fortinet-partner-logo

Fortinet FortiGate 400F

AI/ML Security and Deep Visibility
Fortinet FortiGate 400F

Overview:

Highlights

  • Gartner® Magic Quadrant™ Leaders for both Network Firewalls and SD‑WAN
  • Unparalleled performance enabled by Fortinet’s patented ASIC and the FortiOS operating system
  • Enterprise-grade protection with FortiGuard AI-Powered Security Services
  • Simplified operations with centralized management for networking and security, automated workflows, deep analytics, and self-healing
  • Inclusive SD-WAN and wireless controller in every FortiGate appliance at no extra cost
  • Rich portfolio for any business budget and need

AI/ML Security and Deep Visibility

The FortiGate 400F Series NGFW combines AI-powered security and machine learning to deliver Threat Protection at any scale. Get deeper visibility into your network and see applications, users, and devices before they become threats.

Powered by a rich set of AI/ML security capabilities that extend into an integrated security fabric platform, the FortiGate 400F Series delivers secure networking that is broad, deep, and automated. Secure your network end to end with advanced edge protection that includes web, content, and device security, while network segmentation and secure SD-WAN reduce complexity and risk in hybrid IT networks.

Universal ZTNA automatically controls, verifies, and facilitates user access to applications, reducing lateral threats by providing access only to validated users. Ultra-fast Threat Protection and SSL Inspection provides security at the edge you can see without impacting performance.

IPS NGFW Threat Protection Interfaces
12 Gbps 10 Gbps 9 Gbps Multiple GE RJ45, 10GE SFP+ Slots, GE SFP Slots

Features:

fortios-icon

FortiOS Everywhere

FortiOS, Fortinet’s Advanced Operating System FortiOS enables the convergence of high performing networking and security across the Fortinet Security Fabric. Because it can be deployed anywhere, it delivers consistent and context-aware security posture across network, endpoint, and multi-cloud environments. FortiOS powers all FortiGate deployments whether a physical or virtual device, as a container, or as a cloud service. This universal deployment model enables the consolidation of many technologies and use cases into organically built best-of-breed capabilities, unified operating system, and ultra-scalability. The solution allows organizations to protect all edges, simplify operations, and run their business without compromising performance or protection. FortiOS dramatically expands the Fortinet Security Fabric’s ability to deliver advanced AI/MLpowered services, inline advanced sandbox detection, integrated ZTNA enforcement, and more. It provides protection across hybrid deployment models for hardware, software, and Software-as-a-Service with SASE. FortiOS expands visibility and control, ensures the consistent deployment and enforcement of a simplified, single policy and management framework. Its security policies enable centralized management across large-scale networks with the following key attributes:
  • Interactive drill-down and topology viewers that display real-time status
  • On-click remediation that provides accurate and quick protection against threats and abuses
  • Unique threat score system correlates weighted threats with users to prioritize investigations
laptop-01
Intuitive easy to use view into the network and endpoint vulnerabilities
comprehensive-view
Visibility with FOS Application Signatures
fortiguard-icon-green

FortiGuard Services

Network and File Security
Services provide protection against network-based and file-based threats. This consists of Intrusion Prevention (IPS) which uses AI/M models to perform deep packet/SSL inspection to detect and stop malicious content, and apply virtual patching when a new vulnerability is discovered. It also includes Anti-Malware for defense against known and unknown file-based threats. Anti-malware services span both antivirus and file sandboxing to provide multilayered protection and are enhanced in real-time with threat intelligence from FortiGuard Labs. Application Control enhances security compliance and offers real-time application visibility.

Web / DNS Security

Services provide protection against web-based threats including DNS-based threats, malicious URLs (including even in emails), and botnet/command and control communications. DNS filtering provides full visibility into DNS traffic while blocking high-risk domains, and protects against DNS tunneling, DNS infiltration, C2 server ID and Domain Generation Algorithms (DGA). URL filtering leverages a database of 300M+ URLs to identify and block links to malicious sites and payloads. IP Reputation and anti-botnet services prevent botnet communications, and block DDoS attacks from known sources.

SaaS and Data Security

SaaS and Data Security Services address numerous security use cases across application usage as well as overall data security. This service consists of Data Leak Prevention (DLP) which ensures data visibility, management, and protection (including blocking exfiltration) across networks, clouds, and users, while simplifying compliance and privacy implementations. The FortiGuard Data Loss Prevention Service provides advanced data protection by using real-time data classification and pattern matching to identify sensitive information. It offers comprehensive monitoring and control over data movement, ensuring that sensitive data is not inadvertently or maliciously transmitted outside the organization. Additionally, The FortiGuard Data Loss Prevention Service facilitates compliance with various regulatory requirements by automating the enforcement of data security policies and providing detailed reporting and audit trails.

Zero-Day Threat Prevention

Zero-day threat prevention entails Fortinet’s AI-based inline malware prevention, our most advanced sandbox service, to analyze and block unknown files in real-time, offering subsecond protection against zero-day and sophisticated threats across all NGFWs. The service also has a built-in MITRE ATT&CK® matrix to accelerate investigations. The service focuses on comprehensive defense by blocking unknown threats while streamlining incident response efforts and reducing security overhead.

OT Security

The service provides OT detection, OT vulnerability correlation, virtual patching, OT signatures, and industry-specific protocol decoders for overall robust defense of OT environments and devices.

Secure Any Edge at Any Scale

Powered by Security Processing Unit (SPU)
Traditional firewalls cannot protect against today’s content- and connection-based threats because they rely on off-the-shelf hardware and general-purpose CPUs, causing a dangerous performance gap. Fortinet’s custom SPU processors deliver the power you need—up to 520Gbps—to detect emerging threats and block malicious content while ensuring your network security solution does not become a performance bottleneck.
np7

Network Processor 7 NP7

Network Processors operate inline to deliver unmatched performance and scalability for critical network functions. Fortinet’s breakthrough SPU NP7 network processor works in line with FortiOS functions to deliver:
  • Hyperscale firewall, accelerated session setup, and ultra-low latency
  • Industry-leading performance for VPN, VXLAN termination, hardware logging, and elephant flows

Content Processor 9 CP9

Content Processors act as co-processors to offload resource-intensive processing of security functions. The ninth generation of the Fortinet Content Processor, the CP9, accelerates resource-intensive SSL (including TLS 1.3) decryption and security functions while delivering:
  • Pattern matching acceleration and fast inspection of real-time traffic for application identification
  • IPS pre-scan/pre-match, signature correlation offload, and accelerated antivirus processing
demo-icon-fortimanager

Centralized Network and Security Management at Scale

FortiManager, the centralized management solution from Fortinet, enables integrated management of the Fortinet security fabric, including devices like FortiGate, FortiSwitch, and FortiAP. It simplifies and automates the oversight of network and security functions across diverse environments, serving as the fundamental component for deploying Hybrid Mesh Firewalls.
Intuitive view and clear insights into network security posture with FortiManager

Use Cases:

ngfw (2)

Next Generation Firewall (NGFW)

  • FortiGuard Labs’ suite of AI-powered Security Services—natively integrated with your NGFW—secures web, content, and devices and protects networks from ransomware and sophisticated cyberattacks
  • Real-time SSL inspection (including TLS 1.3) provides full visibility into users, devices, and applications across the attack surface
  • Fortinet’s patented SPU (Security Processing Unit) technology provides industry-leading high-performance protection
sd-wan (1)

Secure SD-WAN

  • FortiGate WAN Edge powered by one OS and unified security and management framework and systems transforms and secures WANs
  • Delivers superior quality of experience and effective security posture for work-from-any where models, SD-Branch, and cloud-first WAN use cases
  • Achieve operational efficiencies at any scale through automation, deep analytics, and self-healing
ztna

Universal ZTNA

  • Control access to applications no matter where the user is and no matter where the application is hosted for universal application of access policies
  • Provide extensive authentications, checks, and enforce policy prior to granting application access – every time
  • Agent-based access with FortiClient or agentless access via proxy portal for guest or BYOD
segmentation

Segmentation

  • Dynamic segmentation adapts to any network topology to deliver true end-to-end security—from the branch to the datacenter and across multi-cloud environments
  • Ultra-scalable, low latency, VXLAN segmentation bridges physical and virtual domains with Layer 4 firewall rules
  • Prevents lateral movement across the network with advanced, coordinated protection from FortiGuard Security Services detects and prevents known, zero-day, and unknown attacks
FortiGate 400F/401F – red/grey theme

Specifications:


FortiGate 400F/-DC FortiGate 401F/-DC
Interfaces and Modules
Hardware Accelerated GE RJ45 Interfaces 16
Hardware Accelerated GE SFP Slots 8
Hardware Accelerated 10GE SFP+ Slots 4
Hardware Accelerated 10GE SFP+ Ultra Low Latency Slots 4
GE RJ45 Management Ports 2
USB Ports 1
RJ45 Console Port 1
Onboard Storage 0 2x 480 GB SSD
Trusted Platform Module (TPM) Yes Yes
Included Transceivers 2x SFP (SX 1 GE)
System Performance — Enterprise Traffic Mix
IPS Throughput 12 Gbps
NGFW Throughput 10 Gbps
Threat Protection Throughput 9 Gbps
System Performance and Capacity
IPv4 Firewall Throughput
(1518 / 512 / 64 byte, UDP)		 79.5 / 78.5 / 70 Gbps
IPv6 Firewall Throughput
(1518 / 512 / 64 byte, UDP)		 79.5 / 78.5 / 70 Gbps
Firewall Latency (64 byte, UDP) 4.19 μs / 2.5 μs
Firewall Throughput (Packet per Second) 105 Mpps
Concurrent Sessions (TCP) 7.8 Million
New Sessions/Second (TCP) 500,000
Firewall Policies 10,000
IPsec VPN Throughput (512 byte) 55 Gbps
Gateway-to-Gateway IPsec VPN Tunnels 2,000
Client-to-Gateway IPsec VPN Tunnels 50,000
SSL-VPN Throughput 3.6 Gbps
Concurrent SSL-VPN Users
(Recommended Maximum, Tunnel Mode)		 5,000
SSL Inspection Throughput (IPS, avg. HTTPS) 8 Gbps
SSL Inspection CPS (IPS, avg. HTTPS) 6,000
SSL Inspection Concurrent Session (IPS, avg. HTTPS) 800,000
Application Control Throughput (HTTP 64K) 28 Gbps
CAPWAP Throughput (HTTP 64K) 65 Gbps
Virtual Domains (Default / Maximum) 10 / 10
Maximum Number of FortiSwitches Supported 72
Maximum Number of FortiAPs (Total / Tunnel) 512 / 256
Maximum Number of FortiTokens 5,000
High Availability Configurations Active-Active, Active-Passive, Clustering
Dimensions and Power
Height x Width x Length (inches) 1.75 x 17.0 x 15.0
Height x Width x Length (mm) 44.45 x 432 x 380
Weight 14.11 lbs (6.4 kg) 14.33 lbs (6.5 kg)
Form Factor (supports EIA/non-EIA standards) Rack Mount, 1 RU
AC Power Consumption (Average / Maximum) 154.8 W / 189.2 W 161.1 W / 196.9 W
AC Power Input 100–240V AC, 50/60Hz
AC Current (Maximum) 6A
DC Power Supply 48-60VDC
DC Current (Maximum) TBA
Heat Dissipation 645.58 BTU/h 671.85 BTU/h
Power Supply Efficiency Rating 80Plus Compliant
Redundant Power Supplies (Hot Swappable) Yes (Default dual AC PSU for 1+1 Redundancy)
Operating Environment and Certifications
Operating Temperature 32°F to 104°F (0°C to 40°C)
Storage Temperature -31°F to 158°F (-35°C to 70°C)
Humidity 5–90% non-condensing
Noise Level LPA 48 dBA / LWA 55 dBA
Operating Altitude Up to 10 000 ft (3048 m)
Noise Level LPA 48 dBA / LWA 55 dBA
Airflow Side and Front to Back
Compliance FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB
Certifications USGv6/IPv6

Hardware:

fg400f-401f-hardware-specs

Interfaces

  1. 1 x USB Port
  2. 1 x Console Port
  3. 2 x GE RJ45 MGMT/HA Ports
  4. 16 x GE RJ45 Ports
  5. 4 x 1GE/10GE SFP+ Slots
  6. 4 x 10GE SFP+ Ultra Low Latency Slots
  7. 8x 1GE SFP Slots
tpm

Trusted Platform Module (TPM)

The FortiGate 30G series features a dedicated module that hardens physical networking appliances by generating, storing, and authenticating cryptographic keys. Hardware-based security mechanisms protect against malicious software and phishing attacks.
chain

Access Layer Security

FortiLink protocol enables you to converge security and network access by integrating the FortiSwitch into the FortiGate as a logical extension of the firewall. These FortiLink-enabled ports can be reconfigured as regular ports as needed.

Documentation:

PDF Download the Fortinet FortiGate 400F/401F Series Data Sheet (PDF).

Pricing Notes:

  • Hardware plus FortiCare Premium and FortiGuard Enterprise Protection
    Hardware Unit, FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AI-based Inline Malware Prevention, Advanced Malware Protection, Inline CASB Database, Data Loss Prevention, Application Control, URL, DNS & Video Filtering, Antispam, Attack Surface Security, and FortiConverter Service) plus term of contract
  • Hardware plus FortiCare Premium and FortiGuard Unified Threat Protection (UTP)
    Hardware Unit, FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, URL, DNS & Video Filtering and Antispam Service) plus term of contract
  • Enterprise Protection (IPS, AI-based Inline Malware Prevention, Inline CASB Database, DLP, App Control, Adv Malware Protection, URL/DNS/Video Filtering, Anti-spam, Attack Surface Security, Converter Svc, FortiCare Premium)
    FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AI-based Inline Malware Prevention, Advanced Malware Protection, Inline CASB Database, Data Loss Prevention, Application Control, URL, DNS & Video Filtering, Antispam, Attack Surface Security, and FortiConverter Service)
  • Unified Threat Protection (UTP) (IPS, Advanced Malware Protection, Application Control, URL, DNS & Video Filtering, Antispam Service, and FortiCare Premium)
    FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, URL, DNS & Video Filtering and Antispam Service)
  • Advanced Threat Protection (IPS, Advanced Malware Protection Service, Application Control, and FortiCare Premium)
    FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Advanced Threat Protection Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct Service, Application Control)
  • FortiCare Essential Support
    FortiCare Essential Ticket Handling, Hardware Replacement, Firmware and General Upgrades, Application Control
  • FortiCare Premium Support
    FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Application Control
  • FortiCare Elite Support
    FortiCare Premium Support with FortiCare Elite Ticket Handling.
  • Prices are for one year of Premium RMA support. Usual discounts can be applied.
  • Annual contracts only. No multi-year SKUs are available for these services.
  • Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
  • Pricing and product availability subject to change without notice.

Fortinet Products

FortiGate 400F Base Appliance

FortiGate-400F
18 x GE RJ45 ports (including 1 x MGMT port, 1 X HA port, 16 x switch ports), 8 x GE SFP slots, 8 x 10GE SFP+ slots, SPU NP7 and CP9 hardware accelerated, dual AC power supplies

#FG-400F

Request Quote

FortiGate 400F Hardware plus FortiCare Premium and FortiGuard Unified Threat Protection (UTP)

Includes: Hardware Unit, FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (IPS, AI-based Inline Malware Prevention, Advanced Malware Protection, Inline CASB Database, Data Loss Prevention, Application Control, URL, DNS & Video Filtering, Antispam, Attack Surface Security, and FortiConverter Service) plus term of contract
 

FortiGate-400F Hardware plus 1 Year FortiCare Premium and FortiGuard Unified Threat Protection (UTP)

#FG-400F-BDL-950-12

Request Quote

FortiGate-400F Hardware plus 3 Year FortiCare Premium and FortiGuard Unified Threat Protection (UTP)

#FG-400F-BDL-950-36

Request Quote

FortiGate-400F Hardware plus 5 Year FortiCare Premium and FortiGuard Unified Threat Protection (UTP)

#FG-400F-BDL-950-60

Request Quote

FortiGate 400F Advanced Threat Protection

FortiGate-400F 1 Year FortiGate Cloud Standard Subscription, includes Management, Analysis and 1 Year Log Retention

#FC-10-0400F-928-02-12

Request Quote

FortiGate-400F 1 Year Advanced Threat Protection (IPS, Advanced Malware Protection Service, Application Control, and FortiCare Premium)

#FC-10-0400F-928-02-36

Request Quote

FortiGate-400F 5 Year Advanced Threat Protection (IPS, Advanced Malware Protection Service, Application Control, and FortiCare Premium)

#FC-10-0400F-928-02-60

Request Quote

FortiGate Cloud

FortiGate-400F 1 Year FortiGate Cloud Standard Subscription, includes Management, Analysis and 1 Year Log Retention

#FC-10-0400F-131-02-12

Request Quote

FortiGate-400F 3 Year FortiGate Cloud Standard Subscription, includes Management, Analysis and 1 Year Log Retention

#FC-10-0400F-131-02-36

Request Quote

FortiGate-400F 5 Year FortiGate Cloud Standard Subscription, includes Management, Analysis and 1 Year Log Retention

#FC-10-0400F-131-02-60

Request Quote

FortiGate 400F Unified Threat Protection (UTP)

Includes: FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, UTP Services Bundle (IPS, AV, Botnet IP/Domain, Mobile Malware, FortiGate Cloud Sandbox including Virus Outbreak and Content Disarm & Reconstruct, Application Control, Web & Video Filtering and Antispam Service)
 

FortiGate-400F 1 Year Unified Threat Protection (UTP) (IPS, Advanced Malware Protection, Application Control, URL, DNS & Video Filtering, Antispam Service, and FortiCare Premium)

#FC-10-0400F-950-02-12

Request Quote

FortiGate-400F 3 Year Unified Threat Protection (UTP) (IPS, Advanced Malware Protection, Application Control, URL, DNS & Video Filtering, Antispam Service, and FortiCare Premium)

#FC-10-0400F-950-02-36

Request Quote

FortiGate-400F 5 Year Unified Threat Protection (UTP) (IPS, Advanced Malware Protection, Application Control, URL, DNS & Video Filtering, Antispam Service, and FortiCare Premium)

#FC-10-0400F-950-02-60

Request Quote