at Financial Technnology Year
Please contact them if you have any questions.
FortiGate from Fortinet
A next-generation firewall solution that provides integrated security for protecting banking network infrastructure. Features include advanced threat protection, SSL inspection, intrusion prevention, and application control with specific banking industry compliance capabilities.
Product analysis by function
Cybersecurity Solutions for IT and Infrastructure
Systems that protect the bank's information assets from cyber threats and ensure secure banking operations.
More Cybersecurity Solutions
More IT and Infrastructure ...
Access Control
(10 Yes /10 Known /11 Possible features)
|
Multi-factor Authentication Requires multiple forms of verification before granting access. |
FortiGate supports multi-factor authentication through integration with FortiAuthenticator and other MFA providers, enabling additional verification for admin and user access. | |
|
Role-Based Access Control Grants permissions based on user roles and responsibilities. |
Role-Based Access Control is available in FortiGate, allowing assignment of roles and profiles to users and administrators to limit permissions. | |
|
Single Sign-On (SSO) Allows users to authenticate once for multiple applications. |
FortiGate integrates with SAML-based Single Sign-On providers, allowing SSO capabilities for network and admin access. | |
|
Access Logging Records all access attempts for audit trails. |
FortiGate includes access and audit logging, tracking access attempts and system changes for compliance. | |
|
Privileged Account Management Controls and monitors elevated permissions. |
Privileged Account Management is handled by granular permissions and role management in FortiGate's admin system. | |
|
User Session Timeout Automatically terminates inactive sessions. |
User Session Timeout is configurable for admin and VPN sessions in FortiGate settings. | |
|
Device Whitelisting Restricts access to approved devices only. |
Device Whitelisting is achieved via endpoint identity policies and FortiClient integration. | |
|
Granular Permission Levels Supports fine-grained permissions per function. |
Granular Permission Levels are supported via profiles/roles and policy objects. | |
|
API Key Management Secures and controls access to APIs. |
API Key Management for administrative APIs is available with FortiGate to control API usage and permissions. | |
|
Geolocation-based Access Restrictions Limits access based on user's physical or network location. |
Geolocation-based Access Restrictions can be set via geo-IP filtering policies. | |
|
Number of Supported Authentication Methods The total number of different authentication methods available (e.g., biometric, SMS OTP, hardware key, etc.). |
No information available |
Data Protection
(5 Yes /5 Known /10 Possible features)
|
End-to-End Encryption Encrypts data during all states and transfers. |
End-to-End Encryption is supported via SSL/TLS inspection, VPN, and encrypted management sessions. | |
|
Database Encryption Encrypts stored data in databases. |
Credentials and system data stored in FortiGate are encrypted in the device database. | |
|
File Integrity Monitoring Detects unauthorized changes to critical files. |
No information available | |
|
Data Masking Obfuscates sensitive data in non-production environments. |
No information available | |
|
Tokenization Replaces sensitive information with random tokens. |
No information available | |
|
Data Loss Prevention (DLP) Prevents unauthorized data transfer or loss. |
No information available | |
|
Data Backup Frequency Frequency at which backups of critical data are performed. |
No information available | |
|
Audit Logging Maintains comprehensive logs of data access and changes. |
Audit Logging is built-in for all admin and policy changes. | |
|
Automated Key Rotation Automatically rotates cryptographic keys at defined intervals. |
Automated Key Rotation can be achieved for certificates and keys managed in FortiGate, though some manual steps may be needed. | |
|
Retention Policy Management Controls how long data is kept and when it is deleted. |
Retention Policy Management is available via log and backup configuration settings. |
Network Security
(9 Yes /9 Known /10 Possible features)
|
Firewall Provides perimeter security by filtering incoming and outgoing network traffic. |
Firewall is the core function of FortiGate, offering stateful inspection, application control, and traffic filtering. | |
|
Intrusion Detection System (IDS) Monitors and detects malicious network activity. |
Intrusion Detection System (IDS) is provided via the FortiGuard security service suite integrated with FortiGate. | |
|
Intrusion Prevention System (IPS) Blocks and prevents detected threats. |
Intrusion Prevention System (IPS) is a standard feature of FortiGate, blocking and mitigating detected threats. | |
|
Virtual Private Network (VPN) Secures remote access to banking resources. |
VPN (IPSec/SSL) is natively supported in FortiGate for secure remote access. | |
|
Network Segmentation Divides the network into separate zones for better security. |
Network Segmentation is facilitated via VLANs and firewall policies. | |
|
Distributed Denial of Service (DDoS) Protection Detects and mitigates DDoS attacks. |
DDoS Protection is included as part of the network protection features of FortiGate. | |
|
Deep Packet Inspection Examines traffic for threats beyond simple packet headers. |
Deep Packet Inspection is performed for threat detection, application control, and SSL inspection. | |
|
Encrypted Network Traffic Ensures all internal and external communication is encrypted. |
Encrypted Network Traffic can be enforced through SSL/TLS policies and VPN. | |
|
Bandwidth Monitoring Monitors bandwidth utilization for anomalies. |
Bandwidth Monitoring is part of FortiGate's interface, with utilization and traffic analytics. | |
|
Network Traffic Analysis Capability The number of simultaneous connections that can be analyzed. |
No information available |
Threat Detection and Response
(4 Yes /4 Known /10 Possible features)
|
Security Information and Event Management (SIEM) Aggregates, analyzes, and alerts on security events. |
FortiGate integrates with SIEM platforms and aggregates/analyzes security events. | |
|
Automatic Threat Remediation Responds to detected threats without manual intervention. |
Some threat remediation tasks can be automated via playbooks or FortiAnalyzer integrations. | |
|
Real-time Alerting Notifies security personnel immediately upon threat detection. |
Real-time Alerting occurs within the FortiGate UI and can notify admins through configured channels. | |
|
Threat Intelligence Integration Ingests external threat intelligence feeds. |
Threat intelligence from FortiGuard is regularly ingested and used within FortiGate's threat prevention system. | |
|
Incident Response Playbooks Provides pre-defined procedures for common security incidents. |
No information available | |
|
Threat Simulation and Red Team Testing Supports simulated attacks for evaluation. |
No information available | |
|
False Positive Rate The percentage of security alerts that are determined to be benign. |
No information available | |
|
Time to Detect Average time between threat occurrence and detection. |
No information available | |
|
Time to Respond Average time between detection and mitigation. |
No information available | |
|
Automated Compliance Reporting Generates regulatory and incident response reports automatically. |
No information available |
Endpoint Security
(0 Yes /0 Known /10 Possible features)
|
Endpoint Detection and Response (EDR) Monitors endpoints for threats and suspicious activity. |
No information available | |
|
Anti-malware Protection Prevents malicious software from infecting endpoints. |
No information available | |
|
Device Control Restricts usage of external devices like USB drives. |
No information available | |
|
Patch Management Automates the distribution of security updates. |
No information available | |
|
Mobile Device Management (MDM) Secures and manages mobile endpoints. |
No information available | |
|
Remote Wipe Capability Erases data from lost or stolen devices remotely. |
No information available | |
|
Application Whitelisting/Blacklisting Controls which applications can be installed or run. |
No information available | |
|
Endpoint Isolation Allows quick quarantine of compromised devices. |
No information available | |
|
Number of Devices Supported Maximum number of endpoints protected by the solution. |
No information available | |
|
Endpoint Policy Enforcement Automatically enforces security policies on all endpoints. |
No information available |
Fraud Detection and Prevention
(0 Yes /0 Known /10 Possible features)
|
Behavioral Analytics Analyzes user behavior for anomalies indicative of fraud. |
No information available | |
|
Transaction Monitoring Monitors transactions in real time for suspicious patterns. |
No information available | |
|
Machine Learning Models Uses AI models to identify emerging fraud techniques. |
No information available | |
|
Geolocation Verification Checks if transactions originate from expected regions. |
No information available | |
|
Device Fingerprinting Identifies repeat or suspicious devices. |
No information available | |
|
Case Management Tracks fraud investigation from detection to closure. |
No information available | |
|
Rule-based Alerts Generates alerts based on pre-set fraud rules. |
No information available | |
|
False Positive Rate Percentage of transactions erroneously flagged as fraud. |
No information available | |
|
Detection Speed Average time taken to detect suspicious activities. |
No information available | |
|
Integration with Core Banking Systems Supports real-time integration with existing banking infrastructure. |
No information available |
Application Security
(6 Yes /6 Known /10 Possible features)
|
Web Application Firewall (WAF) Protects web applications from common exploits. |
FortiGate's Web Application Firewall module (FortiWeb, or native WAF for appliance) protects against exploits. | |
|
Vulnerability Scanning Regularly scans for known security weaknesses. |
Vulnerability Scanning is included as part of security fabric integration and FortiGuard threat intelligence. | |
|
Secure Coding Standards Enforcement Ensures adherence to secure development practices. |
No information available | |
|
Regular Penetration Testing Conducts simulated attacks to find weaknesses. |
No information available | |
|
Automated Patch Deployment Deploys application security patches automatically. |
FortiGate supports automated deployment of firmware and security updates. | |
|
Code Obfuscation Makes application source code harder to reverse-engineer. |
No information available | |
|
Session Management Security Protects active user sessions against hijacking. |
FortiGate provides session management and security controls to prevent hijacking. | |
|
API Security Controls Protects and monitors API endpoints. |
API Security Controls are present for device APIs, and WAF covers web API endpoints. | |
|
Number of Supported Programming Languages The range of programming frameworks or languages natively supported for secure app development. |
No information available | |
|
Dynamic Application Security Testing (DAST) Integration Integrates tools for runtime security testing of applications. |
DAST integration is supported via FortiWeb and third-party tools, enabling runtime security scanning. |
Regulatory Compliance
(8 Yes /8 Known /10 Possible features)
|
Prebuilt Compliance Reporting Offers reports tailored for key banking regulations. |
Prebuilt Compliance Reporting is available for PCI DSS, GDPR, and other financial regulations. | |
|
Automated Policy Management Automates the application and monitoring of compliance policies. |
Automated Policy Management can be set through security fabric and policy templates. | |
|
Audit Trail Management Maintains immutable logs for audit purposes. |
Audit Trail Management is implemented via immutable logs collected by FortiAnalyzer. | |
|
Regulatory Change Monitoring Tracks changes in relevant regulations and standards. |
Regulatory Change Monitoring can be achieved via FortiGuard updates and compliance features. | |
|
Self-assessment Tools Allows internal audits for compliance readiness. |
No information available | |
|
Compliance Workflow Automation Automates workflows to meet compliance requirements. |
Compliance Workflow Automation is possible with integration with FortiManager and FortiAnalyzer. | |
|
Data Residency Controls Specifies where data can be stored based on regulations. |
Data Residency Controls can be enforced via appliance location and cloud settings. | |
|
Regulatory Coverage Number of major regulations covered out-of-the-box. |
No information available | |
|
Retention Policy Automation Automatically applies data retention and deletion policies. |
Retention Policy Automation is available through backup and log retention policy configuration. | |
|
Secure Document Management Secure storage and retrieval of compliance documentation. |
Secure Document Management is possible through the encrypted storage of configuration and logs. |
Identity and Access Management (IAM)
(8 Yes /8 Known /10 Possible features)
|
Centralized User Directory Maintains a single source of truth for user authentication. |
Centralized User Directory is supported via LDAP, RADIUS, and external directory integrations. | |
|
Self-service Password Reset Allows users to reset passwords without admin assistance. |
Self-service Password Reset for user VPN accounts is supported with integration or via FortiAuthenticator. | |
|
User Provisioning and Deprovisioning Automates onboarding and offboarding staff access. |
No information available | |
|
Federated Identity Support Allows use of external identity providers (SAML, OAuth, etc.). |
Federated Identity Support is available using SAML and OAuth providers. | |
|
Access Certification Regularly reviews and certifies user privileges. |
Access Certification can be managed by periodic policy review features in FortiManager. | |
|
Credential Encryption Ensures user credentials are encrypted at rest and in transit. |
Credential Encryption is employed for stored credentials and communication. | |
|
Group Management Supports management of user groups and access policies. |
Group Management is available via user groups and policies. | |
|
Identity Federation Integrations Number of external identity federations supported. |
No information available | |
|
Password Policy Enforcement Automatically applies strong password requirements. |
Password Policy Enforcement is supported for all user and admin accounts. | |
|
User Access Review Automation Automates periodic reviews of user access rights. |
User Access Review Automation can be achieved through alerts and regular review tasks. |
Monitoring and Reporting
(8 Yes /8 Known /10 Possible features)
|
Real-time Dashboards Visualizes live security and system data. |
Real-time Dashboards are standard within the FortiGate management interface. | |
|
Customizable Reports Allows users to define and schedule security and compliance reports. |
Customizable Reports are offered via FortiAnalyzer and reporting modules. | |
|
Alert Threshold Customization Enables setting of specific alert thresholds. |
Alert Threshold Customization is available by policy, source, and rule type. | |
|
Historical Data Retention Keeps historical security data for analysis. |
Historical Data Retention is configurable; logs can be kept for years with appropriate storage. | |
|
Audit Log Integration Centralizes logs from various sources. |
Audit Log Integration is achieved via syslog and SIEM connectors. | |
|
Automated Reporting Frequency How often reports are automatically generated. |
No information available | |
|
User Activity Monitoring Tracks user activities for policy violations. |
User Activity Monitoring is available via logs and traffic analytics. | |
|
Custom Alert Channels Supports multiple channels for alerting (email, SMS, app). |
Custom Alert Channels are supported (email, SNMP, syslog). | |
|
Third-party Log Integration Integrates with external log and monitoring providers. |
Third-party Log Integration is provided via syslog, SIEM, and cloud connectors. | |
|
Report Retention Period Length of time reports are stored and accessible. |
No information available |
Resilience and Recovery
(8 Yes /8 Known /10 Possible features)
|
Disaster Recovery Planning Provides tools for planning and testing disaster recovery. |
Disaster Recovery Planning is supported by configuration backup and documentation features. | |
|
Business Continuity Management Ensures continued operations during disruptions. |
Business Continuity Management is supported by high-availability and redundant deployment options. | |
|
Automated System Failover Automatically switches to backup systems on failure. |
Automated System Failover is available via HA failover in FortiGate clusters. | |
|
Backup and Restore Automation Automates data and system backup/restore processes. |
Backup and Restore Automation is possible with FortiManager/FortiAnalyzer scripts or scheduled tasks. | |
|
Ransomware Recovery Supports fast recovery from ransomware attacks. |
Ransomware Recovery supported as part of recovery documentation, config backup, and restore procedures. | |
|
Recovery Time Objective (RTO) Target time to restore function after disruption. |
No information available | |
|
Recovery Point Objective (RPO) Maximum acceptable amount of data loss after an incident. |
No information available | |
|
Resilience Testing Support Enables regular testing of resilience and recovery plans. |
Resilience Testing Support is included by supporting failover and recovery drills. | |
|
Automated System Health Checks Monitors backup and resilience readiness automatically. |
Automated System Health Checks run regularly for connectivity, storage, policy, and system health. | |
|
Service Level Agreement (SLA) Monitoring Tracks compliance with recovery SLAs. |
SLA Monitoring is supported through logging, alerting, and reporting of uptime and failover events. |
Data Privacy and Security Hardware for Risk & Compliance
Physical security devices such as biometric access controls, secure servers, and encrypted storage solutions to protect sensitive client and investment data.
More Data Privacy and Security Hardware
More Risk & Compliance ...
Access Control
(8 Yes /8 Known /10 Possible features)
|
Role-Based Access Control (RBAC) Restricts system access to authorized users based on roles. |
FortiGate supports RBAC with extensive user/role configuration as part of its management platform. | |
|
Multi-Factor Authentication (MFA) Requires multiple factors to verify user identity before granting access. |
Multi-factor authentication (MFA) is supported via integration with FortiAuthenticator and third-party MFA providers in FortiGate. | |
|
Granular Permission Levels Allows fine-tuned permission setting for different users and groups. |
Granular permission levels are supported by defining administrator profiles and custom roles in FortiGate. | |
|
Session Timeout Automatic log-off after a period of inactivity to prevent unauthorized access. |
Configurable session/logout timers are available for both GUI and CLI access. | |
|
Single Sign-On (SSO) Integration Integration with SSO providers for unified authentication across platforms. |
SSO integration available via SAML, LDAP, RADIUS, and integration with Microsoft Active Directory. | |
|
Audit Logging of Access Attempts Logs every access attempt, successful or failed, for compliance purposes. |
Audit logging of all access attempts available via local and remote (Syslog, FortiAnalyzer) logging. | |
|
Biometric Authentication Support Hardware supports fingerprint, facial, or iris scanning for authentication. |
No information available | |
|
Remote Lockout Capability Enables the system to remotely lock hardware in case of detected threat or unauthorized attempt. |
Remote lockout can be configured via CLI/API to disable interfaces or user accounts in case of threat. | |
|
Onboarding Approval Workflows Requires multiple parties to approve new access requests or changes. |
Onboarding approval workflows can be customized using admin roles and multi-step access processes. | |
|
Access Attempt Rate Limiting Limits the number of login attempts in a given time frame. |
No information available |
Encryption and Data Protection
(9 Yes /9 Known /10 Possible features)
|
Data at Rest Encryption Encrypts stored data to protect against unauthorized access. |
Data at rest encryption is supported for log storage and backups, especially on FortiGate models with hardware encryption. | |
|
Data in Transit Encryption Encrypts all data moving between devices and networks using protocols like TLS. |
All network traffic and management communication support encryption using TLS/SSL. | |
|
Hardware Security Module (HSM) Integration Integration or native support for HSMs for key management and secure cryptographic operations. |
Integration with hardware security modules (HSMs) is supported for certain models and Fortinet solutions. | |
|
End-to-End Encryption Capability Supports comprehensive encryption of data from source to destination. |
End-to-end encryption is supported for VPN, SSL inspection, and secure overlays. | |
|
Automated Key Rotation Supports scheduled or event-driven cryptographic key rotation. |
Automated key rotation available for VPN and certificate-based protocols. | |
|
Secure Key Storage Uses dedicated secure storage for cryptographic keys, isolated from general storage. |
FortiGate provides isolated, encrypted storage for cryptographic keys within the appliance. | |
|
Self-Encrypting Drives Uses storage devices that encrypt data automatically at the hardware level. |
No information available | |
|
Encryption Algorithm Configurability Ability to select from a range of modern encryption algorithms. |
Supports a wide range of modern encryption algorithms, configurable in policy and VPN settings. | |
|
Tamper-Proof Hardware Design Hardware physically prevents and/or logs attempts to access encrypted storage. |
Physical models of FortiGate have anti-tampering mechanisms and internal logging of hardware access. | |
|
Data Wiping and Sanitization Secure and verifiable erasure of hardware data prior to decommissioning. |
Data wiping/sanitization options are provided as part of hardware decommissioning per Fortinet documentation. |
Monitoring, Auditing, and Reporting
(8 Yes /8 Known /10 Possible features)
|
Real-Time Activity Monitoring Continuously monitors all actions/transactions occurring on the hardware. |
Real-time activity monitoring natively provided via FortiView, FortiAnalyzer, and API/SNMP. | |
|
Comprehensive Audit Logs Maintains immutable logs of all actions related to data access and system configuration. |
Comprehensive and immutable audit logs maintained via local, remote log and FortiAnalyzer integration. | |
|
Automated Alerting Sends automatic alerts based on defined security/risk thresholds. |
Automated security and activity alerting is supported for events and thresholds. | |
|
Regulatory Compliance Reporting Generates reports conforming to specific regulations (e.g., GDPR, SEC). |
Regulatory compliance reporting templates included for sectoral and regional needs, including GDPR/SOX. | |
|
Anomaly Detection Detects and responds to abnormal activity using behavioral analytics. |
FortiGate models provide intrusion and anomaly detection using behavioral analysis for attacks and threats. | |
|
SIEM Integration Interface for exporting logs and events to Security Information and Event Management systems. |
SIEM integration natively supported (FortiAnalyzer, Splunk, Qradar, etc.) | |
|
Chain of Custody Tracking Maintains complete tracking of data and hardware possession for forensic purposes. |
Chain of custody and data/hardware activity is tracked, especially in regulated banking environments, via logging. | |
|
Customizable Reporting Frequency Allows administrators to define how often compliance and security reports are generated. |
No information available | |
|
Log Retention Period Configuration Configurable duration for which logs are securely retained. |
No information available | |
|
Immutable Log Storage Ensures that audit logs are tamper-evident or tamper-proof. |
Logs exported to tamper-proof FortiAnalyzer; appliance logs can be made immutable per documentation. |
Physical Security Features
(5 Yes /5 Known /10 Possible features)
|
Tamper-Evident Seals Seals which visibly indicate any attempt to open cases or enclosures. |
Several FortiGate models have tamper-evident seals for hardware security. | |
|
Physical Locks and Enclosures Locks/cages to prevent unauthorized removal or opening of hardware. |
Physical locks, rack-mount hardware, and secured enclosures are standard for FortiGate appliances. | |
|
Environmental Monitoring Sensors to detect changes in temperature, humidity, or presence of smoke/water near hardware. |
Sensors for temperature, fans, power, and environmental health provided in most FortiGate appliances. | |
|
Hardware Intrusion Alarms Sensors and alarms to alert if hardware is accessed or moved without authorization. |
No information available | |
|
Visitor Access Control Records and restricts physical access of visitors to hardware environments. |
No information available | |
|
Video Surveillance Integration Supports connection to CCTV or other video surveillance systems. |
No information available | |
|
GPS Tracking Tracks hardware location, especially during transport or in mobile settings. |
No information available | |
|
Secure Hardware Disposal Processes ensuring hardware is securely destroyed or wiped after end of use. |
Secure hardware disposal is handled through certified processes recommended by Fortinet for regulated use-cases. | |
|
Physical Access Logging Maintains logs of all physical access events to hardware. |
No information available | |
|
Secure Installation Requirements Mandates installation in secure, access-controlled environments. |
Fortinet's deployment guides mandate installation in secure, access-controlled data center environments. |
Compliance and Certification
(8 Yes /8 Known /10 Possible features)
|
GDPR Compliance Meets General Data Protection Regulation standards for data privacy. |
FortiGate enables GDPR compliance via comprehensive logging, reporting, encryption, and user-rights controls. | |
|
SOC 2 Certification Certified for Service Organization Control 2 for security, availability, confidentiality, etc. |
SOC 2 certification achieved for several Fortinet cloud and appliance services; check specific product line for detail. | |
|
ISO 27001 Certification Complies with global information security management standard. |
ISO 27001 certification held by Fortinet for product development and key service areas. | |
|
FIPS 140-2/FIPS 140-3 Validation Validates cryptographic security module per US government standards. |
Many FortiGate appliances validated to FIPS 140-2/140-3 standards; confirm for appliance in use. | |
|
PCI DSS Compliance Compliant with Payment Card Industry Data Security Standard if relevant. |
PCI DSS compliance addressed by FortiGate solutions in payment network use cases. | |
|
SEC/FINRA Compliance Support Supports reporting and compliance for US financial regulatory bodies. |
SEC/FINRA reporting supported via FortiAnalyzer templates, covering US financial services. | |
|
Customizable Compliance Policy Engine Ability to tailor controls/policies for diverse regulatory needs. |
Compliance policies for multiple regulations are configurable and enforceable in FortiOS. | |
|
Automated Evidence Collection for Audits Automatically gathers and stores evidence needed for formal audits. |
Evidence (logs, traffic samples, etc.) is collected automatically and can be exported for audit purposes. | |
|
Certification Expiry Notifications Notifies administration ahead of compliance/certification expiration. |
No information available | |
|
Audit Readiness Score Quantitative indicator of the product's current audit preparation. |
No information available |
Hardware Performance & Reliability
(7 Yes /7 Known /10 Possible features)
|
System Uptime Guarantee Guaranteed minimum percentage of operational time. |
No information available | |
|
Mean Time Between Failures (MTBF) Predicts hardware reliability between failures. |
No information available | |
|
Self-Diagnostics Hardware runs continuous self-tests to detect faults. |
Self-diagnostics for hardware health and integrity are routine in FortiGate systems. | |
|
Redundant Power Supplies Multiple power supplies to reduce risk of downtime from power failure. |
Redundant, hot-swappable power supplies available on most rack-mount and datacenter models. | |
|
Hot Swappable Components Permits parts to be changed without shutting down the system. |
Hot swappable fans and power supply units supported on high-tier FortiGate models. | |
|
Disaster Recovery Support Integrates with disaster recovery plans and external storage. |
Disaster recovery support provided via API integration, automated backup/config export. | |
|
Hardware Monitoring APIs Provides APIs to monitor hardware status and health remotely. |
Hardware status and system health accessible remotely via SNMP, REST, and cloud APIs. | |
|
Firmware Update Management Supports secure, remote updates to firmware for ongoing protection. |
Fortinet provides secure, managed firmware/patch update mechanisms and documentation. | |
|
Warranty Duration Duration hardware is covered under warranty. |
No information available | |
|
Rapid Spare Replacement Support Fast replacement service for failed hardware components. |
Rapid spare parts and replacement services provided as part of FortiCare support contracts. |
Integration and Interoperability
(9 Yes /9 Known /10 Possible features)
|
API Support Available APIs for integration with other risk/compliance and management software. |
Rich API support (REST, SNMP, etc.) for integration with third-party management and risk systems. | |
|
Standard Protocol Support Supports industry-standard protocols (e.g., SNMP, Syslog, LDAP). |
Supports standard network and security protocols including SNMP, Syslog, LDAP, RADIUS, SAML. | |
|
SIEM/SOAR Integration Connectivity with security orchestration and event management solutions. |
SIEM/SOAR integration supported for major solutions (Splunk, Qradar, ArcSight, etc.). | |
|
Direct Cloud Integration Ability to connect and synchronize with cloud compliance services. |
Cloud integration included (FortiGate-VM, AWS/Azure cloud connectors, multi-cloud sync). | |
|
Custom Connector Capability Enables creation/adaptation of custom connectors for unique environments. |
Custom connectors available via Fortinet Fabric Connectors and API. | |
|
Multi-Vendor Hardware Support Operates alongside and interoperates with multiple hardware vendors. |
FortiGate solution interoperates with multiple other hardware vendors and network components. | |
|
Bulk Data Export/Import Can transfer historical or large data sets in/out for analysis or migration. |
Bulk configuration, import/export of large/multiple datasets/logs is supported (see FortiManager integration). | |
|
Integration Setup Time Average time required to integrate with other core systems. |
No information available | |
|
REST/GraphQL Interface Availability Availability of REST or GraphQL interfaces. |
REST API interface available for configuration and monitoring; GraphQL not explicitly listed. | |
|
Plug-and-Play Compatibility Allows rapid deployment without custom engineering. |
FortiGate is designed as a plug-and-play device with zero-touch provisioning capabilities. |
User Experience & Management
(9 Yes /9 Known /10 Possible features)
|
Unified Management Console Central console for managing configuration, monitoring, and compliance. |
Unified management via FortiManager and FortiCloud management console is a core feature. | |
|
Multi-Language Support User interface and documentation available in multiple languages. |
Multi-language support available in GUI and documentation. | |
|
Customizable Dashboards Tailor admin dashboards to key metrics relevant for risk/compliance. |
FortiGate dashboards (FortiView, FortiAnalyzer) are customizable for admin and compliance use. | |
|
Interactive Tutorials In-situ interactive training built into the console. |
Interactive tutorials/wizards are built into the web console for new deployments. | |
|
Role-Based Views Displays different information depending on user role. |
Role-based views are supported; admin/monitor-only/readonly access possible. | |
|
Mobile Device Management (MDM) Interface Allows some management from mobile devices securely. |
Mobile device management interface (FortiExplorer App, FortiCloud Mobile) supported. | |
|
Helpdesk Integration Built-in interface with support/helpdesk ticketing systems. |
Integrations with helpdesk/ticketing (ServiceNow, JIRA) possible via API/connector. | |
|
Remote Management Tools Manage hardware from remote locations securely. |
Remote management available via FortiManager, FortiCloud and secure VPN. | |
|
User Activity Insights Analytics on hardware and platform user activity. |
User activity analytics part of FortiAnalyzer/FortiView features. | |
|
Training & Certification Tracking Tracks user/admin completion of training and ongoing certifications. |
No information available |
Incident Response & Forensics
(8 Yes /8 Known /10 Possible features)
|
Automated Incident Response Playbooks Predefined, automated responses to specific threats or compliance breaches. |
No information available | |
|
Secure Evidence Collection Ensures forensic evidence (logs, snapshots) is automatically and securely collected. |
Secure collection of logs and snapshots for forensics as per incident response guidelines. | |
|
Chain of Custody Management Tracks custody of evidence from collection to presentation. |
Chain of custody for evidence/logs can be tracked when integrated with FortiAnalyzer/SIEM systems. | |
|
Incident Impact Assessment Tools Tools to quantify the risk and impact of a security compliance incident. |
Incident analysis and reporting tools provided in FortiAnalyzer and FortiGate for compliance incidents. | |
|
Automated Containment Mechanisms Isolate affected hardware or systems automatically upon incident detection. |
Certain actions such as interface shutdown and quarantine are automated in response to threats. | |
|
Integrated Case Management Links evidence, actions, and outcomes in case files. |
Case management available via Fortinet Security Fabric integrations for larger incident response programs. | |
|
Forensic Snapshot Takes cryptographically accurate, timestamped snapshots of system state. |
Forensic snapshots/logs are timestamped and can be used in investigations. | |
|
Incident Response Readiness Assessment Quantitative readiness score for incident response. |
No information available | |
|
Automated Notification to Authorities Built-in workflows for reporting significant incidents to regulators or stakeholders. |
Incident notification/alerting to authorities can be configured via SIEM/SOAR. | |
|
Remediation Guidance Library Detailed guidance for remediating detected compliance/security incidents. |
Fortinet provides remediation guidance via playbooks in documentation and managed service agreements. |
Scalability & Deployment
(8 Yes /8 Known /10 Possible features)
|
Clustered/Distributed Deployment Support Hardware can be deployed as part of clusters or distributed geographically. |
Cluster and geo-distributed deployment support available (HA, clustering, SD-Branch features). | |
|
Modular Expansion Capability Enables incremental hardware upgrades without full replacement. |
Modular expansion (adding interfaces/modules) possible on many FortiGate models. | |
|
Supported Maximum Concurrent Users Maximum number of users/devices hardware can support simultaneously. |
No information available | |
|
Automated Load Balancing Dynamically distributes system load to prevent bottlenecks. |
Hardware/software load balancing features are supported for most large/enterprise models. | |
|
Automated Deployment Tooling Tools/scripts for rapid and standardized deployment across environments. |
Automated deployment tools/scripts (zero-touch, config templates) available. | |
|
Zero-Touch Provisioning Hardware auto-configures with minimal manual intervention. |
Zero-touch provisioning supported by FortiDeploy and FortiManager. | |
|
Resource Allocation Flexibility Assign and re-assign hardware resources to varying workloads. |
Resource assignment (VLAN, virtual domains, routing) is flexible and configurable. | |
|
Multi-Tenancy Support Securely supports multiple organizational units or clients on a single hardware platform. |
Multi-tenancy supported via Virtual Domains (VDOMs) in FortiGate OS. | |
|
High Availability Clustering Ensures continuous operation with minimal failover time. |
High availability (HA) clustering is a standard feature in FortiGate deployments. | |
|
Deployment Time Average time required for initial hardware deployment. |
No information available |
Vendor Support and Transparency
(9 Yes /9 Known /10 Possible features)
|
24/7 Support Availability Access to vendor support at any hour of the day/week. |
24/7 global technical support (FortiCare) available with premium support contracts. | |
|
Transparent Vulnerability Disclosure Policy Vendor offers a clear and prompt channel for security vulnerability disclosures. |
Fortinet maintains a public vulnerability disclosure policy and process. | |
|
Regular Security Patch Releases Vendor provides ongoing security patching with a documented schedule. |
Regular (monthly/quarterly) security and firmware patch releases provided. | |
|
Service Level Agreement (SLA) Formal SLA outlining response and resolution times for issues. |
Service-level agreements offered on enterprise support contracts. | |
|
Signed Commitment to Data Privacy Vendor contractually commits to data privacy in contracts. |
Vendor contracts include commitments to data privacy and confidentiality. | |
|
Onsite Support Option Availability of support technicians to visit physical hardware locations. |
Onsite support options available through FortiCare and authorized partners. | |
|
User Community Portal Has an open user/support community for shared knowledge and peer assistance. |
Active user community provided by Fortinet and FortiGuard Labs. | |
|
Transparency of Sub-Processors Vendor discloses all subcontractors and third parties involved. |
Transparency of sub-processors and partners is published via Fortinet's Trust Center. | |
|
Proactive Risk Advisory Bulletins Vendor issues advisories for emerging risks before direct impact. |
Risk advisories and proactive bulletins distributed to customers and partners. | |
|
Support Ticket Average Response Time Average time for first response on submitted support tickets. |
No information available |
This data was generated by an AI system. Please check
with the supplier. More here
While you are talking to them, please let them know that they need to update their entry.