Data Sheet

FortiGate 100F Series

Highlights Artificial Intelligence, Machine Learning Security with Deep Visibility

The FortiGate 100F series next-generation firewall (NGFW) combines artificial intelligence
Gartner® Magic
(AI)-powered security and machine learning (ML) to deliver threat protection at any scale.
Quadrant™ Leaders for
both Network Firewalls and
Get deeper visibility into your network and see applications, users, and devices before they
WAN Edge Infrastructure become threats.

Secure Networking with Powered by Fortinet ASIC technology, the 100F series delivers industry-leading threat
FortiOS for converged detection capabilities, allowing for faster identification and mitigation of cyberthreats.
networking and security Powered by a rich set of AI/ML security capabilities that extend into an integrated Security
Fabric platform, the FortiGate 100F series delivers secure networking that is broad, deep, and
State-of-the-art
unparalleled performance
automated. Secure your network end to end with advanced edge protection that includes
with Fortinet’s patented web, content, and device security, while network segmentation and secure SD-WAN reduce
SPU and vSPU processors complexity and risk in hybrid IT networks.

Enterprise security Universal zero-trust network access (ZTNA) automatically controls, verifies, and facilitates user
with consolidated AI/ access to applications, reducing lateral threats by providing access only to validated users.
ML-powered FortiGuard Ultra-fast threat protection and SSL inspection provides security at the edge you can see
services without impacting performance.
Deep visibility into
IPS NGFW Threat Protection Interfaces
applications, users, and
devices beyond traditional 2.6 Gbps 1.6 Gbps 1 Gbps Multiple GE RJ45, GE SFP and 10 GE SFP+
firewall techniques slots
FortiGate 100F Series Data Sheet

Use Cases
Next Generation Firewall (NGFW)
• FortiGuard Labs’ suite of AI-Powered Security Services, natively integrated with your NGFW,
secures web, content, and devices and protects networks from ransomware, malware, zero
days, and sophisticated AI-powered cyberattacks
• Real-time SSL inspection (including TLS 1.3) provides full visibility into users, devices, and
applications across the attack surface
• Fortinet’s patented SPU technology provides industry-leading high-performance protection

Secure SD-WAN
• FortiGate WAN Edge powered by one OS and unified security and management framework
and systems transforms and secures WANs
• Delivers superior quality of experience and effective security posture for hybrid working
models, SD-Branch, and cloud-first WAN use cases
• Achieve operational efficiencies at any scale through automation, deep analytics, and self-
healing

Universal ZTNA
• Control access to applications no matter where the user is and no matter where the
application is hosted for universal application of access policies
• Provide extensive authentications, checks, and enforce policy prior to granting application
access every time
• Agent-based access with FortiClient or agentless access via proxy portal for guest or BYOD

Segmentation
• Dynamic segmentation adapts to any network topology to deliver true end-to-end security
from the branch to the data center and across multi-cloud environments
• Ultra-scalable, low latency, VXLAN segmentation bridges physical and virtual domains with
Layer 4 firewall rules
• Prevents lateral movement across the network with advanced, coordinated protection from
FortiGuard Security Services, detects and prevents known, zero-day, and unknown attacks

2
FortiGate 100F Series Data Sheet

FortiGuard AI-Powered Security Services

FortiGuard AI-Powered Security Services is part of Fortinet’s layered defense and tightly
integrated into our FortiGate NGFWs and other products. Infused with the latest threat
intelligence from FortiGuard Labs, these services protect organizations against modern attack
vectors and threats, including zero-day and sophisticated AI-powered attacks.

Network and file security

Network and file security services protect against network and file-based threats. With over
18,000 signatures, our industry-leading intrusion prevention system (IPS) uses AI/ML models
for deep packet/SSL inspection, detecting and blocking malicious content, and applying virtual
patches for newly discovered vulnerabilities. Anti-malware protection defends against both
known and unknown file-based threats, combining antivirus and sandboxing for multi-layered
security. Application control improves security compliance and provides real-time visibility into
applications and usage.

Web/DNS security
Web/DNS security services protect against DNS-based attacks, malicious URLs (including
those in emails), and botnet communications. DNS filtering blocks the full spectrum of DNS-
based attacks while URL filtering uses a database of over 300 million URLs to identify and
block malicious links. Meanwhile, IP reputation and anti-botnet services guard against botnet
activity and DDoS attacks. FortiGuard Labs blocks over 500 million malicious/phishing/
spam URLs weekly, and blocks 32,000 botnet command-and-control attempts every minute,
demonstrating the robust protection offered through Fortinet.

SaaS and data security

SaaS and data security services cover key security needs for application use and data
protection. This includes data loss prevention to ensure visibility, management, and protection
(blocking exfiltration) of data in motion across networks, clouds, and users. Our inline cloud
access security broker service protects data in motion, at rest, and in the cloud, enforcing
compliance standards and managing account, user, and cloud app usage. Services also assess
infrastructure, validate configurations, and highlight risks and vulnerabilities, including IoT
device detection and vulnerability correlation.

Zero-Day threat prevention

Zero-day threat prevention is achieved through AI-powered inline malware prevention to
analyze file content to identify and block unknown malware in real time, delivering sub-second
protection across all NGFWs. The service also integrates the MITRE ATT&CK matrix to speed
up investigations. Integrated into FortiGate NGFWs, the service provides comprehensive
defense by blocking unknown threats, streamlining incident response, and reducing security
overhead.

OT security
With over 1000 virtual patches, 1100+ OT applications, and 3300+ protocol rules, integrated
OT security capabilities detect threats targeting OT infrastructure, perform vulnerability
correlation, apply virtual patching, and utilize industry-specific protocol decoders for robust
defense of OT environments and devices.

3
 FortiGate 100F Series Data Sheet

FortiOS Everywhere
FortiOS, Fortinet’s Real-Time Network Security Operating System
FortiOS is the operating system that powers Fortinet Security Fabric platform, enabling
enforcement of security policies and holistic visibility across the entire attack surface.
Available in FortiOS provides a unified framework for managing and securing networks, cloud-based,
hybrid, or a convergence of IT, OT, and IoT. FortiOS enables seamless and efficient
interoperation across Fortinet products with consistent and consolidated AI-powered
protection across today’s hybrid environments.
Appliance Unlike traditional point solutions, Fortinet adopts a holistic approach to cybersecurity,
aiming to reduce complexities, eliminate security silos, and improve operational efficiencies.
By consolidating security functions into a single platform, FortiOS simplifies management,
reduces costs, and enhances overall security posture. Together, FortiGate and FortiOS create
intelligent, adaptive protection to help organizations reduce complexity, eliminate security
silos, and optimize user experience.
Virtual
By integration generative AI (GenAI), FortiOS further enhances the ability to analyze network
traffic and threat intelligence, detects deviations or anomalies more effectively, and provides
more precise remediation recommendations, ensuring minimum performance impact without
compromising security.

Learn more about what’s new in FortiOS. https://www.fortinet.com/products/fortigate/fortios

Hosted

Cloud

Intuitive easy to use view into the network and Comprehensive view of network performance,
Container endpoint vulnerabilities security, and system status

4
FortiGate 100F Series Data Sheet

Fortinet ASICs: Unrivaled Security, Unprecedented Performance

Powered by the only purpose-built SPU
Traditional firewalls cannot protect against today’s content and connection-based threats
because they rely on off-the-shelf general-purpose central processing units (CPUs), leaving
a dangerous security gap. Fortinet’s custom SPUs deliver the power you need to radically
increase speed, scale, and efficiency while greatly improving user experience and reducing
footprint and power requirements. Fortinet’s SPUs deliver up to 520 Gbps of protected
throughput to detect emerging threats and block malicious content while ensuring your
network security solution does not become a performance bottleneck.

Fortinet ASICs are designed to be energy-efficient, leading to lower power consumption and
improved TCO. They deliver industry-leading throughput, handle more traffic and perform
security inspections faster, reduce latency for quicker packet processing and minimize network
delays.

Fortinet SPUs are designed with integrated security functions like zero trust, SSL, IPS, and
VXLAN to name but a few, dramatically improving the performance of these functions that
competitors traditionally implement in software.

Secure SD-WAN ASIC SP4

• Combines a RISC-based CPU with Fortinet’s proprietary SPU content and network
processors for unmatched performance
• Delivers the industry’s fastest application identification and steering for efficient business
operations
• Accelerates IPsec VPN performance for the best user experience on direct internet access
• Enables best-of-breed NGFW security and deep SSL inspection with high performance
• Extends security to the access layer to enable SD-Branch transformation with accelerated
and integrated switch and access point connectivity

5
FortiGate 100F Series Data Sheet

FortiManager
Centralized management at scale for distributed enterprises
FortiManager, powered by FortiAI, is a centralized management solution for the Fortinet
Security Fabric. It streamlines mass provisioning and policy management for FortiGate,
FortiGate VM, cloud security, SD-WAN, SD-Branch, FortiSASE, and ZTNA in hybrid
environments. Additionally, FortiManager provides real-time monitoring of the entire managed
infrastructure and automates network operation workflows. Leveraging GenAI in FortiAI, it
further enhances Day 0–1 configurations and provisioning, and Day N troubleshooting and
maintenance, unlocking the full potential of the Fortinet Security Fabric and significantly
boosting operational efficiency.

GenAI in FortiManager helps manage networks

effortlessly—generates configuration and policy
scripts, troubleshoots issues, and executes
recommended actions.

FortiConverter Service
Migration to FortiGate NGFW made easy
The FortiConverter Service provides hassle-free migration to help organizations transition
quickly and easily from a wide range of legacy firewalls to FortiGate NGFWs. The service
eliminates errors and redundancy by employing best practices with advanced methodologies
and automated processes. Organizations can accelerate their network protection with the
latest FortiOS technology.

FortiCare Services
Expertise at your service
Fortinet prioritizes customer success through FortiCare Services, optimizing the Fortinet
Security Fabric solution. Our comprehensive life-cycle services include Design, Deploy,
Operate, Optimize, and Evolve. The FortiCare Elite, one of the service offerings, provides
heightened SLAs and swift issue resolution with a dedicated support team. This advanced
support option includes an extended end-of-engineering support of 18 months, providing
flexibility and access to the intuitive FortiCare Elite portal for a unified view of device and
security health, streamlining operational efficiency and maximizing Fortinet deployment
performance.

6
 FortiGate 100F Series Data Sheet

Hardware
FortiGate 100F Series

DMZ WAN 1 HA1 1 3 5 7 9 11 X1 13 15 17 19

Shared Interfaces
17 19 Interfaces
FortiGate 101F

1. 1 x USB Port
USB CONSOLE
STATUS
ALARM
HA
POWER

2. 1 x Console Port
MGMT WAN 2 HA2 2 4 6 8 10 12 X2 14 16 18 20 18 20

3. 2 x GE RJ45 MGMT/DMZ
Ports
1 2 3 4 5 6 7 8 9
4. 2 x GE RJ45 WAN Ports
5. 2 x GE RJ45 HA Ports
6. 12 x GE RJ45 Ports
7. 2 x 10 GE SFP+ FortiLink
Slots
8. 4 x GE SFP Slots
9. 4 x GE RJ45/ SFP Shared
Hardware Features Media Pairs

SP4 1RU DUAL AC 480GB

Dual power supply

Power supply redundancy is essential in the operation of mission-critical networks. The
FortiGate 100F series offers dual built-in non-hot swappable power supplies.

Access layer security

FortiLink protocol enables you to converge security and network access by integrating the
FortiSwitch into the FortiGate as a logical extension of the firewall. These FortiLink-enabled
ports can be reconfigured as regular ports as needed.

7
 FortiGate 100F Series Data Sheet

Specifications
FORTIGATE 100F FORTIGATE 101F FORTIGATE 100F FORTIGATE 101F
Interfaces and Modules Dimensions and Power
Hardware Accelerated GE RJ45 Ports 12 Height x Width x Length (inches) 1.73 x 17 x 10
Hardware Accelerated GE RJ45 1/2/1 Height x Width x Length (mm) 44 x 432 x 254
Management/ HA/ DMZ Ports
Weight 7.25 lbs (3.29 kg) 7.56 lbs (3.43 kg)
Hardware Accelerated GE SFP Slots 4
Form Factor Rack Mount, 1 RU
Hardware Accelerated 10 GE SFP+ 2 (supports EIA/non-EIA standards)
FortiLink Slots (default)
AC Power Supply 100–240V AC, 50/60 Hz
GE RJ45 WAN Ports 2
Power Consumption 26.5 W / 29.5 W 35.3 W / 39.1 W
GE RJ45 or SFP Shared Ports * 4 (Average / Maximum)
USB Port 1 Current (Maximum) 100V / 1A, 240V / 0.5A
Console Port 1 Heat Dissipation 100.6 BTU/h 121.13 BTU/h
Onboard Storage 0 1x 480 GB SSD Redundant Power Supplies Yes
(Default dual non-swappable AC PSU for
Trusted Platform Module (TPM) —
1+1 Redundancy)
Bluetooth Low Energy (BLE) —
Power Supply Efficiency Rating 80Plus Compliant
Signed Firmware Hardware Switch —
Included Transceivers 0 Operating Environment and Certifications

System Performance — Enterprise Traffic Mix Operating Temperature 32°F to 104°F (0°C to 40°C)

IPS Throughput 2
2.6 Gbps Storage Temperature -31°F to 158°F (-35°C to 70°C)

NGFW Throughput 2, 4 1.6 Gbps Humidity 10% to 90% non-condensing

Threat Protection Throughput 2, 5 1 Gbps Noise Level 40.4 dBA

Forced Airflow Side to Back
System Performance and Capacity
Operating Altitude Up to 10 000 ft (3048 m)
IPv4 Firewall Throughput 20 / 18 / 10 Gbps
(1518 / 512 / 64 byte, UDP) Compliance FCC Part 15B, Class A, CE, RCM, VCCI,
UL/cUL, CB, BSMI
Firewall Latency (64 byte, UDP) 4.97 μs
Certifications USGv6/IPv6
Firewall Throughput (Packet per Second) 15 Mpps
Concurrent Sessions (TCP) 1.5 Million
* Latency based on Ultra Low Latency (ULL ports)
New Sessions/Second (TCP) 56 000
Firewall Policies 10 000
IPsec VPN Throughput (512 byte) 1 11.5 Gbps
Gateway-to-Gateway IPsec VPN Tunnels 2000
Client-to-Gateway IPsec VPN Tunnels 16 000
SSL-VPN Throughput 1 Gbps
Concurrent SSL-VPN Users 500
(Recommended Maximum, Tunnel Mode)
SSL Inspection Throughput 1 Gbps
(IPS, avg. HTTPS) 3
SSL Inspection CPS (IPS, avg. HTTPS) 3 1800
SSL Inspection Concurrent Session 135 000
(IPS, avg. HTTPS) 3
Application Control Throughput 2.2 Gbps
(HTTP 64K) 2
CAPWAP Throughput (HTTP 64K) 15 Gbps
Virtual Domains (Default / Maximum) 10 / 10
Maximum Number of FortiSwitches 32
Supported
Maximum Number of FortiAPs 128 / 64
(Total / Tunnel)
Maximum Number of FortiTokens 5000
High Availability Configurations Active-Active, Active-Passive, Clustering

Note: All performance values are “up to” and vary depending on system configuration.
1
IPsec VPN performance test uses AES256-SHA256. 4
NGFW performance is measured with Firewall, IPS and Application Control enabled.
2
IPS (Enterprise Mix), Application Control, NGFW and Threat Protection are measured 5
Threat Protection performance is measured with Firewall, IPS, Application Control and
with Logging enabled. Malware Protection enabled.
3
SSL Inspection performance values use an average of HTTPS sessions of different 6
Uses RSA-2048 certificate.
cipher suites.

8
 FortiGate 100F Series Data Sheet

Subscriptions
Bundles

Enterprise Unified Threat Advanced Threat

Service Category Service Offering A-la-carte ​ Protection Protection Protection
FortiGuard Security IPS — IPS, Malicious/Botnet URLs • • • •
Services
Anti-Malware Protection (AMP)—AV, Botnet Domains, Mobile Malware, • • • •
Virus Outbreak Protection, Content Disarm and Reconstruct 3,
AI‑based Heurestic AV, FortiGate Cloud Sandbox
URL, DNS and Video Filtering — URL, DNS and Video 3 Filtering, • • •
Malicious Certificate
Anti-Spam • •

AI-based Inline Malware Prevention 3

• •

Data Loss Prevention (DLP) 1 • •

Attack Surface Security — IoT Device Detection, IoT Vulnerability • •

Correlation and Virtual Patching, Security Rating, Outbreak Check
OT Security—OT Device Detection, OT vulnerability correlation and •
Virtual Patching, OT Application Control and IPS 1
Application Control included with FortiCare Subscription

Inline CASB 3 included with FortiCare Subscription

SD-WAN and SASE SD-WAN Underlay Bandwidth and Quality Monitoring •

Services
SD-WAN Overlay-as-a-Service •

SD-WAN Connector for FortiSASE Secure Private Access •

SASE connector for FortiSASE Secure Edge Management •

(with 10Mbps Bandwidth) 2
NOC and SOC FortiConverter Service for one time configuration conversion • •
Services
Managed FortiGate Service—available 24x7, with Fortinet NOC experts •
performing device setup, network, and policy change management
FortiGate Cloud—Management, Analysis, and One Year Log Retention •
FortiManager Cloud •
FortiAnalyzer Cloud •
FortiGuard SOCaaS—24x7 cloud-based managed log monitoring, •
incident triage, and SOC escalation service
Hardware and FortiCare Essentials 2 •
Software Support
FortiCare Premium • • • •
FortiCare Elite •
Base Services Device/OS Detection, GeoIPs, Trusted CA Certificates, Internet included with FortiCare Subscription
Services and Botnet IPs, DDNS (v4/v6), Local Protection, PSIRT Check,
Anti-Phishing

1. Full features available when running FortiOS 7.4.1.

2. Desktop Models only.
3. Not available for FortiGate/FortiWiFi 40F, 60E, 60F, 80E, and 90E series from 7.4.4 onwards.

FortiGuard Bundles
FortiGuard AI-Powered Security Bundles provide a comprehensive and meticulously curated selection of security
services to combat known, unknown, zero-day, and emerging AI-based threats. These services are designed
to prevent malicious content from breaching your defenses, protect against web-based threats, secure devices
throughout IT/OT/IoT environments, and ensure the safety of applications, users, and data. All bundles include
FortiCare Premium Services featuring 24x7x365 availability, one-hour response for critical issues, and next-
business-day response for noncritical matters.

9
 FortiGate 100F Series Data Sheet

Ordering Information
Product SKU Description
FortiGate 100F FG-100F 22x GE RJ45 ports (including 2x WAN ports, 1x DMZ port, 1x Mgmt port, 2x HA ports, 16x switch ports
with 4 SFP port shared media), 4 SFP ports, 2x 10 GE SFP+ FortiLinks, dual power supplies redundancy.
FortiGate 101F FG-101F 22x GE RJ45 ports (including 2x WAN ports, 1x DMZ port, 1x Mgmt port, 2x HA ports, 16x switch ports
with 4 SFP port shared media), 4 SFP ports, 2x 10 GE SFP+ FortiLinks, 480 GB onboard storage, dual
power supplies redundancy.

Transceivers
1 GE SFP RJ45 Transceiver Module FN-TRAN-GC 1 GE SFP RJ45 transceiver module for all systems with SFP and SFP/SFP+slots.
1 GE SFP SX Transceiver Module FN-TRAN-SX 1 GE SFP SX transceiver module for all systems with SFP and SFP/SFP+ slots.
1 GE SFP LX Transceiver Module FN-TRAN-LX 1 GE SFP LX transceiver module for all systems with SFP and SFP/SFP+ slots.
10 GE SFP+ RJ45 Transceiver Module FN-TRAN-SFP+GC 10 GE SFP+ RJ45 transceiver module for systems with SFP+ slots.
10 GE SFP+ Transceiver Module, Short Range FN-TRAN-SFP+SR 10 GE SFP+ transceiver module, short range for all systems with SFP+ and SFP/SFP+ slots.
10 GE SFP+ Transceiver Module, Long Range FN-TRAN-SFP+LR 10 GE SFP+ transceiver module, long range for all systems with SFP+ and SFP/SFP+ slots.
10 GE SFP+ Transceiver Module, Extended Range FN-TRAN-SFP+ER 10 GE SFP+ transceiver module, extended range for all systems with SFP+ and SFP/SFP+ slots.
10 GE SFP+ Transceiver Module, 80km Extreme Long FN-TRAN-SFP+ZR 10 GE SFP+ transceiver module, 80km extreme long range, for systems with SFP+ and SFP/SFP+ slots.
Range
10 GE SFP+ Transceiver Module, 30 km Long Range FN-TRAN-SFP+BD27 10 GE SFP+ transceiver module, 30KM long range single BiDi for systems with SFP+ and SFP/SFP+
slots (connects to FN-TRAN-SFP+BD33, ordered separately).
10 GE SFP+ Transceiver Module, 30 km Long Range FN-TRAN-SFP+BD33 10 GE SFP+ transceiver module, 30KM long range single BiDi for systems with SFP+ and SFP/SFP+
slots (connects to FN-TRAN-SFP+BD27, ordered separately).
Cables
10 GE SFP+ Passive Direct Attach Cable 1m FN-CABLE-SFP+1 10 GE SFP+ passive direct attach cable, 1m for systems with SFP+ and SFP/SFP+ slots.
10 GE SFP+ Passive Direct Attach Cable 3m FN-CABLE-SFP+3 10 GE SFP+ passive direct attach cable, 3m for systems with SFP+ and SFP/SFP+ slots.
10 GE SFP+ Passive Direct Attach Cable 5m FN-CABLE-SFP+5 10 GE SFP+ passive direct attach cable, 5m for systems with SFP+ and SFP/SFP+ slots.

Visit https://www.fortinet.com/resources/ordering-guides for related ordering guides.

10
Fortinet Corporate Social Responsibility Policy
Fortinet is committed to driving progress and sustainability for all through cybersecurity, with respect for human rights and
ethical business practices, making possible a digital world you can always trust. You represent and warrant to Fortinet that you
will not use Fortinet’s products and services to engage in, or support in any way, violations or abuses of human rights, including
those involving illegal censorship, surveillance, detention, or excessive use of force. Users of Fortinet products are required
to comply with the Fortinet EULA and report any suspected violations of the EULA via the procedures outlined in the Fortinet
Whistleblower Policy.

www.fortinet.com

Copyright © 2024 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product
or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other
conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s SVP Legal and above, with a
purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute
clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer,
or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.

October 7, 2024

FG-100F-DAT-R38-20241007