Help
Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
redial
New Contributor

Created on ‎09-25-2021 08:12 PM

FGT 30E for pharmacy

Hello all,

 

I've been asked by a small pharmacy to install a firewall for their network. I am looking into the FortiGate 30E in this case because there are not many devices on the network (around 10-15).

 

I am wondering if anybody here has done an installation of a FortiGate for a medical facility in the past, and if so, which licenses did you purchase (IPS, antimalware, etc.)? I am trying to get an idea of which services would be most applicable for this facility so I can figure out licensing costs.

 

Thank you for your insights.

Matteo

2154
0 Kudos
4 REPLIES 4
ede_pfau
Esteemed Contributor III

Created on ‎09-26-2021 03:11 AM

hi,

 

and welcome to the forums.

 

I don't think there are special needs for this customer but you may know better.

To protect a small network I would always offer antivirus (which includes botnet blacklisting), webfilter and, if there are servers, IPS. IPS includes application control which is very effective.

 

For hardware, I would not go for a 30E but for the 30F (or 40F). New generation, same price, 10fold performance.

For subscriptions, the UTM bundle includes all. Maybe ATP will do as well, but I doubt the price difference is worth it.

 

And, to economize, always buy a hardware bundle, that is, FGT plus 3 or 5 years subscriptions. They are heavily discounted when bought together with the hardware. The customer will skip all subsequent price raise s, and services will not expire too soon.

 

Usually, any network includes a WiFi nowadays. A FortiWiFi model with internal AP is not as powerful as an external AP, and sometimes includes only 1 radio (2.4 or 5 GHz). A  single simple FortiAP has advantages here. The WiFi controller is built-in and does not require licensing.

 

HTH.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
1310
0 Kudos
PTM
New Contributor
In response to ede_pfau

Created on ‎09-26-2021 04:56 AM

I would avoid the 30E as it has no FortiOS 6.4 or 7.0 support. Latest software version available at present is 6.2.9. I would go for a 40F which has much better performance and will support software updates for years to come.
1310
0 Kudos
ede_pfau
Esteemed Contributor III
In response to PTM

Created on ‎09-26-2021 09:28 AM

right, 2 opinions to that.

One is "anything below a 60 is not a Fortigate" - if any FortiOS feature is not supported by hardware, it's in these small models. And "30B/40C/30D/30E are gas station models: made for a low-traffic VPN outposts, that is, single purpose, low demands, sold in 10 packs (which is true)".

The 40F is on the brink, powerful yes, but still not the full fledged model. Which might just be fine for some scenarios, nonetheless.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
1310
0 Kudos
redial
New Contributor
In response to ede_pfau

Created on ‎09-28-2021 06:32 AM

Thank you both for your replies.

 

I am now leaning towards either the 40F or the 60F... what are the major differences between these models in terms of performance?

 

Although ideally I would like to implement all Fortinet equipment, this customer has stated that they would like to keep costs lower. As such, I was planning to use an unmanaged switch for the wired side of the network, and then connect a 3rd-party WiFi AP to a spare port on the FortiGate and enable VLAN on that port to separate wireless traffic.

 

Will the above scenario function reliably, or are there any significant benefits to using Fortinet equipment (FortiSwitch & FortiAP)?

 

Thanks,

Matteo

1310
0 Kudos
Labels
Top Kudoed Authors
View all

Contact Us