Fortinet Pushes UTM Performance with FortiGate 620B - What’s in the Box
(
Page 2 of 2 )
The
FortiGate 620B is the follow-up to the company’s 310B security
appliance, which was designed for smaller enterprises. The 620B offers
roughly double the performance and port density of the 310B and is
better positioned to protect a larger enterprise.
The
performance increase is due to the integration of a purpose-built
security processing ASIC, which offers near line speed throughput on
each of the unit’s gigabit Ethernet ports.
The basic
unit offers 20 10/100/1000 Ethernet ports and can be increased to 24
ports with the addition of an expansion module. Sixteen of those ports
(20 with the expansion module) are hardware accelerated and can be set
up as segmented LAN interfaces. Those ports can be segmented into
groups or individual ports to meet different needs, such as creating
more secure and less secure subnets, each with granular security and
policy driven controls. That allows administrators to define subnets
that are physically separate, yet can communicate with each other
through the firewall, backed by all of the associated security services
offered by the unit.
The
segmentation capabilities offer another example of how the 620B can be
used to replace multiple devices at the edge of the network, while
still offering complete security in a unified environment.
The
firewall is rated for 20 Gbps throughput for raw traffic. VPN
connections reduce the throughput to 15 Gbps, which should still be
more than adequate for most installations and for site-to-site
encrypted connections.
The
FortiGate 620B takes a multilayered approach to securing traffic and
uses hardware acceleration to push traffic through each security layer.
Each layer handles a different security function, allowing full
scanning to take place, independently of each security process, again
showing that the 620B is more than capable of replacing multiple
devices with a single unit.
Administrators
will find the device straightforward to install and configure, at least
for the basic functions. For the more advanced features, such as
granular policy definition or segmentation, solution providers will
need a good understanding of the network environment and familiarity
with the appliance's advanced menus. The same complexities can be
encountered when upgrading or adding services to the unit. Luckily, if
you have configured other Fortigate products, then the 620B should not
pose any unconquerable challenges.
Fortinet
includes excellent documentation and good technical resources.
Registered partners also have access to advanced technical support
services and the ability to escalate support requests.
When it
comes to UTM appliances for the enterprise, Fortinet’s FortiGate 620B
doesn’t really offer anything new. The benefits are derived from the
performance of the unit and the high level of integration. The low
entry point price of under $16,000 makes the 620B a strong contender
for edge security chores on an enterprise network.
Regrettably,
Fortinet does not reveal margins or other profit elements, making it
difficult to determine if the company’s products can be a gold mine or
a financial burden for approved solution providers.
