Fortigate 3.0

Secure Home | Search | About

Lost Password?

Networking Firewalls

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

Fortigate 3.0

Somebody.

11-05-2005

Vrodok the Trol...

Pat

CCMiami

Posted by Somebody. on November 5, 2005, 9:00 am

If you were Registered and logged in, you could reply and use other advanced thread options

I had a demo of Fortigate's version 3.0 OS yesterday. It's no longer NDA so
I can talk about it.

Besides dozens of little things that make the GUI (which was already very
good) easier and faster to use, they've added SSL VPN (That's VPN connection
without installing client software!), doubled the throughput of the AV
engine while getting clear of the Trend patents, added a virtual inteface
construct that will be familiar to all you route-based VPN fans from
NetScreen landd, and improved reporting and logging to the point that there
are some graphs right on the unit you can pull off now, and the boxes can
now talk to Active Directory so your logging can include user name. In fact
*you can replace a Websense installation with this box now* for all but the
most very complex needs. Wow.

The management app that was Windows based for the FortiManager product is no
more, it's all browser based for every box they sell, so it's completely
platform independant.

The FortiManager, FortiGate, and Fortilogger work better together, even
displaying each other's information within their GUIs.

Fortigates have added Peer to Peer and IM to the supported Antivirus
protocols list, and improved their capabilities and explicit blocking rules
for these protocols, (ie you can for example block files but not chat if you
wanted to) as well as underestanding the usernames used within the program
(so you could whitelist 3 MSNM users and block the rest for example) and
they're re-organized the IPS in a very useful way that will allow tremendous
flexibility by policies for application of IPS.

In short, almost my entire wish list was fulfilled, and I'm *really* excited
about these boxes now, boxes for which I was already a big fan.

Slated for release in December, to run on all current boxes.

--

-Russ.

*The only thing you truly control, is you.*

Posted by Vrodok the Troll on November 5, 2005, 11:07 pm

If you were Registered and logged in, you could reply and use other advanced thread options

On Sat, 5 Nov 2005 09:00:46 -0500, in comp.security.firewalls, "Somebody."

>I had a demo of Fortigate's version 3.0 OS yesterday. It's no longer NDA so

>I can talk about it.

[snip]

What is the MSRP, for a single seat? And a url to some current & up-to-date
site/page would also be helpful :)

--
A cat is a machine. All she does is eat, and
sleep, and purr, and poop, and make little cats.

Posted by Pat on November 8, 2005, 6:02 pm

If you were Registered and logged in, you could reply and use other advanced thread options

>I had a demo of Fortigate's version 3.0 OS yesterday. It's no longer NDA

>so I can talk about it.

> Besides dozens of little things that make the GUI (which was already very

> good) easier and faster to use, they've added SSL VPN (That's VPN

> connection without installing client software!), doubled the throughput of

> the AV engine while getting clear of the Trend patents, added a virtual

> inteface construct that will be familiar to all you route-based VPN fans

> from

Russ,
I've been considering a Fortigate 50A or 60, and was wondering how (and how
well) the AV capability works. Does it actually scan incoming email for
viruses (at the gateway itself), or does it act as a server for pushing
virus definitions to a client component (which does the actual email
scanning)? The latter is more common, I think.

I've always thought it would be ideal to have AV and Spyware filtering
happen at the gateway (if possible) rather than having to install software
on the PC for this (where it always seems to interfere with other things).
Although I've seen a number products that provide this, none of ones I've
looked at have completely eliminated the need for a client component.

Thanks for any info. -Pat

Posted by CCMiami on January 5, 2006, 2:18 pm

If you were Registered and logged in, you could reply and use other advanced thread options

Russ,
Ok - you got me - we have put in the Fortiagte 100a. The support for SSL
was the kicker. At this point it is set up in a simple transparent mode and
we had the thought of waiting for 3.0 to do the "real" configuration. Any
idea when this would be comming out?

>I had a demo of Fortigate's version 3.0 OS yesterday. It's no longer NDA

>so I can talk about it.

> Besides dozens of little things that make the GUI (which was already very

> good) easier and faster to use, they've added SSL VPN (That's VPN

> connection without installing client software!), doubled the throughput of

> the AV engine while getting clear of the Trend patents, added a virtual

> inteface construct that will be familiar to all you route-based VPN fans

> from NetScreen landd, and improved reporting and logging to the point that

> there are some graphs right on the unit you can pull off now, and the

> boxes can now talk to Active Directory so your logging can include user

> name. In fact *you can replace a Websense installation with this box now*

> for all but the most very complex needs. Wow.

> The management app that was Windows based for the FortiManager product is

> no more, it's all browser based for every box they sell, so it's

> completely platform independant.

> The FortiManager, FortiGate, and Fortilogger work better together, even

> displaying each other's information within their GUIs.

> Fortigates have added Peer to Peer and IM to the supported Antivirus

> protocols list, and improved their capabilities and explicit blocking

> rules for these protocols, (ie you can for example block files but not

> chat if you wanted to) as well as underestanding the usernames used within

> the program (so you could whitelist 3 MSNM users and block the rest for

> example) and they're re-organized the IPS in a very useful way that will

> allow tremendous flexibility by policies for application of IPS.

> In short, almost my entire wish list was fulfilled, and I'm *really*

> excited about these boxes now, boxes for which I was already a big fan.

> Slated for release in December, to run on all current boxes.

> --

> -Russ.

> *The only thing you truly control, is you.*

Similar Threads	Posted
Fortigate FG-60 and SIP	April 1, 2006, 5:47 pm
Fortigate FG-60 and SIP	April 1, 2006, 5:54 pm
anyone using ips on a fortigate	June 27, 2007, 10:05 am
Fortigate/virusScan	May 10, 2005, 4:26 pm
Fortigate 60 and PPPoE DSL	April 23, 2006, 12:03 am
Problem with Fortigate 300	December 18, 2006, 2:24 pm
Cisco pix or Fortigate?	January 18, 2007, 3:35 pm
Fortigate is greate but not so great.	March 29, 2006, 8:52 am
Fortigate 60 connection limit?	September 20, 2006, 10:29 pm
Fortigate DMZ in transparent mode	November 20, 2007, 11:46 am

The site map in XML format XML site map