FortiOS, Fortinet's leading operating system, enables the ... For the sizing guide, refer to the sizing document available on www.fortinet.com. DOWNLOAD.
4 data sheet fortigate-vm on google cloud specifications device performance data vm-01 /01v /01s vm-02/ 02v/ 02s vm-04/ 04v /04s vm-08/ 08v/ 08s vm-16/ 16v/ 16s vm-32/ 32v/ 32s
DATA SHEET FortiGate®-VM on Google Cloud Next Generation Firewall VPN Gateway The FortiGate-VM on Google Cloud delivers next generation firewall (NGFW) capabilities for organizations of all sizes, with the flexibility to be deployed as an NGFW and/or VPN gateway. It protects against cyber threats with high performance, security efficacy, and deep visibility. Security n Identifies thousands of applications inside network traffic for deep inspection and granular policy enforcement n Protects against malware, exploits, and malicious websites in both encrypted and non-encrypted traffic n Prevents and detects against known and unknown attacks using continuous threat intelligence from AIpowered FortiGuard Labs security services Performance n Delivers industry's best threat protection performance and ultra-low latency using purpose-built security processor (SPU) technology n Provides industry-leading performance and protection for SSL encrypted traffic Certification n Independently tested and validated for best-in-class security effectiveness and performance n Received unparalleled third-party certifications from NSS Labs Networking n Delivers advanced networking capabilities that seamlessly integrate with advanced layer 7 security and virtual domains (VDOMs) to offer extensive deployment flexibility, multitenancy, and effective utilization of resources (only BYOL supports VDOM) n Delivers high-density, flexible combination of various high-speed interfaces to enable best TCO for customers for data center and WAN deployments Management n Includes a management console that is effective, simple to use, and provides comprehensive network automation and visibility n Provides Zero Touch Integration with Fortinet's Security Fabric's single pane of glass management n Predefined compliance checklist analyzes the deployment and highlights best practices to improve overall security posture Security Fabric n Enables Fortinet and Fabric-ready partners' products to provide broader visibility, integrated end-to-end detection, threat intelligence sharing, and automated remediation FortiManager FortiAnalyzer FortiWeb Fortinet's comprehensive security virtual appliance lineup supports Google Cloud 1 DATA SHEET | FortiGate®-VM on Google Cloud DEPLOYMENT Next Generation Firewall (NGFW) § Reduce complexity by combining threat protection security capabilities into single high-performance network security appliances § Identify and stop threats with powerful intrusion prevention beyond port and protocol that examines the actual applications in your network traffic § Delivers the industry's highest SSL inspection performance using industry-mandated ciphers while maximizing ROI § Proactively blocks newly discovered sophisticated attacks in real-time with advanced threat protection VPN Gateway § FortiGate firewalls for SSL and IPsec VPNs into and out of the VPCs § Cloud VPN to FortiGate inter-VPC VPN § Hybrid cloud site-to-site IPsec VPN § Remote access VPN Gain comprehensive visibility and apply consistent control 2 FORTINET SECURITY FABRIC Security Fabric The industry's highest-performing cybersecurity platform, powered by FortiOS, with a rich ecosystem designed to span the extended digital attack surface, delivering fully automated, self-healing network security. § Broad: Coordinated detection and enforcement across the entire digital attack surface and lifecycle with converged networking and security across edges, clouds, endpoints, and users § Integrated: Integrated and unified security, operation, and performance across different technologies, locations, deployment options, and the richest ecosystem § Automated: Context-aware and self-healing network and security postureleveragingcloud-scale and advanced AI to automatically deliver near-real-time, user-to-application coordinated protection across theSecurity Fabric The Security Fabric empowers organizations of any size to secure and simplify their hybrid infrastructure on the journey to digital innovation. DATA SHEET | FortiGate®-VM on Google Cloud Fabric Mgmt. Center NOC Fabric Security Operations SOC Zero Trust Access Adaptive Cloud Security FORTI OS FortiGuard Threat Intelligence Security-Driven Networking Open Ecosystem FortiOSTM Operating System FortiOS, Fortinet's leading operating system, enables the convergence of high performing networking and security across the Fortinet Security Fabric. It delivers consistent and context-aware security posture across the network, endpoints, and clouds. Its organically-built best of breed capabilities and unified approach allows organizations to run their businesses without compromising performance or protection by supporting seamless scalability and simplifying innovation consumption. The release of FortiOS 7 dramatically expands the Fortinet Security Fabric's ability to deliver consistent security across hybrid deployment models running on appliances, software, and as-a-service with SASE, ZTNA, and other emerging cybersecurity solutions. SERVICES FortiGuardTM Security Services FortiGuard Labs offers real-time intelligence on the threat landscape, delivering comprehensive security updates across the full range of Fortinet's solutions. Comprised of security threat researchers, engineers, and forensic specialists, the team collaborates with the world's leading threat monitoring organizations and other network and security vendors, as well as law enforcement agencies. FortiCareTM Services Fortinet is dedicated to helping our customers succeed, and every year FortiCare services help thousands of organizations get the most from their Fortinet Security Fabric solution. We have more than 1000 experts to help accelerate technology implementation, provide reliable assistance through advanced support, and offer proactive care to maximize security and performance of Fortinet deployments. 3 DATA SHEET | FortiGate®-VM on Google Cloud LICENSING With a multitude of deployment methods supported across various private and public cloud deployments, FortiGate-VM for Google Cloud supports the bring-your-own-license (BYOL) licensing model. SPECIFICATIONS VM-01 /01V /01S VM-02/ 02V/ 02S vCPU (Minimum / 1 / 1 Maximum) 1 / 2 Network Interface Support (Minimum / Maximum)1 Virtual Domains (Default / Maximum)2 Firewall Policies 1 / 24 10 / 10 10 000 1 / 24 10 / 25 10 000 Instance Shape to be Measured Google Cloud Expected Bandwidth3 (Gigabit per second) 3 Firewall Throughput (UDP Packets) in Mbps 1280 bytes Firewall Throughput (UDP Packets) in Mbps 512 bytes Firewall Throughput (UDP Packets) in Mbps 64 bytes New Sessions / Second (TCP) HTTP Throughput w/ Application profile (64K size) 4 HTTP Throughput w/ IPS profile (44K size) 5 HTTP Throughput w/ IPS profile (1M size) 5 NGFW Throughput (Mbps) 6 Threat Protection Throughput (Mbps) 7 SSL Inspection throughput (Mbps) 8 N2-Standard-2 10 Gbps stand alone 4000 IPSEC 1360 2500 720 350 160 85 000 - 5750 - 5700 - 5800 - 680 - 680 - 1370 - DEVICE PERFORMANCE DATA VM-04/ 04V /04S VM-08/ 08V/ 08S SYSTEM REQUIREMENT 1 / 4 1 / 8 TECHNICAL SPECIFICATIONS 1 / 24 1 / 24 10 / 50 10 / 50 200 000 200 000 SYSTEM PERFORMANCE N2-Standard-4 N2-Standard-8 10 Gbps stand alone 5350 IPSEC 2000 16 Gbps stand alone 7000 IPSEC 2300 3000 1000 5000 1200 500 190 900 210 120 000 - 180 000 - 7900 - 9600 - 7850 - 9500 - 7900 - 9600 - 1140 - 2240 - 1140 - 2240 - 2000 - 3800 - VM-16/ 16V/ 16S 1 / 16 1 / 24 10 / 500 200 000 N2-Standard-16 32 Gbps stand alone 15 000 IPSEC 3500 7000 1900 1500 450 280 000 - 14 700 - 14 700 - 14 700 - 4250 - 4250 - 7000 - VM-32/ 32V/ 32S 1 / 32 1 / 24 VM-UL/ ULV/ ULS 1 / Unlimited 1 / 24 10 / 500 10 / 500 200 000 200 000 N2-Standard-32 32 Gbps stand alone 20 000 IPSEC 7600 8500 3350 1600 650 335 000 - 17 000 - 17 000 - 17 000 - 8000 - 8000 - 10 500 - Notes. All performance values are up to and vary depending on system configuration. Actual performance may vary depending on the network and system configuration. These metrics are updated periodically as the product performance keeps improving through internal testing. Different versions of the document may note the discrepancy in the performance numbers, so ensure that you refer to the latest datasheets. Performance metrics were observed using FortiGate-VM BYOL instances using FortiOS 7.0.1. 1. Applicable to 6.4.0+. The actual working number of consumable network interfaces varies depending on Google Cloud instance types/sizes and may be less. 2. FG-VMxxV and FG-VMxxS series do not come with a multi-VDOM feature by default. You can add it by applying separate VDOM addition perpetual licenses. See ORDER INFORMATION for VDOM SKUs. 3. You can find the latest information about Google Cloud bandwidth at https://cloud.google. com/compute/docs/machine-types#n2_standard_machine_types. 4. Application Control performance is measured with 64 Kbyte HTTP traffic. 5. IPS performance is measured using Enterprise Traffic Mix and 1 Mbyte HTTP. 6. NGFW performance is measured with IPS and Application Control enabled, based on Enterprise Traffic Mix. 7. Threat Protection performance is measured with IPS and Application Control and Malware protection enabled, based on Enterprise Traffic Mix. 8. SSL Inspection Throughput is measured using TLS ECDHE RSA WITH AES 256 GCM SHA384 (2K). 4 DATA SHEET | FortiGate®-VM on Google Cloud ORDERING INFORMATION The following are SKUs that can be acquired for the BYOL scheme. For the PAYG/On-Demand subscription, various instance/ VM types are available on the marketplace. BYOL is perpetual licensing, as opposed to PAYG/On-Demand, which is an hourly subscription available with marketplace-listed products. Product FortiGate-VM01 FortiGate-VM02 FortiGate-VM04 FortiGate-VM08 FortiGate-VM16 FortiGate-VM32 FortiGate-VMUL SKU FG-VM01, FG-VM01V FG-VM02, FG-VM02V FG-VM04, FG-VM04V FG-VM08, FG-VM08V FG-VM16, FG-VM16V FG-VM32, FG-VM32V FG-VMUL, FG-VMULV Description FortiGate-VM `virtual appliance.' 1x vCPU core. No VDOM by default for FG-VM01V model. FortiGate-VM `virtual appliance.' 2x vCPU cores. No VDOM by default for FG-VM02V model. FortiGate-VM `virtual appliance.' 4x vCPU cores. No VDOM by default for FG-VM04V model. FortiGate-VM `virtual appliance.' 8x vCPU cores. No VDOM by default for FG-VM08V model. FortiGate-VM `virtual appliance.' 16x vCPU cores. No VDOM by default for FG-VM016V model. FortiGate-VM `virtual appliance.' 32x vCPU cores. No VDOM by default for FG-VM032V model. FortiGate-VM `virtual appliance.' Unlimited vCPU cores. No VDOM by default for FG-VMULV model. Optional Accessories/Spares Virtual Domain License Add 5 Virtual Domain License Add 15 Virtual Domain License Add 25 SKU FG-VDOM-5-UG FG-VDOM-15-UG FG-VDOM-25-UG Description Upgrade license for adding 5 VDOMs to FortiOS 5.4 and later, limited by platform maximum VDOM capacity. Upgrade license for adding 15 VDOMs to FortiOS 5.4 and later, limited by platform maximum VDOM capacity. Upgrade license for adding 25 VDOMs to FortiOS 5.4 and later, limited by platform maximum VDOM capacity. Virtual Domain License Add 50 FG-VDOM-50-UG Upgrade license for adding 50 VDOMs to FortiOS 5.4 and later, limited by platform maximum VDOM capacity. Virtual Domain License Add 240 FG-VDOM-240-UG Upgrade license for adding 240 VDOMs to FortiOS 5.4 and later, limited by platform maximum VDOM capacity. The number of configurable VDOMs can be stacked up to the maximum number of supported VDOMs per vCPU model. Please refer to Virtual Domains (Maximum) under SPECIFICATIONS. The following SKUs adopt the annual subscription licensing scheme. Product FortiGate-VM01-S FortiGate-VM02-S FortiGate-VM04-S FortiGate-VM08-S FortiGate-VM16-S FortiGate-VM32-S FortiGate-VMUL-S SKU FC1-10-FGVVS-<Support Bundle>-02-DD FC2-10-FGVVS-<Support Bundle>-02-DD FC3-10-FGVVS-<Support Bundle>-02-DD FC4-10-FGVVS-<Support Bundle>-02-DD FC5-10-FGVVS-<Support Bundle>-02-DD FC6-10-FGVVS-<Support Bundle>-02-DD FC7-10-FGVVS-<Support Bundle>-02-DD Description Subscriptions license for FortiGate-VM (1 vCPU core) Subscriptions license for FortiGate-VM (2 vCPU cores) Subscriptions license for FortiGate-VM (4 vCPU cores) Subscriptions license for FortiGate-VM (8 vCPU cores) Subscriptions license for FortiGate-VM (16 vCPU cores) Subscriptions license for FortiGate-VM (32 vCPU cores) Subscriptions license for FortiGate-VM (Unlimited vCPU cores) FortiOS 6.2.3+ and 6.4.0+ support the FortiGate-VM S-series. The FortiGate-VM S-series does not have RAM restrictions on all vCPU levels. FortiManager 6.2.3+ and 6.4.0+ support managing FortiGate-VM S-series devices. For the sizing guide, refer to the sizing document available on www.fortinet.com DOWNLOAD You can download the Google Cloud new deployment file on www.support.fortinet.com. Go to Download > VM Images from the top menu and choose FortiGate from the Product dropdown list and Google from the Platform dropdown list. Create a FortiGate-VM instance from Custom Images on the Compute Engine portal. 5 DATA SHEET | FortiGate®-VM on Google Cloud BUNDLES FortiGuard Bundle FortiGuard Labs delivers a number of security intelligence services to augment the FortiGate firewall platform. You can easily optimize the protection capabilities of your FortiGate with one of these FortiGuard Bundles. Bundles FortiCare FortiGuard App Control Service FortiGuard IPS Service FortiGuard Advanced Malware Protection (AMP) -- Antivirus, Mobile Malware, Botnet, CDR, Virus Outbreak Protection and FortiSandbox Cloud Service FortiGuard Web and Video1 Filtering Service FortiGuard Antispam Service FortiGuard Security Rating Service FortiGuard IoT Detection Service FortiGuard Industrial Service FortiConverter Service Enterprise Protection 24x7 · · · Unified Threat Protection 24x7 · · · Advanced Threat Protection 24x7 · · · · · · · · · · · 1. Available when running FortiOS 7.0 www.fortinet.com Copyright © 2021 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet's General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet's internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. FG-VM-GCP-DAT-R17-20211126Adobe PDF Library 16.0.3