Fortinet have just this week announced the release of their new FortiGate Cloud-Native Firewall (CNF), now available on Amazon Web Services (AWS) via the AWS Marketplace to AWS customers.
Fortinet’s new FortiGate CNF network and infrastructure security solution, is now available as a Software as a Service (SaaS) offering, is a natural fit for enterprises of all sizes deploying services on the AWS cloud platform, seeking enterprise grade next generation firewall (NGFW) security capabilities with cloud-native support to protect their AWS deployed environments.
FortiGate CNF builds on Fortinet’s traditional firewall capabilities such as packet filtering, network address translation (NAT) and virtual private network (VPN) capabilities with deep packet inspection, intrusion prevention and other techniques to maintain more performant and secure connections, all now available as a service via AWS.
Also underpinning the FortiGate CNF offering on AWS, are Artificial Intelligence (AI)-powered security services which leverage Machine Learning (ML) models, helping the firewall software identify threats, including unknown or novel ones, based on real-time intelligence, behavior-based detection, and automated prevention says Fortinet.
While FortiGate CNF is squarely aimed at businesses looking to deploy an NGFW as a software instance, Fortinet still targets hyperscalers and network operators with physical equipment such as their FortiGate 4800F, which was recently announced in August of 2022, a device which occupies four rack units, providing up to 2.4 terabits per second (2 Tbps) secure data throughput.
5G Security In the Cloud
FortiGate CNF is claimed to include 400 gigabit per second Ethernet (GbE), 200 GbE and 50 GbE ports for scalability. Fortinet have also stat their 4800F CNF enables massive machine-to-machine (M2M) connection that requires secure IP connectivity to untrusted environments like the Internet, edge sites, and cloud services Specific to 5G deployments.
The FortiGate 4800F is also reported to support 25 million connections per second, and secure 5G RAN traffic and core connectivity with IPsec-based VPN performance that Fortinet clocks at 19x faster than previous models.
FortiGate CNF is currently available in two seperate pricing models. Customers will only be charged according to the volume of traffic that were actually processed by each of the security functions.
- CNF instance hours, Hours for deployed FortiGate-CNF Instances – the number of hours (or part of) that a single CNF instance is running, currently listed at USD$2.70 per unit ( hours )
- Data Security Processing Units (DSPU), GB of Security Processing (FW / IPS / VPN) – the number security functions performed for each 1GB of traffic. currently FortiGate CNF supports 4 security functions FW, IPS, Content Inspection and Cryptography, , currently listed at USD$0.031 per unit ( gigabytes of traffic )
AWS Marketplace highlights
The AWS Marketplace product overview states “FortiGate Cloud-Native Firewall (CNF) is a highly available SaaS service that simplifies network security while seamlessly scaling and integrating with AWS services such as AWS Gateway Load balancer and AWS Firewall Manager. FortiGate CNF reduces the network security operations workload by eliminating the need to configure, provision, and maintain any firewall software infrastructure while allowing security teams to focus on security policy management. FortiGate CNF can be billed based on consumption or purchased through annual contracts.”
- Advanced Network Protection: FortiGate CNF blocks traffic to and from known bad IPs, provides intrusion prevention and content filtering capabilities and supports GEO IP policies. FortiGate CNF supports the complete set of mature FortiOS NGFW capabilities.
- Streamlined Security Management: By aggregating security from all networks in an AWS region into a single FortiGate CNF instance customers can simplify security and manage fewer security policies. Customers are not required to build and maintain separate cloud firewalls for each cloud network or availability zone.
- Lower costs: With no security software infrastructure to build, deploy and operate, operations are simplified and in turn costs are reduced. Furthermore, with FortiGate CNF customers only pay for security processing functionality the use
FortiGate CNF is now available to AWS customers directly from the AWS Marketplace.