Optical/IP Networks

Fortinet Gets More Gigabits

Less than a year after it launched its first products, security startup Fortinet Inc. is gearing up to go head-to-head with the most established high-end players in the industry. Its ambitions may not be too far-fetched. The company plans to make a big splash with a 4-Gbit/s antivirus firewall it will be announcing next week, which observers say could position it to grab a good chunk of the security pie.

The hardware-based antivirus startup was conceived by Ken Xie, the same man who founded the wildly successful hardware security vendor NetScreen Technologies Inc. (Nasdaq: NSCN), and observers say it’s following much the same strategy as the larger company did.

"They’re trying to take a bite out of NetScreen’s market," says Current Analysis analyst Joel Conover. “They’re targeting the high-end right away, [and going] a step above what everyone else is doing… This will help them build credibility like NetScreen did.”

Fortinet already offers a multi-gigabit security box (see Fortinet Goes Gigabit), but insists that its new ASIC-based FortiGate 3600 offers significant performance improvements over the 3000 product. With six 1-Gbit/s interfaces providing up to 4-Gbit/s of throughput, the new box offers twice as many gigabit interfaces as the 3000, and more than 78 percent more capacity, the company says, insisting that the increased performance will allow it to more efficiently protect large enterprise and service provider customers.

The 3600’s performance may not match NetScreen’s fastest product, the NetScreen-5400, which offers 12-Gbit/s firewall performance and 6-Gbit/s VPN throughput, but it is comparable with the NetScreen 5200, which offers 4-Gbit/s firewall, and 2-Gbit/s VPN throughput. And while customers tend to go for the more established vendors in these cases, the $40,000 price differential might tempt some to try something new. The FortiGate 3600, which will be available this quarter, will cost $29,995 in North America.

Performance and price aren’t the only differentiators Fortinet is offering. While the company provides all the traditional high-speed security features that NetScreen and other high-end players such as Check Point Software Technologies Ltd. (Nasdaq: CHKP) and Cisco Systems Inc. (Nasdaq: CSCO) offer, its hardware-based antivirus protection feature makes it stand out.

Like the company’s other, lower-end models, the 3600 box sits at the edge of the network behind the Internet router and delivers real-time antivirus and content filtering, in addition to firewall, VPN, intrusion detection, and traffic shaping. Fortinet says it’s the only vendor to have received antivirus certification for an ASIC-based product.

The problem with the software-based antivirus products offered throughout the industry, the company says, is that they are simply too slow for scanning real-time Web traffic. “It’s increasingly recognized that 25 percent of all viruses come from Web traffic and not email,” says Richard Kagan, vice president of marketing at Fortinet. “But because most anti-virus [products] are software based… they don’t have the speed needed to address the problem.”

Because Fortinet’s antivirus engine is etched into its custom-made ASIC, Kagan says, it is fast enough to efficiently strip harmful, content-based attacks like viruses, worms, and Trojan horses from real-time Web traffic, as well as from emails, before they reach servers and desktops.

While speed is definitely a must when rooting out malicious network content, it may not be enough to convince customers to choose a startup's solution over that of a more established software vendor, such as Network Associates Inc.’s (NYSE: NET) McAfee or Symantec Corp.’s (Nasdaq: SYMC) Norton. In addition, some analysts question whether an ASIC-based engine is the best approach to all attacks. “ASICs ultimately look for patterns,” Conover says. “[There’s a problem] when a virus comes along that doesn’t conform to a pattern.”

For instance, if a virus emerges that looks different every time it shows up, he says, a hardware-based engine, even if it has wildcards baked in, would have trouble detecting a pattern.

Fortinet, however, claims that it is up to the task of finding even the most devious viruses and worms. The company recently announced that it has automated the antivirus signature updates it sends out, so that network managers no longer have to request them (see Fortinet 'Pushes' AV Protection). Now, Fortinet’s software-based database updates are sent out to all FortiGate units worldwide instantaneously when a new threat appears. “This really cuts down the vulnerability window,” Kagan says.

Fortinet has yet to sign up any paying customers for its 3600 box, but it does claim to have about six beta-customers. The company says it has several dozen paying customers for its 3000 product.

— Eugénie Larson, Reporter, Light Reading

Be the first to post a comment regarding this story.
Sign In