Agenda

1 Trends and Challenges

2 What is a Campus Deployment?

3 FortiGate Protection

4 Campus Deployment and Use Cases

5 The Fortinet Advantage

© Fortinet Inc. All Rights Reserved. 2

Traditional to Hybrid IT Increasing Network Edges

BIG
SHIFTS

Flat to Segmented Networks Scale to Hyperscale

© Fortinet Inc. All Rights Reserved. 3

Lack of Convergence is an Obstacle for Zero Trust Strategy
Users Devices Networks Applications

WFH Cloud
Lacks Awareness

Travel Internet

Branch Data Center

Campus SaaS

Bolt-on Security

OT Edge Compute

© Fortinet Inc. All Rights Reserved. 4

Fortinet’s Networking and Security Convergence Approach
Security Driven Networking enables consistent convergence across all edges with ZTNA

Security-Driven Networking
Networking Security

VPN Device ZTNA

WLAN Switch Routing User Content Application

Secure Network Firewall Secure
LAN/WLAN SD-WAN& 5G

Proxy Location

SWG

A B C 1 2 3

Appliances Software
Lack Awareness Delivers Network Awareness

© Fortinet Inc. All Rights Reserved. 5

Fortinet Secure Networking

Protecting Every Network Edge

As the attack surface expands it creates new
and expanded Networks Edges that need to be
protected
Consistent Convergence
Converged networking and security in unified
offering with a flexible deployment model via
Appliance, Virtual Machine, Container and SaaS

Better User-Experience
Ultra-scalable performance and AI-powered
security are required across edges for better
user-experience and threat protection

© Fortinet Inc. All Rights Reserved. 6

FortiGuard AI-Powered Security

Market Leading Security as a Service

ML-enabled security, deployed close to the protected assets powered by
FortiGuard Labs

Consistent Context Aware Policy

Centralized detection and prevention delivered from the cloud build for
hybrid environments

Coordinated Real-Time Prevention

Continuously assess the risks and automatically respond and counter
known and unknown threats

© Fortinet Inc. All Rights Reserved. 7

 Network Security
Operations Operations

Fortinet
Security Appliance

Fabric Cloud
Security

Access &
Broad Endpoint
Security
Virtual

Visibility and protection of the entire

FortiGuard
digital attack surface to better Threat
manage risk Intelligence
Hosted

Integrated
Cloud
Solution that reduces management
complexity and shares threat
intelligence Open
Secure
Networking Ecosystem
Agent

Automated
Self-healing networks with AI-driven Container
security for fast and efficient
operations

© Fortinet Inc. All Rights Reserved. 8

What Do Campus Deployments Enable?

ACCESS APPLICATION

to the internet access local DC

services and cloud with
ZTNA

PROTECTS MINIMIZES

network from breach/contains by

external threats implementing dynamic
segmentation

© Fortinet Inc. All Rights Reserved. 9

Trends in Campus Deployments

Device ZTNA – Zero The user is now Convergence of

Proliferation Trust Network the hub networking and
Access security

What Is the Business Value of a Campus NGFW Deployment?

• Manage Security and Operational Risks
• Lowers Total Cost of Ownership (TCO)
• Simplification of Operation through Automation

© Fortinet Inc. All Rights Reserved. 10

Key Components of FortiGate Firewalls
Delivering Security-Driven Networks

Security
FortiGuard Labs
Processing Units
FORTIOS

© Fortinet Inc. All Rights Reserved. 11

The FortiGate Differentiators

Security Fabric Zero Trust FortiGuard Labs Security

Processing Units

Zero Trust
Access

Broad, integrated, Constant authentication of Industry leading Best compute rating

automated protection user, device and place threat intelligence and protection in the industry

© Fortinet Inc. All Rights Reserved. 12

Campus Deployment and Use
Cases
FortiGate Deployment Modes

FortiGate FortiSASE
FortiGate FortiGate VM
Container

FortiGate Hardware Appliance FortiGate Virtual Machine Different Functionality FortiGate Delivered as a
Accelerated by Security Licensed by CPU Cores available in Containers Cloud Service
Processing Unit (SPU)

System Network Content 1-92 1-72 1-32 1-32 Linksys Cloud 5G Remote Branch
on a Chip Processor Processor Cores Cores Cores Cores OS Microservices Users Office

© Fortinet Inc. All Rights Reserved. 14

FortiManager Supports FortiGate NGFWs

Simplify Automate Expand

FortiManager

FortiGate FortiGate FortiGate FortiGate FortiGate FortiGate FortiGate FortiGate

BRANCH CAMPUS DATA CENTER

© Fortinet Inc. All Rights Reserved. 15

Campus Deployment Model
Protect/Automate/Consolidate Use Cases
Next Generation Firewall Campus Deployment INSPECT TRAFFIC
Internet

Perimeter
DATA CENTER
Security
FortiGate
NGFW

FortiSandbox
Advanced Threat PREVENT INTERNAL THREATS
Protection
FortiManager
Automation-driven Network Management
Internal
Segmentation
FortiAnalyzer
Analytics-powered Security & Log Management CAMPUS

APPLY SECURITY ACROSS NETWORK

Full Visibility and

FortiSwitch FortiClient
FortiAP Switching Endpoint Protection Protection
Secure Access Point

© Fortinet Inc. All Rights Reserved. 16

Perimeter Security Use Case
Protect/Consolidate

Protecting North/South Traffic GOAL

Large Enterprise Campus • Inspect traffic coming in and out

of Campus

CAPABILITIES
Deep SSL Deep SSL
Inspection Inspection • Application visibility and control, IPS
• Highly scalable/high performance—
Building 1 Finance DB Building 2 utilizing ASIC based architecture
• Low latency for packet processing
• Layer 7 inspection
Internet 2 Internet 1

BENEFIT

• Consolidated networking and security

at the Campus Edge

Regional Branch Office

© Fortinet Inc. All Rights Reserved. 17

Internal Segmentation
Protect

GOAL

MLPS • Prevent internal and external threats

Malicious Traffic Malicious Traffic
with advanced security inspection
Internet
Finance
CAPABILITIES
Finance

Engineering
• SSL Inspection
Engineering
• Segmentation – Macro, network,
Marketing Marketing applications, etc.
• Highly flexible and resilient architecture-
asymmetric traffic inspection
• High port density for more connections

CAMPUS BENEFIT

Clean Traffic Clean Traffic

• Preventing threats between
Firewall Firewall internal networks

© Fortinet Inc. All Rights Reserved. 18

Full Visibility and Protection
Consolidate/Automate

GOAL

• Apply security across all internet

Web & Content Filtering connections on Campus

Threat Protection
CAPABILITIES

NGFW • Web/Video/DNS filtering, explicit proxy

• Over 90+ category-based filtering for
URL Inspection
+ + + + + + • CIPA and BETCA compliant
Firewall App Intrusion Anti-Malware SSL URL Filtering Video Filtering • Web filtering policy override capability
Control Prevention Inspection
via user authentication

Purpose-built Security Processor delivers best performance BENEFIT

• Ability to detect malicious URLs while

connecting to the internet

© Fortinet Inc. All Rights Reserved. 19

Power of FortiGuard Security Services
Be Everywhere, Protect Everything

USERS AND APPLICATION SECURITY

Any Edge | Hybrid Deployment
Web Security Device Security Content Security Networks
HW, VM , As-a-Service, Proxy, ADC

Web Filtering IPS Antivirus

Context Aware | User Centric
Endpoint/Users
+ + + ZTNA, EPP, SASE, FortiTrust

Video Industrial Mobile Multi Clouds | Application Native

Cloud/Applications
Filtering Security Service Malware NGFW, IPS, Mail, CASB, WAF
+ + +

Unified Detection to Prevention

SOC/NOC Manager, Analyzer, SIEM, SOAR,
DNS IoT Detection Cloud
Service Sandbox AI, XDR
+

Technology | Threat Intelligence

Ecosystem
Botnet C & C Connectors, IoC, Threat Alliance

© Fortinet Inc. All Rights Reserved. 20

The Fortinet Advantage
Fortinet Designed Security Processing Unit (SPU)
Industry Leading Hyperscale Security with NP7

Gaming and AI Systems

Security Processing Unit
(SPU)
CPU

CPU

GPU

Network Processor Content Processor

Graphical Processing Unit (NP) (CP)
(GPU) Off-Loads Networking Off-Loads Security
Functions Functions

© Fortinet Inc. All Rights Reserved. 22

The SPU Advantage
High-end Appliances
SSl Inspection Connections Per Power Consumption
Fortinet’s Security rocessors (S s) radically increase (Gbps) Second (K) (Watts/ Gbps FW)
80
the speed, scale, efficiency and value of Fortinet 10 10

solutions while greatly improving user experience, 60 9x 8 9x 8

reducing footprint and power requirements. From entry- More More

40
6 6
5x
level to high-end solutions, SPU-powered Fortinet 4 4 Less
20
appliances deliver superior Security Compute Ratings 2 2

versus industry alternatives. 0 0 0

Industry FG Industry FG Industry FG
Avg 4401F Avg 4401F Avg 4401F
Network Content System-on-
Processor 7 Processor 9 a-Chip 4
NP7 CP9 SoC4

Entry-level Appliances
SSl Inspection Connections Per Power Consumption
(Gbps) Second (K) (Watts/Gbps FW)
Network Processors As a co-processor to the main The System-on-a-Chip
operate in-line to deliver CPU, Content Processors consolidates network and 4 400 30
unmatched performance offload resource-intensive content processing,
for network functions and
hyperscale for stateful
processing and drive content
inspection to accelerate
delivering fast application
identification, steering,
3 6x 300 9x 20
More More
firewall functions. security functions. and overlay performance.
2 200 10 7x
Less
1 100 5

0 0 0
Security Compute Ratings are benchmarks that compare the performance metrics of Fortinet SPU-
based next-generation firewalls to similarly priced solutions from vendors that utilize generic Industry FG Industry FG Industry FG
Avg 200F Avg 200F Avg 200F
processors for networking and security.

© Fortinet Inc. All Rights Reserved. 23

Recognized As a Leader in the 2021 Gartner® Magic Quadrants™
for Network Firewalls and WAN Edge Infrastructure

November 2021 Magic Quadrant™ Same OS September 2021 Magic Quadrant™

for Network Firewalls for WAN Edge Infrastructure

Same
Management
Fortinet Recognized as a Leader 2021 is Fortinet Recognized as a Leader Positioned
12th time included in this Magic Quadrant Highest for Ability to Execute

Gartner Magic Quadrant for Network Firewalls, Ajpreet Kaur, Jeremy D'Hoinne, Nat Smith, Adam Hils, 1 November 2021. Gartner Magic Quadrant for WAN Edge Infrastructure, Jonathan Forest, Naresh Singh, Andrew Lerner, Evan Zeng, 20 September
2021. Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger
research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet. Gartner does not endorse any vendor, product or service depicted in its research publications, and does
not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner
disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

© Fortinet Inc. All Rights Reserved. 24

Campus Recommended NGFWs and Services
Mid-range Models
Recommended 100F 200F 400E 600E
Appliance

SSL Inspection
Throughput 1Gbps 4Gbps 4.8Gbps 8Gbps
Threat Protection
Throughput 1Gbps 3Gbps 5Gbps 7Gbps
New Sessions Per
Second 56,000 280,000 450,000 450,000
Interfaces 2x10G 4x10G 18xG 2x10G

Advanced Malware Web and Video Industrial

Services (Bundle) IPS 24x7 Support
Protection Filtering Signatures
Enterprise Protection ✓ ✓ ✓ ✓ ✓
Unified Threat
Protection ✓ ✓ ✓ ✓
(Recommended)

360 ✓ ✓ ✓ ✓ ✓
© Fortinet Inc. All Rights Reserved. 25
Campus Recommended NGFWs and Services
High-range Models
Recommended 1800F 2600F 4200F 6300F
Appliance

SSL Inspection
Throughput 17Gbps 20Gbps 50Gbps 66Gbps
Threat Protection
Throughput 9.1Gbps 17Gbps 45Gbps 60Gbps
New Sessions Per
Second 750,000 / 2M1 1M / 2M1 1M / 7M1 2M
Interfaces 4x40G 4x40G 8x100G 4x100G

Advanced Malware Web and Video Industrial

Services (Bundle) IPS 24x7 Support
Protection Filtering Signatures
Enterprise Protection ✓ ✓ ✓ ✓ ✓
Unified Threat
Protection ✓ ✓ ✓ ✓
(Recommended)

1. Requires Hyperscale License

© Fortinet Inc. All Rights Reserved. 26