10
DATA SHEET | FortiOS
TM
7.0
10
SPECIFICATIONS
Security Fabric
SYSTEM INTEGRATION
Technology ecosystem encompasses leading partners in the Firewall and Network Risk
Management, SDN and Virtualization, Security Information and Event Management
Native integration with FortiSandbox, FortiSandbox Cloud, FortiMail, FortiNAC, FortiMail
CENTRAL MANAGEMENT AND PROVISIONING
Central management support: FortiManager, FortiCloud hosted service, web service APIs
CLOUD AND SDN INTEGRATION
Integration via connectors with:
Networks and Nutanix Prism
API Preview: view all REST API requests being used on a particular GUI page
VISIBILITY
Interactive and graphical visualizer for user, device, network, and security activities
perspectives such as
‘sources’, ‘destinations’, ‘applications’, and ‘threats’ etc.
Physical and logical topology viewers that illustrate:
- location of hosts within the security fabric network
- one-click access to quarantine, IP ban, or access detailed contextual information of
hosts
- connections between security fabric entities
Aggregated data views with downstream FortiGates within a Security Fabric
- presented on FortiView, topology maps, and monitors
AUTOMATION
Define automation within the Security Fabric using simple if-then setup:
API calls/webhooks
Quarantine remote host automatically at the access layer with FortiAP and/or FortiSwitch,
or FortiClient via EMS
NETWORK ACCESS CONTROL (NAC)
eDirectory, FortiClient, Citrix and Terminal Server Agent, Radius (accounting message),
fabric devices without logging in again
creation, auto-renewal of certificates before expiry, OCSP support
Integrated token server that provisions and manages physical, SMS, and Soft One Time
ZTNA Framework: FortiClient EMS uses zero-trust tagging rules to automatically tag
managed endpoints based on various attributes detected by the FortiClient. These tags are
synchronized as dynamic address objects on the FortiGate
clients based on device properties, user groups, or ZTNA tags, and then assign the clients
COMPLIANCE AND SECURITY RATING
Run a series of system configuration compliance check against PCI requirements
Security Fabric Rating: audit components within the fabric against best practices, provide
results and recommendations, then allow users to easily apply remediations for some
items
Manages network devices compliance via dynamic access control with tags provided by
external client management systems
ADVANCE THREAT PROTECTION (ATP)
Display list of vulnerable hosts and their vulnerabilities via telemetry with FortiClient
Display list of compromised hosts via information provided by FortiAnalyzer
External cloud-based or on-premise file analysis (OS sandbox) integration:
malware hashes
WIRELESS CONTROLLER
Manages and provisions settings for local and remote access points
SSID Authentication:
Supports integrated or external captive portal, 802.1x, preshared keys
Client limiting, MAC filtering, broadcast disabling, block intra-traffic and host quarantine
on SSID
- with RADIUS attributes
Airtime fairness: improve the overall network performance by managing downlink link
traffic toward different clients with balanced airtime
- association, authentication, DHCP, and DNS
only)
network resources in roaming decisions and improves overall performance
Controlled failover between wireless controllers
SWITCH CONTROLLER
Extends access control and security to wired devices by managing Fortinet switches
Automatic provisioning of switch firmware upon authorization
Switch Topologies:
- single/stack of switch units
Switch port Features:
Port security policies: