WIXLIB

Next Generation FirewallInternal Segmentation FirewallData Center Firewall and IPSFortiGate 1500DFortiGate 1500D, 1500D-DC and 1500DTThe FortiGate 1500D series delivers high performance threat protection for mid-sized to large enterprisesand service providers, with the flexibility to be deployed at the Internet or cloud edge, in the data centercore or internal segments. The multiple high-speed interfaces, high port density, industry-leading securityefficacy and high throughput of the 1500D series keeps your network connected and secure.SecurityNetworking Protects against known exploits, malware and malicious Delivers an extensive routing, switching, wireless controllerwebsites using continuous threat intelligence provided byFortiGuard Labs security servicesand high performance IPsec VPN capabilities to consolidatenetworking and security functionality Protects against unknown attacks using dynamic analysis andprovides automated mitigation to stop targeted attacks Enables flexible deployment modes that fit into organizations’evolving network infrastructure requirements with high portdensity and high-speed interfacesPerformance Delivers industry’s best threat protection performance andultra-low latency using purpose built security processor(SPU) technologyManagement Single Pane of Glass with Network Operations Center (NOC)view provides 360 visibility to identify issues quickly Provides industry leading performance and protection for SSLand intuitively Predefined compliance checklist analyzes the deployment andencrypted traffichighlights best practices to improve overall security postureCertification Independently tested and validated best security effectivenessSecurity Fabric Enables Fortinet and Fabric-ready partners’and performance Received unparalleled third-party certifications from NSS Labs,ICSA, Virus Bulletin and AV Comparativesproducts to collaboratively integrate andprovide end-to-end security across the entireattack surfaceFirewallIPSNGFWThreat ProtectionInterfaces80 Gbps13 Gbps7 Gbps5 GbpsMultiple GE RJ45, GE SFP and 10 GE SFP /GE SFP slots Variant with 10 GE RJ45Refer to specification table for detailsDATA SHEET

FortiGate 1500DDEPLOYMENTNext GenerationFirewall (NGFW)Internal SegmentationFirewall (ISFW) Security gateway to the Internetfor enterprises Enforce security policies withgranular control and visibility of Segmentation solution for end-to-endlow latency firewall for data center edgecompliance requirementsand core High port density and acceleratedtraffic processing capacity, todiscrete applicationsprotect multiple segments withoutintrusion prevention beyond port and High availability, high throughput andprotection against threats while meetingusers and devices for thousands of Identify and stop threats with powerfulData Center Firewalland IPS (DCFW-IPS)compromising performance Deploy transparently and rapidlyprotocol that examines the actualinto existing environments withcontent of your network trafficminimal disruption High session scale for accommodatinglarge network and user traffic forInternet and cloud-facing data centers High-speed interfaces for future-proofconnectivity while compact sizecontributes to greener data centers Performance optimized IPS engine todetect and deter latest known and zeroday threatsFortiSandboxCAMPUSAdvanced ThreatProtectionFortiAPSecure AccessPointFortiClientVPN Endpoint ing, Analysis,ReportingFortiAnalyzerLogging, Analysis,ReportingFortiGate 1500D deployment in large campus networks(NGFW, ISFW)2FortiGate 1500D deployment in data center(DCFW-IPS/NGFW, ISFW)www.fortinet.com

FortiGate 1500DHARDWAREFortiGate 1500D and 1500D-DCFortiGate 1500D10G SFP MGMT 113579111315171921232527293133353739MGMT ALARMHAPOWERUSB 0GBACDUALDCDUAL7FortiGate 1500DTFortiGate 1500DT210 GSFP MGMT 2022242628303234363840CONSOLESTATUSALARMHAPOWERUSB MGMTUSBMGMT 21345678Interfaces1.2.3.4.5.USB Management PortConsole PortUSB Port2x GE RJ45 Management Ports16x GE SFP Slots6. 16x GE RJ45 Ports7. 8x 10 GE SFP / GE SFP (1500D, 1500D-DC)4x 10 GE RJ45 Ports (1500DT)8. 4x 10 GE SFP Slots (1500DT)Network ProcessorPowered by SPU Custom SPU processors deliver thepower you need to detect maliciouscontent at multi-Gigabit speeds Other security technologies cannot protect againsttoday’s wide range of content- and connection-basedthreats because they rely on general-purpose CPUs,Fortinet’s new, breakthrough SPU NP6 network processor worksinline with FortiOS functions delivering: Superior firewall performance for IPv4/IPv6, SCTP and multicasttraffic with ultra-low latency down to 2 microseconds VPN, CAPWAP and IP tunnel acceleration Anomaly-based intrusion prevention, checksum offload andpacket defragmentation Traffic shaping and priority queuingcausing a dangerous performance gap SPU processors provide the performance neededto block emerging threats, meet rigorous third-partycertifications, and ensure that your network securitysolution does not become a network bottleneckContent ProcessorThe SPU CP8 content processor works outside of the direct flow oftraffic, providing high-speed cryptography and content inspectionservices including: Signature-based content inspection acceleration Encryption and decryption offloading3

FortiGate 1500DFORTINET SECURITY FABRICFortiManagerFortiAnalyzerFortiSIEMSecurity FabricThe Security Fabric allows security to dynamically expand andPartner APIFortiGateVMadapt as more and more workloads and data are added. Securityseamlessly follows and protects data, users, and applicationsas they move between IoT, devices, and cloud environmentsFortiOSthroughout the network.FortiClientFortiW ebFortiGates are the foundation of Security Fabric, expanding securityFortiGatevia visibility and control by tightly integrating with other Fortinetsecurity products and Fabric-Ready Partner rtiSandboxFortiOSControl all the security and networking capabilities across the entireFortiGate platform with one intuitive operating system. Reduceoperating expenses and save time with a truly consolidated nextgeneration security platform. A truly consolidated platform with one OS for all security andnetworking services for all FortiGate platforms. Industry-leading protection: NSS Labs Recommended, VB100,AV Comparatives, and ICSA validated security and performance. Control thousands of applications, block the latest exploits, andfilter web traffic based on millions of real-time URL ratings. Prevent, detect, and mitigate advanced attacks automatically inminutes with integrated advanced threat protection. Fulfill your networking needs with extensive routing, switching,and SD-WAN capabilities. Ultilize SPU hardware acceleration to boost security capabilityperformance.For more information, please refer to the FortiOS datasheet available at www.fortinet.comSERVICESFortiGuard Security ServicesFortiCare Support ServicesFortiGuard Labs offers real-time intelligence on the threatOur FortiCare customer support team provides global technicallandscape, delivering comprehensive security updates acrosssupport for all Fortinet products. With support staff in the Americas,the full range of Fortinet’s solutions. Comprised of securityEurope, Middle East, and Asia, FortiCare offers services to meetthreat researchers, engineers, and forensic specialists, thethe needs of enterprises of all sizes.team collaborates with the world’s leading threat monitoringorganizations and other network and security vendors, as well aslaw enforcement agencies.4For more information, please refer to forti.net/fortiguardand forti.net/forticarewww.fortinet.com

FortiGate 1500DSPECIFICATIONSFG-1500D / 1500D-DCFG-1500DTHardware SpecificationsHardware Accelerated 10 GE SFP /GE SFP Slots84Height x Width x Length (inches)Height x Width x Length (mm)Hardware Accelerated GE SFP SlotsHardware Accelerated 10 GE RJ45 PortsFG-1500D / 1500D-DC16–Weight4Form FactorHardware Accelerated GE RJ45 Ports16AC Power SupplyGE RJ45 Management / HA Ports2DC Power Supply (FG-1500D-DC)USB Ports (Client / Server)Console PortOnboard StorageIncluded TransceiversFG-1500DTDimensions and Power1 /112x 240 GB SSD2x SFP (SR 10GE)System Performance — Enterprise Traffic MixCurrent (Maximum)Power Consumption (Average / Maximum)Heat DissipationRedundant Power Supplies3.5 x 17.24 x 21.8189 x 438 x 55432.50 lbs (14.70 kg)34.39 lbs (15.6 kg)Rack Mount, 2 RU100–240V AC, 50–60 Hz–40.5–57V DC110V / 8A, 220V / 4A336 / 403.2 W230 / 350 W1,375 BTU/h1,193 BTU/hYes, Hot swappableOperating Environment and CertificationsIPS Throughput 213 GbpsOperating TemperatureNGFW Throughput 2, 47 GbpsStorage Temperature-31–158 F (-35–70 C)Threat Protection Throughput 2, 55 GbpsHumidity10–90% non-condensingNoise LevelSystem Performance and CapacityIPv4 Firewall Throughput(1518 / 512 / 64 byte, UDP)80 / 80 / 55 GbpsIPv6 Firewall Throughput(1518 / 512 / 86 byte, UDP)80 / 80 / 55 GbpsFirewall Latency (64 byte, UDP)82.5 MppsConcurrent Sessions (TCP)New Sessions/Second (TCP)12 Million300,000Firewall PoliciesIPsec VPN Throughput (512 byte) 1100,00050 GbpsGateway-to-Gateway IPsec VPN TunnelsClient-to-Gateway IPsec VPN Tunnels20,000100,000SSL-VPN Throughput4 GbpsConcurrent SSL-VPN Users(Recommended Maximum, Tunnel Mode)10,000SSL Inspection Throughput(IPS, avg. HTTPS) 35.7 Gbps800,000Application Control Throughput (HTTP 64K) 216 GbpsCAPWAP Throughput (1444 byte, UDP)20 GbpsVirtual Domains (Default / Maximum)10 / 250Maximum Number of FortiAPs(Total / Tunnel)FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CBCertificationsICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN;USGv6/IPv61284,096 / 1,024Maximum Number of FortiTokens5,000Maximum Number of Registered Endpoints20,000High Availability ConfigurationsCompliance3,100SSL Inspection Concurrent Session(IPS, avg. HTTPS) 3Maximum Number of Switches Supported59 dBAUp to 7,400 ft (2,250 m)3 μsFirewall Throughput (Packet per Second)SSL Inspection CPS (IPS, avg. HTTPS) 3Operating Altitude32–104 F (0–40 C)Active-Active, Active-Passive, ClusteringNote: All performance values are “up to” and vary depending on system configuration.1. IPsec VPN performance test uses AES256-SHA256.2. IPS (Enterprise Mix), Application Control, NGFW and Threat Protection are measured with Logging enabled.3. SSL Inspection performance values use an average of HTTPS sessions of different cipher suites.4. NGFW performance is measured with Firewall, IPS and Application Control enabled.5. Threat Protection performance is measured with Firewall, IPS, Application Control and MalwareProtection enabled.5