Home / Fortinet / Fortinet Next Generation Firewalls : Fortinet 5000 Series Firewalls

Fortinet Next Generation Firewalls : Fortinet 5000 Series Firewalls

Today I am going to talk about Fortinet Next Generation Firewalls. As i already wrote many articles on Next Generation firewalls. Below are some of the links of other vendors describing Next Generation Firewalls

Now I am going to talk about the Fortinet Next Generation Firewalls.

Fortinet Next Generation Firewalls
The Fort iGATE High-end series of Data Center and Next-Gen Firewalls deliver all the top-rated security effectiveness you expect from Fortinet, in an ultra-low latency compact appliance and flexible chassis platform. 
Fig 1.1- Fortigate Next Generation Firewalls


Purpose built Forti-ASIC processors and FortiOS, delivers exceptional throughput and enables security, scalability, flexibility and manageability you demand for data center edge or core platforms for multi-tenant environments.

  • Up to 300+ Gbps firewall appliance or 1 Tbps+ chassis throughput
  • Integrated High-Speed 40/100 GbE ports and ultra-high 10Gbe port density
  • NSS Labs Recommended consolidated security delivers top-rated protection
  • Highly available and Virtual Domain support for multi-tenant environment
  • Intuitive management interface enables broad and deep visibility and control
  • FortiCarrier provides enhanced FortiOS features for 4G LTE Carrier and ISP Networks.

Fortigate 5000 Series:

The FortiGate 5000 series Chassis-based Platforms offer groundbreaking throughput and proven resilience to satisfy the most demanding Carrier and Enterprise Data Center requirements.
The FortiGate 5000 series integrates modular carrier class hardware components with advanced FortiASIC acceleration and consolidated security from the FortiOS Operating System to deliver up-to 1Tbps throughput.

Fig 1.2- Fortinet Firewalls

FortiGate 5000-series appliances give you the ability to deploy a wide range of Fortinet’s UTM inspection capabilities, including firewall, IPS, application control, VPN, and web filtering. These features can be scaled as required by adding more security blades. Each system also supports FortiGuard security subscription services to deliver dynamic, automated updates and ensure up-to-date protection against sophisticated threats.

In addition, the devices support a web-based GUI, ‘single pane of glass’ management console, and on-board reporting. By consolidating multiple security enforcement technologies into a single system, the FortiGate 5000-series eliminate disparate hardware devices and software solutions, greatly simplifying security gateway implementation and reducing total cost of ownership.

The chassis enables the flexible system to scale effortlessly and with little disruptions by allowing blades to be hot swapped according to desired requirements. The system can also be configured for various resilience designs within the chassis as well as between chassis. The rack mount ATCA chassis provides centralized and redundant power supplies to its blades. With the exception of the FortiGate 5020, the chassis may be powered by either DC or AC with additional power interface.

It facilitates backplane communications between the blades which may be used for HA heartbeat and other control and data communications. The FortiGate 5060, FortiGate 5140B and FortiGate 5144C may house shelf managers that control chassis power allocation, monitor chassis operating parameters, monitor and control chassis cooling, and can signal alerts via alarm module if the chassis encounters problems.

Network Blade
Up to two networking blades may be installed on a FortiGate 5060, FortiGate 5140B and FortiGate 5144C in designated slots. These blades connect the system to the network while connected to the multiple security blades via the chassis’s backplane. The networking blade clusters the security blades with traffic distribution. Networking blades can assign security blades into service groups which are isolated clusters coexisting in a single chassis. Two networking blades may either operate as active-passive HA or separately with its own clusters.

Security Blade:
 High performance, ASICs powered security blades run on FortiOS or FortiCarrier which apply access policies and security profiles on the traffic they received from the networking blades via backplane or front panel interfaces. These blades may operate in NAT/route and/or transparent mode. They also support VDOMs within the cluster.