Fortinet has spent a lot of time this year concentrating on the SME and mid-range network security markets. But its latest FortiGate 5000 series moves the focus firmly into the enterprise and service provider arena. The 5020 is the entry point of this family of three industrial-strength appliances, and brings together a range of features going under the collective heading of Unified Threat Management. Essentially, it delivers a high-performance SPI firewall along with anti-virus and anti-spam measures, web content filtering, intrusion detection and prevention plus IPsec VPNs.
Fault tolerance and clustering are high on the agenda. The 3U chassis is fitted with dual hot-swap power supplies and fan assemblies. It has room for a pair of 5001 blades, each sporting quad ports of copper gigabit and SFP (small-form-factor pluggable) fibre connections, and all are user definable for LAN, WAN and DMZ operations. Each blade can be clustered together in the same chassis, and high availability is also on offer as multiple chassis can be linked together.
As with all FortiGate appliances, the 5020 functions in either routed or transparent modes, making for swift installation. The well-designed web interface also bears many similarities to its less well-endowed cousins, but delving deeper shows the high level of standard features. All unsolicited inbound traffic is blocked by default and access is opened up by creating various firewall policies. With so many ports on offer you’ll want to create zones to group specific interfaces and VLANs together. Policies are simple to create as you choose source and destination ports or zones, select services and actions and apply predefined schedules. To make life even easier you can assign protection profiles to each policy, which combine preconfigured settings for some or all of the other security features. You can also assign traffic-shaping rules that determine how much bandwidth each policy is allowed.
Standard web content filtering allows you to create blacklists of URLs and banned words, but if you don’t have the time then the optional FortiGuard service provides full content filtering based on predefined categories. This uses an external ratings database, which will incur slight browser performance overheads but doesn’t require any lengthy database downloads.
Fortinet’s anti-virus protection is proprietary and it’s had a number of years now to hone its expertise in this discipline. Engine and signature updates are downloaded automatically and a smart new feature called Grayware applies lists of other nuisances such as adware, spyware and diallers. Mail scanning gets a boost as Fortinet now includes SMTP as well as POP3 and IMAP, so it can scan in both directions. Anti-spam measures aren’t up to those offered by specialists such as ProofPoint, but you do get the standard diet of reverse DNS lookups, RBLs, black-and-white lists and banned-word lists. However, actions on positive detections are still limited, as you can only discard the suspect message or tag it with an X-header for further processing by your mail server or client.
The FortiGate 5020 commands a high price. But, although there’s no real star in its arsenal of security measures, it does manage to cover most eventualities. Performance is its real strength, as the blades can manage high traffic loads making it highly suited to the target market.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
