forti gate virtual appliances sales 201010
TRANSCRIPT
Fortinet ConfidentialApril 13, 2023
FortiGate® Virtual AppliancesSecuring Virtual and Cloud Environments
Fortinet Confidential
Agenda
• Introduction
• Fortinet Virtual Security Strategy
• FortiGate Virtual Appliances
• Competitive Information
Fortinet Confidential
Virtual Security Appliance Market Highlights
• The worldwide virtual security appliance market jumped 64% in 2009 over 2008, to $203.8 million• Year-over-year, from the first quarter of 2009 and the first quarter of 2010, the
virtual security appliance market is up 119%• Infonetics Research forecasts the virtual security appliance market to grow
nearly 8-fold from 2009 to 2014, when it will be near $1.6 billion• The virtual security appliance segment posting the strongest quarterly growth
in 1Q10 is content security gateway virtual appliances, up 22%• North America is currently the largest regional market for virtual security
appliances
3
Fortinet Confidential
Virtualized Data Center Security
Primary security goal: separation of logical zonesVirtual perimetersFirewalling between zones
Public ZoneDMZ/Private Zone
ServerServer
Servers / DMZ
Desktops / Private
Virtualized Data Center
Logical Security Zones are used to isolate hosts with differing security requirementsServersDesktops
Fortinet Confidential
Cloud Computing Security
Generally, security zones are more abstract but vary by cloud modelDomains are a good model for securityMaintaining confidentiality and integrity between domains is key
Some major security concernsHigh levels of risk exposureLoss of visibilityLack of security controlsMaintaining compliance
Domain_1: Customer_A
Domain_1: Customer_A
Domain_2: Customer_B
Domain_2: Customer_B
Fortinet Confidential
Fortinet Virtual Security Strategy
Fortinet Confidential
Cloud/Virtualization Strategy
Fortinet Confidential
Existing Virtual / Cloud Security Strategy
SaaS
PaaS
IaaS
Cloud Computing Service Models
Cloud Computing Service Models
Community
Hybrid
Private
Public
Cloud Computing Deployment ModelsCloud Computing
Deployment ModelsNon-Cloud Virtualized
EnvironmentsNon-Cloud Virtualized
Environments
Desktop
Server
Proven success in virtual and cloud security environments. We enable enterprises and service providers to deliver secure offerings across all service and deployment models.
Fortinet Confidential
Choice of Form Factor
Physical and virtual security appliancesUse hardware for high-performance security controls at the perimeter edgeUse virtual appliances for zone security within the virtualized environment
Public ZoneServerServer
Servers / DMZ
Desktops / Private
Virtualized Data Center
DMZ/Private Zone
Hardware AppliancesHardware Appliances
Virtual Appliances
Virtual Appliances
Fortinet Confidential
100% Fortinet Technology
Firewall VPN AntivirusIntrusion Preventi
on
WAN Optimizatio
n
Antispam
Web Filter
App Control
Data Loss
Prevention
L2/L3 Routing
No Per-User Licenses
Fortinet Confidential
FortiGate Virtual Appliances
Fortinet Confidential12
FortiGate Virtual Appliance
FortiGate Virtual Appliances Combine with traditional FortiGate
appliances for maximum network visibility and security controls.
Utilize Virtual Domain (VDOM) and Virtual LAN (VLAN) technologies to enforce security between zones
Released w/ FortiOS 4.2 (MR2)
FG
Availability / Licensing Available Now Licensed by # of vCPU: 2 / 4 / 8 30-Day evaluation license available
Hypervisor Support VMware ESXi/ESX 3.5/4.0/4.1 Delivered in OVF format
Fortinet Confidential
Minimum Requirements
13
Requirement Min needed for FortiGate-VM
Hypervisor VMware ESXi/ESX 3.5/4.0/4.1
Memory Min. 512MB of RAM Max 3GB
CPU Min. 2 virtual CPU’s
10/100/1000 Interfaces
Min. 2 virtual NIC’s
Storage Capacity Min. 30G
Fortinet Confidential
FortiGate Virtual Appliance Specifications
14
Feature FortiGate-VM
Hypervisors Supported VMware ESXi/ESX 3.5/4.0/4.1
Form Factor Open Virtualization Format (OVF)
# of vCPU’s supported 2/4/8
Built in VDOMS (upgradeable) 10
Memory and CPU Uses Hypervisor
10/100/1000 Interfaces 10 Max (Uses Hypervisor)
10GbE Support Supported
Storage Capacity Uses Hypervisor
High Availability Yes
FortiGate version (Firmware) 4.2
Fortinet Confidential
Licenses available
15
•The FortiGate-VM license will enable the virtual appliance to use 2/4/8 virtual CPU’s. Appliances come with 10 VDOMS. License is perpetual.
•Evaluation license -- Same features as above. This license expires after 30 days
Fortinet Confidential
Licensing states
16
There will be 2 licensing states:
• Locked -- Use of the admin GUI and CLI will be limited. User can login but can only input a new/valid license key.
•Unlocked -- Fully functional, same as a hardware-based FortiGate device.
Fortinet Confidential
Licensing behavior
17
•New Installation – GUI and CLI are in a "Locked" state. •Valid License -- Transition to "Unlocked" state whenever a valid license key in entered into the GUI. The FortiGuard network validates that the license/serial number is VALID. •Evaluation (30 days) or Piracy detected– When the evaluation expires or the virtual machine has been cloned. In this case, FortiGuard will return the INVALID status back to the FortiGate. The device transitions back to "Locked" state.
Fortinet Confidential
License Registration
18
•Order is placed with reseller/distribution, registration number is sent to the e-mail address that was used in the order form.
•The registration number is entered in support.fortinet.com (Forticare) to register and obtain a license file.
•User logs in to FortiGate and uploads the license file.
•FortiGate is activated and operational
Fortinet Confidential
FortiGuard Interaction
• Grace period of 24 hours (with an alert e-mail sent after 8 hours) when FortiGuard detects a duplicate serial number. FortiGuard will then send an INVALID back to the duplicate device. The device will enter the locked state• FCP protocol is used to talk to VM’s (SSL/TCP based protocol)• FortiGuard polling interval is set at 1 hour.•When FortiGuard cannot be contacted by the device, FortiGuard
will send an alert after 4 hours. After 24 hours, the device will enter the “locked” state. It will unlock once it can talk to Fortiguard and is validated.
19
Fortinet Confidential
FortiGuard Interaction
20
FortiGuard Network
FortiGate-VM FortiGate-VM
Send Serial No and UUID.
VALID
FortiGate-VM
Send Serial No and UUID.
VALID
Device #1: UUID and Serial No Device #2: UUID and Serial No Device #3: UUID and Serial No
Device #1 Device #2
Device #1: VALIDDevice #2: VALIDDevice #3: INVALID (Same Serial No as Device #2)
Device #3Cloned or Copied
Send Serial No and UUID.
INVALID (after 24 hours, email sent after 8 hours)
Fortinet Confidential
• There is no need to download and install a new OVF each time an upgrade is required.
• Firmware upgrades for the FortiGate virtual appliance is performed in the same way as you would with a FortiGate hardware appliance. i.e. download the firmware and upload it to the device.
Upgrade Procedures
21
Fortinet Confidential
FortiGate Model Comparison
22
Product List Price CPU Cores Performance (FW/VPN/AV/IPS) RAM
FG-620B $12,995 1 Dual 16G 12G .35G 1G 2G
FG-1240B $19,995 1 Quad 40G 16G .9G 1.5G 3G
FG-3040B $29,995 1 Quad 40G 16G 1G 1.6G 6G
FG-3950B $79,995 2 Quad 20/120G 8/48G 1.5G 10G+ 12G
FG-5001Aw/ADM-XD2
$54,995 1 Quad 20G 8G .5G 2G 4G
FG-One(HP blade)
$9,995 1 Dual 2G .7G .3G 1G 4G
FG-VM02 $9,995 2vCPU 1.6G NA .35G .3G 3G
FG-VM04 $14,995 4vCPU NA NA .7G .6G 3G
FG-VM08 $29,995 8vCPU NA NA NA NA 3G
** Performance on FG-VMXX will depend on Hypervisor hardware* Tests were performed on Dell PowerEdge R715 server running ESXi 4.1
Fortinet Confidential
FortiGate-VM – Ordering Info
23
Product Description SKU Pricing
FG-VM022vCPU version
FortiGate Virtual Appliance licensed for 2 virtual CPU’s
FG-VM02 <insert pricing from regional price list>
FG-VM044vCPU version
FortiGate Virtual Appliance licensed for 4 virtual CPU’s
FG-VM04 <insert pricing from regional price list>
FG-VM088vCPU version
FortiGate Virtual Appliance licensed for 8 virtual CPU’s
FG-VM08 <insert pricing from regional price list>
Fortinet Confidential
VDOM ‘s and VDOM Upgrades
24
ProductBuilt in VDOMS
Upgradeable to
FG-VM02 10 25
FG-VM04 10 25,50,100
FG-VM08 10 25,50,100, 250
Upgrade SKU’s VDOMS Description Pricing
FG-VDOM-25 25 Single Blade VDOM License Key 11 to 25 Virtual Domain Upgrade
<insert pricing from regional price list>
FG-VDOM-50 50 Single Blade VDOM License Key 25 to 50 Virtual Domain Upgrade
<insert pricing from regional price list>
FG-VDOM-100 100 Single Blade VDOM License Key 51 to 100 Virtual Domain Upgrade
<insert pricing from regional price list>
FG-VDOM-250 250 Single Blade VDOM License Key 101 to 250 Virtual Domain Upgrade
<insert pricing from regional price list>
Fortinet Confidential25
Typical Deployment
PhysicalNICs
FortiOSUTM
SecurityVM
vNIC
IP N
etw
ork
VmwareHypervisor
VirtualNICs
VirtualSwitch0
Win2K8VM
vNIC
QA/DEVVM
vNIC
LinuxVM
vNIC
vNIC
vNIC
Vswitch10 Mgmt Network
vNIC
ESXi/ESX
Central Mgt& Licensing
VM
vswitch0
•FortiManager will manage FG-VM and serve as licensing server
vswitch10
Physical net
vNIC
VirtualSwitch1…n
Vswitch1…n
vNIC
Virtual Desktop
VM
WWW Server
VM
Client Machine
Fortinet Confidential
FortiGate-VM Competitive Information
Fortinet Confidential
Feature Comparison
27
Fortinet Confidential
Certifications
28
Fortinet Confidential
Thank You