Fortinet launches its next-gen firewall, NP7 security processing unit

The FortiGate 1800F has custom silicon to handle security issues and maintain application performance.

fg-1800f-side2.jpg

Fortinet launched its next-generation firewall powered by its NP7 network processor, which aims to accelerate security operations much like graphics processors boost computing performance.

The firewall, the FortiGate 1800F Next-Generation Firewall, is designed to address hyperscale data centers and scale to address emerging threats, improve performance and enforce policies.

John Maddison, executive vice president of products and chief marketing officer at Fortinet, said the company developed its own processor for its systems to better manage security across the Internet of things, mobile devices and multi-cloud deployments.

NP7 is essentially designed to be a security processing unit. "NP7 will help us build out hyperscale protection going forward," said Maddison, who noted that NP7's predecessor NP6 launched in 2012. "Think of it as a complete firewall on a chip."

CEO Ken Xie touted the NP7 processor as Fortinet reported better-than-expected fourth quarter earnings. For 2019, Fortinet delivered revenue of $2.16 billion, up 20% from a year ago. "We are focused on continuing to gain market share by investing in network security, the build out of our Security Fabric platform, and innovations in the areas of 5G, IoT, edge and cloud security," said Xie.

Fortinet decided to build its own custom processors instead of going with off-the-shelf central processing units. The reason is that security traffic has become an infrastructure bottleneck. Offloading security traffic to Fortinet's NP7 can maintain application performance.

fortinet-spu.png

The FortiGate 1800F has multiple 40G interfaces to allow enterprises to segment traffic. The firewall also adapts to segmented users, devices and application regardless of their location.

Other FortiGate 1800F features include:

  • The highest SSL inspection performance with a Security Compute Rating of 20x and support for the latest TLS 1.3 standard.
  • Hardware accelerated virtual extension local area network, or VXLAN. The idea here is that VXLAN enables fast communication between scaled services co-hosted on virtual and physical platforms.
  • The ability to secure artificial intelligence and machine learning workloads as well as large datasets.

Fortinet also launched its FortiOS 6.4, a security fabric that aims to automate workflows across infrastructure and attack vectors. The platform gets more than 350 new features including an SD-WAN orchestrator, application optimization, segmentation visibility, zero-trust network access, improved profiling of devices, AI-driven security operations and support for AWS Outposts and Google Cloud Anthos.

Maddison noted that Fortinet's hardware portfolio all runs on the same security platform and architecture. "The operating system on the current platform is the same for all. We keep all the APIs consistent with policies, so partners don't have to change," he said.

In addition, the company launched FortiGuard Labs via the Fortinet 360 Protection Bundle, which includes operational, support and security services as well as its platform.