What’s in the Box

By Frank Ohlhorst  |  Print this article Print


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

Fortinet is looking to rev up the enterprise UTM market with the FortiGate 620B, a new ASIC-based appliance that boasts a 16 Gbps firewall and 12 Gbps VPN throughput.


The FortiGate 620B is the follow-up to the company’s 310B security appliance, which was designed for smaller enterprises. The 620B offers roughly double the performance and port density of the 310B and is better positioned to protect a larger enterprise.

The performance increase is due to the integration of a purpose-built security processing ASIC, which offers near line speed throughput on each of the unit’s gigabit Ethernet ports.

The basic unit offers 20 10/100/1000 Ethernet ports and can be increased to 24 ports with the addition of an expansion module. Sixteen of those ports (20 with the expansion module) are hardware accelerated and can be set up as segmented LAN interfaces. Those ports can be segmented into groups or individual ports to meet different needs, such as creating more secure and less secure subnets, each with granular security and policy driven controls. That allows administrators to define subnets that are physically separate, yet can communicate with each other through the firewall, backed by all of the associated security services offered by the unit.

The segmentation capabilities offer another example of how the 620B can be used to replace multiple devices at the edge of the network, while still offering complete security in a unified environment.

The firewall is rated for 20 Gbps throughput for raw traffic. VPN connections reduce the throughput to 15 Gbps, which should still be more than adequate for most installations and for site-to-site encrypted connections.

The FortiGate 620B takes a multilayered approach to securing traffic and uses hardware acceleration to push traffic through each security layer. Each layer handles a different security function, allowing full scanning to take place, independently of each security process, again showing that the 620B is more than capable of replacing multiple devices with a single unit.

Administrators will find the device straightforward to install and configure, at least for the basic functions. For the more advanced features, such as granular policy definition or segmentation, solution providers will need a good understanding of the network environment and familiarity with the appliance's advanced menus. The same complexities can be encountered when upgrading or adding services to the unit. Luckily, if you have configured other Fortigate products, then the 620B should not pose any unconquerable challenges.

Fortinet includes excellent documentation and good technical resources. Registered partners also have access to advanced technical support services and the ability to escalate support requests.

When it comes to UTM appliances for the enterprise, Fortinet’s FortiGate 620B doesn’t really offer anything new. The benefits are derived from the performance of the unit and the high level of integration. The low entry point price of under $16,000 makes the 620B a strong contender for edge security chores on an enterprise network.

Regrettably, Fortinet does not reveal margins or other profit elements, making it difficult to determine if the company’s products can be a gold mine or a financial burden for approved solution providers.

Frank Ohlhorst Frank J. Ohlhorst is the Executive Technology Editor for eWeek Channel Insider and brings with him over 20 years of experience in the Information Technology field.He began his career as a network administrator and applications program in the private sector for two years before joining a computer consulting firm as a programmer analyst. In 1988 Frank founded a computer consulting company, which specialized in network design, implementation, and support, along with custom accounting applications developed in a variety of programming languages.In 1991, Frank took a position with the United States Department of Energy as a Network Manager for multiple DOE Area Offices with locations at Brookhaven National Laboratory (BNL), Princeton Plasma Physics Laboratory (PPL), Argonne National Laboratory (ANL), FermiLAB and the Ames Area Office (AMESAO). Frank's duties included managing the site networks, associated staff and the inter-network links between the area offices. He also served at the Computer Security Officer (CSO) for multiple DOE sites. Frank joined CMP Technology's Channel group in 1999 as a Technical Editor assigned to the CRN Test Center, within a year, Frank became the Senior Technical Editor, and was responsible for designing product testing methodologies, assigning product reviews, roundups and bakeoffs to the CRN Test Center staff.In 2003, Frank was named Technology Editor of CRN. In that capacity, he ensured that CRN maintained a clearer focus on technology and increased the integration of the Test Center's review content into both CRN's print and web properties. He also contributed to Netseminar's, hosted sessions at CMP's Xchange Channel trade shows and helped to develop new methods of content delivery, Such as CRN-TV.In September of 2004, Frank became the Director of the CRN Test Center and was charged with increasing the Test Center's contributions to CMP's Channel Web online presence and CMP's latest monthly publication, Digital Connect, a magazine geared towards the home integrator. He also continued to contribute to CMP's Netseminar series, Xchange events, industry conferences and CRN-TV.In January of 2007, CMP Launched CRNtech, a monthly publication focused on technology for the channel, with a mailed audience of 70,000 qualified readers. Frank was instrumental in the development and design of CRNTech and was the editorial director of the publication as well as its primary contributor. He also maintained the edit calendar, and hosted quarterly CRNTech Live events.In June 2007, Frank was named Senior Technology Analyst and became responsible for the technical focus and edit calendars of all the Channel Group's publications, including CRN, CRNTech, and VARBusiness, along with the Channel Group's specialized publications Solutions Inc., Government VAR, TechBuilder and various custom publications. Frank joined Ziff Davis Enterprise in September of 2007 and focuses on creating editorial content geared towards the purveyors of Information Technology products and services. Frank writes comparative reviews, channel analysis pieces and participates in many of Ziff Davis Enterprise's tradeshows and webinars. He has received several awards for his writing and editing, including back to back best review of the year awards, and a president's award for CRN-TV. Frank speaks at many industry conferences, is a contributor to several IT Books, holds several records for online hits and has several industry certifications, including Novell's CNE, Microsoft's MCP.Frank can be reached at frank.ohlhorst@ziffdavisenterprise.com

Submit a Comment

Loading Comments...