You are on page 1of 4


FortiGate® Virtual Appliances
Consolidated Security
for Virtual Environments

FortiGate Virtual Appliances
Consolidated Security for Virtual Environments
Via a complete end-to-end security ecosystem for the Data Center, Fortinet enables and
facilitates the enterprise’s journey through the Data Center consolidation process. The
delivery of both physical and virtual planes security appliances it offers on one side, and
the unmatched performance and security capabilities it provides on the other side, allow
the growth and evolution of the consolidating Data Center with no service degradation
or bottlenecks, no compromise on security, and with an unmatched ROI — fullfilling the
outcomes of a robust software-defined security framework.
FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security
controls within your virtual infrastructure. They also allow you to rapidly provision security
infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all
of the security and networking services common to traditional hardware-based FortiGate
appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of
hardware and virtual appliances, operating together and managed from a common centralized
management platform.

FortiGate Virtual
Appliance Benefits
FortiGate virtual appliances offer
protection from a broad array of
threats, with support for all of the
security and networking services
offered by the FortiOS operating
system. In addition, the appliances
offer these benefits:
§§ Increased visibility within
virtualized infrastructure
§§ Rapid deployment capability
§§ Ability to manage virtual
appliances and physical
appliances from a single pane of
glass management platform
§§ Simple licensing with no
per-user fees
§§ Support for multiple



FortiAnalyzer-VM FortiAuthenticator-VM FortiCache-VM FortiRecorder-VM

FortiMail-VM FortiManager-VM FortiSandbox-VM FortiVoice-VM FortiWeb-VM

Fortinet comprehensive virtual appliance offerings

FortiCare Worldwide 24x7 Support

FortiGuard Security Services

virtualization platforms

1 ESXi V5. Alpha Zone VMs can all talk to each other freely.1. V4. Purchase from AWS Marketplace. FortiGate appliances protect your infrastructure and increase visibility and control over communications within the with some of the most effective security available today by enabling virtualized infrastructure.6 SP2.1 and later FG-VM00-Xen FG-VM01-Xen FG-VM02-Xen FG-VM04-Xen FG-VM08-Xen Amazon Amazon Web Services (AWS)* — FG-VM01-Xen FG-VM02-Xen FG-VM04-Xen FG-VM08-Xen Microsoft Azure — — — FG-VM04-HV FG-VM08-HV Public Cloud Platforms Hypervisor Support varies according to FortiOS builds.x Alpha Port Group (VLAN 101) ! vSwitch Alpha 1032 VLAN trunk to L2 VDOM To L3 VDOM vSwitch Inter-ZONE Bravo 1 Port Gr ! VLAN 102{1-n} ! Bravo 2 Port Gr VLAN 103{1-n} vSwitch Bravo 1-n Inter-VM vSwitch Fabric Hypervisor Layer www. V5. Fortinet allows facing your virtualized environment.0 FG-VM00 Private Cloud Platforms VMware FG-VM01 FG-VM02 FG-VM04 FG-VM08 Citrix Xen Server V5. V6.12. creating a need for both hardware appliances appliances effectively neutralize a wide range of security threats and virtual appliances in your security strategy.DATA SHEET: FortiGate® Virtual Appliances PLATFORM Choice of Form Factor Multi-Threat Security Few organizations use 100% hardware or 100% virtual IT Using the advanced FortiOS™ operating system. V5. the edge inter-zone security. Alpha Zones NGFW/UTM Zone 1 to 2 VM • Secure Inter-VM traffic in same broadcast domain • Transparent VDOM to bridge VLANs • Inter-Zone L3 VDOM within FortiGate-VM instance • No hypervisor API dependency VM5 1t VLAN trunk to L2 VDOM M2 VM3. Please refer to appropriate release notes. V6.4.168. DEPLOYMENT NGFW/UTM FortiGate-VM NGFW/UTM Inter-Zone / Inter-VM Security All Inter-VM traffic in Bravo Zones are subject to full UTM scan through L2 VDOM. FortiManager virtual or physical appliances security features you need. FortiGate infrastructure . Supported Hypervisor VENDOR HYPERVISOR FORTIGATE-VM ESX V4. 2012. Inter-Zone traffic subject to full Next Gen Firewall and UTM scan by L3 VDOM. * Available as Pay-As-You-Go or Bring-Your-Own-License (BYOL).x Hypervisor Layer 2 VM6 VLAN 1031 FortiGate-VM oV VM1 VLAN 1021 VM7.0 and later FG-VM00-Xen FG-VM01-Xen FG-VM02-Xen FG-VM04-Xen FG-VM08-Xen Linux KVM CentOS 6.1) and later FG-VM00-KVM FG-VM01-KVM FG-VM02-KVM FG-VM04-KVM FG-VM08-KVM Microsoft Hyper-V Server 2008 R2.2. or deep within the virtual infrastructure for with hardware and virtual appliances to secure the core. 1022 Bravo1 Bravo2 Zone 1 192.1.168. allow you to easily manage and update your Fortinet security assets — hardware. Whether deployed at the edge you to build the security solution that’s right for your environment as a front-line defense.4 (qemu 0.4 VM2 Zone 2 192. V4. virtual or both — from a single pane of glass. and 2012 R2 FG-VM00-HV FG-VM01-HV FG-VM02-HV FG-VM04-HV FG-VM08-HV Open Source XenServer V3.

fortinet.DATA SHEET: FortiGate® Virtual Appliances SOFTWARE FortiOS FortiOS helps you protect your organization against advanced threats. the needs of enterprises of all sizes: team collaborates with the world’s leading threat monitoring §§ Enhanced Support — For customers who need support organizations. With support staff in the Americas. priority automated signature updates monthly. FortiOS Managment UI — FortiView and Application Control Panel §§ Robust Networking Capabilities — Optimize your network with extensive switching and routing. including advanced exchange hardware replacement. Comprised of security Europe. §§ Validated Security Intelligence — Based on FortiGuard §§ Professional Services — For customers with more complex intelligence. enhanced 170 unique zero-day vulnerabilities to date. and forensic specialists. Fortinet’s network security platform is tested and security implementations that require architecture and design validated by the world’s leading third-party testing labs and services. extended software support. engineers. as well as law enforcement agencies: §§ Real-time Updates — 24x7x365 Global Operations research security intelligence. services and more. configure and deploy your network security faster and see deep into what’s happening inside your network. granular policy control. please refer to the FortiOS data sheet available at www. scalable security and network management. distributed via Fortinet Distributed Network to all Fortinet platforms. and intuitive. high availability. please refer to http://forti. §§ Premium Services — For global or regional customers who need an assigned Technical Account Manager. totaling millions of service level agreements. the full range of Fortinet’s solutions. For more information. §§ Superior Control and Visibility — Stay in control with rich visibility over network during local business hours 3 . VB100 certified antimalware and more. operational customers SERVICES FortiGuard™ Security Services FortiCare™ Support Services FortiGuard Labs offers real-time intelligence on the threat Our FortiCare customer support team provides global technical landscape. and a range of virtual options. Middle East and Asia. WAN optimization. on-site visits and more. §§ Security Research — FortiGuard Labs have discovered over §§ Comprehensive Support — For customers who need aroundthe-clock mission critical support. users and applications with industry-leading security capabilities. For more information. sandboxing. implementation and deployment services. delivering comprehensive security updates across support for all Fortinet products. embedded WiFi controller. The feature set is consistent for both virtual and physical appliance and can be managed on a single centralized platform. For more information. In essence. FortiCare offers services to meet the threat researchers. FortiOS delivers: §§ Comprehensive Security — Control thousands of applications and stop more threats with NSS Labs Recommended IPS. other network and security vendors. escalation. It enables organization to set up policies specific to types of devices. please refer to http://forti.

000 64. in such event.000 N/A N/A SSL-VPN Throughput 2.000 45. Fortinet disclaims in full any covenants.25 Gbps 1.5/6. whether express or implied.2 Gbps N/A N/A Concurrent Sessions (TCP) 11.3/4. Tel: 011-52-(55) 5524-8480 Copyright© 2015 Fortinet.5 Gbps N/A N/A Maximum System Performance Actual performance values may vary depending on the network and system configuration. Nothing herein represents any binding commitment by Fortinet.1 GHz.024 / 4.2 Gbps 750 Mbps 1.000 / 100.0 Gbps 850 Mbps 2.0 Gbps 1.000 90.1 Gbps 750 Mbps 1. Single Blade VDOM License Key 11 to 250 Virtual Domain Upgrade.0 Million N/A N/A New Sessions/Second (TCP) 90.000 64. GLOBAL HEADQUARTERS Fortinet Inc.2 Gbps 2.5 Gbps N/A N/A Concurrent SSL-VPN Users 25.2 Gbps 2. FortiCare® and FortiGuard®.F. Network variables.000 20. 8x vCPU cores and (up to) 12 GB RAM.2.0 Gbps N/A N/A Antivirus Throughput 2.1/5.000 50. IPsec VPN performance is based on 512 byte UDP packets using AES-256+SHA1. Microsoft Hyper-V 2008 R2/2012/2012 R2.P. All other product or company names may be trademarks of their respective owners. and in no event will Fortinet be responsible for events or issues that are outside of its reasonable control.DATA SHEET: FortiGate® Virtual Appliances SPECIFICATIONS FORTIGATE-VM00 FORTIGATE-VM01 FORTIGATE-VM02 FORTIGATE-VM04 FORTIGATE-VM08 Technical Specifications Hypervisor Support VMware ESX/ESXi 4.000 / 10. 702 Col. Antivirus performance is measured using 44 Kbyte HTTP files.0 Million 11. signed by Fortinet’s General Counsel.4. only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet and any such commitment shall be limited by the disclaimers in this paragraph and other limitations in the written contract.000 25.000 N/A N/A IPsec VPN Throughput (AES256+SHA1) 500 Mbps 235 Mbps 500 Mbps 235 Mbps 250 Mbps N/A N/A Gateway-to-Gateway IPsec VPN Tunnels (VDOM / System) 5. Paseo de la Reforma 115 Int.000 64.6513. Microsoft Azure vCPU Support (Minimum / Maximum) 1/1 1/1 1/2 1/4 1/8 Network Interface Support (Minimum / Maximum) 2 / 10 2 / 10 2 / 10 2 / 10 2 / 10 Memory Support (Minimum / Maximum) 1 GB / 1 GB 1 GB / 2 GB 1 GB / 4 GB 1 GB / 6 GB 1 GB / 12 GB Storage Support (Minimum / Maximum) 30 GB / 2 TB 30 GB / 2 TB 30 GB / 2 TB 30 GB / 2 TB 30 GB / 2 TB Wireless Access Points Controlled (Tunnel / Global) 32 / 32 32 / 64 256 / 512 256 / 512 1. FST-PROD-DS-GTVMR4 FGVM-DAT-R8-201507 .0 Million 11.096 Virtual Domains (Default / Maximum) 1 10 / 10 10 / 25 10 / 50 10 / 250 Firewall Policies (VDOM / System) 5.000 5. 1x vCPU core. Single Blade VDOM License Key 26 to 50 Virtual Domain Upgrade.000 N/A N/A Client-to-Gateway IPsec VPN Tunnels 64.000 EMEA SALES OFFICE 120 rue Albert Caquot 06560. Optional Accessories Virtual Domain (VDOM) Upgrade License 11-25 Virtual Domain (VDOM) Upgrade License 26-50 Virtual Domain (VDOM) Upgrade License 51-100 Virtual Domain (VDOM) Upgrade License 101-250 Virtual Domain (VDOM) Upgrade License 11-250 FG-VDOM-25 FG-VDOM-50 FG-VDOM-100 FG-VDOM-250 FG-VDOM Single Blade VDOM License Key 11 to 25 Virtual Domain Upgrade. running FOS v5.8 Gbps 1.000 / 10. ORDER INFORMATION Product FortiGate-VM00 FortiGate-VM01 FortiGate-VM02 FortiGate-VM04 FortiGate-VM08 SKU FG-VM00(-Xen/HV/KVM) FG-VM01(-Xen/HV/KVM) FG-VM02(-Xen/HV/KVM) FG-VM04(-Xen/HV/KVM) FG-VM08(-Xen/HV/KVM) Description FortiGate-VM “virtual appliance” designed for [Platform]. Alvaro Obregón México D. except to the extent Fortinet enters a binding written contract. Open Source Xen 3. and the most current version of the publication shall be applicable. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions.000 25.3 and latest virtualization platform versions.8987. transfer. 1x vCPU core and (up to) 2 GB RAM.000 5. 01219 Del. KVM..0/4. 1 GB RAM only and Extreme DB NOT supported. 2x 10 GE interfaces). 2x vCPU cores and (up to) 4 GB RAM.000 / 10. Single Blade VDOM License Key 101 to 250 Virtual Domain Upgrade. FortiGate-VM “virtual appliance” designed for [Platform]. FortiGate®. Sophia Antipolis. representations. and Fortinet disclaims all warranties. with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and. CA 94086 United States Tel: +1.000 Unlimited User License Yes Yes Yes Yes Yes VMware ESXi Citrix Xen Microsoft Hyper-V Xen KVM AWS Microsoft Azure Firewall Throughput (UDP Packets) 4.000 / 100.1 or later. and certain other marks are registered trademarks of Fortinet.000 N/A N/A IPS Throughput 5.0 or later.000 25. For absolute clarity.0.000 45.7700 www. FortiGate-VM “virtual appliance” designed for [Platform]. IPS performance is measured using 1 Mbyte HTTP files. and actual performance and other results may vary and may be significantly less effective than the metrics stated herein.6 SP2/6.0 Million 11. FortiGate-VM “virtual appliance” designed for [Platform]. and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. Notwithstanding anything to the contrary.000 5. whether express or implied. Fortinet reserves the right to change.000 / 10.0510 APAC SALES OFFICE 300 Beach Road 20-01 The Concourse Singapore 199555 Tel: +65. modify.000 / 100. and guarantees pursuant hereto. AWS (Amazon Web Services). 899 Kifer Road Sunnyvale.5 Gbps 850 Mbps 2. C.0 Million 11. Inc. any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. different network environments and other conditions may negatively affect performance results and other metrics stated herein. France Tel: +33. Single Blade VDOM License Key 51 to 100 Virtual Domain Upgrade.000 50.0 Gbps 1.000 5.000 / 40.8 Gbps 1.8 Gbps 2. 4x vCPU cores and (up to) 6 GB RAM.fortinet.0/5.000 64. or otherwise revise this publication without notice.3730 LATIN AMERICA SALES OFFICE Prol.000 25. Performance metrics were observed using a Dell R730 Server (Intel Xeon E5-2687W 3.000 / 10. Fortinet®. Inc.4. All rights reserved. FortiGate-VM “virtual appliance” designed for [Platform]. Citrix XenServer 5.1/5.000 75.408.235. Lomas de Santa Fe.