Tag: fortinet

Exploring Fortinet’s FortiGate Models: Your Comprehensive Guide to FortiGate Firewalls

Fortinet's FortiGate Models

Exploring Fortinet's FortiGate Models:

Your Comprehensive Guide to FortiGate Firewalls

If you are in the market for a robust firewall that will shield your network infrastructure from cyber threats, Fortinet’s FortiGate Firewalls are a great option. Fortinet’s range of FortiGate models are tailored to meet your specific business needs and provide advanced security features, high performance and scalability. Let’s dive into the world of FortiGate models and discuss their key features and benefits, the differences between Fortinet firewall models, and what you need to know before choosing which model to purchase. 

Understanding FortiGate Firewalls

Fortinet FortiGate firewalls are the first line of defense of Fortinet’s comprehensive security platform. FortiGate models are Next-Generation Firewalls (NGFW) that are designed to protect networks of all sizes: home offices, small to medium sized businesses, enterprises and more. These devices combine essential security functions such as intrusion prevention, antivirus, web filtering, and application control into a single piece of equipment. 

Key Features of FortiGate Models

FortiGate Models come in several different sizes and are able to be custom configured, catering to the diverse needs of all kinds of networks. Here are some key features you can expect across the FortiGate product line:

  • High Performance: Fortigate firewalls deliver high throughput and low latency, ensuring network traffic is processed efficiently without compromising performance.
  • Advanced Threat Protection: FortiGate models come equipped with advanced threat detection and prevention capabilities. Some of these capabilities include sandboxing, botnet detection, and AI-driven threat intelligence.
  • Centralized Management: FortiGate firewalls can be centrally managed through Fortinet’s FortiManager platform, allowing administrators to to configure, monitor and analyze security policies all in one place.
  • Secure SD-WAN Integration: FortiGate models seamlessly incorporate security into SD-WAN deployments, establishing secure connectivity across distributed networks.
  • Scalability: Fortinet’s large selection of FortiGate models offers scalability to fit growing network demands without jeopardizing security or performance.

Things To Consider When Purchasing a FortiGate Firewall

There are several factors that can help determine which FortiGate model to buy. Listed below are some of the basic components to consider when choosing which firewall will best suit your needs. 

  1. Recommended User Counts – This might be the most important aspect when it comes to picking a firewall model. Whichever firewall you purchase must be able to support the number of users on your network. A user is defined as any desktop, laptop, printer, phone, tablet, or other internet-connected device operating on your business’s network. We recommend choosing a firewall with a larger user count than you need so your business has room to expand and can easily handle resource-heavy applications.

  2. Throughput Speeds – A firewall’s throughput speed is a measure of internet traffic volume that can pass through the firewall at any one time, based on the processing power of the hardware. Throughput is measured in Mbps (megabits per second) and Gbps (gigabits per second). Fortinet data sheets list a variety of throughput speed statistics for you to look through.

  3. SSL VPN Throughput – Secure Socket Layer (SSL) and Virtual Private Networks (VPN) refer to communication protocols that govern how information is encrypted and transmitted between a source and its destination. Using SSL VPN tunnels is the most secure means for remote workers, outposts, and branch offices to access resources from the primary database. 

  4. Site-to-Site VPN Tunnels – Site-to-Site VPN tunnels allow fixed-location Local Area Networks (LANs) to extend secure conduits to the main office intranet. FortiGate datasheets outline the maximum number of tunnels that a firewall can accept from remote LANs.

  5. Form Factor – The form factor refers to the size and shape of the firewall. Most firewalls will have either a desktop or rackmount form factor. A firewall with a desktop form factor implies that the firewall is compact enough to comfortably sit atop a desk, while a rackmount form factor means the appliance was designed to be secured in a standard server rack. If the firewall you need has a rackmount form factor, you can easily purchase the coordinating rackmount on our site.

  6. Wireless Support – Some businesses prefer wireless firewalls instead of firewalls that must be connected via Cat5E/Cat6 cabling. Although wired appliances are generally faster and more stable, wireless firewalls are still a good and viable option for organizations needing more flexibility and a faster deployment. FortiGate wireless firewalls, or FortiWiFi firewalls, are able to reach any location without the limitations of physical cables and require less equipment and planning.

List of Fortinet FortiGate Models / Series

Below is a list of all the FortiGate models Firewalls.com sells. You can click on each series to view all the product offerings, download data sheets, and compare the specs and features.

Popular FortiGate Models We Recommend

  1. FortiGate 40F: This model is our go to for customers that own small businesses or have home offices / smaller retail locations. The FortiGate 40F offers a compact form factor with robust security features, providing your small business with enterprise grade security.

    Download FG-40F Data Sheet

  2. FortiGate 200F: We recommend this model for mid-sized businesses or enterprises. The FortiGate 200F delivers high-performance security with advanced threat protection capabilities, making it perfect for distributed environments and regional offices.

    Download FG-200F Data Sheet

Licensing For Your FortiGate Firewall

Fortinet offers many security add-ons and upgrades to further secure your network. These licenses may be either a one-time upgrade or a recurring subscription. If you would like to save time and money, you can opt for a 3 or 5 year license that is bundled with your FortiGate firewall. Here are a few examples of additional licenses Fortinet offers for FortiGate Firewalls:

  • 24×7 FortiCare Contract – This subscription includes technical support 24×7, 365 days a year. It also includes advanced replacement service for hardware failures.
  • Advanced Threat Protection – This service enables Fortinet Security Fabric to use integrated detection of advanced threats for automated response & mitigation.
  • FortiCloud Management & Analysis – This subscription grants access to Fortinet’s Cloud Management platform for simplified deployment, setup and management of your devices.
  • FortiGuard Advanced Malware Protection – This license combines antivirus, mobile malware and FortiSandbox Cloud service
  • FortiGuard Web Filtering Service – Subscription-based managed web filtering solution that sorts billions of webpages & sites into categories to be allowed, restricted, or blocked.

Let Us Help Choose The Right FortiGate Model For You

You might be experiencing information overload after reading everything above, and that’s totally understandable! We have security experts that will walk you through choosing the best FortiGate Model for your business as well as deploying and managing your device if you need it. Firewalls.com’s in-house team of certified network engineers can help decipher which firewall you need as well as custom configure your firewall to optimize your network security. 
Learn more about Firewalls.com Configurations 

The Firewalls.com Managed Services team can also monitor, report and mitigate attacks on your network around the clock. This service is great for businesses that may not have enough IT staff to dedicate to managing your devices and network. 
Learn more about Managed Services

Still Not Sure About FortiGate Firewalls?

Let’s face it: cybersecurity is complicated. Firewalls.com encourages you to make an informed decision when purchasing any firewall because when the bad guys lose, we all win. Our account executives provide a low-pressure experience that’s heavy on product expertise and backed by decades of experience. Firewalls.com wants you to be 100% confident in your network security investment before any transactions begin.

Chat with our team about other security solutions

Wifi 6 Technology & The Best Access Points To Recommend

What Is Wifi 6

Wifi 6 refers to the latest generation of wireless technology, also known as 802.11ax. Another name for this new standard is High Efficiency Wifi. It replaces 802.11ac, which now goes by Wifi 5. Wireless access points and routers incorporating the technology are increasingly ubiquitous. And many new smartphones, tablets, laptops, and other connected devices are Wifi 6-certified to take full advantage of its performance capabilities.

Blog Banner General Buy Now Red-High-Quality

How Is Wifi 6 Different Than Wifi 5

Wifi 6 offers several advantages over Wifi 5 when it comes to speed, performance, and even security. First, speed – often referred to as throughput – can max out around 10 Gbps for a Wifi 6 device, compared to 7 Gbps for Wifi 5. While that’s an obvious upgrade, performance accounts for a significantly greater boost – some 400% in what’s called throughput per area.

What does that mean? It means more devices can connect in high-density areas with low to no latency. In other words, it’s real-world speed. Finally, security is better, too, as Wifi 6 supports WPA3 encryption standards, the most secure version of Wifi Protected Access protocol.

Why Upgrade to Wifi 6

While manufacturers seem to release new access points and routers constantly, an upgrade from a prior generation model to Wifi 6 is worth strong consideration. Wifi 6 supports more connected devices at greater speeds with better security than its predecessors. And the differences are significant. To recap:

  • Top speed more than a third better than the previous best
  • Throughput per area is 4 times better
  • And latency is 75% lower

These all represent major leaps in performance, and along with security improvements, make a strong argument for upgrading.

Which Brands Already Carry Wifi 6 Access Points

Several brands now offer Wifi 6 access points, with more on the way. Firewalls.com carries Wifi 6 access points from Fortinet, Aruba, Ruckus, and Cisco Meraki. Models range from small business/small office options to large enterprise and even stadiums and arenas. This generation of access points comes with indoor and outdoor options as well.

What Are The Recommended Wifi 6 Access Point Models

With the growing number of Wifi 6 access points now on the market, finding the right fit for a given scenario can be a challenge. So to meet that challenge and sift through the clutter, here are a few recommended Wifi 6 access points to suit varying business needs.

Blog Banner General Buy Now Red-High-Quality

For Easy Deployment

Aruba Instant On AP22

Aruba AP22

It doesn’t get much easier than instant, does it? The Aruba Instant On AP22 offers a quick way into the Wifi 6 world. As its name suggests, you can basically turn it on and have wireless ready to go. This is ideal for a small business with limited staff or small branch office scenario.

And while the ease of deployment is nice, the AP22 also comes packed full of features at an affordable price. It includes mounting hardware, simple management tools, and even built-in security features like firewalling and application control, with no need for external controllers.

Tech Specs

  • Deployment: Indoor
  • Performance: 2×2:2 MU-MIMO
  • Mesh Support: Smart Mesh Wi-Fi
  • Throughput: 1.774 Gbps
  • PoE: PoE 802.3af

For Network Integration

Fortinet FortiAP 231F

MR44

Chances are if you’re a small to mid-size business, you already have a firewall. Maybe you even have a switch and endpoint, too. And if those solutions happen to be from one of the top security vendors out there, Fortinet, then this FortiAP 231F is a good pick for your entrée into Wifi 6.

The FortiAP 231F places you firmly into the Fortinet Security Fabric, which allows all your Fortinet solutions to communicate seamlessly with one another with single-pane-of-glass management. As far as what this access point offers specifically, it includes built-in security and a third radio for beacon and location-scanning. It can also optionally be managed through the cloud and is more than capable outside the Fortinet ecosystem as well.

Tech Specs

  • Deployment: Indoor
  • Performance: 2×2:2 MU-MIMO
  • Mesh Support: Yes
  • Throughput: 1.2 Gbps
  • PoE: PoE+ 802.3at

Look to the Cloud

Cisco Meraki MR44

MR44

Cisco Meraki is pretty well-known as a pioneer in the cloud space, and you can be a pioneer both there and in Wifi 6 by choosing the MR44 access point. The MR44 comes with Meraki’s noted cloud management architecture, which eliminates the need for traditional wireless controllers. It also offers zero-touch deployment, easy visibility and control throughout the network, and seamless firmware updates.

The MR44 itself is an enterprise grade access point, so if your performance demands are a little higher, it’s a great fit. As with other APs noted in this piece, Meraki’s MR Series features built-in security, plus a dedicated extra radio. And if you’re already a Meraki customer for other solutions, it integrates especially nicely.

Tech Specs

  • Deployment: Indoor
  • Performance: 4×4:4 MU-MIMO
  • Mesh Support: Self-healing, Zero-configuration
  • Throughput: 3 Gbps
  • PoE: PoE+ 802.3af/at

Let’s Take It Outside

Ruckus T750

Our previous three access points were designed for indoor deployments, but this AP from Ruckus doesn’t care where you set it up. The T750 offers the performance of Wifi 6 with IP-67 durability to withstand rough conditions, indoors or outdoors. When it comes to deployment options, think stadiums, airports, convention centers, and the like. Each individual T750 can handle over 1,000 users at once.

Ruckus offers the T750 in the controller-less Unleashed model as well as the traditional ZoneFlex option. Both are easy to deploy and manage. And they boast other special features, like built-in IoT radios, BeamFlex antennas to optimize connectivity, and the security of the aforementioned WPA3.

Tech Specs

  • Deployment: Outdoor
  • Performance: 4×4:4 MU-MIMO
  • Mesh Support: SmartMesh
  • Throughput: 2.4 Gbps
  • PoE: PoE++ 802.3bt

So these are just a few examples to help you navigate the wonderful world of Wifi 6. But wait, there’s more! Browse all the Wifi 6 options Firewalls.com has to offer. And if you need to talk it through a bit more, chat with an expert on our site or call 866-645-2140.

3 Best Network Switches for Business 2020

3 Best Network Switches for Business 2020

The best network switches make life easier for an IT team. Though network security can be maddeningly complicated, network switches ease the complexity. By connecting multiple devices across your network, switches allow secure data sharing over multiple appliances and endpoints.

Powerful centralized management lets administrators deep dive into network issues, deploy unified policies, and manage hundreds of sites through a single dashboard. Network switches are a bridge between devices, using MAC addresses to forward data through layer 2. In sum, they play a vital role in modern Local Area Network (LAN) deployments.

Blog Banner General Buy Now Red-High-Quality

What is a Network Switch?

secure network switch integrates all the devices on your network, allowing for seamless sharing and data transfer between them. This can include everything from firewalls and wireless access points to VoIP phones, printers, servers, and more. Further, these devices can be monitored and controlled through a centralized management platform, allowing admins to quickly and easily shift resources across the network to safeguard productivity for business-critical applications and services.

SonicWall Sonic Switch

Network switches are integral parts of a complex network, providing a wired or virtual connection to desktop computers, IoT devices, and more. For starters, every switch includes a set number of Ethernet ports which support a varying number of connected devices. On top of that, you can “stack” switches in a series, allowing your business to scale up and connect larger numbers of devices and users to the LAN.

What to Look for in a Network Switch

Network switches can be complicated, but they are necessary for seamless end-to-end network security and performance. Before deciding which network switch is best for any business, consider a few questions:

  • How many users are operating on the network? This user count includes all Internet-connected devices
  • How will the switch receive power? Power-over-Ethernet options make certain switches more appealing for complex deployments
  • What is the business’ Internet speed and how much is used? Multi-gigabit switches will help in utilizing the full ISP speeds

For more considerations to take into account, check out Buying a Network Switch: 5 Things to Consider.

Top 3 Network Switches in 2020

 

Cisco Meraki MS Series

Key Features:

  • Superior network transparency with granular visibility at the app & hostname level
  • Zero-touch provisioning allows for rapid deployment across the network
  • Packet capture & other remote diagnostic tools help troubleshoot network errors

What Makes Cisco Meraki MS Series Switches One of the Best Network Switches in 2020?

Cisco Meraki MS Switches are purpose-built for intuitive management and ease-of-use. Cisco Meraki network switches do not require a Command-Line Interface to manage ports or change configurations. As a result, network administrators get access to a centralized management platform with granular visibility and control by just plugging it in. On top of that, a simple dashboard helps admins sort through information and  track events with a detailed change and event log.

Cisco Meraki switches allow “virtual stacking.” In other words, switch port configuration changes can be made on the dashboard without the need to install and deploy additional on-premise switches. Therefore, you can start on-prem, then build up into the cloud!

 

Fortinet FortiSwitch network switchs

Fortinet FortiSwitch

Key Features:

  • Centralized access management from FortiGate firewall interface
  • Stack up to 300 switches per FortiGate
  • Great for converged environments with VoIP, data, & wireless traffic on a single network

What Makes FortiSwitch One of the Best Network Switches in 2020?

FortiSwitch secure access network switches integrate into Fortinet’s wider Security Fabric. That is to say, it ties together all Fortinet-family products on your network into a real-time threat response system managed directly through a FortiGate firewall. As a result, the single-pane-of-glass dashboard provides control over users and devices regardless of how they’re connected to your network.

Fortinet network switches support wire-speed switching protocols in addition to Store & Forward mode. On top of that, the FortiSwitch appliance is ideal for a SD-Branch deployment, further enabling businesses of any size to enjoy the benefits of digital transformation.

 

Blog Banner General Buy Now Red-High-Quality

 

SonicWall Switch (SWS)

Key Features:

  • Easy-to-manage network segmentation & compliance auditing
  • Ability to roll out devices across the network quickly & securely
  • Prioritize network traffic for superb Quality of Service for business-critical apps

What Makes SonicWall Switch One of the Best Network Switches in 2020?

When paired with a firewall, SonicWall Switches deliver end-to-end security that simplifies management and network troubleshooting. This tightly-knit security posture eliminates blind spots and gaps. In turn, it helps network administrators locate and eliminate weak points in their security infrastructure.

SonicWall Switches are flexible, high-performance networking appliances that provide high port density and Power-over-Ethernet capabilities. Additionally, they offer multi-gigabit performance at prices affordable even for small businesses.

 

But wait, there’s more…

Looking for the best protection for your small business?

Give us a call at 866-957-2975 to find the perfect fit!

Shopping for email security, endpoint, wireless access, or ransomware protection? Then you should check these out, too:

3 Best Ransomware Protection Solutions 2020

3 Best Ransomware Protection Solutions for Business 2020

Once your network is infected, ransomware encrypts files on afflicted endpoints, making it impossible to read or open them. The best ransomware protection for small businesses proactively hunts down and eliminates even never-seen-before ransomware long before an employee ever gets a chance to fall for it. Here are a few key features you should seek when comparing the best ransomware protection services available in 2020:

  • Advanced email security
  • Cloud-based sandboxing
  • Behavior-based scanning
  • Regular threat intelligence updates

Want to avoid shelling out big bitcoin to get your small business’s data back under control? Get a ransomware security solution that does more than just look out for known ransomware signatures.

What is Ransomware Protection?

The best ransomware protection for businesses scans inbound and outbound traffic across your entire network, using artificial intelligence to monitor the behavior of files as they traverse and interact with other network resources. Ransomware protection solutions spot behavior that looks similar to malicious activity and further investigate it in nanoseconds. Faster than you can say mind palace, these solutions either allow or block file access based on that verdict.

What to Look for in a Ransomware Protection Service

The best ransomware protection systems include a cloud-based sandbox where suspicious files can be sent for disarmament or detonation. In other words, if your ransomware tool is even the least bit suspicious of a file, the system safely opens and inspects it without threatening your network health.

Additionally, the best ransomware services rely on artificial intelligence and machine learning to reach threat verdicts via behavior monitoring. This means that even if a strain of ransomware has never been seen by any other endpoint in the entire world, if it walks like ransomware, talks like ransomware, or displays any other tell-tale ransomware behavior, your ransomware protection should yank it aside for closer inspection. Traditional ransomware protection services fall back on known signatures that need to be constantly refreshed and can do nothing to stop zero-day threats.

Top 3 Ransomware Protection Services in 2020

 

SonicWall Ransomware Solutions 2020

SonicWall Capture Advanced Threat Protection (ATP)

Key Features:

  • Real-time threat intelligence updates with up-to-the-minute signatures
  • High security effectiveness & low false-positive rate against zero-days
  • Real-Time Deep Memory Inspection blocks mass-market malware

What Qualifies Capture ATP as one of the Best Ransomware Protection Services in 2020?

SonicWall Capture Advanced Threat Protection (available as an add-on for all SonicWall TZ or NSa firewalls) is a powerful cloud-based sandbox with malware-analysis that can detect evasive threats. Capture ATP blocks suspicious files at the gateway until a verdict is rendered.

SonicWall combines multi-layer sandboxing, Real-Time Deep Memory Inspection, full system emulation, virtualization techniques, and more to detect more threats than any single-engine sandbox available in 2020. On top of that, the low false-positive rate means it won’t block the legitimate files you need to do business.

 

Sophos Ransomware Solutions 2020

Sophos Intercept X Advanced with EDR

Key Features:

  • Highly-acclaimed malware detection engine driven by deep learning
  • Exploit prevention stops attackers from taking advantage of vulnerable software & apps
  • Root cause analysis visualizes where threats originate & how they move on the network

What Qualifies Sophos Intercept X Advanced with EDR as one of the Best Ransomware Protection Services in 2020?

Sophos Intercept X Advanced with Endpoint Detection & Response is a mouthful. But it’s also a comprehensive, defense-in-depth tool that combines advanced techniques to squash malware, ransomware, and zero days. Intercept X also uses behavioral analysis to stop boot-record attacks.

Plus, even if a system is already infected, CryptoGuard stops the encryption process and reverts (or rolls back) files back to their pre-infection state.

 

Fortinet Ransomware Solutions 2020

Fortinet FortiEDR & FortiSandbox

Key Features:

  • Integrates with all Fortinet Security Fabric components to protect digital attack surfaces
  • Provides actionable intelligence via automation to detect & respond to advanced threats
  • HUGE accolades from third-party testers such as NSS Labs, BPS, & ICSA Labs

What Qualifies FortiEDR with FortiSandbox as one of the Best Ransomware Protection Services in 2020?

Fortinet’s EDR & FortiSandbox establish a two-step sandboxing approach centered around artificial intelligence. These services first compare at-risk files against known and emerging malware with static analysis. Then, second stage analysis uncovers the full attack lifecycle by detonating the cyber payload in a virtual, quarantined environment.

Detail analysis maps any uncovered malware to Mitre ATT&CK framework with powerful investigation tools to help admins better visualize security events.

 

Look for the best ransomware protection for your small business?

Give us a call at 866-957-2975 to find the perfect fit!

Best Endpoint Security of 2020 for Small Businesses

Best Endpoint Security of 2020 for Your Small Business

Finding the best endpoint security for your network needs can be a challenge. There are dozens of options, all supporting a myriad of advanced security features and integrations that may be impossible to navigate unless you’re an expert. Each vendor offers a unique set of services with strengths and weaknesses that will ultimately determine whether your users stay safe or not. The best endpoint security may vary from organization to organization, but here are our top picks for the best endpoint security options available in 2020.

What is Endpoint Security?

Endpoint security, end user security, endpoint protection—while the name can be flexible, its necessity for a secure network is not. Endpoint security software protects small businesses & enterprises by guarding connected devices against malware and other advanced cyberattacks. Modern endpoint security integrates with appliances and applications you already use to provide edge protection as employees and guests access your network.

Encrypted malware, ransomware, and business email compromise can spell disaster for small businesses. That’s why the ability to monitor end user activity in real time – as well as make decisions to quarantine and isolate individual machines – can mean the difference between a small, contained incident and a catastrophic breach.

In 2020, endpoint security platforms now incorporate Endpoint Detection & Response capabilities powered by AI. Guided response, rich reporting, and root cause analysis are all top-shelf features that organizations should seek in a quality endpoint security service.

What does Endpoint Security include?

The best endpoint security goes beyond the basics. Traditionally, end user protection included passive endpoint scans combined with basic antivirus capabilities. However, in 2020, the best endpoint security blow the basics out of the water with multiple advanced security features:

  • Continuous monitoring of files, applications, & connected devices
  • Automated incident detection and isolation of infected machines
  • Web content filtering to safeguard productivity and network usage
  • Auto-provisioning based on user group, OS, location, or time of day
  • Intuitive regulatory compliance controls & reporting
  • Real-time threat intelligence updates from a pedigreed threat research team

The threat landscape is always evolving. That means your end user protection must stand up to threats never-before-seen by the network security ecosystem. The ability to recognize zero day exploits based on machine learning and behavioral analysis is essential for organizations to stay secure in 2020.

What is the Best Endpoint Protection of 2020?

Here are our top picks for the best Endpoint Protection for small businesses in 2020:

SonicWall Capture Client

Key Features:

  • Continuous behavioral monitoring creates complete profile of network activity
  • Layered defense of cloud intelligence, advanced static analysis, & dynamic protection
  • Integration with Capture Advanced Threat Protection cloud-based sandboxing
  • Ability to rollback targeted endpoints to a restored state even after infection
  • Malware protection engine powered by SentinelOne

SonicWall Capture Client Endpoint Protection

What makes SonicWall Capture Client unique?

SonicWall teams up with SentinelOne to deliver a heuristic endpoint protection suite with the unique capability to mirror Microsoft shadow copies for post-infection rollbacks. This eliminates the need for manual restoration after a ransomware attack and lets admins rest easy knowing they can always restore endpoints to their pre-infection state. In addition, round-the-clock behavioral monitoring eliminates the need for scheduled system scans. In short, this minimizes network resource hogging and safeguards user productivity.

 

Fortinet FortiClient

Key Features:

  • Integrates with all Fortinet Security Fabric components
  • Automated prevention of known & unknown threats through host-based security stack
  • Intelligent patch management & vulnerability shielding
  • SSL & IPSec VPN security provides reliable access to corporate networks
  • Detects elusive memory techniques used in exploits like buffer overflows

Fortinet FortiClient Enduser Protection

What makes Fortinet FortiClient unique?

Fortinet FortiClient end user protection services simplify remote user experience with built-in user provisioning, auto-connect, and an “always-up” VPN. FortiClient works perfectly in tandem with all Fortinet devices and services on your network through the Fortinet Security Fabric. According to NSS Labs 2019 Advanced Endpoint test, FortiClient blocked 100% of malware including extremely elusive threats.

 

Sophos Intercept X Advanced with EDR

Key Features:

  • Automatically detects, prioritizes, & investigates potential threats using AI
  • Leverages deep learning analysis to analyze malware in extreme detail
  • Out-of-the-box SQL queries categorized by use case
  • Live Response provides users command line access to endpoints & servers
  • Quickly search up to 90 days of current & historical on-disk data

Sophos Intercept X Advanced with EDR for Endpoint Protection

What makes Sophos Intercept X Advanced with EDR unique?

Sophos made a huge splash with the upgrade to its original Intercept X service. It sports big changes that included Endpoint Detection & Response (EDR) capabilities in addition to its already robust real-time, integrated endpoint platform. Intercept X Advanced combines powerful endpoint protection with endpoint detection driven by machine learning. This means most threats are squashed long before they can damage your network. Artificial intelligence assists with guided response. To save your small business even more, an important note: the objective of Sophos endpoint protection is to reduce the need for added IT employees by consolidating their roles into a single automated system.

 

Cisco Meraki Systems Manager

Key Features:

  • Native Network Integration shares intelligence across all Meraki components
  • Automatic WiFi settings securely connect managed wireless devices
  • Auto-provisioning of VPN settings based on Client VPN
  • Zero-touch deployment through a self-service web portal
  • Deploy policies & changes from the cloud across the entire network

Cisco Meraki Systems Managed Endpoint Protection

What makes Cisco Meraki Systems Manager unique?

Cisco Meraki’s endpoint management solution supports a variety of platforms and operating systems, making Systems Manager a flexible option for most any deployment. Systems Manager offers cloud-based endpoint management tools that easily scale up to meet growth needs. By providing admins the ability to manage distributed deployments from anywhere in the world, Systems Manager is an endpoint security solution built for a highly mobile, highly distributed world.

 

Look for the best endpoint protection for your small business?

Give us a call at 866-957-2975 to find the perfect fit!

 

What’s the Difference Between the FortiGate 80F & FortiGate 80E?

Fortinet’s latest models, the FortiGate 80F and 81F have just launched. With a SoC4 security processor, application-specific chips, and new WAN edge features, the 80F series is another entry in Fortinet’s steady upgrade from the excellent E Series to the faster, even more secure F Series firewalls. The FortiGate 80F follows in the footsteps of the FortiGate 40F, FortiGate 60F, & FortiGate 100F. So what exactly is the difference between FortiGate 80E UTM appliances and the FortiGate 80F next generation firewall?

The FortiGate 80F

 

FortiGate 80F Tech Specs – Datasheet

Firewall Throughput: 10 Gbps

IPS Throughput: 1.4 Gbps

NGFW Throughput: 1 Gbps

SSL VPN Throughput: 900 Mbps

Concurrent Sessions (TCP): 1,500,000

New Connections per Second: 45,000

Firewall Latency: 4 μs

Not sure what these numbers mean? Check out our post explaining firewall Tech Specs!

Blog Banner General Buy Now Red-High-Quality

FortiGate 80F Overview

The FortiGate 80F brands itself as a secure SD-WAN and security appliance. This focus on the WAN edge is growing more and more popular in the network security space as small businesses and enterprises alike step up to the challenges of digital transformation and remote work. SD-WAN provides secure, direct Internet access for the kinds of cloud-connected applications businesses now depend on like Dropbox, GitHub, Salesforce, Office 365, and more.

Fortinet’s security-driven networking approach focuses on seamless integration, simple deployment, and intuitive, feature-rich management. This is made possible by Fortinet’s SD-WAN Application-Specific Integrated Circuit (ASIC). The first-of-its-kind technology handles identification and steering for over 5,000 known cloud applications.

The FortiGate 80F joins its F-Series brethren as leaders of the SD-WAN race. For any organization looking to deploy applications, devices, or cloud environments across multiple branch locations, the WAN edge efficiency of these models should put them at the top of any shortlist.

 

The FortiGate 80E

FortiGate 80E Tech Specs – Datasheet

Firewall Throughput: 4 Gbps

IPS Throughput: 450 Mbps

NGFW Throughput: 360 Mbps

SSL VPN Throughput: 200 Mbps

Concurrent Sessions (TCP): 1,300,000

New Connections per Second: 30,000

Firewall Latency: 3 μs

Not sure what these numbers mean? How about another reminder about our post explaining firewall Tech Specs!

FortiGate 80E Overview

The FortiGate 80E is well-recognized in the industry as a powerhouse of network security, fit for most mid-sized businesses and larger branch offices. The FG-80E includes a SoC3 system-on-a-chip build that optimizes processing power and performance without sacrificing security. As part of the Fortinet Security Fabric, the FortiGate 80E integrates multiple layers of security across small business networks, letting systems communicate in real time to detect and stop advanced threats.

The FortiGate 80E is a Unified Threat Management (UTM) platform that delivers wired and wireless networking for networks up to roughly 50 users. This model also comes with variants that boast improved internal storage as well as Power-over-Ethernet capabilities. A USB port located on the rear of the appliance allows for 3G/4G compatibility that allows for additional WAN connectivity and redundancy.

Blog Banner General Buy Now Red-High-Quality

How much does the FortiGate 80F cost?

Pricing for FortiGate 80F starts with an MSRP of $1200 for the Appliance Only model (though Firewalls.com highly discourages buying “appliance only” products as a primary firewall). However, Requesting a Quote or connecting with a Firewalls.com account representative via Live Chat will immediately shave hundreds of dollars off your final price tag.

Compared to the FG-80E, the FortiGate 80F nets you four times the UTM throughput, extra space for site-to-site tunnels, and connection per second gains an order of magnitude greater than E Series counterparts. And don’t forget that whole purpose-build secure SD-WAN, too.

Visit our Fortinet FortiGate 80F/81F page to Request a Quote or Live Chat now.

What is the Fortinet Security Fabric?

The Fortinet Security Fabric: An Overview

Whether you own a Fortinet product or you’re just shopping around, the Fortinet Security Fabric is a term you’re probably seeing a lot of these days. But what is it? Just like actual fabric – many individual fibers weaved together – the Security Fabric is Fortinet’s vast security portfolio intertwined. In short, it’s an integrated solution allowing you to see, manage, and secure your network products in one place. In long? Let’s get into it.

Blog Banner General Buy Now Red-High-Quality

Fortinet Security Fabric

It Starts With the Firewall

Here at Firewalls.com, we often refer to a firewall as the cornerstone of any network setup. The Fortinet Security Fabric treats it that way as well. It’s the hub around which all the spokes of the wheel connect – forgive the mixed metaphors. In this case, with your FortiGate next generation firewall – aka NGFW – you can coordinate the behavior of other Fortinet (and partner) products. That means your FortiGate can run your security show with visibility into all corners of your network. And by the way, it can also function as a Secure SD-WAN powerhouse in case you’ve missed that news. It supports a variety of other security technologies all under the same FortiOS operating system, including:

  • Secure Wi-Fi and Switching Access
  • Network Access
  • The single-console Fabric Management Center
  • Open Fabric Ecosystems for partner integrations
  • Cloud Infrastructure
  • Business-Critical Applications
  • Security Operations for automated threat detection, prevention, & response
  • Endpoint Protection

What is the goal of the Fortinet secure access solution?

The Fortinet secure access solution as it’s sometimes termed, encompasses secure switching and wireless. The goal is network access that’s easy to manage for admins while at the same time high performing for users.

Access is a word that pops up a few times in this conversation – as both creating and controlling it is key for an optimized, secure network. The Security Fabric integrates with FortiAPs to provide and manage secure wireless access and FortiSwitches to do what switches do – essentially create a network. And speaking of access, with the Fortinet Security Fabric, you can implement a zero-trust network access policy throughout your network.

It starts with network access detection, continuous monitoring,  and control. Next, you can implement multi-factor authentication with a solution like FortiToken. Finally, ongoing visibility and access control of all your endpoints is a must – something you can accomplish with FortiClient. When implemented together, you’ll make it extremely difficult for hackers to gain access to your network – keeping your important data secure.

Blog Banner General Buy Now Red-High-Quality

How does the Security Fabric secure my network?

The Security Fabric is designed with network security as a priority. Fortinet refers to this as security driven networking. This begins with the FortiGate firewall as the front-line network protector. But it also includes the secure access solutions of the switch and wireless appliances, and dynamic cloud security to secure your cloud presence.

We’ve already discussed some of the role the FortiGate plays in the Security Fabric, but let’s expand a bit more. We already know the FortiGate is a firewall. But it also includes other critical security measures. These include a secure web gateway to help stop phishing attacks, SSL/TLS decryption to catch encrypted threats without slowing performance, and intent-based segmentation. And we can’t forget about the Secure SD-WAN component which extends this security outside the physical boundaries of the office to branch locations.

As for the cloud, the Security Fabric integrates a wide array of cloud-based security solutions. We know everyone has some type of cloud presence, so staying protected in that space is paramount. In addition to the FortiGate firewall, Fortinet offers FortiWeb web application firewalls. Email is also a major player in the cloud, and we know that email is a main entry point for malware. The good news is FortiMail is built to stop both traditional and advanced email threats.

Another note on all this security talk. The Fortinet Fabric Manager is your single console to manage all of the solutions mentioned above – and more. But the beauty is you won’t have to micromanage your security. Fortinet’s solutions heavily leverage artificial intelligence and automated security. FortiGuard AI incorporates real-time threat data gathered by FortiGuard Labs to ID and stop just about any online hazard you can think of. In essence, Fortinet Security Fabric solutions are constantly working behind the scenes to stop threats.

Who are Fortinet Security Fabric partners?

The list of Fortinet Security Fabric open fabric ecosystem partners is too numerous to include here. But these partners include heavyweights like Amazon Web Services, Google Cloud, Intel, Oracle, and Siemens to name just a few. The partners leverage the Security Fabric to offer end-to-end security solutions in partnership with Fortinet. It’s just one more way your network gets comprehensive coverage.

How do I get started with the Security Fabric?

We’ve touched on a number of aspects of the Security Fabric in this piece. But in the end, as in the beginning, it all comes back to the firewall. To get started on your Security Fabric journey, find the FortiGate firewall that’s right for your network.

 

What is FortiEDR: Real-time protection before and after infection

Introducing FortiEDR

Advanced endpoint protection is a must for any organization, and one of the most comprehensive solutions out there was built from the ground up for end to end security: FortiEDR. In case you missed it, EDR stands for Endpoint Detection and Response. But that only begins to describe the total protection you get with FortiEDR.

FortiEDR offers something far beyond first generation endpoint offerings: Real-Time Protection, pre- and post-incident. That means it’s proactively working 24/7/365 to stop infections before they start. And if you somehow get infected, it jumps all over the infection with heavy artillery to make your network whole again.

FortiEDR Discover-Predict Diagram

Pre-Infection

What does FortiEDR do to stop malware before it gets to your network? It proactively discovers any rogue endpoints and unsecure IoT (internet of things) devices – let’s face it there can be a lot. Meanwhile, it continuously scans for vulnerabilities and comes with risk-based policies that make it harder for attackers to get in. And if it finds vulnerabilities? You get virtual patches. It’l likely to catch even the wildest of wild malware with its machine learning antivirus engine and signature-less detection that can block threats before execution.

Post-Infection

If any threats do find their way through, FortiEDR is ready to stop them in – did I mention? – real-time. It automatically defuses potential threats with automated response and remediation. Defusing these threats post-infection means blocking outbound communication, and stopping data tampering, exfiltration, and even the dreaded ransomware encryption.

Any malware that’s made even the slightest dent in your network won’t have that satisfaction for long, as FortiEDR can rollback any changes its made. It’ll also remove any of those pesky bad files that try to stick around. And this remediation and rollback all occurs without interrupting your business.

With all that action taking place, you’ll want to have a play-by-play, so FortiEDR offers full visibility into attacks. That means forensic data, malware classification, a memory snapshot in case of fileless attacks, and more. Plus, admins can even customize incident response playbooks with optional MDR – or managed detection and response – service.

Integration

Another big plus for FortiEDR is its integration into the Fortinet Security Fabric. It works seamlessly with every other Fortinet protection platform, from FortiClient licenses to FortiGate firewalls to FortiSandbox sandboxing. They all speak the same language – allowing you to manage your network from a single-pane-of-glass.

How do I get FortiEDR?

FortiEDR licenses come in a variety of shapes and sizes. That means you have options. Choose your solution based on your number of users – aka assets – starting at 500, and the level of protection you desire. Offerings include Predict & Protect, Protect & Response, and Predict, Protect, & Response – which covers all we discussed here. FortiEDR’s cost depends on the combination you select. The cost to your business not to have this advanced endpoint detection and response in place when an attack comes around is immeasurable. Shop now to find the right option for you!

 

What is EDR? Automated endpoint detection & real-time response to threats

To continue our recent theme of decoding abbreviations, EDR means Endpoint Detection & Response, and that means that the age of AI is upgrading networks. This automated, real-time endpoint solution ensures that end users can work securely no matter where in the world they’re located in relation to a firewall.

With EDR, your network defenses constantly scan for the kinds of elusive malware, ransomware, and zero day threats that signature-based detection platforms miss. And in the event a security incident occurs, advanced Endpoint Detection & Response platforms such as Sophos Intercept X Advanced with EDR or FortiEDR stop attacks even if the endpoint is compromised. Guided response lets administrators easily walk through the steps of an attack to see its root cause and isolate infected machines.

EDR’s machine learning systems deter, detect, disarm, dissect, deescalate, and do away with any cyber threats you can throw its way.

Why EDR works for small businesses

Survey after survey several years running have revealed two facts: a majority of small businesses find it difficult to hire qualified IT talent–especially talent focused on network security–and their budgets often struggle to accommodate the talent they do find. Automated endpoint detection and response monitored by 24-hour machine learning intelligence adds just the kind of cybersecurity expertise that SMBs need without a higher employee headcount.

Just like modern grocery stores have self-checkout lines and autoworkers now benefit from the assistance of robotics, automation enables small businesses to do more with less to get the job done. Farm out malware expertise and incident response to the bots!

Sophos Intercept X Advanced with EDR

Intercept X Advanced has been a longstanding go-to for network admins looking to add advanced protection to their networks in a comprehensive, integrated system. Sophos Intercept X Advanced now also consolidates that industry-leading protection and EDR into a single solution. Intercept X’s advanced malware prevention significantly eases the workload on the EDR component, allowing you to utilize more of the speed and performance you pay your Internet Service Provider for.

  • Minimize staffing by automating IT tasks usually done by skilled experts
  • Prioritize potential threats & automatically detect security incidents
  • Provide visibility into attack scope, root cause, impact, & network health
  • Hunt for indicators of compromise that may leave your network vulnerable

 

Fortinet FortiEDR

FortiEDR will be made available to order on May 4th and is already boasting some big benefits and features. An EDR solution purpose-built to detect potential threats, FortiEDR stops breaches in real time, and mitigate the damage of ransomware even on machines that have already been compromised. FortiEDR also extends security to IOT devices with the ability to protect everything from PCs to servers to point-of-sale systems and more.

  • Creates very small network footprint thanks to native cloud infrastructure
  • Enjoy automated EPP with orchestrated response across platforms
  • Stop file-based malware with Fortinet’s kernel-level Next Gen AV engine
  • Eliminate dwell time & reduce post-breach expenses

 

SonicWall Capture Client

Automated endpoint detection and response is integrated into SonicWall’s Capture Client, bringing together EDR, advanced threat protection, and integrated network security. With unique ransomware rollback capabilities and intuitive attack visualizations, Capture Client offers a comprehensive endpoint protection and EDR environment for any SonicWall network.

SonicWallEDR

  • Next-generation SentinelOne malware protection engine
  • Advanced threat protection with sandbox integration
  • Behavior-based scanning powered by machine learning
  • Unique attack rollback capabilities using Volume Shadow Copy Service
  • Install & manage trusted TLS certificates to leverage DPI-SSL

 

Secure remote user credentials with multifactor authentication

Multifactor authentication secures employee credentials

Multifactor authentication – aka MFA – means the bad guys are S.O.L. even if they get your name and password. By requiring multifactor authentication for users on your network, you ensure that connection attempts provide two or more pieces of evidence before allowing a user access to any resources or applications.

Attackers are turning their attention to the vulnerabilities of remote access because working from home has become a requirement of doing business in 2020. With so many workers connecting remotely, hackers are focusing on phishing, social engineering, link spoofing, and business email compromise as ways to steal user credentials, access company resources, and exfiltrate sensitive data.

By adding multiple layers of authentication beyond the simple password (and let’s be honest, how many of your employees are really using long, complicated passwords?), you can safeguard against these vulnerabilities of human error. And with so many employees working from their home office out of the IT department’s direct line of sight, you’re going to want a few extra safeguards until we’re all back on premise.

FortiToken Mobile: One-Time Password Generator

Fortinet’s FortiToken Mobile is a one-time password generator application compatible with both Android and iOS devices. It supports both time-based and event-based password tokens, adding versatility to how users can be authenticated. The app instantly generates a single-use token right on the mobile device that users are carrying around in their pocket all day long. Even if attackers are able to steal your username and password, they’ll have to pay a visit in-person to steal your mobile phone too.

Fortinet FortiToken multifactor authentication

FortiToken Mobile is a great solution for small businesses that are looking to get started with multifactor authentication at a low price-point. SMBs can get started with licenses for as few as just five employees. Adding additional licensing is quick and easy, making the solution scalable with your needs. Plus, because FortiToken Mobile is sold as perpetual licenses, you only have to pay once. No annual renewals or subscriptions needed.

 

WatchGuard AuthPoint: Versatile cloud-based authentication

WatchGuard AuthPoint Mobile is designed to work the way your employees work. That means versatility, scalability, and ease-of-use are key. Network administrators can assign different kinds of authentication to specific users, groups, or applications.

WatchGuard AuthPoint multifactor authentication

Mobile Push Notification – AuthPoint’s mobile device option sends push notifications to a user’s phone after they attempt to log in with their username and password. By responding to this push notification, users let AuthPoint know whether to accept or deny the access attempt.

QR Code — AuthPoint supports a QR code version that works with mobile devices as well. After a user attempts to sign into a machine with name and password, a heavily-encrypted QR code is generated onscreen which can then be read by the AuthPoint app on their mobile device.

One-Time Password (OTP) — Like FortiToken, AuthPoint Mobile is able to generate unique one-time passwords that temporarily act as authentication credentials for the AuthPoint app.


 

Multifactor Authentication & VPNs

Many of us will be working from home for the foreseeable future and Firewalls.com has seen a mad dash of small businesses trying to stay connected through secure remote access, virtual private networks, and email security. Solutions like WatchGuard IPSec VPN Clients are a great way to keep remote users safely tethered to company resources and applications, but the human factor always leaves vulnerabilities. Most VPN services require only a username and password combination, making them ripe targets for credential theft and phishing attacks.

Compromised VPNs present a greater threat than any single application or endpoint being infected. Once an attacker is able to win a foothold in a remote access tunnel, they’ve got a direct pipeline right back into the heart of your network. When most of your network’s users are reaching out through dozens of VPN tunnels, multifactor authentication becomes a must-have security feature, not a convenient add-on.


 

FortiClient: Next gen endpoint protection & remote access

Advanced network security, simplified

Fortinet FortiClient is purpose-built to simplify advanced security capabilities, so even small business owners with limited IT staff or resources can roll out enterprise-grade networking. Looking to keep remote worker endpoints sanitary? FortiClient unifies all the endpoint features you expect out of a premium end user platform including secure remote access, sandboxing, and behavior-based scanning for ransomware and encrypted malware.

Fortinet brings it together with seamless Security Fabric Integration, ensuring that all of the Fortinet security fabric components such as FortiGate Firewalls, FortiAnalyzer, wireless APs, and managed switches share a unified view of every endpoint. Automated advanced threat prevention through the use of FortiSandbox catches both known and never-seen-before threats. This integrated framework is centrally managed on the single-pane-of-glass dashboard offered through a FortiGate next generation firewall. This is fast to set up, too! You’re one FortiClient download away from securing all of your endpoints, on-premise or remote. Activation codes are typically delivered next business day.

Remote access with auto-connecting FortiClient VPN

With companies rushing to get remote workers set up on secure remote connections, many small business owners are turning to FortiClient VPN which takes advantage of both SSL VPN and IPSec VPN to provide secure remote access over the fastest and most stable protocol available. This means almost any Internet-connected location can offer secure access to company applications and resources, regardless of the details of its environment. FortiClient automatically connects endpoints to VPNs and maintains an always-up connection, so remote workers require little to no training on how to connect to a VPN from home – or anywhere else.

FortiClient increases visibility & control over endpoints

FortiClient provides end-to-end visibility into all of the endpoints on a network, allowing administrators to view endpoint health at a glance. By integrating endpoints into the Fortinet Security Fabric, the endpoint protection systems, firewall, and security services on the network communicate in real-time to ensure system compromises never go unnoticed. This translates into early detection for network administrators in case of an attack, allowing IT teams to respond quickly.

The FortiOS 6.0 operating system enables endpoint telemetry intelligence, which accurately identifies Indicators of Compromise. Fortinet determines what constitutes an Indicator of Compromise by checking real-time web filter logs on each endpoint against a threat database groomed by FortiGuard Labs. If a potential match is flagged, Fortinet assigns a threat score to that endpoint, measuring overall end user health and reporting this data back to a centrally-managed dashboard through the FortiGate firewall. Plus, network administrators love the automated response capabilities that FortiClient’s telemetry allows, letting them quarantine suspicious endpoints on the fly.

Stop advanced threats like ransomware

FortiGuard Labs provides up-to-the-second threat protection based on real-world data collected from security sensors around the globe. FortiSandbox harnesses this threat intelligence for behavioral scans of all files & applications present on FortiClient endpoints. That means even if threats are hidden in encrypted data packets, FortiClient will root them out and send them to quarantine before any payloads can detonate. Email-borne threats–especially dangerous to remote workers–are blunted thanks to these real-time scans and shared intelligence.

Advanced Threat Protection with FortiClient next generation endpoint

Don’t believe us that FortiClient is a next generation endpoint service? Industry validation titans such as NSS Labs and Gartner consistently stand behind this solution, providing top marks for FortiClient in annual benchmarking tests. In the NSS Labs 2019 Advanced Endpoint Test, Fortinet’s FortiClient blocked 100% of malware thrown at it. See how to get FortiClient for your business.


 

Fortinet Cyber Threat Assessment for SD-WAN, FortiGate, & FortiMail

The Cyber Threat Assessment Program

There are exactly two ways to test your network’s security against cyber threats: run validation testing to assess precisely how your network performs or wait for the real thing to happen and draw conclusions while you’re picking up the pieces in the aftermath. While trial-by-fire is certainly a conclusive way to assess your network security, Firewalls.com strongly recommends the former option. Fortinet’s Cyber Threat Assessment Program is a convenient and non-intrusive process that lets you see where your network stands without interrupting day-to-day operations.

The assessment is free of charge, requires little to no legwork on your part, and yields results in just over a week. Check out the infographic below to see how it works, or listen to our recent podcast episode where we discuss Cyber Threat Assessments with Fortinet’s Ben Bolen.

See How Fortinet’s Secure SD-WAN Can Save You Time & Money

Been curious about SD-WAN? The very same process described in the infographic above can be used for an SD-WAN assessment as well! Fortinet’s Secure SD-WAN allows for high-speed application performance at the WAN edge, intelligently determining the ideal routes for MPLS, 3G/4G, or broadband traffic. Since traditional WAN architectures are not equipped to accommodate the high-demand workloads modern organizations who may be using applications spanning multiple cloud environments. Now you’re one FREE assessment away from seeing exactly how Secure SD-WAN can transform your network.

 

What Information Is Included In CTAP Report?

The Fortinet Cyber Threat Assessment focuses on three key areas: Security, User Productivity, & Network Utilization.

  • Security: Details network vulnerabilities and helps to identify which devices and applications are at an elevated risk so that they can be properly secured. In this section of the report you’ll get to see which vulnerabilities and threats were observed bypassing your existing security solutions.
  • User Productivity: Provides extensive visibility into peer-to-peer, messaging, and other application usage to see how users are using your network in their daily work. In this section you’ll see how spam, newsletters, and other cyber nuisances impact how your users navigate the network.
  • Utilization: Provides real-world numbers about throughput and bandwidth usage during peak traffic. In this section, you’ll get to see when your network resources are needed most and where waste can be eliminated.

No Risk, No Extra Work, No Commitments

The infographic above outlines the basic process for receiving, setting up, and reviewing your results. At no point in the process are you required to make any purchases, change any settings, or meet any deadlines. Fortinet’s Cyber Threat Assessment is a risk-free program that requires no more extra work than plugging in a cord. If at any point you decide you want to end the test, pull the cord back out! That’s it. No money changes hands, no contracts are signed, and no network settings are changed. If you want to dump your final assessment in the trash, no problem. The report is yours to use as you see fit.

Ready For Your Free Assessment?

Getting your Cyber Threat Assessment is as easy as filling out a form on our Fortinet Cyber Threat Assessment Program page. Leave us your contact info and Firewalls.com will work behind the scenes to get a test set up for you. We work closely with Fortinet to make sure the test requires as little effort on your part is possible.

 

FortiGate 40F – Secure SD-WAN for the Small Business

FortiGate 40F – Secure SD-WAN for the Small Business

Compact. Fanless. Affordable. Secure. The new FortiGate 40F from Fortinet hits all the marks when it comes to arming small businesses and branch offices with the fast, secure access necessary in 2020. Fortinet is an industry standout in the SD-WAN arena thanks to their innovative SoC4 SD-WAN ASIC processor. You may recognize this mighty, mini-sized processor from Fortinet’s other recent additions: the FortiGate 100F & FortiGate 60F. Fortinet’s best-of-breed SD-WAN allows for intelligent application steering, scalable VPN capabilities, and other advanced networking capabilities.

Blog Banner General Buy Now Red-High-Quality

The best part? While boasting all of the SD-WAN capabilities of its larger cousins, the tiny FortiGate 40F also reaches maximum throughput speeds up to 5.0 Gbps. For an appliance built with small offices in mind, those speeds are insane!

Learn more in our 40F feature review video:

FortiGate 40F Spec Snapshot

FortiGate 40F with Secure SD-WAN

Fortinet FortiGate 40F

Max Firewall Throughput: 5.0 Gbps

Threat Protection Throughput: 600 Mbps

Network Interface Ports: Multiple GE RJ45

Maximum Connections (TCP): 700,000

New Connections/Second (TCP): 35,000

Maximum Supported Wireless Access Points: 10/5 (Total/Tunnel Mode)

Hardware-Only MSRP: $495

 

“Do-It-Yourself” SD-WAN Deployments

Fortinet makes life for small business owners easy. All FortiGate Secure SD-WAN appliances are easily managed through Fortinet’s Security Fabric in the Fabric Management Center. Paired with zero touch deployment, the FG-40F is user friendly even for businesses with limited IT staff, letting you skip a burdensome manual configuration.

Blog Banner General Buy Now Red-High-Quality

Looking for More Small Business Solutions from Fortinet?

Our website is now bursting with Fortinet network security options for you to shop!

Shop FortiGate Firewalls if you’re looking for enterprise-grade protection at SMB prices.

Extend fast, secure WiFi with Fortinet’s FortiAP access points with integrated WLAN controllers.

Future-proof your setup with secure, scalable FortiSwitch Network Switches.

Or browse all of our Fortinet products to find the perfect solution for your unique network needs.

What are the Differences Between the FortiGate 60F and FortiGate 60E?

The FortiGate 60F arrived just last month and the network security community is already abuzz with praise for this high-tech security appliance. With its SoC4 security processor, application-specific chip set, and WAN edge capabilities, there’s a lot to get excited for. However, because firewall manufacturers tend to design and launch firewalls in successive series, there can be a bit of confusion when it comes to understanding the key differences between the FortiGate 60F and it’s predecessor, the FortiGate 60E. While the FG-60E is still one of the fastest and most secure (and most popular) firewalls in the industry, let us take a closer look at what new potential the FG-60F has in store.

 

FortiGate 60E Tech Specs at a Glance

Firewall Throughput: 3 Gbps

IPS Throughput: 400 Mbps

NGFW Throughput: 250 Mbps

SSL VPN Throughput: 150 Mbps

Concurrent Sessions (TCP): 1,300,000

New Connections per Second: 30,000

Firewall Latency: 3 μs

Blog Banner General Buy Now Red-High-Quality

FortiGate 60E Overview

The FortiGate 60E is one of the most secure Next Generation Firewalls ever designed, propelled by tons of industry awards and accolades. In fact, the FortiGate 60 series is the #1 selling firewall in the world with over 1.5 million units sold globally. Originally hitting the market in 2016, the FortiGate 60E includes a SoC3 (System-on-a-Chip) architecture that further accelerates networking performance well past the potential of previous generations. The FortiGate 60E was among the first Fortinet firewalls to be integrated into the then-emerging Fortinet Security Fabric infrastructure.

The FortiGate 60E is a Unified Threat Management (UTM) platform that delivers integrate wired and wireless networking for medium-sized organizations. This model includes built-in dual-band, dual-stream wireless with integrated internal antennas providing fast 802.11ac wireless. Further, a USB port located on the rear of the appliance allows for compatibility with 3G or 4G USB modems for additional WAN connectivity.

Though this Next Generation Firewall is a few years old, it continues to stand at the front of the pack when compared to its competitors. For any small business not particularly concerned with SD-WAN considerations, the FortiGate 60E still makes for an excellent option as a primary network firewall.

 

FortiGate 60F Tech Specs at a Glance

Firewall Throughput: 10 Gbps

IPS Throughput: 1.4 Gbps

NGFW Throughput: 1 Gbps

SSL VPN Throughput: 900 Mbps

Concurrent Sessions (TCP): 700,000

New Connections per Second: 35,000

Firewall Latency: 4 μs

Blog Banner General Buy Now Red-High-Quality

FortiGate 60F Overview

The FortiGate 60F is a high-performance SD-WAN solution in a compact fanless form factor. Designed for branch offices, remote outposts, and mid-sized businesses, the FG-60F simplifies remote access issues and helps organizations reduce long-term expenses by phasing out expensive MPLS connections. SD-WAN provides secure, direct Internet access for the kinds of cloud-connected applications that businesses now depend on like Dropbox, GitHub, Salesforce, Office 365, and more.

This security-focused WAN edge networking is made possible by Fortinet’s SD-WAN Application-Specific Integrated Circuit (ASIC). The first-of-its-kind SOC4 – first introduced in the more port-heavy, rack-mountable FortiGate 100F – delivers blazing fast application identification and steering for over 5,000 known cloud applications. Fortinet’s advanced routing capabilities mean that modern connected businesses achieve superb user experience without worrying about performance loss.

The FortiGate 60F joins its F-Series big brother the 100F as kings of the growing SD-WAN arms race and the industry’s news face of digital transformation. For any organization looking to deploy applications, devices, or cloud environments across multiple branch locations, the WAN edge efficiency of these models are just too great put them at the top of the shortlist.

Take a deeper dive into the FortiGate 60F with our video review on Youtube!

Try SD-WAN Yourself, For Free

Curious what all the hubbub about SD-WAN is about? Fortinet’s Cyber Threat Assessment Program allows you to test these new technologies in a real-world setting: your network! Get your hands on a free SD-WAN test drive and see how much time, money, and productivity your network is leaving on the table. Sign up for a free Cyber Threat Assessment today.

Reviewing Fortinet’s Desktop Secure SD-WAN device, the FortiGate 60F

FortiGate 60F – Secure SD-WAN in a Desktop

It was just a few short months ago that Fortinet introduced its new SoC4 SD-WAN ASIC processor, powering the first-of-its-kind Secure SD-WAN appliance, the FortiGate 100F. While the 100F is notable for its lightning-quick firewall performance and excellent connectivity, smaller organizations may not need a device to pack quite that much punch. Enter the Fortinet FortiGate 60F, which still offers quite a kick in providing Secure SD-WAN for small to mid-size business and branch office deployments. It boasts the same SD-WAN ASIC processor, purpose-built for security and SD-WAN in one device – and still excellent performance, at more than 15 times industry average throughput. But the FortiGate 60F does all this in a 1.9 pound, fanless desktop form factor, so you won’t need a rack mount setup to use it. Come along with us on a video feature review of the newest FortiGate to combine top-notch security and SD-WAN all-in-one. Introducing the Fortinet FortiGate 60F:

FortiGate 60F Spec Snapshot

Fortinet FortiGate 60F

Max Firewall Throughput: 10 Gbps

Threat Prevention Throughput: 700 Mbps

Network Interface Ports: 10 x 1GbE, 1 USB, 1 Console

Maximum Connections: 700,000

Maximum Connections (DPI SSL): 55,000

Maximum Supported Wireless Access Points: 30/10 (Total/Tunnel Mode)

Hardware-Only MSRP: $695

Shop the FORTIGate FG-60F

Need…More…Videos

If this video piqued your interest but you’d like to see a few other firewall models, you’re in luck! We’ve also done feature review videos for the FortiGate 100F and FortiGate 50E among Fortinet firewalls. And we haven’t forgotten other brands, with the Sophos XG 125 and new in 2019 XG 86 & 106, the SonicWall NSa 2650, the new in 2019 SOHO 250 & TZ 350, and the WatchGuard Firebox T35 and T55. Once you’ve binged the full review playlist, read through our firewall buyer’s guide series to go into even another layer of depth.

The Fortinet Buyer’s Guide

Speaking of our Buyer’s Guide series, we take a deeper dive into Fortinet’s firewall portfolio as well as the security services it offers in our Fortinet Buyer’s Guide.

 

5 Fortinet FortiGuard Security Services That Stop Advanced Threats

The cyber threat landscape is growing faster, more elusive, and more complicated every day. Small businesses and enterprises alike struggle with real headaches regarding the dizzying amount of security services, solutions, add-ons, and subscriptions they patch together to achieve comprehensive protection.

The need to bundle a suite of robust security services into a uniform and unified security platform is greater than ever. Fortinet offers a long list of advanced security services that work together in unison to form the Fortinet Security Fabric, taking some pressure off organizations tired of building network security Frankensteins out of disparate pieces.

Below, we’ll go over some of Fortinet’s most advanced FortiGuard malware & zero-day squashing services and outline exactly how easy it is to make them all work together as a single, well-oiled machine.

1 – FortiGuard Application Control

With so many organizations relying on third-party applications for critical business functions, being able to easily assign rules to police them is crucial. Fortinet’s FortiGuard Application Control Service lets network administrators quickly allow, deny, or restrict applications on the fly. FortiGuard Application Control allows for fine-tuning of custom policies based on application categories and grants control over thousands of the Internet’s most common applications. Optimizing bandwidth to individual applications means prioritizing traffic to the apps that a business relies on while de-prioritizing less important ones. Security is further enhanced with the ability to completely block access to known risky applications.

Traditional firewalls are often only able to identify ports, IP addresses, and protocols, leaving much to be desired when it comes to visibility. Visibility into application usage through Application Control allows decision makers to see which apps are being used most often, how usage trends over time, and usage statistics at a glance through convenient reports. Best of all, this visibility takes place in real time.

2 – Content Disarm & Reconstruction

Fortinet’s Content Disarm & Reconstruction (CDR) is a personal bomb squad on your firewall. With advanced threats such as malware cocktails and zero-day exploits constantly evolving to find new vulnerabilities, you can never be too safe when opening files. Data is sanitized by CDR, making signature-based and reputation-based scanning a thing of the past. All active content in an incoming file is treated like a threat and removed, leaving you with a flat file bereft of any data elements that do no match up with firewall policies. The potential of any malicious content in a file is stripped out and tossed aside, and on the other side, users receive a clean, trusted version. CDR prevents cyber threats through some of hackers’ most common routes: email, web browsers, file servers, FTP, webmail, and more.

3 – FortiSandbox Cloud

Most cybersecurity vendors are now sporting their own sandbox appliances and services, but Fortinet’s FortiSandbox Cloud makes life easy for small businesses looking to avoid complex deployments. FortiSandbox is a cloud-based option that gets to work straight out of the “box” and integrates with a wide range of your Fortinet products like FortiGate, FortiMail, FortiWeb, and FortiClient. Extending protection to these areas is as easy as a single click.

Unknown threats are no longer able to sneak past the usual security controls provided by an NGFW. Instead, suspicious code is observed in a simulated environment and receives a security verdict depending on behavior before passing onto your network. Unlike other resource-hungry sandbox options on the market, Fortinet speeds up advanced threat detection by employing prefilters, real-time threat intelligence, and integration with the Fortinet Security Fabric to minimize volume of scanning.

4 – Intrusion Prevention Service

Data breaches are becoming more and more common and criminals are aiming for increasingly larger targets–for example, the entire population of Ecuador. With much of the business world under constant barrage, the ability to defend the network perimeter and the divisions between network segments is more important than ever. FortiGuard Intrusion Prevention Service (IPS) protects against network intrusions by detecting and blocking threats before they can reach devices. With multiple inspection engines, FortiGuard IPS also has minimal impact on performance speeds.

Real-time threat intelligence from FortiGuard Labs is automatically streamed to your NGFW, providing it with up-to-the-minute data on emerging threats observed all around the globe. Fortinet’s threat intelligence research team creates over a thousand new rules for intrusion prevention every week.

5 – Virus Outbreak Protection Service

FortiGuard Virus Outbreak Protection adds new layers of protection to existing FortiGuard AntiVirus capabilities by subsidizing threat intelligence with third-party malware signature blocks, curated by FortiGuard. Protection against unknown threats and zero days requires quick reactions from your network. Virus Outbreak Protection stops virus outbreaks even if signatures are not yet available from FortiGuard and prevents outbreaks until new signatures become available. This is accomplished by using checksums to filter files, effectively using hash values from third-party sources to determine probable virus files. This collaborative approach puts the intelligence of multiple antivirus services behind your security.

What’s the Easiest Way to Get Them All?

If you’re looking to add these robust services to your security posture, you’re in luck: all five services are included in both Fortinet’s UTM Bundles and Enterprise Bundles. FortiGuard bundles combine all of the foundational security services that you expect with a standard unified threat management system, then bolster them to new heights with fortified zero-day protection, sandboxing capabilities, mobile protection, and more. FortiGuard Bundles consolidate all of Fortinet’s advanced product offerings into one affordable price-point, making it a one-stop solution for businesses of all sizes.

Shop Fortinet Products

Network Switches: A Video Buyer’s Guide

A Network Switch Shopper’s Companion

Shopping in the business networking space can be a daunting task, with a variety of devices to buy, features available, performance metrics used, and brands to choose from. Network switches are no exception, with common questions including:

  • What is a network switch?
  • Why would I need one?
  • How do I pick the right one for my network?
  • What is the meaning of life? (that’s probably a question for another post)

A few months back we gave you 5 things to consider when buying a network switch. Now, we’re offering a video to take another deep dive into the world of network switches. In our new video buyer’s guide, we go over answers to some of these common questions and give you a primer on the switch-related offerings of a couple of top brands: Fortinet and Ruckus. We also spotlight the switch configuration and management services offered by our in-house network experts. Give it a quick watch here to learn more about network switches:

Ready to Shop?

Now that you’re armed with the most powerful weapon of all – information – check out our selection of network switches. To make shopping on our website easy, you can filter your selections by brand, number of ports, speed, managed vs. unmanaged, and of course price.

FIND MY SWITCH

Still have questions about network switches? Give us a call and you’ll be talking to an expert who can walk you through the process of optimizing your network’s performance and security.

866.403.5305

Chipping In: Spotlighting Fortinet’s SD-WAN ASIC

The Chip’s on the Table

We recently introduced you to Fortinet’s latest FortiGate firewall, the FG-100F. One of the appliance’s key selling points is its unprecedented ability to handle SD-WAN and network security all-in-one. To make a first-of-its-kind all-in-one requires going all-in, putting your chips on the table. In this case though, it’s just one chip that takes the whole pot.

Fortinet’s new SoC4 (SoC = system on a chip) is a result of the network security leader’s lengthy background developing application-specific integrated circuits (or ASICs). The SoC4 is a purpose-built SD-WAN ASIC, a silicon chip that allows one appliance to provide top-notch SD-WAN (software-defined wide area networking), advanced routing, and Fortinet’s industry leading security, all without sacrificing performance.

Performance, You Say?

In fact, that performance is what sets the SD-WAN ASIC apart. You’ll get lightning-quick application identification and application steering for more than 5,000 applications, enabling digital transformation at the WAN edge (which is where an organization connects to external networks). Unlike having to wait too long for a fellow poker player to make a move, your users will avoid delays accessing their applications. You’ll see accelerated overlay performance with low latency – and your users will appreciate it. Fortinet takes a deeper dive into its new chip on this video:

 

 

SD-WAN Is Here to Stay

Why does all this matter? No bluff: SD-WAN’s prevalence continues to increase, as it allows organizations to connect hubs with branch offices via the internet rather than more expensive dedicated connections like MPLS. It also beats MPLS at failover, as it seamlessly moves on to the next point if one fails (no need to wait on the dealer). With SD-WAN, you can ensure your network is performing at its best by routing traffic on the most efficient path. And you can manage SD-WAN on premises or through the cloud. With Fortinet’s SD-WAN ASIC-powered solution, you can do all this without worrying about security (a top concern of network professionals when it comes to WAN).

Where Do I Start?

Need a little more information before playing your SD-WAN hand? Watch our feature review of the FortiGate 100F to learn more about its SD-WAN and security capabilities thanks to the power of Fortinet’s SD-WAN ASIC. Then, browse our site to find the firewall subscription bundle that’s right for you.

Shop the FORTIGate 100F

 

Review the Features, Specs, & Benefits of the FortiGate-50E for Small Business

What do Firewalls.com Next-Gen Firewall reviews cover?

If you’ve checked out the Firewalls.com YouTube Channel, then you already know that our video library is a convenient hub for product information, how-to videos and configuration tutorials, feature reviews, & more. We’re going to keep offering the most in-depth educational videos around the web because we believe customers should make the most informed decision possible when shopping for a next-generation firewall solution.

Why choose Fortinet for your small business?

Fortinet FortiGate firewalls are making a huge splash in the SMB market with small business firewall solutions that tackle budget constraints. Quick, simple installations, comprehensive security service suites, and intuitive management makes it so even small businesses with little to no IT support are able to effectively secure their network. As a now 9 time Gartner leader for Unified Threat Management, FortiGate firewalls for small business have proven themselves a consistent winner as SMB multifunction firewalls. Low total cost of ownership, partnered with super smart security services make the FortiGate-30E, FortiGate-50E, and FortiGate-60E ideal and budget-friendly options for any small office setting.

FortiGate-50E Spec Snapshot

Want a quick rundown of the FortiGate-50E’s technical specifications before you jump into the video?

Here’s a quick snapshot of what this Fortinet small business firewall is capable of:

Fortinet FortiGate-50E

Max Firewall Throughput: 2.5 Gbps

Full Unified Threat Management Throughput: 160 Mbps

Available Interface Ports: USB Port; Console RJ45; 2x GE RJ45 WAN Ports; 5x GE RJ45 Switch Ports

Maximum Supported Wireless Access Points: 10 Total, 5 in Tunnel Mode

VPN SSL Tunnels Supported: 80 Recommended

Hardware-Only MSRP: $550.00

Firewalls.com Price: $394.24

See the full FortiGate/FortiWifi 50E Series Datasheet

Check out our review of the SonicWall NSa 2650

If you’re looking for more videos to compare your options, we’ve got no shortage of resources and guides to lend a hand! Whether it’s our firewall buyer’s guide series or convenient comparison tables, Firewalls.com provides the info you need make the wisest network security investment possible.

Check out our feature overview video for the SonicWall NSa 2650 to see how they stack up!

Looking for more info about FortiGate firewalls?

Take the guesswork out of your Fortinet purchase by learning about different Fortinet series, security bundles, services, & more. A quick download of our Fortinet Buyer’s Guide for 2021 can arm you with the confidence to find your security bliss.

Get the Fortinet Buyer’s Guide