FortiCore. FortiCore 3600E, 3700E and 3800E

Similar documents
FortiCore E-Series. SDN Security Appliances. Highlights. Securing Software Defined Networking (SDN) Architectures. Key Features & Benefits

FortiSwitch Secure Access Series

FortiVoice Enterprise Phone Systems

FortiFone IP Telephones

FortiVoice Enterprise Phone Systems

FortiSwitch D-Series. Secure Access Switches. Highlights

FortiSwitch Secure Access Series

FortiGate 3800D Series

FortiVoice Enterprise

FortiVoice Enterprise

FortiFone IP Telephones

Fortinet Antennas. Product Offerings DATA SHEET. FAN-612R Sector/Patch Outdoor. FAN-612N Sector/Patch Outdoor. FAN-500N Point-to-Point Outdoor

FortiSwitch D-Series. Secure Access Switches. Highlights

FortiSwitch Data Center Series

PROTECTING YOUR NETWORK FROM THE INSIDE-OUT

FortiMail. FortiMail 60D, 200E, 400E, 1000D, 2000E, 3000E, 3200E and VM

FortiADC Transparent Mode Configuration Guide VERSION 1.0.0

FortiMail. Threat Prevention. Data Protection. Security Fabric Integration. FortiMail 60D, 200E, 400E, 1000D, 2000E, 3000E, 3200E and VM

FortiDDoS. FortiDDoS 200B, 400B, 600B, 800B, 900B, 1000B, 1000B-DC and 1200B

FortiDDoS. DDoS Attack Mitigation Appliances. Advanced DDoS Protection for Enterprise Data Centers. The Ever-Changing DDoS Attack

FortiClient (Android) - Release Notes VERSION 5.4.0

THE CRITICAL ELEMENTS OF AN IoT SECURITY SOLUTION

WHITE PAPER. Protecting Financial Services Networks From the Inside-Out. Internal Segmentation Firewall (ISFW)

FortiMail AWS Deployment Guide

FortiADC with MS Exchange 2016 Deployment Guide

FortiDDoS. FortiDDoS 200B, 400B, 600B, 800B, 900B, 1000B, 1000B-DC and 1200B

FortiVoice Phone System Release Notes VERSION GA

FortiAP-C Series. Cloud Management. Ease of Deployment. Simple Pricing. Cloud-managed Access Points

methods of attack detection built on customized hardware vs. signature based methods built on standard CPU/RAM WHAT IS A DDOS ATTACK?

FortiTester 2.1. Handbook

FortiFone QuickStart Guide for FON-175

Place graphic in this box

SOLUTION GUIDE. Hybrid WAN Solutions with FortiWAN. The cost-effective way to deliver the WAN bandwidth and redundancy your organization demands

FortiVoice Phone System Release Notes VERSION GA

FortiVoice Phone System Release Notes VERSION GA

FortiTester Handbook VERSION FortiTester Handbook Fortinet Technologies Inc.

FORTINET DOCUMENT LIBRARY FORTINET VIDEO GUIDE FORTINET BLOG CUSTOMER SERVICE & SUPPORT FORTIGATE COOKBOOK FORTINET TRAINING SERVICES

ASA5525-FPWR-K9 Datasheet. Overview. Check its price: Click Here. Quick Specs

FortiRecorder v2.2.2 GA. Release Notes

Data Sheet FUJITSU ETERNUS DX60 S3 Disk Storage System

FortiCam SD20 Mounting Guide

THUNDER CGN APPLIANCE SPECIFICATIONS

DELINEATING THE CORNERSTONES OF A SECURE WIRELESS SOLUTION

Next generation IP media routers

FortiAP Series. Unified Management. Advanced Security Protection. Built-in WiFi Security. Integrated n Access Points

Data Sheet FUJITSU Storage ETERNUS DX200F All-Flash-Array

Configuring FortiVoice for Primus USA VoIP service

FortiMail Release Notes VERSION GA

VPAT. Voluntary Product Accessibility Template. Version 1.3 *

FortiCam FD40 Mounting Guide

FortiVoice 200D/200D-T/2000E-T2 High Availability Technical Note

Data Sheet Fujitsu ETERNUS DX200 S3 Disk Storage System

Alcatel-Lucent OmniAccess Mobility Master

FortiVoice Enterprise Phone System Release Notes

Cubro Packetmaster EX48600

Data Sheet FUJITSU Storage ETERNUS DX60 S4 Disk Storage System

FortiVoice Phone System Release Notes VERSION GA

Data Sheet FUJITSU Storage ETERNUS DX60 S3 Disk Storage System

Data Sheet FUJITSU Storage ETERNUS JX60 Subsystem

Data Sheet FUJITSU Storage ETERNUS CS800 S7

Data Sheet FUJITSU JX60 S2 DAS Subsystem

Data Center & Cloud Computing DATASHEET. N B6C(25G SDN Switch) N B6C (48*25GbE+6*100GbE) 25G SDN Switch

Datasheet Fujitsu ETERNUS DX8700 S2 Disk Storage System

Data Sheet Fujitsu ETERNUS DX500 S3 Disk Storage System

Data Center & Cloud Computing DATASHEET. N S6Q(10G SDN Switch) N S6Q (48*10GbE+6*40GbE) 10G SDN Switch

Cubro Packetmaster EX48600

Load Balancing Microsoft Exchange 2013 with FortiADC

Retired. Models HPE Altoline QSFP+ x86 ONIE AC Front-to-Back Switch HPE Altoline QSFP+ x86 ONIE AC Back-to-Front Switch

PANORAMA. Key Security Features

HPE Altoline XG 6QSFP+ x86 ONIE AC Front-to-Back Switch HPE Altoline XG 6QSFP+ x86 ONIE AC Back-to-Front Switch

Data Sheet FUJITSU Storage ETERNUS JX40 S2 Subsystem

Data Sheet Fujitsu ETERNUS DX80 S2 Disk Storage System

FortiSwitch - Release Notes 3.6.2

Network Service Appliances

HPE Altoline QSFP28 x86 ONIE AC Front-to-Back Switch HPE Altoline QSFP28 x86 ONIE AC Back-to-Front Switch

Data Sheet Fujitsu LTO Desktop Drive

Data Sheet FUJITSU Storage ETERNUS CS800 S6

Data Sheet FUJITSU Server PRIMERGY CX400 M4 Scale out Server

SmartWall Threat Defense System - NTD1100

QuickSpecs. HPE Altoline 6921 Switch Series. Overview. HPE Altoline 6921 Switch Series

FortiAuthenticator - Two-Factor Authentication for Web Applications Solution Guide VERSION 1.0

A simple, cost-effective way to transition your workloads to the cloud

Datasheet Fujitsu ETERNUS DX90 S2 Disk Storage System

Data Sheet Fujitsu ETERNUS DX400 S2 Series Disk Storage Systems

FortiVoice-VM with Grandstream PSTN Gateway Configuration Guide

HP ProCurve Switch 1800 Series

CONNECTRIX DS-6500B SWITCHES

FortiRecorder Central User Guide VERSION 1.3

Highest Levels of Scalability Simplified Network Manageability Maximum System Productivity

IXIA IBYPASS HD DATA SHEET PROBLEM: INLINE TOOLS ARE A SINGLE POINT OF FAILURE IN THE NETWORK

FortiAP Series. Unified Management. Advanced Security Protection. Built-in WiFi Security. Integrated ac Access Points

Fortinet Wireless Product Matrix. July 2014

CONNECTRIX MDS-9132T, MDS-9396S AND MDS-9148S SWITCHES

THUNDER ADC APPLIANCE SPECIFICATIONS

Brocade ICX 6610 Switch

Data Center & Cloud Computing DATASHEET. N Q(40G Spine/Core Layer Switch) N Q (32*40GbE) 40GbE Spine/Core Layer Switch Preloaded ONIE

Data Sheet FUJITSU Server PRIMERGY CX420 S1 Out-of-the-box Dual Node Cluster Server

Matrix N-Series Chassis-based Enterprise Switches

Infoblox Reporting and Analytics Appliances

THUNDER CFW APPLIANCE SPECIFICATIONS

Transcription:

FortiCore 3600E, 3700E and 3800E The FortiCore E-Series of Software-Defined Networking (SDN) security appliances provide the ability to scale network-based security solutions to meet the performance demands of emerging cloud and data center architectures. Using programmable flow forwarding, the FortiCore can redirect and distribute traffic of interest to associated sets of network security devices, at link speeds up to 100 GE. Securing Software Defined Networking (SDN) Architectures Within SDN architectures, the seperation of the control and data planes adds security challenges to protect SDN controllers and applications from data plane-based attacks. Additionally, as SDN architectures are multipath environments, connecting and scaling stateful network security devices, requires the ability to programmatically direct and distribute traffic through them. The FortiCore as an SDN security appliance connects to SDN architectures, supporting both very large numbers of programmable flows and effective line-rate performance required to secure SDN architectures. Highlights Up to 1 Tbps aggregate low-latency throughput, needed to transect a 100 GE link and distribute traffic to a set of network security appliances Supports OpenFlow 1.3, with wide support with available SDN controllers Full control/data plane separation, with an internal 40 Gbps path in support of a robust new flow rate Cardinal Flow Processing (CFP) architecture, support large flow table sizes without sacrificing performance Key Features and Benefits Scalable Network-Based Security Solutions Effective Line-Rate Performance OpenFlow 1.3 Compatible With all FortiCore models supporting 32x 10G interfaces, scalable stacks of security appliances can be programmatically attached to the network. Combining FortiCore s hardware-accelerated switching with its Cardinal Flow Processing (CFP) technology, no sacrifices are made in supporting large programmable flow tables with line-rate performance up to 800 Gbps. Provides ease of integration in hetergenous SDN environments, with support for a wide array of SDN controllers, including OpenDaylight and ONOS. DATA SHEET

DEPLOYMENT Scaling Security Beyond Datasheet Limits The principal goal of the FortiCore is the creation of scalable network-based security solutions that go well beyond the datasheet limits of an individual security appliance. FortiCore s massive performance and flow capacitance allow the creation of provision-able solutions using the programmable capabilities of software-defined networking (SDN). Combined with an SDN controller and SDN applications, FortiCore solutions can be integrated into carrier/cloud programmable provisioning systems. FortiCore using OpenFlow to shunt traffic-of-interest to network security appliances Next Generation Data Center Security The FortiCore deploys in a path-centric fashion, allowing you to connect an array of network security functions onto any given high-performance link within a core routed environment, including 100G links. The security devices associated with the FortiCore can be varied, based on traffic inspection requirements. Using the capabilities of SDN to program network flows onto the FortiCore, traffic-of-interest can be redirected through a variety of network security devices, while maintaining the symmetric traffic requirements of each device. In leaf-spine data center architectures, where all leaf switches are connected to every spine switch, resulting in all hosts within a data center being one-hop from each other, the FortiCore as a security leaf allows the deployment of centralized traffic inspection to protect data center resources. FortiCore deployment within emerging SDN-based data center architectures Defending Programmable Networks FortiCore supports very high numbers of programmed flows, allowing it to operate proactively, learning all required flows, thus allowing other SDN switches to forward unknown flows to the FortiCore, rather than up to the control plane. This defends the SDN control and applications planes from DoS and other attacks from the data plane. 2 www.fortinet.com

FortiCore HARDWARE FortiCore 3700E 3 1 2 4 5 Interfaces 1. Console Port 2. 2x USB Ports 3. 10/100/1000 RJ45 Management Port 4. 32x 10 GE SFP+ Ports 5. H igh-speed Network Interfaces (none for 3600E, 4x 40G QSFP for 3700E, 2x 100 G QSFP28 for 3800E) SDN Data Plane Switching Cardinal Flow Processing (CFP) The FortiCore s Local Switch Processor supports very high- The FortiCore architecture eliminates scaling limitations in performance and low-latency switching functions required for SDN switching by distributing programmed flow across four independent CFP units Each interface is assigned to a CFP unit based cardinal direction (Northbound, Southbound, Eastbound, Westbound), analogous to data center design emerging core-routed and data center architectures: All models support 32x 10G interfaces The FortiCore 3700E includes an additional 4x 40G interfaces The FortiCore 3800E includes an additional 2x 100G interfaces Generous Control Plane Resources Cardinal Flow Processing units can support wildcard The FortiCore s control plane was designed to support the current flows that are applied to all associated interfaces, OpenFlow 1.3 protocol requirements at exceptional rates for new providing greater flexibility in programming flows programmed flows, as well as future-proofing for emerging SDN Each CFP unit can sustain up to 200 Gbps of aggregate protocol requirements: traffic forwarding, with support for over 50K programmed Dual 8-core Intel CPUs REGEX flows per unit using a single-table pipeline, and 64 GB of RAM an additional 500K simple-match programmed flows per Internal 40 Gbps forwarding path between control/data planes unit when using a multi-table pipeline This results in an effective line-rate SDN forwarding appliance, with the exceptional programmed flow scalability needed for network-based security solutions 3

FEATURES OpenFlow 1.3 Compatible Support by all OpenFlow 1.3 compliant SDN controllers Flexible multi-table pipeline support, up to 256 tables Can support >200K flows in a single-table pipeline, at a flow modication rate >10,000 flow-mods/sec Cardinal Flow Processing Assignment of ports to cardinal direction (N,E,S,W), with dedicated flow processing hardware per direction Optimized for high-speed link transection, with support for 10G/40G/100G interfaces, depending on model SPECIFICATIONS FORTICORE 3600E FORTICORE 3700E FORTICORE 3800E Hardware Specifications Packet Throughput 1 Tbps 1 Tbps 1 Tbps Programmed Flows Single-Table (REGEX Match) 200,000 200,000 200,000 Programmed Flows Multi-Table (Exact Match) 2,000,000 2,000,000 2,000,000 Control Plane CPU 2x 8-core Intel CPU 2x 8-core Intel CPU 2x 8-core Intel CPU Memory 64 GB 64 GB 64 GB SDN Protocols OpenFlow 1.3 OpenFlow 1.3 OpenFlow 1.3 Network Interfaces 32x 10 G SFP+ 32x 10 G SFP+, 4x 40 G QSFP 32x 10 G SFP+, 2x 100 G QSFP28 10/100/1000 Management Interface 1 1 1 Storage 2x 480 GB (960 GB total) 2x 480 GB (960 GB total) 2x 480 GB (960 GB total) Management GUI, SSH CLI, Direct Console DB9 CLI, SNMP GUI, SSH CLI, Direct Console DB9 CLI, SNMP GUI, SSH CLI, Direct Console DB9 CLI, SNMP Power Supply Dual Dual Dual Environment Form Factor 3U Appliance 3U Appliance 3U Appliance Input Voltage 100 240V AC, 50 60 Hz 100 240V AC, 50 60 Hz 100 240V AC, 50 60 Hz Power Consumption (Average / Maximum) 613 W / 834 W 633 W / 858 W 633 W / 858 W Maximum Current 120V/12A, 240V/7A 120V/12A, 240V/7A 120V/12A, 240V/7A Heat Dissipation 2847 BTU/h 2929 BTU/h 2929 BTU/h Operating Temperature 32 104 F (0 40 C) 32 104 F (0 40 C) 32 104 F (0 40 C) Storage Temperature -13 158 F (-25 70 C) -13 158 F (-25 70 C) -13 158 F (-25 70 C) Humidity 20 90% non-condensing 20 90% non-condensing 20 90% non-condensing Compliance Regulatory Compliance FCC Part 15 Class B, VCCI, CE, CB, UL/c FCC Part 15 Class B, VCCI, CE, CB, UL/c FCC Part 15 Class A, VCCI, CE, CB, UL/c Safety CSA, CE, UL CSA, CE, UL CSA, CE, UL Dimensions Height x Width x Length (inches) 5.16 x 17.24 x 26.18 5.16 x 17.24 x 26.18 5.16 x 17.24 x 26.18 Height x Width x Length (mm) 131 x 438 x 665 131 x 438 x 665 131 x 438 x 665 Weight 55.98 lbs (25.39 kg) 57.25 lbs (25.97 kg) 57.17 lbs (25.93 kg) 4 www.fortinet.com

ORDER INFORMATION Product SKU Description FortiCore 3600E FCE-3600E FortiCore 3600E, 32x 10 GE SFP+ ports. FortiCore 3700E FCE-3700E FortiCore 3700E, 32x 10 GE SFP+ ports, 4x 40 GE QSFP ports. FortiCore 3800E FCE-3800E FortiCore 3800E, 32x 10 GE SFP+ ports, 2x 100 GE QSFP28 ports. FortiCore 3600E FortiCore 3700E FortiCore 3800E GLOBAL HEADQUARTERS Fortinet Inc. 899 KIFER ROAD Sunnyvale, CA 94086 United States Tel: +1.408.235.7700 www.fortinet.com/sales EMEA SALES OFFICE 905 rue Albert Einstein 06560 Valbonne France Tel: +33.4.8987.0500 APAC SALES OFFICE 300 Beach Road 20-01 The Concourse Singapore 199555 Tel: +65.6395.2788 LATIN AMERICA SALES OFFICE Sawgrass Lakes Center 13450 W. Sunrise Blvd., Suite 430 Sunrise, FL 33323 United States Tel: +1.954.368.9990 Copyright 2017 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, FortiCare and FortiGuard, and certain other marks are registered trademarks of Fortinet, Inc., in the U.S. and other jurisdictions, and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet s internal lab tests. In no event does Fortinet make any commitment related to future deliverables, features or development, and circumstances may change such that any forward-looking statements herein are not accurate. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. FST-PROD-DS-FCE FCE-DAT-R4-201702

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback