Challenges have brought many of our clients to one question. How can we leverage the changes we've seen in the data center landscape to have the most impactful security strategy moving forward? Three key technologies step out from the crowd, Network Security, SD-WAN, and Network Automation. The previous Tech Corner post highlighted two OEM leaders in the SD-WAN and wireless spaces, this week we put our focus on Network Security.
Security professionals were in a demanding position before the pandemic, and that demand only increased once remote working became normal for everyone. While the world takes on the challenge of a virus affecting human health, security professionals remain focused on network health and adapting to attacks.
Threat management has its challenges as more and more data is being generated along with higher traffic flow. Today, we put network security concerns and challenges up against a Next-Generation Firewall (NGFW) from Fortinet. The FortiGate 200F series NGFW is built to take on threat management and network security for mid-sized to large enterprises. This firewall can be deployed at the campus or enterprise branch level. As offices have been shaken by the pandemic, this firewall remains stable in protecting your network even when employees become remote. Let’s dive into the performance, management, and overall protection of the FortiGate 200F Next-Generation Firewall.
Fortinet offers high-performance, integrated security solutions to Enterprise, Small Business, and Security Service Providers. They empower their customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network - today and into the future. Organizations looking for application control, intrusion prevention, and advanced visibility across their network should look to Fortinet’s FortiGate NGFWs. Their recognition by Gartner as an industry leader proves they are not only strong in threat protection but remain relevant in innovation.
With full power redundancy, an SD-WAN processor, and performance that matches next-tier devices, the FortiGate 200F NGFW is the firewall you may be looking for to combat security threats. Its AI-powered FortiGuard Labs threat intelligence prevents and detects attacks, mitigating exploitable vulnerabilities within your network. As an administrator, you’ll have full visibility of users, devices, applications, and consistent security policy enforcement through enhanced real-time and historical analytics. The FortiGate 200F Series gives you a Next-Generation Firewall, Secure SD-WAN, and a Secure Web Gateway in one device. Here is how the multi-layered advanced protection keeps your network secure:
| Firewall | IPS | NGFW | Threat Protection | Interfaces |
| 27 Gbps | 5 Gbps | 3.5 Gbps | 3 Gbps | Multiple GE RJ45, GE SFP and 10 GE SFP+ slots |
Expedited deployment with zero-touch provisioning and automated VPN tunnels help simplify the firewall's management. Through intuitive workflows the overall security posture benefits. Take a look at the full data sheet here.
Palo Alto Networks, a powerhouse in the firewall space, designed a firewall series powered by machine learning that competes in a same-tier comparison to the FortiGate 200F. The PA-800 series (PA-820 and PA-850) focuses on providing secure connectivity for branch offices and midsize businesses. When looking at a side-by-side comparison of Fortinet and Palo Alto firewalls, there is a small challenge. Palo Alto publishes their performance metrics using HTTP, rather than UDP, as they believe HTTP is more computationally strenuous. In the table below, we still put them side-by-side in the key performance areas to give you a view of both firewalls.
| Unit / Model | FortiGate 200F | PA-850 |
| Firewall Throughput* | 27/27/11 Gbps | 2.1/2.1 Gbps |
| Threat Prevention** | 3 Gbps | 1.0/1.2 Gbps |
| IPsec VPN Throughput*** | 13 Gbps | 1.6 Gbps |
| New Sessions per Second | 280,000 (TCP) | 13,000 |
| Concurrent/Max Sessions | 3 Million (TCP) | 192,000 |
Both the PA-800 series and FortiGate 200F are built for similar tier networks, small to medium-sized businesses, but the comparison doesn’t stop there. The FortiGate 200F challenges Palo Alto’s 3220 firewalls as well. The 200F’s dual PSU, four 10G slots, two GE RJ45 HA/MGMT ports, and 16 G RJ45 ports put its performance in line with the 3220 from Palo Alto. When looking at the overall comparison between Fortinet and Palo Alto, it comes down to which has the better performance per price. As price comes into the game, Fortinet knocks Palo Alto off as Fortinet has the more attractive total cost of ownership. If price isn’t as big of a factor, Palo Alto’s ability to meet performance requirements is unmatched with its advanced features.
It's important to compare firewalls like the Palo Alto and Fortinet devices. Here at PivIT, we know the importance stretches beyond the firewall to what is available today, financing options, and more. We make it easy for you to find the hardware to build your network on your terms.
| Unit | Measurement |
| System Performance - Enterprise Traffic Mix | |
| IPS Throughput | 5 Gbps |
| NGFW Throughput | 3.5 Gbps |
| Threat Protection | 3 Gbps |
| System Performance | |
| Firewall Latency (64 byte UDP packets) | 4.78 |
| Firewall Throughput (packets per second) | 16.5 Mpps |
| Concurrent Session (TCP) | 3 Million |
| Firewall Policies | 10,000 |
| SSL-VPN Throughput | 2 Gbps |
| Application Control Throughput (HTTP 64K) | 13 Gbps |
| CAPWAP Throughput (HTTP 64K) | 20 Gbps |
Leave a comment below or get in touch with your firewall needs! Here at PivIT, we offer a fresh approach to sourcing, maintaining, and servicing your data center infrastructure. We’ve reimagined the status-quo and offer our customers strategies not found in the traditional IT channels. Our focus is to examine your CAPEX/OPEX limitations and present you with options to free up your budget, achieve your goals and Do IT Better.