Intro To Network Security Architecture Flashcards
DEFW and Use Case Characteristics
Distributed Enterprise Firewall
FGT series: 40-90
Also referred to as Branch Sites
Average Throughput: Up to 1 Gbps
Purpose: Remote Site Protection
Basic Firewall Protection
Branch Remote Site protection
Campus Series for high traffic
Trad Firewalls, VPNs, Segmentation, Integrated Wireless LAN
ISFW and Use Case Characteristics
Internal Segmentation Firewall
FGT Series: 100-900
AKA Campus Sites
Average Throughput: 1-100 Gbps
Purpose: Network micro-segmentation
Tradition Firewalls
NGFW
Segmentation: VLANs, VDOMs, zone based interfaces, micro-segmentation
Low Latency: Minimal Delay
Wireless networks: Integrated wireless LAN
DCFW and Use Case Characteristics
Data Center Firewall
FGT Series: 1000-7000
Average Throughput: 10-1000 Gbps
Purpose: High-speed network protection
Traditional Firewalls: Network and Transport Layers
NGFWs: Extends to application layer
Virtual Routing and Forwarding(VRF), VDOMs, and Zone-based interfaces
Minimal Delay
Hardware Accelerated
Massive Data Volumes
High-speed traffic
Virtual FWs
Fortigate VM
FortiCNF(FortiGate Cloud Native Firewall)
FortiSASE
Traditional Firewall
NGFW
Segmentation
DDoS
Low Latency
VPNs for Secure and encrypted remote access and site-to-site connectivity(IPsec, SSL, and L2TP)
WAN Redundancy(Secure SD-WAN)
MultiCloud(range of FortiGate Virtual firewalls: Vmware ESXI, AWS, Azure, Hyper-V, KVM, etc)
SaaS (FortiSASE)
Distributed NGFW
Average Throughput: 1-40 Gbps
Purpose: Multilayered Security
FGT Series: 100-7000
Multiple NGFWs
Different Facilities
Trad Firewalls, VPNs, Segmentation, Low Latency, integrated wireless LAN, HW SSL inspection(on-premise devices), Secure SD-WAN, Hyperscale, DDoS protection, 5G/LTE, ZTNA
Topology is commonly used in large organizations with various facilities.
Hybrid Mesh Scenario
Includes Various Firewall Models
