priority queuingContent ProcessorFortinet’s new, breakthrough SPU CP9 content processor worksoutside of the direct flow of traffic and accelerates the inspection ofcomputationally intensive security features:§§ Enhanced IPS performance with unique capability of fullsignature matching at SPU§§ SSL Inspection capabilities based on the latest industrymandated cipher suites§§ Encryption and decryption offloadingDistribution ProcessorFortinet’s SPU DP3 distribution processor provides hardware loadbalancing for traffic to multiple processing units.3

FortiGate 6000F Series FORTINET SECURITY FABRICFortiManagerFortiAnalyzerFortiSIEMSecurity FabricThe Security Fabric allows security to dynamically expand andPartner APIadapt as more and more workloads and data are added. SecurityFortiGateVMseamlessly follows and protects data, users, and applicationsas they move between IoT, devices, and cloud environmentsFortiOSthroughout the network.FortiClientFortiGates are the foundation of Security Fabric, expanding securityFortiWebFortiGatevia visibility and control by tightly integrating with other Fortinetsecurity products and Fabric-Ready Partner rtiSandboxFortiOSControl all the security and networking capabilities across the entireFortiGate platform with one intuitive operating system. Reduceoperating expenses and save time with a truly consolidated nextgeneration security platform.§§ A truly consolidated platform with one OS for all security andnetworking services for all FortiGate platforms.§§ Industry-leading protection: NSS Labs Recommended, VB100,AV Comparatives, and ICSA validated security and performance.§§ Control thousands of applications, block the latest exploits, andfilter web traffic based on millions of real-time URL ratings.§§ Prevent, detect, and mitigate advanced attacks automatically inminutes with integrated advanced threat protection.§§ Fulfill your networking needs with extensive routing, switching,and SD-WAN capabilities.§§ Ultilize SPU hardware acceleration to boost security capabilityperformance.For more information, please refer to the FortiOS datasheet available at www.fortinet.comSERVICESFortiGuard Security ServicesFortiCare Support ServicesFortiGuard Labs offers real-time intelligence on the threatOur FortiCare customer support team provides global technicallandscape, delivering comprehensive security updates acrosssupport for all Fortinet products. With support staff in the Americas,the full range of Fortinet’s solutions. Comprised of securityEurope, Middle East, and Asia, FortiCare offers services to meetthreat researchers, engineers, and forensic specialists, thethe needs of enterprises of all sizes.team collaborates with the world’s leading threat monitoringorganizations and other network and security vendors, as well aslaw enforcement agencies.4For more information, please refer to forti.net/fortiguardand forti.net/forticarewww.fortinet.com

FortiGate 6000F Series SPECIFICATIONSFG-6300F/6301FFG-6500F/6501F40/100 GE QSFP28 Slots4Height x Width x Length (inches)1/10/25 GE SFP28 Slots24Height x Width x Length (mm)10 GE SFP Slots3WeightGE RJ45 Management Ports2USB Ports1Console Port1Internal StorageFG-6500F/6501F5.20 x 17.20 x 26.185.3 x 17.2 x 27.3AC Power Supply2 TB NVMe (for 6301F and 6501F only)Included Transceivers2x SFP (SR 10 GE)Firewall Throughput(1518 / 512 / 64 byte, UDP)Heat Dissipation239 / 238 / 135 Gbps5 μs5 μsFirewall Throughput (Packet per Second)202.5 Mpps202.5 MppsConcurrent Sessions (TCP)120 Million200 MillionNew Sessions/Sec (TCP)2 Million3 MillionFirewall Policies200,000200,000130 Gbps160 GbpsGateway-to-Gateway IPsec VPN Tunnels16,00016,000Client-to-Gateway IPsec VPN Tunnels90,00090,0001SSL-VPN ThroughputConcurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode)TBATBA30,00030,000SSL Inspection Throughput (IPS, HTTP) 390 Gbps130 GbpsApplication Control Throughput (HTTP 64K) 2150 Gbps220 GbpsCAPWAP Throughput (1444 byte, UDP)Power Consumption (Average / Maximum)Current (Maximum)239 / 238 / 135 GbpsFirewall Latency (64 byte, UDP)N/AVirtual Domains (Default / Maximum)132 x 437 x 665133 x 437 x 69467.68 lbs (30.7 kg) /69.00 lbs (31.3 kg)78.26 lbs (35.5 kg) /79.59 lbs (36.1 kg)Form FactorSystem Performance and CapacityIPsec VPN Throughput (512 byte)FG-6300F/6301FDimensions and PowerInterfaces and ModulesRedundant Power Supplies3 RU100–240V AC, 50–60 Hz(977 / 1,217 W) /(977 / 1,237 W)(1,308 / 1,548 W) /(1,328 / 1,568 W)30A@100VAC, 20A@240VAC4,153 / 4,221 BTU/h5,282 / 5,350 BTU/h2 1 Redundant, Hot SwappableOperating Environment and CertificationsOperating Temperature32–104 F (0–40 C)Storage Temperature-31–158 F (-35–70 C)Humidity10–90% non-condensingNoise LevelOperating AltitudeCompliance57.43 dBAUp to 7,400 ft (2,250 m)FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CBN/A10 / 500Maximum Number of Switches SupportedN/AMaximum Number of FortiAPs(Total / Tunnel Mode)N/AMaximum Number of FortiTokens20,000Maximum Number of Registered FortiClients100,000High Availability ConfigurationsSupportedSystem Performance — Optimal Traffic MixIPS Throughput 2212 Gbps230 GbpsIPS Throughput 2110 Gbps170 GbpsNGFW Throughput 2, 490 Gbps150 GbpsThreat Protection Throughput 2, 560 Gbps100 GbpsSystem Performance — Enterprise Traffic MixNote: All performance values are “up to” and vary depending on system configuration.1. IPsec VPN performance test uses AES256-SHA256.2. IPS (Enterprise Mix), Application Control, NGFW and Threat Protection are measured with Logging enabled.3. SSL Inspection performance test uses TLS v1.2 with AES128-SHA256.4. NGFW performance is measured with Firewall, IPS and Application Control enabled.5. Threat Protection performance is measured with Firewall, IPS, Application Control and MalwareProtection enabled.5