Security

Review: Fortinet FortiGate–300C

This all-in-one security appliance ably protects school networks from the web’s worst threats.

Jeff is tasked with separating the “gee whiz” factor from the truly useful when it comes to the latest tech gadgets, and oh, he holds a Ph.D. in physics. He currently works as the supervisor of enterprise architecture services for Grange Mutual Casualty Group of Columbus, Ohio. His biggest challenge is being an avid Wolverine fan while living in the midst of Buckeye country.

Fortinet's FortiGate–300C unified threat management system delivers essential network security through a single console. With unlimited user licensing, school IT managers won't have to worry about how many students are accessing the network.

Advantages

Naturally, school users have mixed feelings about security technologies. They want the freedom to access educational content and resources both onsite and remotely, but they don't want their sensitive information to be lost, stolen or compromised. The FortiGate–300C achieves all of these goals and more.

The appliance supports both 1.2-gigabits-per-second IP Security and 200-megabits-per-second Secure Sockets Layer VPNs for remote access. Traffic shaping allows network administrators to prioritize traffic so upper management never feels that the Internet is slow.

The FortiGate–300C's web content filtering feature, which prevents users from inadvertently infecting their devices with malware, can be adjusted by user or group. As a result, IT managers can give teachers and staff broader access privileges while limiting those of students.

The data loss prevention feature scans traffic going into or coming out of the firewall for certain combinations of letters or numbers. If the IT department wants to disallow the transmission of Social Security numbers, for example, it can configure the appliance to look for patterns and then either alert the administrator to their presence or block them altogether.

Best of all, Fortinet's FortiGuard Network continuously monitors the ever-changing threat landscape
and automatically pushes security updates to the FortiGate–300C.

Why It Works for IT

This appliance's management console is a thing of beauty, delivering everything from antivirus and Dynamic Host Configuration Protocol to web content filtering and firewall policies in one convenient location.

Performance is governed by the customized FortiASIC Content Processor, which can handle 8Gbps through the firewall and 1 million concurrent sessions. Network policies can be configured through eight hardware-accelerated 10/100/1000 switched local area network ports and two non-accelerated ports. Administration is performed through a handy USB interface or a standard serial RJ-45 connection. The appliance also can function as part of a highly available cluster, which districts using all of its features will surely appreciate.

Because user licensing is unlimited, IT managers don't have to figure out how many people are using their district's Internet connection and then make the dreaded call to the vendor to buy more licenses (or to administrators about a budget overrun).

Disadvantages

The FortiGate–300C's one-stop-shop approach is appealing. But some IT managers subscribe to the multivendor security model, believing that if one vendor doesn't perceive a threat immediately, another will, resulting in better protection.

Because Fortinet sizes its UTM appliances by throughput, every FortiGate product offers the same basic features; the larger models can handle more data transmissions at once. Bear in mind that performance will naturally suffer as more features are added to the appliance.