Fortinet unveils new FortiTrust security service and new FortiGate 3500F firewall

FortiTrust offers the FortiGuard security services and FortiCare support services on a per-user licensing model, while the new firewall adds ZTNA capabilities and continues to show Fortinet’s support for these types of products.

John Maddison, Fortinet’s EVP of Products and CMO

Fortinet has made a pair of announcements across different parts of their security portfolio. They have introduced a new FortiTrust security service, which provides a new user-based licensing model for their FortiCare and FortiGuard services offerings. They also announced their FortiGate 3500F Next-Generation Firewall, which contains new zero trust network access [ZTNA] capabilities.

The new FortiTrust service is designed for customers with specific profiles and use cases, for whom user-based licensing of the security and support services may be a simpler and less expensive way to consume them.

“Think of this as a new licensing model,” said John Maddison, Fortinet’s EVP of Products and CMO. “We will still keep the old ones because a lot of people will use them, but we think this is more of a future model.”

Licensing by user instead of by device fits some emerging use cases better, Maddison said.

“Some applications like Zero Trust require coverage of all endpoints, network proxies and cloud services,” he indicated. “We re simplifying things for users by providing all of these per user.” It will remove the need to track device counts or bandwidth consumption, and will also make it easy to calculate the total cost with built in volume discounts.

Maddison said that the addition of FortiTrust as Fortinet’s third service offering will further enhance a segment that is already a large part of Fortinet’s security business.

“Services are already well over 50% of our business,” he said. “We will also be expanding these services further going forward. In the commercial area, they want user-specific bundles.”

FortiTrust’s initial services portfolio includes FortiTrust Access and FortiTrust Identity. Additional services options for SASE and CASB are on the roadmap.

The other announcement, the FortiGate 3500F Next-Generation Firewall, signifies Fortinet’s continued commitment to updating and improving what some in the industry now see as a legacy technology.

“A lot of cloud-only vendors are saying that the network is dead, so why bother with firewalls at all,” Maddison said. “We don’t think this is accurate because the whole experience still relies on the network. In our minds, SD-WAN, next-gen firewalls and Zero Trust are all very important.”

The big addition to this generation is the addition of the Zero Trust network access capability, following up on the addition of SD-WAN last time.

“Some competitors have not invested in firewalls for ten years, because they think they are less important,” Maddison said. “They are not up to date, and don’t meet current requirements. We continue to enhance to produce the necessary performance, and we are also adding more applications. A few years ago, it was SD-WAN, and we are now adding the ZTNA proxy. This represents an investment in chipsets and performance.”

FortiGate 3500F is the first next-gen firewall in the industry that natively integrates access proxy capabilities to enable ZTNA. This lets organizations host applications anywhere with consistent policy controls to enable and secure hybrid workforce models with seamless and superior user experience.

“We provide flexible and architecturally-specific access,” Maddison said. “With some vendors, the enforcement proxy just sits in the cloud. With us, it can sit anywhere. It’s very flexible.”

The FortiGate 3500F is powered by Fortinet’s purpose-built ASIC Security Processing Units, like the NP7 and CP9. FortiGate 3500F offers the industry’s highest security compute rating of 6x for performance compared to competitors – including support of TLS1.3 – to detect attacks, like ZEUS, Trickbot, Dridex, and protect organizations from network, application and file-based attacks and many other sophisticated threats. FortiGate 3500F also natively integrates with FortiGuard Security Services, to offer further protection against network anti-virus, mail security, anti-DDoS, and similar functions, like IPS and anti-malware solutions.

The FortiGate 3500F sits in the high part of he Fortinet portfolio.

“There is a 4000 and 7000 series above it, so it sits in the mid-point of our high-end devices,” Maddison said.