Educause Security Discussion mailing list archives

Re: Fortinet unified threat management evaluation feedback needed


From: Mark Rogowski <m.rogowski () UWINNIPEG CA>
Date: Tue, 27 Feb 2007 13:53:05 -0600

We have a 400a doing anti virus, IDS (notification only) and are beginning to apply web filtering on select 
departmental subnets on campus.  Our lead network guy noticed that communications would "hiccup" when the FortiGate 
would receive and load updates through the day.  The hiccup would only last 5-10 seconds, but it was enough to change 
the updating process time(s) for the unit.

The FortiGate is very feature rich, and I would not hesitate to recommend using it.  However, don't get sucked in by 
sales folks telling you how "efficient" and "fast" the ASIC makes the unit pass data.  If you want to use everything on 
it, buy a big one.



Mark Rogowski
IT Security
Technology Solutions Centre
University of Winnipeg
Ph: (204) 786-9034

Christian.Heroux () ETSMTL CA 02/27/07 11:22 AM >>>
Hello !

 

            We are evaluating different solution for Traffic shaping, IPS, firewall and Vpn. We came across Fortinet. 
It seems to do all those function and more in one appliance. It`s called unified threat management but can it sustains 
all those functions concurrently without choking? I am worry to put all my eggs in one basket. I know they use ASIC 
instead of CPU but I would like to see all eight functions activated (firewall, antivirus, anti-spam, IPS, IDS, traffic 
shaping, VPN)

 

I know Fortinet/Fortigate is used in universities. If you are using it, can you give me some feedback? 

 

Which functions are activated?

Which model do you have?

How much traffic goes through Fortinet?

Did it ever choke trying to do everything?

 

Christian Héroux

ETS University of Québec 

Montréal Qc

Canada

Current thread: