Fortinet FortiNDR 1000F
Network Detection and Response
Click here to jump to more pricing!
Please Note: All Prices are Inclusive of GST
Overview:
FortiNDR represents the future of artificial-intelligence (AI)-driven, network-based breach protection technology designed for shortstaffed Security Operation Center (SOC) teams to identify, classify, and respond to threats, including those that are well-camouflaged. Supervised and unsupervised machine learning (ML) continuously analyze metadata, especially east-west data in datacentres, to identify threats, especially those which may be already persistent in the network.
FortiNDR significantly reduces the time to identify network anomalies and malicious content on your network and mitigate with Fortinet Security Fabric and third party integration.
Highlights
- On premises deployment where no customer data leaves the network
- Ideally for government, airgapped, military, and operational technology (OT) deployment
- High throughput Neural Networks for file-based scanning and malware classification
- Netflow ingestion support for security analytics
- AD integration support for device enrichment
- NDR Center and Sensor mode available for centralised management
Highlights:
FortiNDR Key Features
- On Premise solution where no data leaves the customer network
- Integrate with Fortinet Security Fabric including FortiGate/FortiNAC/FortiSwitch quarantine, FortiAnalyzer/FortiSIEM log and report
- Supports standalone, center, and sensor modes for distributed deployment
- Patented high throughput malware scanning based on Artificial Neural Networks (ANN) to identify file-based attacks, with over 20+ malware attack scenarios
- Reduce malware detection and investigation time from minutes to seconds
- Detect North/South/East/West intrusions accurately
- Detect botnets and weakciphers on network
- Virtual Security Analyst™ to mimic experienced security analyst for outbreak, anomalies, and root causes for malware infections
- Provide on-premises learning to reduce false positives by analyzing organizational-specific traffic and adapting to newly disguised threats
FortiNDR On Premise SOC Deployment
Features:
Top Reasons for FortiNDR Solution
Shortage of Experienced SOC Analysts
Experience is the hardest thing to acquire in cybersecurity, especially in threat analysis, outbreak investigation, and malware research experience. FortiNDR provides Virtual Security Analyst™.
Breach Prevention
Using both ML and signature-based to identify breaches with high degree of confidence, including data enrichment on attacks.
AI-Powered Detection and Response for Cyber Attacks
Innovative threat actors disrupt cyber security through automated attacks designed to overwhelm or sneak past your SOC defenses.
ML-based Traffic Profiling and Malware Detection
Carefully crafted cyber threats designed to bypass your existing security controls through the camouflage with malware detection.
Features | FortiNDR On Premises |
---|---|
Deployment / Data Location | On Premise |
Suitable Use | OT, Air-gapped, Large SOC |
Centralized Management | Standalone, Center and Sensors mode (up to 20 sensors) |
Sensors, Center, and Standalone Options | Sensor: FortiNDR-1000F, VM16 and VM32 Center Hardware: FortiNDR-3500F, FortiNDR VM for Central Management Standalone: FortiNDR-1000F, VM 16, VM32, and FortiNDR 3500F |
Response Integration | FortiGate, FortiSwitch, FortiNAC quarantine, Third party API calls FortiAnalyzer, FortiSIEM, and FortiSOAR |
Malware Detection | Antivirus engine and patented Artificial Neural Network (ANN) |
Detections and Device Enrichment | Netflow Ingestion and AD Integration |
Retention | Throughput and Disk Dependent |
Specifications:
FortiNDR 1000F | FortiNDR 3500F | |
---|---|---|
Deployment | ||
Sniffer / SPAN / 802.1q support | ✔ | ✔ |
Deployment Mode | Standalone, Sensor | Standalone, Center |
Sensors Managed | - | up to 20 |
Fortinet Security Fabric Integration (such as FortiGate, FortiSandbox)1 | ✔ | ✔ |
Hypervisor Support | - | - |
Hardware Specifications | ||
Form Factor | 2 RU Rackmount | 2 RU Rackmount |
Total Interfaces | 2x 10/100/1000 RJ45 ports, 4x 10G SFP+, 1x RJ45 console | 4x 10GbE SFP+, 2x 10GE Copper (10/100/1000), 2x 1G Copper, 1x DB9 Console |
Sniffer/Capture Interfaces | 2 (2 x Fiber 10G SFP+) | 5 (1 x Copper 10G, 4x 10G Fiber SFP+) |
Transceivers Included | purchase separately | purchase separately |
Storage Capacity | 2x 7.68 TB (RAID 1) total 7.68 TB (RAID 1) | 8x 3.84TB SSD, total 15.36 TB (RAID 10) |
Default RAID level (software RAID) | 1 | 10 |
Removable Hard Drives | ✔ | ✔ |
Redundant Hot Swap Power Supplies | ✔ | ✔ |
Custom GPUs for ANN Acceleration | ✔ | |
System Performance | ||
NDR Sniffer Throughput | ||
HTTP (single/dual port) | 10/20 Gbps | 10/20 Gbps |
Enterprise Mix (single/dual port) | 10/20 Gbps | 9.5/13 Gbps |
Malware Analysis Throughput (files per hour)2 | 170k | 130k |
Netflows (flows/second) | 100k | 100k |
Malware Classification | 26 | 26 |
Dimensions | ||
Height x Width x Length (inches) | 88.9 mm x 444.5 mm x 574.04 mm | 86.8 mm x 482 mm (w/handle) x 751.34 mm (w/bezel) 86.8 mm x 434 mm (w/o handle)x 737.5 mm (w/o bezel) |
Weight | 34.6 lbs (16 kg) | 68.34 lbs (31 kg) |
Environment | ||
AC Power Supply | 100-240 VAC, 60-50 Hz | 100-240 VAC, 60-50 Hz |
Power Consumption (Average / Maximum) | 163 W (idle) / 345 W (full loading) | 1390 W / 1668 W |
Heat Dissipation | 1207.5 BTU/h | 6824 BTU/h |
Operating Temperature | 0°C to 40°C (32°F to 104°F) with no direct sunlight on the equipment | 10°C to 35°C (50°F to 95°F) with no direct sunlight on the equipment |
Storage Temperature | –20°C to 70°C (–4°F to 158°F) | –40°C to 65°C (–40°F to 149°F) |
Humidity | Storage: 5% to 90% non-condensing | Storage: 5% to 95% RH with 33°C (91°F) maximum dew point. Atmosphere must be non-condensing at all times. Operation: 10% to 80% relative humidity with 29°C (84.2°F) |
Operating Altitude | Up to 16 404 ft (5000 m) | Up to 7,400 ft (2,250 m) |
Compliance | ||
Safety Certifications | FCC Part 15 Class A, ICES, CE, RCM, VCCI, BSMI, UL/cUL, CB | FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB |
Documentation:
Download the FortiNDR Data Sheet (PDF).
Pricing Notes:
- All Prices are Inclusive of GST
- Sandbox Threat Intelligence (Antivirus, IPS, Web Filtering, File Query, Industrial Security, SandBox Engine) plus FortiCare Premium
FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Antivirus, IPS, Web Filtering, File Query, Industrial Security, SandBox Engine. Does not include Windows or MS Office licenses i.e. BYOL - Hardware plus FortiCare Premium, with NDR and ANN engine updates & baseline
Hardware Unit, FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, NDR & ANN Updates, Advanced Malware Protection, IPS, AV, Botnet IP/Domain, and Web filtering, IOT & IOC detection - FortiCare Premium with NDR and ANN engine updates & baseline
FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, NDR & ANN Updates, Advanced Malware Protection, IPS, AV, Botnet IP/Domain, and Web filtering, IOT & IOC detection - Prices are for one year of Premium RMA support. Usual discounts can be applied.
- Annual contracts only. No multi-year SKUs are available for these services.
- Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
- Pricing and product availability subject to change without notice.