New Virtualized Network Security Appliances from Fortinet


Fortinet introduces virtual versions of its FortiGate, FortiManager, FortiAnalyzer and FortiMail appliances, promising better visibility and security within cloud environments.


Network security provider Fortinet extended its virtualized network security services today with the debut of virtual versions of four of its top physical appliances.


Sunnyvale, Calif.-based Fortinet (NASDAQ:FTNT) unveiled the FortiGate, FortiManager, FortiAnalyzer and FortiMail virtual appliances, all built to run on top of VMware hypervisors.


"While there are a few security companies dabbling with products that protect the network perimeter and the virtual layer, Fortinet is the only company to offer the full breadth of content and network security in an integrated appliance designed to protect both the network perimeter and virtual layers," said Michael Xie, founder, chief technology officer and vice president of engineering at Fortinet. "By providing deeper integration into the virtual environment, we are now positioned to expand our security market leadership and facilitate security within the 'as-a-service' movement."


Chris Simmons, director of product strategy at Fortinet, said customers will now be able to choose between physical and virtual versions of its appliances, bringing them together in whatever combination best suits them, with a "single pane of glass" management platform.


"We really see the addition of these new Fortinet virtual appliances as being complementary to our hardware appliances," Simmons said.


Two of the products—Fortinet's flagship FortiGate appliance and its FortiManager appliance—are available today.


The FortiGate virtual appliance was designed for VMware's ESX. Like the physical version of the appliance, it allows customers to combine firewall, VPN, intrusion prevention, malware prevention, application security and complete content protection, data loss prevention, Web filtering and anti-spam. In addition, it allows customers to inspect inter-zone traffic. Fortinet designed the virtual FortiGate appliance to work in conjunction with physical versions to provide protection and visibility to both the perimeter and virtual layers within a virtual environment.


"Imagine a multitenancy cloud provider in which Customer A attacks Customer B inside the cloud infrastructure," Simmons said. "We're seeing these attacks beginning to happen. Having the ability to insert security controls and bring back visibility into the virtual environment is very important."


The FortiGate appliance will be licensed based on the number of CPUs dedicated to the virtual machine.


FortiManager, on the other hand, is a command and control console that provides the tools to manage Fortinet security infrastructures of any size, from several devices up to 5,000 appliances and endpoint security agents. It features centralized policy-based provisioning, configuration and update management for Fortinet's other appliances and its FortiClient endpoint agents.


Simmons said Fortinet will license the FortiManager appliance by the number of devices and agents under management.


The other two new virtual appliances—FortiAnalyzer and FortiMail—are slated for release in the fourth quarter.


FortiAnalyzer is Fortinet's analysis and reporting appliance. It securely aggregates log data from Fortinet devices and other syslog-compatible devices and provides customized reports on traffic, event, virus, attack, Web content and e-mail data. Its advanced security management functions include quarantined file archiving, event correlation, vulnerability assessments, traffic analysis and archiving of e-mail, Web access, instant messaging and file transfer content.


FortiMail is Fortinet's specialized e-mail security appliance.


"We expect this is going to be a very popular virtual appliance because we see so much virtualization going on in the e-mail environment in general," Simmons said.


The FortiMail appliance blocks inbound spam and malware, but just as importantly, it is also designed to prevent outbound spam and malware (including 3G mobile traffic). That helps ensure domains won't be blacklisted by antispam gateways.


Simmons said Fortinet is still finalizing licensing for both the FortiAnalyzer and FortiMail virtual appliances.


Thor Olavsrud is a contributor to and a former senior editor at He covers operating systems, standards and security, among other technologies.


Follow eSecurityPlanet on Twitter @eSecurityP.