SCIENCE
Fortinet's FortiGate-3950B Delivers Exceptionally Low Latency With 120 Gbps Firewall Performance in Latest Benchmark Tests
- Written by: Webmaster
- Category: SCIENCE
Fortinet has announced that latest benchmark tests show its FortiGate-3950B enterprise multi-threat security appliance has achieved 120 Gbps of low latency firewall performance using stateless UDP traffic and 114 Gbps of performance using stateful TCP application traffic. The tests were conducted with packets of all sizes, including 64,512 and 1518 byte packets, and showed performance of 170 million packets per second -- more than 10 times faster than competitive products based on price/performance. The amount of latency introduced by the FortiGate-3950B was minimal, at 9.1 microseconds, and CPU utilization was also almost zero percent. These test results highlight the strength of the FortiGate-3950B's FortiASIC network processors (NP4) and modular design, which enable companies to easily scale to meet their performance needs of extremely high throughput and exceptionally low latency.
The device under test (DUT) equipment consisted of a FortiGate-3950B running FortiOS 4.0 MR2 with five add-on FMC-XD2 accelerated interface modules inside, for a total of 12 10-GbE interfaces. Each FMC-XD2 interface module features dual 10-GbE ports, which dramatically increase firewall and IPSec VPN performance. The evaluation was performed using three BreakingPoint Storm Cyber Topography Machines (CTM). Each BreakingPoint Storm CTM contained two four-port 10-GbE cards. The configuration provided a total of 24 10-GbE ports, however only 12 total ports were used. Each port pair had ingress and egress on the firewall and maximum performance was maintained with a firewall policy for traffic in each direction.
"Large enterprises need to ensure that their networks are resilient and can perform in the face of increasingly aggressive security threats," said Mike Hamilton, director of sales engineering at BreakingPoint Systems. "BreakingPoint technology is used by companies such as Fortinet to measure and harden the resiliency -- security, performance, and stability -- of their products so that customers can best anticipate the capability of the device in real-world deployment situations. BreakingPoint's patented ability to recreate stateful application traffic, live security attacks, and maximum user load are critical in creating a more resilient cyber infrastructure."
BreakingPoint's patented network processor-driven architecture powers the world's first and only Cyber Tomography Machine to measure and harden the resiliency of networks and data centers.
"As a rapidly growing number of enterprises consider multi-threat security appliances to replace their legacy firewalls, it's important that they can move forward with confidence in our extremely high performance appliances, which also show remarkably low latency," said Michael Xie, founder, CTO and vice president of engineering for Fortinet. "The FortiGate-3950B continues to impress with its unmatched levels of security, price/performance and scalability, as further proven with these benchmark tests."
Fortinet's FortiGate systems are ASIC-accelerated security appliances that integrate core security and network functionalities including firewall, SSL and IPSec VPN, antivirus, intrusion prevention, Web filtering, antispam, application control, data loss prevention, SSL traffic inspection and WAN optimization. FortiGate's unique approach combines custom FortiASIC processors with latest generation general CPUs to minimize packet processing while accurately scanning the data for threats. Custom FortiASIC processors enable organizations to detect malicious content -- and connection-based threats at multi-Gigabit speeds.
All FortiGate systems are kept up to date automatically by Fortinet's FortiGuard Network, which helps protect against the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, other unwanted network traffic and more -- around the clock and around the world. FortiGuard and the advanced heuristics found in the tightly integrated FortiOS coupled with the FortiASICs security co-processors defend from zero-minute worm attacks. Fortinet solutions have won multiple awards and are certified in five programs by ICSA Labs for firewall, antivirus, IPSec VPN, network IPS and antispam.