Fortigate 1500D Series: Data Sheet

Download as pdf or txt
Download as pdf or txt
You are on page 1of 6

DATA SHEET

FortiGate® 1500D Series Next Generation Firewall


Segmentation
Secure Web Gateway
FG-1500D and FG-1500DT IPS
Mobile Security

The FortiGate 1500D series delivers high performance next generation firewall (NGFW)
capabilities for large enterprises and service providers. With multiple high-speed interfaces,
high-port density, and high-throughput, ideal deployments are at the enterprise edge, hybrid
data center core, and across internal segments. Leverage industry-leading IPS, SSL inspection,
and advanced threat protection to optimize your network’s performance. Fortinet’s Security-
Driven Networking approach provides tight integration of the network to the new generation of
security.
Security Networking
n Identifies thousands of applications inside network traffic n Delivers advanced networking capabilities that seamlessly
for deep inspection and granular policy enforcement integrate with advanced layer 7 security and virtual
n Protectsagainst malware, exploits, and malicious domains (VDOMs) to offer extensive deployment
websites in both encrypted and non-encrypted traffic flexibility, multi-tenancy and effective utilization of
resources
n Prevent and detect against known and unknown attacks
n Delivers high-density, flexible combination of various
using continuous threat intelligence from AI-powered
FortiGuard Labs security services high-speed interfaces to enable best TCO for customers
for data center and WAN deployments
Performance
n Delivers industry’s best threat protection performance and Management
n Includes a management console that is effective, simple
ultra-low latency using purpose-built security processor
(SPU) technology to use, and provides comprehensive network automation
and visibility
n Providesindustry-leading performance and protection for
n Provides Zero Touch Integration with Fortinet’s Security
SSL encrypted traffic
Fabric’s Single Pane of Glass Management
Certification n Predefined compliance checklist analyzes the deployment
n Independently tested and validated for best-in-class
and highlights best practices to improve overall security
security effectiveness and performance posture
n Received unparalleled third-party certifications from NSS Security Fabric
Labs n Enables Fortinet and Fabric-ready partners’ products
to provide broader visibility, integrated end-to-end
detection, threat intelligence sharing, and automated
remediation

Firewall IPS NGFW Threat Protection Interfaces


Multiple GE RJ45, GE SFP, and 10 GE SFP+ /
80 Gbps 13 Gbps 7 Gbps 5 Gbps
GE SFP slots | Variant with 10 GE RJ45

1
DATA SHEET | FortiGate® 1500D Series

DEPLOYMENT

Next Generation Firewall (NGFW) IPS

§ Reduce the complexity and maximize your ROI by § Purpose-built security processors delivering industry
integrating threat protection security capabilities into validated IPS performance with high throughput and low
a single high-performance network security appliance, latency
powered by Fortinet’s Security Processing Unit (SPU)
§ Deploy virtual patches at the network level to protect
§ Full visibility into users, devices, applications across against network exploitable vulnerabilities and optimize
the entire attack surface and consistent security policy network protection time
enforcement irrespective of asset location
§ Deep packet inspection at wire speeds offers unparalleled
§ Protect against network exploitable vulnerabilities with threat visibility into network traffic including traffic
Industry-validated IPS security effectiveness, low latency encrypted with the latest TLS 1.3
and optimized network performance
§ Proactively block newly discovered sophisticated attacks in
§ Automatically block threats on decrypted traffic using the real-time with advanced threat protection provided by the
Industry’s highest SSL inspection performance, including intelligence services of the Fortinet Security Fabric
the latest TLS 1.3 standard with mandated ciphers
§ Proactively block newly discovered sophisticated attacks in
real-time with AI-powered FortiGuard Labs and advanced
threat protection services included in the Fortinet Security Mobile Security for 4G, 5G, and IOT
Fabric
§ SPU accelerated, high performance CGNAT and IPv6
migration option including: NAT44, NAT444, NAT64/DNS64,
NAT46 for 4G Gi/sGi and 5G N6 connectivity and security
Segmentation
§ RAN Access Security with highly scalable and best
performing IPsec aggregation and control security gateway
§ Segmentation that adapts to any network topology, (SecGW)
delivering end-to-end security from the branch level to
§ User plane security enabled by full Threat Protection and
data centers and extending to multiple clouds
visibility into GTP-U inspection
§ Reduce security risks by improving network visibility from
§ 4G and 5G security for user and data plane traffic including
the components of the Fortinet Security Fabric, which
SCTP, GTP-U and SIP that provides protection against
adapt access permissions to current levels of trust and
attacks
enforce access control effectively and efficiently
§ High-speed interfaces to enable deployment flexibility
§ Delivers defense in depth security powered by high-
performance L7 inspection and remediation by Fortinet’s
SPU, while delivering third party validated TCO of per
protected Mbps
§ Protects critical business applications and helps implement
any compliance requirements without network redesigns FortiClient
VPN Client

DATA
CENTER
Secure Web Gateway (SWG)
FortiGate
FortiGate
NGFW
IPS, Segmentation

§ Secure web access from both internal and external risks,


even for encrypted traffic at high performance FortiManager
Automation-Driven
Network Management

§ Enhanced user experience with dynamic web and video


caching 
FortiAnalyzer
Analytics-powered
Security & Log Management

§ Block and control web access based on user or user


groups across URL’s and domains
§ Prevent data loss and discover user activity to known and Data Center Deployment
unknown cloud applications  (NGFW, IPS, and Intent-based Segmentation)
§ Block DNS requests against malicious domains 
§ Multi-layered advanced protection against zero-day
malware threats delivered over the web

2
DATA SHEET | FortiGate® 1500D Series

HARDWARE

FortiGate 1500D

FortiGate 1500D
Hardware Features
2 MGMT 1 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35
10G SFP+
37 39
CONSOLE

STATUS

ALARM

HA

AC
NP6 CP8 2U 10GE 480GB
POWER

USB MGMT USB MGMT 2 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40


DUAL

1 3 4 5 6 7

CAUTION

FortiGate 1500DT DISCONNECT ALL POWER


CORDS BEFORE SERVICING

POWER1 POWER2 FAN FAN FAN FAN FAN FAN

FortiGate 1500DT Hardware Features


2 MGMT 1 1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33
10 G
35 37
SFP+
39
CONSOLE

STATUS

ALARM

HA

AC
USB MGMT
POWER
USB MGMT 2 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 NP6 CP8 2U 10GE 480GB DUAL

1 3 4 5 6 7 8

Interfaces
1. USB Management Port
2. Console Port
3. USB Port
4. 2x GE RJ45 Management Ports
5. 16x GE SFP Slots
6. 16x GE RJ45 Ports
7. 8x 10 GE SFP+ / GE SFP (1500D)
4x 10 GE RJ45 Ports (1500DT)
8. 4x 10 GE SFP+ Slots (1500DT)

Network Processor
Powered by SPU
Fortinet’s new, breakthrough SPU NP6 network processor
§ Fortinet’s custom SPU processors works inline with FortiOS functions delivering:
deliver the power you need to detect
malicious content at multi-Gigabit § Superior firewall performance for IPv4/IPv6, SCTP and
speeds multicast traffic with ultra-low latency

§ Other security technologies cannot protect against § VPN, CAPWAP and IP tunnel acceleration
today’s wide range of content- and connection- § Anomaly-based intrusion prevention, checksum offload,
based threats because they rely on general-purpose and packet defragmentation
CPUs, causing a dangerous performance gap
§ Traffic shaping and priority queuing
§ SPU processors provide the performance needed
to block emerging threats, meet rigorous third-party Content Processor
certifications, and ensure that your network security
Fortinet’s ninth generation custom SPU CP9 content
solution does not become a network bottleneck
processor works outside of the direct flow of traffic and
accelerates the inspection.

3
DATA SHEET | FortiGate® 1500D Series

FORTINET SECURITY FABRIC

Security Fabric
The industry’s highest-performing cybersecurity platform,
powered by FortiOS, with a rich ecosystem designed to Fabric Management Fabric Security
Center Operations
span the extended digital attack surface, delivering fully
automated, self-healing network security. NOC SOC

§ Broad: Coordinated detection and enforcement across the


entire digital attack surface and lifecycle with converged
networking and security across edges, clouds, endpoints
Adaptive Cloud
and users  Security

§ Integrated: Integrated and unified security, operation,


and performance across different technologies, location,
Zero Trust
Access

deployment options, and the richest Ecosystem


FORTI OS
§ Automated: Context aware, self-healing network &
security posture leveraging cloud-scale and advanced AI
to automatically deliver near-real-time, user-to-application
coordinated protection across the Fabric 
Security-Driven Open
The Fabric empowers organizations of any size to secure and Networking Ecosystem

simplify their hybrid infrastructure on the journey to digital FortiGuard


Threat Intelligence
innovation.

FortiOS™
Operating System
FortiOS, Fortinet’s leading operating system enable the The release of FortiOS 7 dramatically expands the Fortinet
convergence of high performing networking and security Security Fabric’s ability to deliver consistent security across
across the Fortinet Security Fabric delivering consistent and hybrid deployment models consisting on appliances, software
context-aware security posture across network endpoint, and and As-a-Service with SASE, ZTNA and other emerging
clouds. The organically built best of breed capabilities and cybersecurity solutions.
unified approach allows organizations to run their businesses
without compromising performance or protection, supports
seamless scalability, and simplifies innovation consumption.

SERVICES

FortiGuard™ FortiCare™
Security Services Services
FortiGuard Labs offers real-time intelligence on the threat Fortinet is dedicated to helping our customers succeed, and
landscape, delivering comprehensive security updates across every year FortiCare services help thousands of organizations
the full range of Fortinet’s solutions. Comprised of security get the most from their Fortinet Security Fabric solution. We
threat researchers, engineers, and forensic specialists, the have more than 1,000 experts to help accelerate technology
team collaborates with the world’s leading threat monitoring implementation, provide reliable assistance through advanced
organizations and other network and security vendors, as well support, and offer proactive care to maximize security and
as law enforcement agencies. performance of Fortinet deployments.

4
DATA SHEET | FortiGate® 1500D Series

SPECIFICATIONS
FG-1500D FG-1500DT FG-1500D FG-1500DT
Hardware Specifications Dimensions and Power
Hardware Accelerated 10 GE SFP+ / 8 4 Height x Width x Length (inches) 3.5 x 17.24 x 21.81
GE SFP Slots
Height x Width x Length (mm) 89 x 438 x 554
Hardware Accelerated GE SFP Slots 16
Weight 32.50 lbs (14.70 kg) 34.39 lbs (15.6 kg)
Hardware Accelerated 10 GE RJ45 – 4
Ports Form Factor Rack Mount, 2 RU
(supports EIA/non-EIA standards)
Hardware Accelerated GE RJ45 Ports 16
AC Power Supply 100–240V AC, 50/60 Hz
GE RJ45 Management / HA Ports 2
Current (Maximum) 110V / 5.5A, 220V / 3A
USB Ports (Client / Server) 1/1
Power Consumption 336 / 403.2 W 230 / 350 W
Console Port 1 (Average / Maximum)
Onboard Storage 2x 240 GB SSD Heat Dissipation 1,375 BTU/h 1,193 BTU/h
Included Transceivers 2x SFP+ (SR 10GE) Redundant Power Supplies Yes, Hot Swappable

System Performance — Enterprise Traffic Mix Operating Environment and Certifications


IPS Throughput 2 13 Gbps Operating Temperature 32–104°F (0–40°C)
NGFW Throughput 2, 4 7 Gbps Storage Temperature -31–158°F (-35–70°C)
Threat Protection Throughput 2, 5 5 Gbps Humidity 10–90% non-condensing
Noise Level 59 dBA
System Performance and Capacity
Forced Airflow Front to Back
IPv4 Firewall Throughput 80 / 80 / 55 Gbps
(1518 / 512 / 64 byte, UDP) Operating Altitude Up to 7,400 ft (2,250 m)
IPv6 Firewall Throughput 80 / 80 / 55 Gbps Compliance FCC Part 15 Class A, RCM, VCCI, CE, UL/
(1518 / 512 / 86 byte, UDP) cUL, CB
Firewall Latency (64 byte, UDP) 3 μs Certifications ICSA Labs: Firewall, IPsec, IPS, Antivirus,
SSL-VPN; USGv6/IPv6
Firewall Throughput 82.5 Mpps
(Packet per Second)
Concurrent Sessions (TCP) 12 Million
New Sessions/Second (TCP) 300,000
Firewall Policies 100,000
IPsec VPN Throughput (512 byte) 1 50 Gbps
Gateway-to-Gateway IPsec VPN 20,000
Tunnels
Client-to-Gateway IPsec VPN Tunnels 100,000
SSL-VPN Throughput 4 Gbps
Concurrent SSL-VPN Users 10,000
(Recommended Maximum, Tunnel
Mode)
SSL Inspection Throughput 5.7 Gbps
(IPS, avg. HTTPS) 3
SSL Inspection CPS 3,100
(IPS, avg. HTTPS) 3
SSL Inspection Concurrent Session 800,000
(IPS, avg. HTTPS) 3
Application Control Throughput 16 Gbps
(HTTP 64K) 2
CAPWAP Throughput (1444 byte, UDP) 20 Gbps
Virtual Domains (Default / Maximum) 10 / 250
Maximum Number of 128
FortiSwitches Supported
Maximum Number of FortiAPs 4,096 / 2,048
(Total / Tunnel)
Maximum Number of FortiTokens 20,000
Maximum Number of Registered 20,000
Endpoints
High Availability Configurations Active-Active, Active-Passive, Clustering

Note: All performance values are “up to” and vary depending on system configuration.
1. IPsec VPN performance test uses AES256-SHA256. 4. NGFW performance is measured with Firewall, IPS and Application Control enabled.
2. IPS (Enterprise Mix), Application Control, NGFW and Threat Protection are measured with 5. Threat Protection performance is measured with Firewall, IPS, Application Control and
Logging enabled. Malware Protection enabled.
3. SSL Inspection performance values use an average of HTTPS sessions of different cipher
suites.

5
DATA SHEET | FortiGate® 1500D Series

ORDERING INFORMATION
Product SKU Description
FortiGate 1500D FG-1500D 8x 10 GE SFP+ slots, 16x GE SFP slots, 18x GE RJ45 ports (including 16x ports, 2x management/HA ports),
SPU NP6 and CP8 hardware accelerated, 480 GB SSD onboard storage, dual AC power supplies.
FortiGate 1500DT FG-1500DT 4x 10 GE SFP+ slots, 4x 10 GE RJ45 ports, 16x GE SFP slots, 18x GE RJ45 ports (including 16x ports, 2x
management/HA ports), SPU NP6 and CP8 hardware accelerated, 480 GB SSD onboard storage, dual AC
power supplies.

Optional Accessories
1 GE SFP LX Transceiver Module FN-TRAN-LX 1 GE SFP LX transceiver module for all systems with SFP and SFP/SFP+ slots.
1 GE SFP RJ45 Transceiver Module FN-TRAN-GC 1 GE SFP RJ45 transceiver module for all systems with SFP and SFP/SFP+slots.
1 GE SFP SX Transceiver Module FN-TRAN-SX 1 GE SFP SX transceiver module for all systems with SFP and SFP/SFP+ slots.
10 GE SFP+ RJ45 Transceiver Module FN-TRAN-SFP+GC 10 GE SFP+ RJ45 transceiver module for systems with SFP+ slots.
10 GE SFP+ Transceiver Module, Short Range FN-TRAN-SFP+SR 10 GE SFP+ transceiver module, short range for all systems with SFP+ and SFP/SFP+ slots.
10 GE SFP+ Transceiver Module, Long Range FN-TRAN-SFP+LR 10 GE SFP+ transceiver module, long range for all systems with SFP+ and SFP/SFP+ slots.
10 GE SFP+ Transceiver Module, Extended Range FN-TRAN-SFP+ER 10 GE SFP+ transceiver module, extended range for all systems with SFP+ and SFP/SFP+ slots.
10 GE SFP+ active direct attach cable, 10m / 32.8 ft SP-CABLE-ADASFP+ 10 GE SFP+ active direct attach cable, 10m / 32.8 ft for all systems with SFP+ and SFP/SFP+ slots.
Rack Mount Sliding Rails SP-FG3040B-RAIL Rack mount sliding rails for FG-1000C/-DC, FG-1500D, FG-3040B/-DC, FG-3140B/-DC, FG-3240C/-DC,
3700D and 3950B/-DC.
AC Power Supply SP-FG1200D-PS AC power supply for FG-1200D, FG-1500D and FG-1500DT.

BUNDLES
360 Enterprise Unified Threat Advanced Threat
Bundles
Protection Protection Protection Protection

FortiGuard FortiCare ASE 1 24x7 24x7 24x7


FortiGuard App Control Service • • • •
Bundle
FortiGuard IPS Service • • • •
FortiGuard Labs delivers FortiGuard Advanced Malware Protection (AMP) — Antivirus, • • • •
a number of security Mobile Malware, Botnet, CDR, Virus Outbreak Protection and
intelligence services to FortiSandbox Cloud Service
augment the FortiGate FortiGuard Web and Video2 Filtering Service • • •
firewall platform. You
FortiGuard Antispam Service • • •
can easily optimize the
protection capabilities of FortiGuard Security Rating Service • •
your FortiGate with one of FortiGuard IoT Detection Service • •
these FortiGuard Bundles.
FortiGuard Industrial Service • •
FortiConverter Service • •
SD-WAN Orchestrator Entitlement •
SD-WAN Cloud Assisted Monitoring •
SD-WAN Overlay Controller VPN Service •
Fortinet SOCaaS •
FortiAnalyzer Cloud •
FortiManager Cloud •

1. 24x7 plus Advanced Services Ticket Handling 2. Available when running FortiOS 7.0

www.fortinet.com

Copyright © 2021 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product
or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other
conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser
that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any
such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise
revise this publication without notice, and the most current version of the publication shall be applicable.

FG-1500D-DAT-R37-20210316

You might also like