Fortinet FortiSwitch 424E-FIBER
Secure Access Switches
Click here to jump to more pricing!
Overview:
The FortiSwitch Secure Access Family delivers outstanding security, performance and manageability. Secure, Simple, and Scalable, FortiSwitch is the right choice for threat conscious businesses of all sizes. Tightly integrated into the Fortinet Security Fabric via FortiLink, FortiSwitch can be managed directly from the familiar FortiGate interface. This single pane of glass management provides complete visibility and control of users and devices on the network regardless of how they connect. This makes the FortiSwitch ideal for SD-Branch deployments with applications that range from desktop to data center aggregation, enabling businesses to converge their security and network access.
Security Fabric Integration through FortiLink
FortiLink is an innovative proprietary management protocol that allows our FortiGate Next Generation Firewall to seamlessly manage any FortiSwitch. FortiLink enables the FortiSwitch to become a logical extension of the FortiGate, integrating it directly into the Fortinet Security Fabric. This management option reduces complexity and decreases management cost as network security and access layer functions are enabled and managed through a single console. FortiLink integration enables centralized policy management, including role-based access and control, making it easy to implement and manage. This control and manageability make FortiSwitch ideal for SD-Branch deployments.
Highlights
- Designed for installations from desktops to wiring closets
- Ideal for SD-Branch deployments
- Centralized security and access management from the FortiGate user interface
- Optimal for converged network environments; enabling voice, data and wireless traffic to be delivered across a single network
- Supports non-FortiLink deployments through onboard GUI, API or command line configuration
- Up to 48 ports in a compact 1 RU form factor
- Stackable up to 300 switches per FortiGate, depending on model
- Supports Wire-speed switching and Store and Forward forwarding mode
Deployment
FortiLink Mode
The FortiSwitch Secure Access Switch series integrates directly into the FortiGate* Connected UTM, with switch administration and access port security managed from the familiar FortiGate interface. Regardless of how users and devices connect to the network, you have complete visibility and control over your network security and access through this single pane of glass, perfectly suited to threatconscious organizations of any size.
Standalone Mode
Virtualization and cloud computing have created dense high-bandwidth Ethernet networking requirements in the data center, pushing the limits of existing data center switching. FortiSwitch Data Center switches meet these challenges by providing a high performance 10 or 40 GE capable switching platform, with a low Total Cost of Ownership. Ideal for Top of Rack server or firewall aggregation applications, as well as enterprise network core or distribution deployments, these switches are purpose-built to meet the needs of today’s bandwidth intensive environments.
Features:
| FortiSwitch FortiLink Mode (With FortiGate) | |
|---|---|
| Management and Configuration | |
| Auto Discovery of Multiple Switches | Yes |
| Number of Managed Switches per FortiGate | 8 to 300 Depending on FortiGate Model (Please refer to admin guide) |
| FortiLink Stacking (Auto Inter-Switch Links) | Yes |
| Software Upgrade of Switches | Yes |
| Centralized VLAN Configuration | Yes |
| Switch POE Control | Yes |
| Link Aggregation Configuration | Yes |
| Spanning Tree | Yes |
| LLDP/MED | Yes |
| IGMP Snooping | Yes (not supported on 1xxE-Series) |
| L3 Routing and Services | Yes (FortiGate) |
| Policy-Based Routing | Yes (FortiGate) |
| Virtual Domain | Yes (FortiGate) |
| Security and Visibility | |
| 802.1x Authentication (Port-based, MAC-based, MAB) | Yes |
| Syslog Collection | Yes |
| DHCP Snooping | Yes |
| Device Detection | Yes |
| MAC Black/While Listing | Yes (FortiGate) |
| Policy Control of Users and Devices | Yes (FortiGate) |
| UTM Features | |
| Firewall | Yes (FortiGate) |
| IPC, AV, Application Control, Botnet | Yes (FortiGate) |
| High Availability | |
| Support FortiLink FortiGate in HA Cluster | Yes |
| LAG support for FortiLink Connection | Yes |
| Active-Active Split LAG from FortiGate to FortiSwitches for Advanced Redundancy | Yes (with FS-2xx, 4xx, 5xx) |
| FORTISWITCH 2XXD, 4XXD, 5XXD SERIES | FORTISWITCH 2XXE, 4XXE SERIES | FORTISWITCH 1XXE SERIES | |
|---|---|---|---|
| Layer 2 | |||
| Jumbo Frames | Yes | Yes | Yes |
| Auto-negotiation for Port Speed and Duplex | Yes | Yes | Yes |
| IEEE 802.1D MAC Bridging/STP | Yes | Yes | Yes |
| IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) | Yes | Yes | Yes |
| IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) | Yes | Yes | Yes |
| STP Root Guard | Yes | Yes | Yes |
| STP BPDU Guard | Yes | Yes | Yes |
| Edge Port / Port Fast | Yes | Yes | Yes |
| IEEE 802.1Q VLAN Tagging | Yes | Yes | Yes |
| Private VLAN | Yes | Yes | No |
| IEEE 802.3ad Link Aggregation with LACP | Yes | Yes | Yes |
| Unicast/Multicast traffic balance over trunking port (dst-ip, dst-mac, src-dst-ip, src-dst-mac, src-ip, src-mac) | Yes | Yes | Yes |
| IEEE 802.1AX Link Aggregation | Yes | Yes | Yes |
| Spanning Tree Instances (MSTP/CST) | 15/1 | 15/1 | 15/1 |
| IEEE 802.3x Flow Control and Back-pressure | Yes | Yes | Yes |
| IEEE 802.3 10Base-T | Yes | Yes | Yes |
| IEEE 802.3u 100Base-TX | Yes | Yes | Yes |
| IEEE 802.3z 1000Base-SX/LX | Yes | Yes | Yes |
| IEEE 802.3ab 1000Base-T | Yes | Yes | Yes |
| IEEE 802.3ae 10 Gigabit Ethernet | 4xx and 5xx Family | N/A | N/A |
| IEEE 802.3bz Multi Gigabit Ethernet | No | Yes (M426E-FPOE) | No |
| IEEE 802.3 CSMA/CD Access Method and Physical Layer Specifications | Yes | Yes | Yes |
| Storm Control | Yes | Yes | Yes |
| MAC, IP, Ethertype-based VLANs | Yes | Yes | Yes |
| Virtual-Wire | Yes | Yes | No |
| Split Port (QSFP+ breakout to 4xSFP+) | FS-5xx Family | N/A | N/A |
| Time-Domain Reflectcometry (TDR) Support | Yes | Yes | No |
| Layer 3* | |||
| Static Routing (Hardware-based) | Yes | Yes | N/A |
| Routing Entries | 64 on FS-2xx, 4xx Family; 16K on FS-5xx Family | 64 | N/A |
| Host Entries | 4K on FS-2xx, 4xx Family; 24K on FS-5xx Family | 4K | N/A |
| Dynamic Routing Protocols** | OSPFv2, RIPv2, VRRP; BGP, ISIS on FS-5xx |
OSPFv2, RIPv2, VRRP | N/A |
| Multicast Protocols | PIM-SSM on FS-5xx | N/A | N/A |
| ECMP | FS-5xx Family | No | N/A |
| Bidirectional Forwarding Detection (BFD) | Yes | Yes | N/A |
| DHCP Relay | Yes | Yes | N/A |
| Services | |||
| IGMP Snooping | Yes | Yes | No |
| Security and Visibility | |||
| Port Mirroring | Yes | Yes | Yes |
| Admin Authentication Via RFC 2865 RADIUS | Yes | Yes | Yes |
| IEEE 802.1x authentication Port-based | Yes | Yes | Yes |
| IEEE 802.1x Authentication MAC-based | Yes | Yes | Yes |
| IEEE 802.1x Guest and Fallback VLAN | Yes | Yes | Yes |
| IEEE 802.1x MAC Access Bypass (MAB) | Yes | Yes | Yes |
| IEEE 802.1x Dynamic VLAN Assignment | Yes | Yes | Yes |
| Radius CoA (Change of Authority) | Yes | Yes | No |
| Radius Accounting | Yes | Yes | No |
| MAC-IP Binding | 5xx only | No | No |
| sFlow | Yes | Yes | No |
| ACL | 1K entries on FS-5xx Family; 512 on FS-1xx, 2xx, 4xx Families |
512 Entries | No |
| IEEE 802.1ab Link Layer Discovery Protocol (LLDP) | Yes | Yes | Yes |
| IEEE 802.1ab LLDP-MED | Yes | Yes | Yes |
| DHCP-Snooping | Yes | Yes | Yes |
| Dynamic ARP Inspection | Yes | Yes | No |
| Sticky MAC and MAC Limit | Yes (2xx, 4xx and 5xx) | Yes | Yes |
| High Availability | |||
| Multi-Chassis Link Aggregation (MCLAG) | Yes (2xx, 4xx and 5xx) | Yes | N/A |
| Quality of Service | |||
| IEEE 802.1p Based Priority Queuing | Yes (2xx, 4xx and 5xx) | Yes | No |
| IP TOS/DSCP Based Priority Queuing | Yes (2xx, 4xx and 5xx) | Yes | No |
| Management | |||
| IPv4 and IPv6 Management | Yes | Yes | Yes |
| Telnet / SSH | Yes | Yes | Yes |
| HTTP / HTTPS | Yes | Yes | Yes |
| SNMP v1/v2c/v3 | Yes | Yes | Yes |
| SNTP | Yes | Yes | Yes |
| Standard CLI and Web GUI Interface | Yes | Yes | Yes |
| Software download/upload: TFTP/FTP/GUI | Yes | Yes | Yes |
| Managed from FortiGate | Yes | Yes | Yes |
| Support for HTTP REST APIs for Configuration and Monitoring | Yes | Yes | Yes |
| Additional RFC and MIB Support | |||
| RFC 2571 Architecture for Describing SNMP | Yes | Yes | Yes |
| DHCP Client | Yes | Yes | Yes |
| RFC 854 Telnet Server | Yes | Yes | Yes |
| RFC 2865 RADIUS | Yes | Yes | Yes |
| RFC 1643 Ethernet-like Interface MIB | Yes | Yes | Yes |
| RFC 1213 MIB-II | Yes | Yes | Yes |
| RFC 1354 IP Forwarding Table MIB | Yes | Yes | Yes |
| RFC 2572 SNMP Message Processing and Dispatching | Yes | Yes | Yes |
| RFC 1573 SNMP MIB II | Yes | Yes | Yes |
| RFC 1157 SNMPv1/v2c | Yes | Yes | Yes |
| RFC 2030 SNTP | Yes | Yes | Yes |
* Supported on 2xx, 4xx and 5xx.
** Requires ‘Advanced Features’ License.
Specifications:
| FortiSwitch 424E-FIBER | |
|---|---|
| Hardware Specifications | |
| Total Network Interfaces | 24x GE SFP and 4x 10GE SFP+ ports Note: SFP+ ports are compatlble with 1 GE SFP |
| Dedicated Management 10/100/1000 Ports | 1 |
| RJ-45 Serial Console Port | 1 |
| Form Factor | 1 RU Rack Mount |
| Power over Ethernet (PoE) Ports | N/A |
| PoE Power Budget | N/A |
| Mean Time Between Failures | > 10 years |
| System Specifications | |
| Switching Capacity | 128 Gbps |
| Packets Per Second | 204 Mpps |
| MAC Address Storage | 32K |
| Network Latency | < 1µs |
| VLANs Supported | 4K |
| Link Aggregation Group Size | 8 |
| Total Link Aggregation Groups | Up to number of ports |
| Packet Buffers | 4 MB |
| DRAM | 1 GB DDR4 |
| FLASH | 256 MB |
| Dimensions | |
| Height x Width x Length (inches) | 1.73 x 10.12 x 17.3 |
| Height x Width x Length (mm) | 44 x 250 x 440 |
| Weight | 5.62 lbs (2.55 kg) |
| Environment | |
| Power Required | 100–240V AC, 50/60 Hz |
| Power Supply | AC built in |
| Redundant Power | Redundant AC |
| Power Consumption (Average / Maximum) | 36 W / 38 W |
| Heat Dissipation | 132.5 BTU/h |
| Operating Temperature | 32–113°F (0–45°C) |
| Storage Temperature | -4–158°F (-20–70°C) |
| Humidity | 5–95% non-condensing |
| Certification and Compliance | FCC, CE, RCM, VCCI, BSMI, UL, CB, RoHS2 |
| Warranty | Limited lifetime* warranty on all models |
Documentation:
Download the Fortinet FortiSwitch Secure Access Series Datasheet (PDF).
Pricing Notes:
- All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
- 24x7 FortiCare Contract
24x7 Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades - Prices are for one year of Premium RMA support. Usual discounts can be applied.
- Annual contracts only. No multi-year SKUs are available for these services.
- Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
- Pricing and product availability subject to change without notice.