Description
FortiProxy Fast, Secure, and Scalable Secure Web Gateway
FortiProxy is a secure web gateway (SWG) that protects employees against internet-borne attacks using multiple detection techniques including web filtering, DNS filtering, data loss prevention, antivirus, intrusion prevention, and client browser isolation available as hardware, virtual appliance, or cloud.
Key Performance & Scale
- Proxy speeds up to 15 Gbps
- Scales from 500 to 60,000 users
- SSL inspection with no performance compromise
- Custom-built ASICs for hardware-accelerated security processing
Hardware Appliances
- FortiProxy 400G 1U, 4x GE RJ45, 4TB storage, up to 6,000 users, up to 10 VDOMs
- FortiProxy 2000G 2U, 2x 10GE SFP+, 2x GE SFP, 4x GE RJ45, 2x bypass ports, 8TB storage, up to 20,000 users, up to 100 VDOMs
- FortiProxy 4000G 2U, 4x 10GE SFP+, 2x GE SFP, 4x GE RJ45, 2x bypass ports, 8TB storage, up to 60,000 users, up to 250 VDOMs
Virtual Appliances
- VM02 4 vCPU, up to 500 users, 10 VDOMs
- VM04 8 vCPU, up to 2,500 users, 25 VDOMs
- VM08 16 vCPU, up to 10,000 users, 50 VDOMs
- VM16 32 vCPU, up to 25,000 users, 100 VDOMs
- VMUL Unlimited vCPU, up to 50,000 users, 500 VDOMs
- Hypervisor support: VMware ESXi, KVM, Microsoft Hyper-V
Threat Protection
- FortiGuard AI-powered web filtering across 90+ categories and hundreds of millions of URLs
- DNS filtering blocks DNS tunneling, C2 servers, DGAs, malicious newly registered domains
- Intrusion Prevention with 100+ new IPS rules weekly, blocking 4M+ intrusion attempts
- Antivirus, botnet, and DLP powered by FortiGuard
- Two-stage AI sandboxing via FortiSandbox static ML analysis followed by dynamic behaviour analysis
- Client Browser Isolation (NBI) Docker-based, supports Chrome, Edge, and Firefox on Windows
- Data Loss Prevention with OCR, file fingerprinting, watermarking, and FortiGuard DLP integration
- Content Analysis with AI-driven illicit image/video detection and Content Disarm & Reconstruction (CDR)
Application & Access Control
- Granular application control for 3,000+ apps including major SaaS and social platforms
- ZTNA-level access control based on user group and client security posture
- Explicit proxy, transparent, inline, WCCP, and PBR deployment modes
- Authentication: RADIUS, SAML, LDAP, NTLM, Kerberos, FortiToken OTP
Content Caching & WAN Optimisation
- Static and dynamic web and video content caching
- Multiple CDN support
- WAN optimisation for HTTP, MAPI, CIFS, FTP, and TCP protocols
- Traffic shaping and QoS policies
- Reduces bandwidth overhead and network latency
Management & Integration
- Fortinet Security Fabric integration with FortiSandbox, FortiAnalyzer, and FortiNDR
- Third-party integration via ICAP and WCCP protocols
- FortiView and syslog reporting
- Centralised management via single console
- Active-active and active-passive HA with session synchronisation
- Virtual domains (VDOMs) for logical separation between security zones
Visit data sheet: FortiProxy Data Sheet