Technical Tip: FortiGate specifications using Enterprise Mix

Description

This article describes that the IPS, NGFW, and Threat Protection throughput specifications mentioned on FortiGate data sheets use Fortinet’s Enterprise Traffic Mix. This traffic mix closely resembles that used by NSS testing and is comprised of a good mix of applications with different packet sizes.

For example FortiGate 200F performance datasheet (attached: fortigate-200f-series.pdf).

Note that different throughput specifications leverage different types of inspection for best security efficacy, a short explanation is below:

IPS: Firewall, Intrusion Prevention with logging enabled.

NGFW:  Firewall, Intrusion Prevention, and Application Control with logging enabled.

Threat Protection: Firewall, Intrusion Prevention, Application Control, Malware Protection (includes Antivirus, Malicious URL Filtering, and FortiSandbox), and logging enabled.

Scope

FortiGate.

Solution

The composition of the traffic flows is illustrated below.