Fortinet unveils custom ASIC to boost firewall performance, efficiency

Fortinet is introducing a new ASIC that promises to meld the security and network functions of its core family of FortiGate firewalls more efficiently and powerfully.

The custom chip is 7-nanometer package, called fifth-generation security processing system or FortiSP5, that promises a number of performance improvements for the FortiGate system. It enables 17x faster firewall performance and 32x faster encryption processes while using 88% less power compared to standard CPUs, according to John Maddison, executive vice president of products and CMO at Fortinet. With FortiSP5, Fortinet’s firewalls will be able to handle higher levels of traffic inspection to block threats and boost protection, according to the vendor.

FortiSP5 also includes hardware-accelerated quality-of-service (QoS) capabilities so enterprises can set dedicated QoS for sensitive applications such as video conferencing.

“The size lets us fit a lot of performance in a small footprint that we can use in many different locations that now need security but didn’t need or didn’t have space for security systems before. [That includes] things like operational technology environments, utilities, oil, gas, energy, branch or home offices,” Maddison said.

“In addition, applications like zero trust or SASE connectivity require a lot of processing for encryption, which is brutal on a CPU. And so, we’ve added a lot of baseline functionality to SP5, which lets our operating system [FortiOS] take advantage of that to support more applications,” Maddison said. “We expect to be able to better support more distributed environments and larger campus environments that have thousands of APs and switches.”

FortiOS is the vendor’s operating system for the FortiGate family of hardware and virtual components. FortiOS implements Fortinet Security Fabric and includes network security such as firewalling, access control, and authentication in addition to SD-WAN, switching, and wireless services. The latest release, version 7.2, includes AI support to help stop network threats more quickly, sandboxing to help fight ransomware threats, and improved SD-WAN, branch, and edge orchestration.

Like other Fortinet ASICs, the FortiSP5 features multiple processing units that handle networking, such as VXLAN or SD-WAN processing, and security functions, such as SSL or IPSec VPN processing, offloading them from the core CPU allowing for greater overall performance, Fortinet says. The idea is that customers can easily blend network and security functions in one device and not have to buy separate products to handle those operations.

New FortiGate devices utilizing the FortiSP5 ASIC will be available later this year.

Next read this: