PUBLICATION & RESEARCH LIBRARY

Authors: Keith Bormann

Publish Date: April 17, 2017

 TECHNOLOGY DESCRIPTION:

NSS Labs defines a firewall as a mechanism used to protect a trusted network from an untrusted network, while allowing authorized communications to pass from one side to the other. Performance metrics, while important in any firewall, become even more critical in a device intended for data center deployment. DCFWs must support much higher data rates than typical next generation firewalls, as they often handle traffic for hundreds of thousands of users who are accessing high-volume applications inside a data center.

PRODUCT EVALUATED:

NSS Labs performed an independent test of the Fortinet FortiGate 1500D FortiOS v5.4.1 GA Build7386 product. The product was subjected to thorough testing at the NSS facility in Austin, Texas, based on the Data Center Firewall (DCFW) Test Methodology v2.2, which is available at nsslabstage.wpengine.com. This test was conducted free of charge and NSS did not receive any compensation in return for Fortinet’s inclusion.

PRODUCT TESTED IN THE FOLLOWING AREAS:

  • Security Effectiveness – Ability to provide a trusted internal interface, an untrusted external (Internet) interface, and, optionally, one or more DMZ interfaces ?
  • Performance – Ability to provide effective firewall security policy enforcement with performance metrics such as raw packet processing (UDP), latency, maximum capacity, and HTTP connections with real-world traffic mix ?
  • Stability and Reliability – Ability to maintain security and reliability under normal load conditions while enforcing security policies
  • Total Cost of Ownership – Costs associated with purchase, installation, and ongoing management ?


As with all NSS Labs group tests, there was no fee for participation. In addition, the test methodology applied is in the public domain to provide transparency and to help enterprises understand the test results.