Skip to main content
neonbit
neonbit
New Member
January 18, 2016
Question

AV throughput taken out of the product matrix?

  • January 18, 2016
  • 2 replies
  • 14417 views

Has anyone noticed that the new Fortinet product matrix doesn't have the AV speeds for each device anymore?

 

http://www.fortinet.com/sites/default/files/productdatasheets/Fortinet_Product_Matrix.pdf

 

Also the new datasheets don't have AV performance stats but have NGFW (which I'm assuming is IPS+App control).

 

http://www.fortinet.com/sites/default/files/productdatasheets/FortiGate-50E.pdf

 

I wonder how we're meant to determine the AV speeds on the devices... time to bring out the dice and tarot cards.

    2 replies

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    January 30, 2016

    The rationale behind this probably is that proxy AV has seen it's best days and is going to vanish in favor of flow-based (IPS engine beased) AV. I wouldn't be too surprised if proxy AV was completely dropped in v5.6, and next generations wouldn't even understand us talking about "proxy vs. flow based"...

     

    And of course the marketing department had a saying with this.

    Carl_Wallmark
    Carl_Wallmark
    New Member
    January 30, 2016

    One thing I don´t understand, please correct me if I'm wrong,

     

    I read an article about flow based AV in a fortigate, and it works like this:

     

    When the file passes through the fortigate it will send through the file but also take a copy of the packets into a buffer and wait until the last packet arrives, then it will hold the last packet until the scanning is complete, then it would release the packet. Sounds great right, but flow based should not have a file size limit, so how can it buffer the file in memory if there is no file size limit ?

    MikePruett
    MikePruett
    New Member
    February 1, 2016

    They removed the AV throughput from the product matrix because they are reworking it. Right now on the spec data sheets you can see new fields like "NGFW" and UTM throughput. AV throughput will eventually be put back in there but they are allegedly reworking numbers based on how the new engines and code is operating.

    AndreaSoliva
    AndreaSoliva
    New Member
    February 22, 2016

    Hi

     

    here a official statement from Fortinet:

     

    "The Proxy AV specification will no longer be presented and removed from all existing FortiGate data sheet starting from 15th January 2016. An archive of old data sheets will be available. We'll be replacing these specifics with more widely used NGFW values. The new data sheet should be out 28th January and Product Matrix updated in February Edition."

     

    hope this helps

     

    have fun

     

    Andrea

    sebastan_bach
    sebastan_bach
    New Member
    February 28, 2016

    Thanks for the update Andrea. Do they publish the NGFW throughput with all signatures of app-control, IPS & AV engines since they are mentioning the throughput is with flow based AV (quickmode) which is a compact database. 

     

    Sebastan

    sebastan_bach
    sebastan_bach
    New Member
    March 17, 2016

    Hi Team, 

     

    We are sizing fortigate for an internet gateway where the customer is expecting 1Gbps of SSL outbound traffic. Is the 300D good enough as the SSL inspection throughput mentioned is 1.9 Gbps. My question is the SSL inspection throughput mentioned based on SSL forward proxy for outbound traffic or it's based on SSL decryption for inbound traffic to webservers. cause we want to size for ssl inspection for outbound internet based web traffic. 

     

    Can someone please guide me on the same based on their experience. 

     

    Regards

     

    Sebastan

    Terms & ConditionsAccessibility statement