FortiGate 200G

Artificial Intelligence, Machine Learning Security with Deep Visibility :

• The FortiGate 200G series next-generation firewall (NGFW) combines artificial intelligencern(AI)-powered security and machine learning (ML) to deliver threat protection at any scale.rnGet deeper visibility into your network and see applications, users, and devices before theyrnbecome threats.
• rnPowered by a rich set of AI/ML security capabilities that extend into an integrated securityrnfabric platform, the FortiGate 200G Series delivers secure networking that is broad, deep,rnand automated. Secure your network end to end with advanced edge protection that includesrnweb, content, and device security, while network segmentation and secure SD-WAN reducerncomplexity and risk in hybrid IT networks. This security fabric seamlessly extends across yourrnentire environment, including a Hybrid Mesh Firewall architecture, ensuring consistent policyrnenforcement and threat protection across all network segments.rn
• Universal zero-trust network access (ZTNA) automatically controls, verifies, and facilitates userrnaccess to applications, reducing lateral threats by providing access only to validated users.rnUltra-fast threat protection and SSL inspection provides security at the edge you can seernwithout impacting performance.

Use Cases

Next Generation Firewall (NGFW) 

• FortiGuard Labs’ suite of AI-Powered Security Services, natively integrated with your NGFW,rnsecures web, content, and devices and protects networks from ransomware, malware, zerorndays, and sophisticated AI-powered cyberattacks 
• Real-time SSL inspection (including TLS 1.3) provides full visibility into users, devices, andrnapplications across the attack surface
• Fortinet’s patented SPU technology provides industry-leading high-performance protection.

Secure SD-WAN 

• FortiGate WAN Edge powered by one OS and unified security and management frameworkrnand systems transforms and secures WANs
• Delivers superior quality of experience and effective security posture for hybrid workingrnmodels, SD-Branch, and cloud-first WAN use cases 
• Achieve operational efficiencies at any scale through automation, deep analytics, and selfhealing.

Universal ZTNA 

• Control access to applications no matter where the user is and no matter where thernapplication is hosted for universal application of access policies
• Provide extensive authentications, checks, and enforce policy prior to granting applicationrnaccess every time 
• Agent-based access with FortiClient or agentless access via proxy portal for guest or BYODrn

Segmentation

• Dynamic segmentation adapts to any network topology to deliver true end-to-end securityrnfrom the branch to the data center and across multi-cloud environments
• Ultra-scalable, low latency, VXLAN segmentation bridges physical and virtual domains withrnLayer 4 firewall rules
• Prevents lateral movement across the network with advanced, coordinated protection fromrnFortiGuard Security Services, detects and prevents known, zero-day, and unknown attacks.

FortiGuard AI-Powered Security Servicesrn

• FortiGuard AI-Powered Security Services is part of Fortinet’s layered defense and tightlyrnintegrated into our FortiGate NGFWs and other products. Infused with the latest threatrnintelligence from FortiGuard Labs, these services protect organizations against modern attackrnvectors and threats, including zero-day and sophisticated AI-powered attacks.

rnNetwork and file security

• rnNetwork and file security services protect against network and file-based threats. With overrn18,000 signatures, our industry-leading intrusion prevention system (IPS) uses AI/ML modelsrnfor deep packet/SSL inspection, detecting and blocking malicious content, and applying virtualrnpatches for newly discovered vulnerabilities. Anti-malware protection defends against bothrnknown and unknown file-based threats, combining antivirus and sandboxing for multi-layeredrnsecurity. Application control improves security compliance and provides real-time visibility intornapplications and usage.rn

Web/DNS securityrn

• Web/DNS security services protect against DNS-based attacks, malicious URLs (includingrnthose in emails), and botnet communications. DNS filtering blocks the full spectrum of DNSbased attacks while URL filtering uses a database of over 300 million URLs to identify andrnblock malicious links. Meanwhile, IP reputation and anti-botnet services guard against botnetrnactivity and DDoS attacks. FortiGuard Labs blocks over 500 million malicious/phishing/rnspam URLs weekly, and blocks 32,000 botnet command-and-control attempts every minute,rndemonstrating the robust protection offered through Fortinet.rn

SaaS and data securityrn

• SaaS and data security services cover key security needs for application use and datarnprotection. This includes data loss prevention to ensure visibility, management, and protectionrn(blocking exfiltration) of data in motion across networks, clouds, and users. Our inline cloudrnaccess security broker service protects data in motion, at rest, and in the cloud, enforcingrncompliance standards and managing account, user, and cloud app usage. Services also assessrninfrastructure, validate configurations, and highlight risks and vulnerabilities, including IoTrndevice detection and vulnerability correlation.rn

Zero-Day threat preventionrn

• Zero-day threat prevention is achieved through AI-powered inline malware prevention tornanalyze file content to identify and block unknown malware in real time, delivering sub-secondrnprotection across all NGFWs. The service also integrates the MITRE ATT&CK matrix to speedrnup investigations. Integrated into FortiGate NGFWs, the service provides comprehensiverndefense by blocking unknown threats, streamlining incident response, and reducing securityrnoverhead.

rnOT securityrn

• With over 1000 virtual patches, 1100+ OT applications, and 3300+ protocol rules, integratedrnOT security capabilities detect threats targeting OT infrastructure, perform vulnerabilityrncorrelation, apply virtual patching, and utilize industry-specific protocol decoders for robustrndefense of OT environments and devices.

FortiOS Everywhere

• FortiOS, Fortinet’s Real-Time Network Security Operating SystemrnFortiOS is the operating system that powers Fortinet Security Fabric platform, enablingrnenforcement of security policies and holistic visibility across the entire attack surface.rnFortiOS provides a unified framework for managing and securing networks, cloud-based,rnhybrid, or a convergence of IT, OT, and IoT. FortiOS enables seamless and efficientrninteroperation across Fortinet products with consistent and consolidated AI-poweredrnprotection across today’s hybrid environments.rn
• Unlike traditional point solutions, Fortinet adopts a holistic approach to cybersecurity,rnaiming to reduce complexities, eliminate security silos, and improve operational efficiencies.rnBy consolidating security functions into a single platform, FortiOS simplifies management,rnreduces costs, and enhances overall security posture. Together, FortiGate and FortiOS creaternintelligent, adaptive protection to help organizations reduce complexity, eliminate securityrnsilos, and optimize user experience.rn
• By integrating generative AI (GenAI), FortiOS further enhances the ability to analyze networkrntraffic and threat intelligence, detects deviations or anomalies more effectively, and providesrnmore precise remediation recommendations, ensuring minimum performance impact withoutrncompromising security.

Trusted Platform Module (TPM)

• The FortiGate 200G series features a dedicated module that hardens physical networkingrnappliances by generating, storing, and authenticating cryptographic keys. Hardware-basedrnsecurity mechanisms protect against malicious software and phishing attacks.rn

Dual power supply

• Power supply redundancy is essential in the operation of mission-critical networks. ThernFortiGate 200G series offers dual built-in non-hot swappable power supplies.rn

Access layer securityrn

• FortiLink protocol enables you to converge security and network access by integrating thernFortiSwitch into the FortiGate as a logical extension of the firewall. These FortiLink-enabledrnports can be reconfigured as regular ports as needed.rn

Signed Firmware Hardware Switchrn

• The signed firmware switch is a physical security switch. It is by default set to the highestrnsecurity level. The highest security level ensures that only an appropriately validated FortiOSrnfirmware can be loaded on the FortiGate. This feature adds an additional physical layer ofrnsecurity to the FortiGate, acting as a key deterrent to and reducing risk of compromise.

Specifications

Interfaces and Modules

• GE RJ45 Ports : 8
• rnGE RJ45 Management / HA 1 / 1rn
• 5/2.5/GE RJ45 Ports 8
• rnGE SFP Slots 4rn
• 10/GE SFP/+ FortiLink Slots (default) 8
• rnUSB Port 1rnConsole Port 1
• Onboard Storage 0 1x 480 GB SSD

System Performance — Enterprise Traffic Mix

• IPS Throughput 2 9 Gbpsrn
• NGFW Throughput 2, 4 7 Gbpsrn
• Threat Protection Throughput 2, 5 6 Gbps 

System Performance and Capacity

• IPv4 Firewall Throughputrn(1518 / 512 / 64 byte, UDP) : 39 / 39 / 26.5 Gbps
• rnIPv6 Firewall Throughputrn(1518 / 512 / 64 byte, UDP) : 39 / 39 / 26.5 Gbps
• rnFirewall Latency (64 byte, UDP) : 4.36 ?s
• rnFirewall Throughput (Packet per Second)  : 39.75 Mpps
• rnConcurrent Sessions (TCP) : 11 Millionrn
• New Sessions/Second (TCP)  : 400 000rn
• Firewall Policies : 10 000
• rnIPsec VPN Throughput (512 byte) 1 : 36 Gbpsrn
• Gateway-to-Gateway IPsec VPN Tunnels: 2000
• rnClient-to-Gateway IPsec VPN Tunnels :16 000rn
• SSL-VPN Throughput6  : 3 Gbpsrn
• Concurrent SSL-VPN Usersrn(Recommended Maximum, Tunnel Mode) :500rn
• SSL Inspection Throughputrn(IPS, avg. HTTPS) 3 : 7 Gbps
• rnSSL Inspection CPS (IPS, avg. HTTPS) 3 : 7100rn
• SSL Inspection Concurrent Sessionrn(IPS, avg. HTTPS) 3 :rn900 000rn
• Application Control Throughputrn(HTTP 64K) : 27.8 Gbps
• rnCAPWAP Throughput (HTTP 64K) :37.5 Gbpsrn
• Virtual Domains (Default / Maximum):  10 / 25
• rnMaximum Number of FortiSwitchesrnSupported  : 64rn
• Maximum Number of FortiAPsrn(Total / Tunnel)rn256:  / 128
• rnMaximum Number of FortiTokens: 5000
• rnHigh Availability Configurations :Active-Active, Active-Passive, Clustering.