You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.

Switching

Secure Ethernet Switching Overview

Legacy Ethernet LANs face many challenges including exponential growth in devices and applications, increased throughput demands from wireless LANs, and complex security implementations. Rather than asking how to secure traditional Ethernet LANs, Fortinet takes a security centric approach offering Ethernet as an extension of the security infrastructure through FortiSwitch and FortiLink. FortiSwitch offers a broad portfolio of secure, simple, and scalable Ethernet switches ideal for Secure SD-Branch and applications ranging from desktop to data center.

Secure Ethernet Switching Videos

Secure Ethernet Switching Product Details

Fortinet’s Ethernet switches can be managed standalone or integrate directly into the Fortinet Security Fabric via the FortiLink protocol. FortiLink is a key supporting technology of the FortiSwitch, that enable its ports to become extensions of the FortiGate security appliance. When connected via FortiLink the security polices of the FortiSwitch can mirror the FortiGate making Firewall interfaces and Switch ports equally secure. Centralized management through the FortiGate simplifies deployment and provisioning of FortiSwitch with no touch auto-discovery, one click VLAN and security policy assignment. With an integrated access layer, the FortiGate provides consolidated visibility and reporting easing management and troubleshooting. Lastly, FortiLink enables stacking of up to 300 switches per FortiGate, depending on the model. All of these features are included and have no licensing fee.

Secure Ethernet Switching Models and Specifications

FortiSwitches are available in a variety of models to address needs from the access layer to the datacenter. All models can be managed and configured directly from the FortiGate.

FS-108E

Ports | 8 GE RJ45 + 2 SFP

PoE | N/A

FS-108E-POE

Ports | 8 GE RJ45 + 2 SFP

PoE | 4 port PoE+ with maximum 65 W

FS-108E-FPOE

Ports | 8 GE RJ45 + 2 SFP

PoE | 8 port PoE+ with maximum 130 W

FS-124E

Ports | 24 GE RJ45 + 4 SFP

PoE | N/A

FS-124E-POE

Ports | 24 GE RJ45 + 4 SFP

PoE | 12 port PoE+ with maximum 185 W limit

FS-124E-FPOE

Ports | 24 GE RJ45 + 4 SFP

PoE | 24 port PoE+ with maximum 370 W limit

FS-148E

Ports | 48 x GE RJ45 ports, 4 x GE SFP

PoE | N/A

FS-148E-POE

Ports | 48 x GE RJ45 ports, 4 x GE SFP

PoE | 24 ports POE with max 370W POE limit


FortiSwitch 224D-FPOE

Ports | 24 GE RJ45 + 4 SFP

PoE | 24 port PoE+ with maximum 370 W limit

FS-248D

Ports | 48 GE RJ45 + 4 SFP

PoE | N/A

FS-224E

Ports | 24 GE RJ45 + 4 SFP ports

PoE | N/A

FS-224E-POE

Ports | 24 GE RJ45 + 4 SFP ports

PoE | 12 port PoE+ with maximum 180 W limit

FS-248E-POE

Ports | 48 GE RJ45 + 4 SFP ports

PoE | 24 port PoE+ with maximum 370 W limit

FS-248E-FPOE

Ports | 48 GE RJ45 + 4 SFP ports

PoE | 48 port PoE+ with maximum 740 W limit


424E

Ports | 1GbE 24 port 4X 10GbE

PoE | 250 W POE 421 FPOE

424E-POE

Ports | 1GbE 24 port 4X 10GbE

PoE | 250 W POE 421 FPOE

FS-224E

Ports | 1GbE 24 port 4X 10GbE

PoE | 421 W POE 421 FPOE

FS-M426E-POE

Ports | 16 x GE RJ45 ports, 8 x MGIG 2.5 GE UPOE (60W) ports, 2 X MGiG 5GE ports, 4X 10GE SFP+

PoE | Full POE 8 Port UPOE

FS-424D

Ports | 24 GE RJ45 + 2x 10 GE SFP+

PoE | N/A

FS-424D-POE

Ports | 24 GE RJ45 + 2x 10 GE SFP+

PoE | 24 port PoE+ with maximum 185 W limit

FS-424D-FPOE

Ports | 24 GE RJ45 + 2x 10 GE SFP+

PoE | 24 port PoE+ with maximum 370 W limit

FS-448D

Ports | 48 GE RJ45 + 4x 10 GE SFP+

PoE | N/A

FS-448D-POE

Ports | 48 GE RJ45 + 4x 10 GE SFP+

PoE | 48 port PoE+ with maximum 370 W limit

FS-448D-FPOE

Ports | 48 GE RJ45 + 4x 10 GE SFP+

PoE | 48 port PoE with maximum 740 W limit

FS-448E

Ports | 1GbE 48 port 4X 10GbE

PoE | N/A

FS-448E-PoE

Ports | 1GbE 48 port 4X 10GbE

PoE | 421 W POE 421 FPOE

FS-448E-FPoE

Ports | 1GbE 48 port 4X 10GbE

PoE | 772W POE 421 FPOE

FS-524D

Ports | 24 GE RJ45, 4x 10 GE SFP+ and 2x 40 GE QSFP+

PoE | N/A

FS-524D-FPOE

Ports | 24 GE RJ45, 4x 10 GE SFP+, 2x 40 GE QSFP+

PoE | 24 port PoE+ with maximum 400 W limit

FS-548D

Ports | 48 GE RJ45, 4x 10 GE SFP+ and 2x 40 GE QSFP+

PoE | N/A

FS-548D-FPOE

Ports | 48 GE RJ45, 4x 10 GE SFP+ and 2x 40 GE QSFP+

PoE | 48 port PoE+ with maximum 750 W limit


With 10 or 40 Gigabit Ethernet access ports and a high throughput backbone, FortiSwitch Data Center Switches are ideal for top-of-rack server or firewall-aggregation applications. These high-speed switches are also well suited for enterprise network core or backbone network installations.

FS-1024D

Ports | 24x GE/10 GE SFP/SFP+

FS-1048E

Ports | 48x GE/10 GE SFP/SFP+ slots and 6x 40 GE QSFP+ or 4x 100 GE QSFP28

FS-3032D

Ports | 32x 40 GE QSFP+

FS-3032E

Ports | 32x 100 GE QSFP28

FortiSwitch Rugged

FortiSwitch Rugged switches deliver all of the performance and security of the trusted. FortiSwitch secure, simple, scalable Ethernet solution, but with added reinforcement that makes them ideal for deployments in challenging environments.

FSR-112D-POE

Ports | 8x GE RJ45 PoE+, 4x GE SFP slots

FSR-124D

Ports | 16x GE RJ45, 4x GE SFP slots, 8 shared media interfaces (GE RJ45 or GE SFP slots)


Wireless Management

Management Product Options

FortiGate Integrated Controller

Single pane-of-glass for network security and wireless access

Tight integration with Fortinet's Security Fabric

No extra licenses necessary

Cloud AP Management

Hosted cloud solution available anywhere anytime

Scalable to the size of your network

Dedicated Controller

Dedicated hardware to manage your wireless

Perfect for dense, complex and large scale deployments

FortiExtender: Secure LTE Wireless WAN Extender

Providing 3G/4G Connectivity for Reliable Broadband to the Internet

FortiExtender Overview

Establishing and maintaining Internet connectivity can be a critical requirement for business execution. To provide a secondary WAN connection, the FortiExtender appliance uses LTE connectivity with the cellular phone infrastructure to provide broadband speeds that can be used in a failover or load-balancing configuration. And for those locations without wired broadband options, FortiExtender can provide the primary Internet connection.

Product Details:

FortiExtender provides a WAN connection to a firewall such as a FortiGate using the cellular LTE infrastructure (3G or 4G). These connections are commonly used as a second broadband connection for reliability or increased throughput. Business that want to use multiple WAN connections including SD-WAN can use FortiExtender for one of those WAN links. Another common use for FortiExtender is as the primary connection for a location where cellular LTE is the preferred broadband option. Retail stores or kiosks processing point-of-sales (POS) transaction might opt for a highly secure LTE network for meeting PCI compliance requirements. FortiExtender can be managed independently, from an attached FortiGate, or by the FortiExtender Cloud service. For more information on FortiExtender

FortiExtender Models and Specifications

FortiExtender appliances come in several indoor models with different LTE modem performance. All models offer multiple LAN ports and a secondary WAN ethernet port. FortiExtender Appliances can be managed by a FortiGate or from the cloud by the FortiExtender Cloud service.

FEX-201E

Internal Modem(s) | Single

Modem Type | CAT-6 (300 Mbps)

Coverage | NA, SA, EMEA

FortiExtender Cloud | Yes

FEX-211E

Internal Modem(s) | Single

Modem Type | CAT-12 (600 Mbps)

Coverage | Global

FortiExtender Cloud | Yes

AI Powered Cybersecurity FortiAI

Virtual Security Analyst

Threat Investigation and Response

Discover FortiAI, a self-learning AI for SecOps

What is AI-Powered Cybersecurity?

Among its many benefits to cybersecurity, Artificial Intelligence (AI) can identify patterns in massive amounts of data, enabling it to detect trends in malware features and make threat classifications much more rapidly than humans can. An AI-based virtual security operations (SecOps) analyst can rapidly detect and respond to security incidents, assisting human analysts and enabling them to operate at a higher level. AI-powered cybersecurity technologies such as this can be a boon to short-staffed security teams affected by the global cybersecurity skills gap.

While Machine Learning (ML) is the most common type of AI used in cybersecurity designed to solve linear problems e.g. perform a task more efficiently and effectively for a specific situation, Deep Learning (DL) is designed to solve larger complex, non-linear problems by modelling the operation of neurons in the human brain.

AI-based learning algorithms fall into three categories: supervised, reinforced and unsupervised. A supervised ML algorithm must be trained on a large dataset of samples labeled as either benign or malicious. In contrast, Deep Neural Networks (DNN), a Deep Learning model uses reinforced learning i.e. an award-based system of learning, during its pre-training and later transitions to unsupervised learning i.e. self-learning, that does not require a labeled dataset for training and maturity. More importantly, lies in its ability to correlate various category of datasets to make decisions.

A Virtual Security Analyst that can operate in unsupervised mode is a boon to lean SecOps teams that lack the experienced resources to analyze and investigate new threats fully within the shortest period of time. Because of DNN’s innate ability to self-learn, it continuously adapts to the evolving cyber threat landscape including AI-powered cyber attacks (see diagram below).

A virtual security analyst must have certain characteristics:

  • Ability to self-learn i.e. does not rely solely on cloud-based updates for AI maturity
  • Extremely high detection rate of 99% and above
  • Performs at scale with machine speeds
  • Automates detection-investigation-response threat lifecycle
  • Pre-trained AI ready for deployment on day-1

FortiAI: Virtual Security Analyst Overview

There is no question that cyberattacks and threats—ransomware, trojans, cryptomining, worms, etc.—are here to stay, but they are also becoming increasingly sophisticated and dangerous. Cybercriminals are eagerly adopting new innovations such as artificial intelligence (AI) and automation via AI fuzzing, self-learning swarm-based attacks, and expanded Malware-as-a-Service capabilities. Meanwhile, overburdened security operations teams are stuck with traditional security resources and investigation procedures to combat the increasing volume of advanced polymorphic, known, and unknown threats.

AI is paving the way for cybersecurity solutions to stay ahead of evolving threats. Fortinet FortiAI, powered by Deep Neural Networks (DNN), is the industry’s most sophisticated AI security solution. FortiAI is specifically designed to alleviate the tedious manual threat investigation of security alerts and threat response by identifying and classifying threats and malware outbreaks in sub-seconds and blocking them in the network.

FortiAI: Virtual Security Analyst Product Details

FortiGuard Labs, Fortinet’s leading threat intelligence and research team, consists of threat researchers, analysts, and engineers are in the forefront of exposing new threats. This team shares their latest threat intelligence via community blogs, threat playbooks for organizations, as threat protection via intelligence services, and by developing new threat-based technologies. One of the most significant technologies built by FortiGuard Labs in 2012—an AI system to detect and update protection against millions of malware samples seen each day.

FortiAI is the cumulative effort of the AI developed by FortiGuard Labs, and the first solution of its kind that embeds a sophisticated and mature deep learning model via DNN. FortiAI's patent-pending DNN approach learns about new threats on its own and helps organizations to adapt threat protection to new attacks instantaneously. In addition, FortiAI comes pre-trained with more than 6+ million malware features that can identify IT- and OT-based threats and classify them into malware categories. These features can also accurately pinpoint the origin and lateral spread of a malware and its variants by analyzing the entire threat movement. FortiAI integrates with FortiGate to automatically block these threats. Deploying FortiAI on-premises can help security operations teams solve the security resource crisis and rapidly accelerate the response to evolving threats.

FortiAI Models and Specifications

FortiAI is offered as an on-premises hardware appliance designed for deployment at data centers and campuses.

FortiAI 3500F

Form Factor | 2 RU

Performance| 100,000 files/hour with sub-second verdict

Ports | 2 x 10GE (RJ45), 1 xGE (RJ45)

FortiAI-VM16

vCPU | 16 cores

Performance | 14,000 files/hr

Memory (Minimum/Recommended) | 128GB/256GB

FortiAI-VM32

vCPU | 32 cores

Performance | 22,000 files/hr

Memory (Minimum/Recommended) | 128GB/256GB


FortiInsight

Detect and prevent insider threat with user and entity behavior analytics (UEBA)

FortiInsight

30 percent of data breaches involve organization insiders acting negligently or maliciously. Insiders pose a unique threat to organizations because they have access to proprietary systems and often are able to bypass security measures creating a security blind spot to the risk and security teams.

Fortinet’s User and Entity Behavior Analytics (UEBA) technology protects organizations from insider threats by continuously monitoring users and endpoints with automated detection and response capabilities. Leveraging machine learning and advanced analytics, FortiInsight automatically identifies non-compliant, suspicious, or anomalous behavior and rapidly alerts any compromised user accounts. This proactive approach to threat detection delivers an additional layer of protection and visibility, whether users are on or off the corporate network.

FortiInsight Videos

FortiInsight

Pinsent Masons

FortiInsight Product Details

FortiInsight protects your organization’s sensitive data and high-value intellectual property from loss, theft, and mishandling, whether from a malicious insider or accidental incident.

FortiInsight monitors endpoint activities, resource access, and data movement both on and off the network, offering complete visibility around resources and data. It identifies risky behavior, policy violations, and takes action before they turn into security incidents.

The rule-based engine combined with machine-learning analytics means it can quickly and consistently identify risky activities. In addition, it supports compliance reporting and provides detailed forensics to aid investigation.

A Virtual Security Analyst that can operate in unsupervised mode is a boon to lean SecOps teams that lack the experienced resources to analyze and investigate new threats fully within the shortest period of time. Because of DNN’s innate ability to self-learn, it continuously adapts to the evolving cyber threat landscape including AI-powered cyber attacks (see diagram below).

The FortiInsight Five Factor Model

How Does the 5-factor Model Work?

Data from the FortiInsight endpoint agent is streamed securely from the endpoint to our data store, capturing a standard format that leverages the unique 5-factor model. This one-of-a-kind capability captures the specific machine identifier, the user and application that performed the activity, as well as the type of activity and any specific resources that were affected.

For example, a single entry may contain the following:

A user named Margarette, working on gb-Machine 1, copied a file called customer_details.xlsx to removable media.

And, because the 5-factor model captures the same core pieces of data for every event that occurs, your team is armed with comprehensive information that enables them to configure specific policies to alert.

Reliable, Rapid Insights

  • Complete: You get every record you actually need, no more and no less. Other products don't have that granularity.
  • Consistent: Every field is consistent and in the desired format. There are no issues of data inconsistency, unlike with log file systems.
  • Cohesive: FortiInsight captures the data both on and off network, delivering easy, no-nonsense insights, in a straightforward layout for rapid data analysis.

Lightweight Agent Based Protection

FortiInsight applies patented smart connector technology. Built from the ground-up, it uses core OS functionality and minimizes performance impact, resulting in strengthened security with no impact on endpoints, users, or productivity.

Low Impact, High Performance

  • Hosted solution with minimal performance impact on the endpoint
  • Windows OS support
  • Unrivaled performance through extensive use of native file system drivers
  • Data is collected in real-time and streamed for off-site analysis with complete off-network visibility
  • Strict quality control to ensure stability and reliability of software

Unparalleled Threat Detection Capabilities

Our smart connector consumes less than 0.5% of CPU, 20 MB of RAM memory and 5 KB/s of network traffic with no additional configuration required, and no rules needing to push to the connectors.

The bottom line? With zero-impact on endpoint devices, you can forget about performance degradation, and focus on instant protection for your intellectual property (IP) and sensitive data.

FortiInsight Platform

Protect your organization against unknown threats

FortiInsight automatically learns normal user behavior, and then detects the unknown to alert you in real-time to any anomalous activities, so you can act fast before issues become serious security problems.

The lightweight agent securely streams continuous sequences of activities from monitored endpoints or cloud services to the machine learning engine, where an unsupervised anomaly-detection system identifies events that do not fit the pattern of users’ everyday activities.

These anomalies are then checked for known risk factors, such as the use of removable media, hacking tools, or the accessing of files that violate policies. Combined with previous operator feedback, these risk factors are attributed an overall risk score. Any activities that appear to present risk cause an instant alert, and your team can quickly take the appropriate action.

Efficient, Effective Data Security

  • FortiInsight learns from the anomalies you find most valuable, and then screens out irrelevant detections
  • Scales with your organization, allowing comprehensive investigation at every level of detail
  • Each FortiInsight dashboard visualization clearly expresses the shape of the data, accentuating high-risk anomalies while giving you a bird’s-eye view of user behavior
  • FortiInsight displays data so that you can rapidly prioritize high-risk anomalies, prevent incidents and stay compliant
  • Detailed, dynamic dashboard capabilities enable you to make high-level decisions around your security posture, all in one place and in real-time
  • Quickly answer critical questions such as, who, where, what, and how