Fortinet's latest hyperscale kit packs 2.4Tbit/sec of firewall into a 4U chassis
And it only took 16 ASICs
As port speeds creep ever higher to support larger hyperscale workloads and bandwidth-hungry 5G applications, Fortinet says its latest generation of firewalls should keep even the largest data flows safe from would-be attackers.
The vendor this week unveiled its FortiGate 4800F-series of appliances, which top out at 2.4Tbit/sec of raw capacity, which it claims is fastest in class. That translates to SSL inspection and IPS/IDS speeds of 55Gbit/sec and 70Gbit/sec respectively.
To achieve these levels of performance, Fortinet crammed 16 of its NP7 network-security ASICs into a 4U chassis packed full of 50Gbit, 200Gbit, and 400Gbit interfaces. Fortinet claims this makes the 4800F its most performance dense appliance yet.
Like the company's lower-end 3700F, announced in May, these firewalls aren't for everyone. They target customers dealing with large flows of sensitive data within and between private and cloud datacenters.
"Large financial institutions, mobile network operators, will be the primary market segments," Nirav Shah, VP of products at Fortinet, wrote in an email to The Register. "2.4Tbit/sec of firewall throughput really benefits enterprise customers who need to host applications on-premise that will never move to the cloud for compliance, control and performance reasons."
The appliance launches as 400Gbit/sec switch deployments begin ramping up in cloud and hyperscale datacenters. A recent report out of Dell'Oro Group found that shipments of 400Gbit/sec switches exceeded 800,000 ports in 2022's first quarter, and the research firm expects that to increase over the next year.
- NortonLifeLock and Avast $8.6b deal gets provisional yes from UK regulator
- Post-quantum crypto cracked in an hour with one core of an ancient Xeon
- Sonatype shines light on typosquatting ransomware threat in PyPI
- VMware patches critical 'make me admin' auth bypass bug, plus nine other flaws
The firm also reports a greater appetite for manageability, security, visibility, and AI/ML functionality, in addition to higher port speeds. This is where Fortinet has been steadily carving out a niche for itself. Over the past few years, the company has released a troupe of high-performance firewall appliances designed to address these kinds of problems.
For example, while SSL encryption has become commonplace for internal and external communications, it also makes it harder to spot malicious activity, Fortinet says. So it has crammed so many ASICs into the 4800F hoping to hit the highest TLS 1.3 SSL inspection rates possible: 55Gbit/sec.
Meanwhile, for 5G applications, Fortinet is also positioning the 4800F as a means to secure communications between operators 5G core datacenters and the radio-access network (RAN). The company says it tuned the appliance to support up to 25 million concurrent connections to help mobile network operators handle surges in traffic or large sustained loads.
"MNOs will also need this kind of throughput to provide secure IP connectivity to their subscribers at massive scale and it will help accelerate 5G transition by securing RAN traffic," Shah said.
While Fortinet says the 4800F is well suited to these emerging applications, Shah notes that because of the way the firewall is architected and sheer amount of compute performance available, customers can logically segment the firewall to support several use cases concurrently.
For example, the firewall could be used for secure datacenter interconnect at 400Gbit/sec while also being used to protect locally hosted services from threats like distributed denial-of-service attacks at the same time. ®