Deploying FortiGate CNF Discussion Points

Discussion Points During a Demo - Chapter 5

Key reasons for using a Next Generation Firewall in the cloud:

  • FortiGate CNF delivers frictionless security at any scale for AWS environments. Fortinet manages the service delivery infrastructure, simplifying network security operations and lowering costs.
  • FortiGate CNF combines next-generation firewall (NGFW) capabilities like intrusion prevention system (IPS), web filtering, domain name system (DNS) security, and more—with distinct cloud advantages.
  • Zero Operations Overhead: Focus only on security-policy management and offload service-infrastructure maintenance to Fortinet
  • Elastic Licensing: Pay only for what you use, when you use it
  • Leverage Existing Infrastructure: Use existing Fortinet Fabric Ready Solutions like FortiManager, FortiAnalyzer for single pane of glass management and FortiGuard for threat intelligence.
  • Use FortiGate CNF for Inbound, Outbound, and East-West Traffic Inspection and Protection
  • Let Fortinet manage the complexities of high-resiliency and scalability of the service delivery infrastructure

Key questions during your demo

When giving this TEC Workshop as a demo, the following questions will provide a basis for next steps and future meetings:

  • Do you have sufficient in-house expertise to manage the complexities of high-resiliency and scalability of the service delivery infrastructure? Fortinet manages the service delivery infrastructure, simplifying network security operations and lowering costs.
  • Do you have dynamic cloud infrastructure that requires dynamic security policies? FortiGate CNF can be dynamically built and updated based on tags and other attributes that scales with a changing cloud infrastructure.
  • Do you have a need for a single pane of glass for security policy management across multi-cloud and on-premises environments? Use existing Fortinet Fabric Ready Solutions like FortiManager, FortiAnalyzer for single pane of glass management and FortiGuard for threat intelligence.
  • Do you require traffic inspection of Inbound, Outbound, and East-West Traffic Inspection and Protection? Yes, FortiGate CNF can be used for Inbound, Outbound, and East-West Traffic Inspection and Protection.
  • Do you anticipate your network bandwidth needs to grow over time? By autoscaling the number of instances based on traffic load, FortiGate CNF can scale up to 20 Gbps of firewall throughput dynamically. It will also scale down when traffic load decreases resulting in cost savings over static environments.
  • Where can I find a FAQ for FortiGate CNF? https://docs.fortinet.com/index.php/document/fortigate-cnf/latest/frequently-asked-questions/982783/frequently-asked-questions