Product Details
FortiGate 5020
This Product Review is in the following Category:
Network security
This Product Review is in the following Sub-category:
Network Security, End-point Security, DDoS, WAN/Internet Security
|
Version: | |
|---|---|---|
| Vendor: | Fortinet | |
| Website: | www.fortinet.com | |
| Price: | £62,000 | |
| Date: | 10-Jun-05 | |
| Author: | Christopher Moody |
Fortinet's FortiGate 5020 is built using a powerful chassis containing dual, hot-swappable power supplies as standard, building in redundancy. The chassis can also house two 5001 blades, each of which comes with four copper Gigabit Ethernet ports and four small, form-factor pluggable (SFP) ports.
The 5020's backplane provides a continuous connection between both blades for active-active or active-passive failover.
Each blade can be managed individually through its web-based management, or you can opt for the optional FortiManager application. This gives a single centralized point of management for all FortiGate products including role-based administration.
We stuck with the excellent web-based management. Firewall rules can be created based on ports, but you can also create logical zones. As these encompass multiple ports, it is easier to define your network, especially as changes will not affect policy.
Rules are simple to create and Fortinet has some additional tools up its sleeves. As well as the firewall, the appliance also comes with Fortinet's own-brand antivirus software as standard, which is automatically updated with the latest signatures.
There is also intrusion prevention, anti-spam via realtime blacklist and keyword filtering, and web filtering via user-entered URLs and keywords.
If this sounds like a lot of work, you can use the optional FortiGuard service, where you can block websites by category. You can create attack profiles, which define how you want to scan traffic, and you can choose to apply traffic shaping to each rule, preventing any one service from hogging too much bandwidth. VPNs are no problem, with encryption accelerated and support for up to 10,000 tunnels.
As far as firewalls go, this is an expensive product, but the port flexibility, dual blades and range of features mean it has enough throughput and security to deal with very large networks.
Related product reviews in this subcategory
GlobalAdmin Enterprise Security SuiteCyberAngel
NetSwift iGate
LapTrak (Mobile Security group test)
Magi Enterprise (Telecommuting group test)
This product is in the following Group Test
Enterprise firewalls (2005) - SC recommended
Product Rating
Features |
***** |
Ease of Use |
***** |
Performance |
***** |
Documentation |
**** |
Support |
**** |
Value for Money |
**** |
Overall Rating |
**** |
For:
Built-in AV; excellent management.
Against:
Lots of additional tools can make policy generation difficult.
Verdict:
Dual-blade chassis makes it simple to upgrade capacity and have a hard-wired failover link; suitable for any environment.
