Fortinet FortiGate 2000E
High Performance Next Generation/Edge Firewall for the Enterprise
Click here to jump to more pricing!
Overview:
The Fortinet Enterprise Firewall Solution
The Fortinet Enterprise Firewall Solution delivers end-to-end network security with one platform, one network security operating system and unified policy management with a single pane of glass — for the industry’s best protection against the most advanced security threats and targeted attacks.
Hardware:
FortiGate 2000E
Interfaces
- Console Port
- USB Port
- 2x GE RJ45 Management Ports
- 32x GE RJ45 Ports
- 6x 10 GE SFP+ Slots
NP Direct
By removing the Internal Switch Fabric, the NP Direct architecture provides direct access to the SPU-NP for the lowest latency forwarding. NGFW deployments require some attention to network design to ensure optimal use of this technology.
Powered by SPU
- Custom SPU processors deliver the power you need to detect malicious content at multi-Gigabit speeds
- Other security technologies cannot protect against today’s wide range of content- and connection-based threats because they rely on general-purpose CPUs, causing a dangerous performance gap
- SPU processors provide the performance needed to block emerging threats, meet rigorous third-party certifications, and ensure that your network security solution does not become a network bottleneck
Network Processor
Fortinet’s new, breakthrough SPU NP6 network processor works inline with FortiOS functions delivering:
- Superior firewall performance for IPv4/IPv6, SCTP and multicast traffic with ultra-low latency down to 2 microseconds
- VPN, CAPWAP and IP tunnel acceleration
- Anomaly-based intrusion prevention, checksum offload and packet defragmentation
- Traffic shaping and priority queuing
Content Processor
Fortinet’s new, breakthrough SPU CP9 content processor works outside of the direct flow of traffic and accelerates the inspection of computationally intensive security features:
- Enhanced IPS performance with unique capability of full signature matching at ASIC
- SSL Inspection capabilities based on the latest industry mandated cipher suites
- Encryption and decryption offloading
10 GE Connectivity
High speed connectivity is essential for network security segmentation at the core of data networks. The FortiGate 2000E provides high 10 GE port densities, simplifying network designs without relying on additional devices to bridge desired connectivity.
Software:
FortiOS
Control all the security and networking capabilities across the entire FortiGate platform with one intuitive operating system. Reduce operating expenses and save time with a truly consolidated next generation security platform.- A truly consolidated platform with one OS for all security and networking services for all FortiGate platforms.
- Industry-leading protection: NSS Labs Recommended, VB100, AV Comparatives and ICSA validated security and performance.
- Control thousands of applications, block the latest exploits, and filter web traffic based on millions of real-time URL ratings.
- Detect, contain and block advanced attacks automatically in minutes with integrated advanced threat protection framework.
- Solve your networking needs with extensive routing, switching, WiFi, LAN and WAN capabilities.
- Activate all the ASIC-boosted capabilities you need on the fastest firewall platform available.
Services:
FortiGuard Security Services
FortiGuard Labs offers real-time intelligence on the threat landscape, delivering comprehensive security updates across the full range of Fortinet's solutions. Comprised of security threat researchers, engineers, and forensic specialists, the team collaborates with the world's leading threat monitoring organizations, other network and security vendors, as well as law enforcement agencies:
- Real-time Updates — 24x7x365 Global Operations research security intelligence, distributed via Fortinet Distributed Network to all Fortinet platforms.
- Security Research — FortiGuard Labs have discovered over 170 unique zero-day vulnerabilities to date, totaling millions of automated signature updates monthly
- Validated Security Intelligence — Based on FortiGuard intelligence, Fortinet's network security platform is tested and validated by the world's leading third-party testing labs and customers globally.
FortiCare Support Services
Our FortiCare customer support team provides global technical support for all Fortinet products. With support staff in the Americas, Europe, Middle East and Asia, FortiCare offers services to meet the needs of enterprises of all sizes:
- Enhanced Support — For customers who need support during local business hours only.
- Comprehensive Support — For customers who need around- the-clock mission critical support, including advanced exchange hardware replacement.
- Advanced Services — For global or regional customers who need an assigned Technical Account Manager, enhanced service level agreements, extended software support, priority escalation, on-site visits and more.
- Professional Services — For customers with more complex security implementations that require architecture and design services, implementation and deployment services, operational services and more.
Enterprise Bundle
FortiGuard Labs delivers a number of security intelligence services to augment the FortiGate firewall platform. You can easily optimize the protection capabilities of your FortiGate with the FortiGuard Enterprise Bundle. This bundle contains the full set of FortiGuard security services plus FortiCare service and support offering the most flexibility and broadest range of protection all in one package.Specifications:
FortiGate 2000E Specifications | |
---|---|
Hardware Specifications | |
Hardware Accelerated 10 GE SFP+ Slots | 6 |
Hardware Accelerated GE RJ45 Ports | 32 |
GE RJ45 Management / HA Ports | 2 |
USB Ports | 1 |
Console Port | 1 |
Onboard Storage | 480 GB |
Included Transceivers | 2x SFP+ (SR 10GE) |
System Performance | |
IPv4 Firewall Throughput (1518 / 512 / 64 byte, UDP) | 90 / 90 / 60 Gbps |
IPv6 Firewall Throughput (1518 / 512 / 86 byte, UDP) | 90 / 90 / 60 Gbps |
Firewall Latency (64 byte, UDP) | 2 μs |
Firewall Throughput (Packet per Second) | 90 Mpps |
Concurrent Sessions (TCP) | 20 Million |
New Sessions/Second (TCP) | 500,000 |
Firewall Policies | 100,000 |
IPsec VPN Throughput (512 byte packets) | 65 Gbps |
Gateway-to-Gateway IPsec VPN Tunnels | 20,000 |
Client-to-Gateway IPsec VPN Tunnels | 50,000 |
SSL-VPN Throughput | 6 Gbps |
Concurrent SSL-VPN Users (Recommended Maximum) | 10,000 |
IPS Throughput (HTTP / Enterprise Mix) 1 | 25 / 11.5 Gbps |
SSL Inspection Throughput 2 | 12.5 Gbps |
Application Control Throughput 3 | 15 Gbps |
NGFW Throughput 4 | 9 Gbps |
Threat Protection Throughput 5 | 25.4 Gbps |
CAPWAP Throughput 6 | 21 Gbps |
Virtual Domains (Default / Maximum) | 10 / 500 |
Maximum Number of FortiAPs (Total / Tunnel) | 4,096 / 1,024 |
Maximum Number of FortiTokens | 5,000 |
Maximum Number of Registered Endpoints | 8,000 |
High Availability Configurations | Active-Active, Active-Passive, Clustering |
Dimensions | |
Height x Width x Length (inches) | 3.5 x 17.4 x 21.9 |
Height x Width x Length (mm) | 89 x 442 x 555 |
Weight | 37.0 lbs (16.8 kg) |
Form Factor | Rack Mount, 2 RU |
Power | |
Power Required | 100–240V AC, 60–50 Hz |
Maximum Current | 9A |
Power Consumption (Average / Maximum) | 280 / 430 W |
Heat Dissipation | 1,467 BTU/h |
Redundant Power Supplies | Yes, Hot swappable |
Environment | |
Operating Temperature | 32–104°F (0–40°C) |
Storage Temperature | -31–158°F (-35–70°C) |
Humidity | 20–90% non-condensing |
Operating Altitude | Up to 7,400 ft (2,250 m) |
Compliance | |
Safety | FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CB |
Certifications | |
ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN |
Note: All performance values are "up to" and vary depending on system configuration. IPsec VPN performance is based on 512 byte UDP packets using AES-256+SHA1.
1. IPS performance is measured using 1 Mbyte HTTP and Enterprise Traffic Mix.
2. SSL Inspection is measured with IPS enabled and HTTP traffic, using TLS v1.2 with AES256-SHA.
3. Application Control performance is measured with 64 Kbytes HTTP traffic.
4. NGFW performance is measured with IPS and Application Control enabled, based on Enterprise Traffic Mix.
5. Threat Protection performance is measured with IPS and Application Control and Malware protection enabled, based on Enterprise Traffic Mix.
6. CAPWAP performance is based on 1444 byte UDP packets.
Documentation:
Download the Fortinet FortiGate 2000E Data Sheet (PDF).
Pricing Notes:
- All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
- Hardware plus ASE FortiCare and FortiGuard 360 Protection
Hardware unit, 24x7 Comprehensive Support, Advanced Services Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, 360 Services Bundle (SD-WAN Orchestrator, SD-WAN Cloud Assisted Monitoring, SD-WAN Overlay Controller VPN, FortiManager Cloud, FortiAnalyzer Cloud, Fortinet SOCaaS, IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox, Application Control, Web & Video Filtering, Antispam, Security Rating, IoT Detection, Industrial Security and FortiConverter Service) plus term of contract - Hardware plus 24x7 FortiCare and FortiGuard Enterprise Protection
Hardware Unit, 24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering, Antispam, Security Rating, Industrial Security and FortiConverter Service) plus term of contract - Hardware plus 24x7 FortiCare and FortiGuard Unified Threat Protection (UTP)
Hardware Unit, 24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering and Antispam Service) plus term of contract - 360 Protection (SD-WAN Orchestrator, SD-WAN Cloud Monitoring, FMG/FAZ Cloud, IPAM, IPS, AMP, App Ctrl, Web & Video Filtering, AS, Security Rating, IoT Detection, Industrial Security, FortiConverter Svc, and ASE FortiCare)
24x7 Comprehensive Support, Advanced Services Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, 360 Services Bundle (SD-WAN Orchestrator, SD-WAN Cloud Assisted Monitoring, SD-WAN Overlay Controller VPN, FortiManager Cloud, FortiAnalyzer Cloud, Fortinet SOCaaS, IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox, Application Control, Web & Video Filtering, Antispam, Security Rating, IoT Detection, Industrial Security and FortiConverter Service) - Enterprise Protection (IPS, Advanced Malware Protection, Application Control, Web & Video Filtering, Antispam, Security Rating, IoT Detection, Industrial Security, FortiConverter Svc, and 24x7 FortiCare)
24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering, Antispam, Security Rating, Industrial Security and FortiConverter Service) - Unified Threat Protection (UTP) (IPS, Advanced Malware Protection, Application Control, Web & Video Filtering, Antispam Service, and 24x7 FortiCare)
24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering and Antispam Service) - Advanced Threat Protection (IPS, Advanced Malware Protection Service, Application Control, and 24x7 FortiCare)
24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Advanced Threat Protection Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct Service, Application Control) - 24x7 FortiCare Contract
24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Application Control - ASE FortiCare (24x7 plus Advanced Services Ticket Handling)
24x7 Comprehensive Support, Advanced Services Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Application Control. - Prices are for one year of Premium RMA support. Usual discounts can be applied.
- Annual contracts only. No multi-year SKUs are available for these services.
- Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
- Pricing and product availability subject to change without notice.