academy network day high performance in hochschulen · 2 agenda •introduction to fortinet...
TRANSCRIPT
1© Copyright 2013 Fortinet Inc. All rights reserved.
Academy Network Day
High Performance in Hochschulen
28.11.2013
Hochschule Rhein-Waal
Sven Rutsch
Senior Systems Engineer
2
Agenda
• Introduction to Fortinet
• Functional overview
• ASIC Architecture – NP6 and IPv6
• Examples
3
Company Introduction
A Leader in Network Security
• One of the 3 Largest Network Security
Vendors Worldwide
• Leader in Unified Threat Management
(UTM) MQ Since 2009
Year Founded: Oct 2000
Fortinet IPO: Nov 2009
NASDAQ: FTNT
Headquarters:
Sunnyvale, California
FY 2012 Revenue: $534M
Q3 2013 Revenue: $155M+
$841M+ cash and no debt
Profitable
First Product Release:
May 2002
Units Shipped to Date:
1.3+ Million
Customers:
170,0000+
Patents:
143 patents issued
108 patents pending
4
Global Success with Diversified Products
Nine of Top 10 Global 100
Nine of Top 10 Global 100 Aerospace & Defense
Seven of Top 10 Global 100 Computer Services
Seven of Top 10 Global 100 Major Banks
Billings by Region Revenue by Segment
5
Fortinet 3rd Largest Network Security Vendor
(1) IDC Worldwide Security Appliances Tracker, September 2013 (market share based on factory revenue)Notes
Worldwide Security Appliance
Market Share Q2 2013 (1)
Rank CompanyMarket
Share (%)Growth Y/Y
1 Cisco 16.2 0%
2 Check Point 12.5 4%
3 6.2 13%
4 Juniper 5.5 (19%)
5 Blue Coat 5.1 61%
6 McAfee 5.0 10%
Market Size $8.5 Bil.
0%
5%
10%
15%
20%
2010 2011 2012 Q2'13
Mark
et
Sh
are
Market Trending – 3 Years
CSCO
CHKP
JNPR
FTNT
6
Innovation Leadership
7
Fortinet Advantage: Consolidation
8
Fortinet Advantage: Performance
GbpsMbpsFirewall
VPNNGFWUTM
PolicySecurity
9
2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
DP1 DP2
SOC1 SOC2 SOC4
CP4 CP5 CP6 CP7 CP10
NP1 NP2 NP4 NP6
CP8
FortiASIC Evolution
10
NSS Labs – Firewall Performance
11
Fortinet is the only vendor to deliver sub 10μs
NSS Labs IPS Test Results: Latency (μs)
12
Fortinet is the only
vendor to scale
equally well in the
“real-world”protocol mix (core),
a protocol mix
typical of that seen
in a large
datacenter or the
core of an
enterprise network.
Real-World Traffic Mix
13
Harmonizes IPv4 and IPv6 Performance.
Double the capacity of previous generation (NP4)
FortiASIC–NP6 Primary Development
Additional Features:
IPv4, IPv6, FortiAP
SCTP, Multicast Fast Path
Increased Encryption Support
More Statistics
More Queues
More Performance
Specificatio
n
FortiASIC
NP6
FortiASIC
NP4Intel Xeon E5
Gate Count 280 Million 97 Million 2270 Million
Technology 40nm 130nm 32nm
Cost $ $ $$$$
Power 9W 10W 95W
Performance
IPv4 PPS 45 Million 30 Million 2 Million
IPv6 PPS 45 Million - 2 Million
IPSec 28Gbps 10Gbps 2Gbps
Latency 3 µs 3 µs ~100 µs
14
Appliance Based FortiGate 1000 Series
Today Now 3 months
Appliance 1000C 1240B 1500D 1200D
Firewall 20GB 40GB 80G 52G
ASIC 2xNP4,
1xCP8
4xNP4,
4xCP8
2xNP6,
2xCP8
2xNP6,
2xCP8
1Gbps
(RJ45)
14 1616
16
1Gbps
(SPF)
8 2416
16
10Gbps
(SPF +)
2 -8
2
Mid Range
2U
Redundant Power
10G SFP+ interfaces
40G+
Mid Range
15
Appliance Based FortiGate 3000 Series
Today Now 6 months
Appliance 3240C 3600C 3700D 3800D 3810D
Firewall 40GB 60GB 160GB 320GB 320GB
ASIC 2xNP4,
1xCP8
4xNP4,
4xCP8
4xNP6,
8xCP8
8xNP6,
8xCP8
8xNP6,
8xCP8
1Gbps
(SPF)
16 16
28
2 2
10Gbps
(SPF +)
12 12 4 -
40Gbps
(QSPF)
- - 4 12 -
100Gbps
(CFP)
- - - - 6
High End
2U-3U
Redundant Power
40/100GE interfaces
10G SFP+ interfaces
40G+
16
Vielen Dank!