FortiGate® 1000D

Model: FortiGate® 1000D

The FortiGate 1000D series delivers high performance next generation firewall (NGFW) capabilities for large enterprises and service providers.


The FortiGate 1000D series delivers high performance next generation firewall (NGFW) capabilities for large enterprises and service providers. With multiple high-speed interfaces, high-port density, and high-throughput, ideal deployments are at the enterprise edge, hybrid data center core, and across internal segments. Leverage industry-leading IPS, SSL inspection, and advanced threat protection to optimize your network’s performance. Fortinet’s Security-Driven Networking approach provides tight integration of the network to the new generation of security

Overview:

Enterprises require a high-speed, high-capacity firewall to stay ahead of ever-increasing network performance requirements as well as continued evolution of the threat landscape, at datacenter and campus locations.

Eliminate Security Bottlenecks
With 52 Gbps of firewall throughput and low latency, the FortiGate 1000D represents an excellent entry model for small data centers and delivers a high performance, high capacity data center firewall. IPv6 parity, 10 GE ports and dramatic increases in VPN performance enable you to keep pace with your evolving network.

Deeper Visibility
At the same time, 8 Gbps of next generation threat prevention performance allows you to run top rated intrusion prevention, application control and antimalware capabilities for deeper inspection of content, applications, user and device activity. Rich console views and reports together with a flexible policy engine provide the visibility and control to empower employees yet secure your enterprise.

Breakthrough Performance
This breakthrough performance — including 10x data center and 5x next generation performance — is made possible by custom hardware, including the latest FortiASIC™ NP6 and CP8 processors, as well as the consolidated security features of the FortiOS network security platform.

High Performance, Reliability and Security

  • 10x data center and 5x next generation performance
  • Top rated security capabilities
  • Flexible firewall personalities for core or edge deployment
  • Low latency and IPv6 parity
  • Option to add Advanced Threat Protection, Strong Authentication and more

Specifications:

 

FortiGate 1000D Specifications
Interfaces and modules
Hardware Accelerated GE/10 GE SFP/SFP+ Slots 2
Hardware Accelerated GE SFP Slots 16
Hardware Accelerated GE RJ45 Ports 16
GE RJ45 Management / HA Ports 2
USB Ports (Client / Server) 1 / 2
Console Port 1
Onboard Storage 256 GB
Included Transceivers 0
System performance and capacity
IPv4 Firewall Throughput (1518 / 512 / 64 byte, UDP) 52 / 52 / 33 Gbps
IPv6 Firewall Throughput (1518 / 512 / 86 byte, UDP) 52 / 52 / 33 Gbps
Firewall Latency (64 byte, UDP) 3 μs
Firewall Throughput (Packet per Second) 49.5 Mpps
Concurrent Sessions (TCP) 11 Mil
New Sessions per Second (TCP) 280,000
Firewall Policies 100,000
IPsec VPN Throughput (512 byte) 25 Gbps
Gateway-to-Gateway IPsec VPN Tunnels 20,000
Client-to-Gateway IPsec VPN Tunnels 50,000
SSL-VPN Throughput 3.6 Gbps
Concurrent SSL-VPN Users (Recommended Maximum) 10,000
IPS Throughput (HTTP / Enterprise Mix) 1 8 / 4.2 Gbps
SSL Inspection Throughput 2 4 Gbps
Application Control Throughput 3 8 Gbps
NGFW Throughput 4 5 Gbps
Threat Protection Throughput 5 3 Gbps
CAPWAP Throughput 6 11 Gbps
Virtual Domains (Default / Maximum) 10 / 250
Maximum Number of FortiAPs (Total / Tunnel) 4,096 / 1,024
Maximum Number of FortiTokens 5,000
Maximum Number of Registered Endpoints 8,000
High Availability Configurations Active-Active, Active-Passive, Clustering
Dimensions and power
Height x Width x Length (inches) 3.48 x 17.20 x 17.95
Height x Width x Length (mm) 88.5 x 437 x 456
Weight 24.70 lbs (11.20 kg)
Form Factor Rack Mount, 2 RU
AC Power Supply 100–240V AC, 50–60 Hz
Power Consumption (Average / Maximum) 153 W / 220.8 W
Current (Maximum) 100V / 5A, 240V / 3A
Heat Dissipation 753.40 BTU/h
Redundant Power Supplies Yes, Hot swappable
Operating environment and certifications
Operating Temperature 32–104°F (0–40°C)
Storage Temperature -31–158°F (-35–70°C)
Humidity 20–90% non-condensing
Operating Altitude Up to 7,400 ft (2,250 m)
Compliance FCC Part 15 Class A, C-Tick, VCCI, CE, UL/cUL, CB
Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus, SSL-VPN; USGv6/IPv6

 

Hardware:

FortiGate 1000D

FortiGate 1000D Front and Rear

Interfaces

  1. USB Management Port
  2. USB Port
  3. Console Port
  4. 2x GE RJ45 Management Ports
  5. 16x GE SFP Slots
  6. 16x GE RJ45 Ports
  7. 2x 10 GE SFP+ Slots

NP Direct

By removing the Internal Switch Fabric, the NP Direct architecture provides direct access to the SPU-NP for the lowest latency forwarding. NGFW deployments require some attention to network design to ensure optimal use of this technology.

Powered by SPU

  • Custom SPU processors deliver the power you need to detect malicious content at multi-Gigabit speeds
  • Other security technologies cannot protect against today's wide range of content- and connection-based threats because they rely on general-purpose CPUs, causing a dangerous performance gap
  • SPU processors provide the performance needed to block emerging threats, meet rigorous third-party certifications, and ensure that your network security solution does not become a network bottleneck

Network Processor

Fortinet's new, breakthrough SPU NP6 network processor works inline with FortiOS functions delivering:

  • Superior firewall performance for IPv4/IPv6, SCTP and multicast traffic with ultra-low latency down to 2 microseconds
  • VPN, CAPWAP and IP tunnel acceleration
  • Anomaly-based intrusion prevention, checksum offload and packet defragmentation
  • Traffic shaping and priority queuing

Content Processor

The SPU CP8 content processor works outside of the direct flow of traffic, providing high-speed cryptography and content inspection services including:

  • Signature-based content inspection acceleration
  • Encryption and decryption offloading

10 GE Connectivity

High speed connectivity is essential for network security segmentation. The FortiGate 1000D provides 10 GE slots that simplify network designs without relying on additional devices to bridge desired connectivity

Software:

FortiOS

Control all the security and networking capabilities across the entire FortiGate platform with one intuitive operating system. Reduce operating expenses and save time with a truly consolidated next generation security platform.

FortiOS

  • A truly consolidated platform with one OS for all security and networking services for all FortiGate platforms.
  • Industry-leading protection: NSS Labs Recommended, VB100, AV Comparatives and ICSA validated security and performance.
  • Control thousands of applications, block the latest exploits, and filter web traffic based on millions of real-time URL ratings.
  • Detect, contain and block advanced attacks automatically in minutes with integrated advanced threat protection framework.
  • Solve your networking needs with extensive routing, switching, WiFi, LAN and WAN capabilities.

Deployment:

FortiGate deployed as data center core firewall
FortiGate deployed as data center core firewall

Data Center Core Firewall
Organizations deploying the NP (Network Processor) 6 powered FortiGate 1000 Series firewalls at their data center will enjoy superior protection and performance with industryleading, high capacity firewall technologies that deliver exceptional throughput and ultra-low latency, enabling the security, flexibility, scalability and manageability expected on a core platform. These firewalls come with numerous high-speed 40 GE and 10 GE interfaces which are ideal for segmenting network physically. Running on the latest FortiOS, these platform are virtualization and cloud-ready. They support next-generation data center architectures, multi-tenant requirements, provide APIs for rapid orchestration and easy integration with third-party ecosystems.

Mid-Enterprise Edge Firewall
Fortinet's FortiGate 1000 Series firewalls are perfect for growing large enterprises with their agile and high performance network security capabilities. These FortiGates not only deliver protection exceeding expectations, they are suitable for consolidating other security components. This allows organizations to significantly reduce TCOs and simplifies the network. Unlike other NGFWs (Next Generation Firewalls), the FortiGates are powered by FortiASICs which provide security without compromises performance. They run on the World's most advanced security operating systems that meet each organizations unique requirements. Advanced features such as integrated endpoint control and token server helps organizations to rapidly deploy enhanced security to their mobile workforce while device-based policies aid to implement BYOD securely. FortiGate deployed as data center core firewall FortiGate deployed

FortiGate deployed as mid-enterprise edge firewall
FortiGate deployed as mid-enterprise edge firewall