- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- FGT 30E for pharmacy
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FGT 30E for pharmacy
Hello all,
I've been asked by a small pharmacy to install a firewall for their network. I am looking into the FortiGate 30E in this case because there are not many devices on the network (around 10-15).
I am wondering if anybody here has done an installation of a FortiGate for a medical facility in the past, and if so, which licenses did you purchase (IPS, antimalware, etc.)? I am trying to get an idea of which services would be most applicable for this facility so I can figure out licensing costs.
Thank you for your insights.
Matteo
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi,
and welcome to the forums.
I don't think there are special needs for this customer but you may know better.
To protect a small network I would always offer antivirus (which includes botnet blacklisting), webfilter and, if there are servers, IPS. IPS includes application control which is very effective.
For hardware, I would not go for a 30E but for the 30F (or 40F). New generation, same price, 10fold performance.
For subscriptions, the UTM bundle includes all. Maybe ATP will do as well, but I doubt the price difference is worth it.
And, to economize, always buy a hardware bundle, that is, FGT plus 3 or 5 years subscriptions. They are heavily discounted when bought together with the hardware. The customer will skip all subsequent price raise s, and services will not expire too soon.
Usually, any network includes a WiFi nowadays. A FortiWiFi model with internal AP is not as powerful as an external AP, and sometimes includes only 1 radio (2.4 or 5 GHz). A single simple FortiAP has advantages here. The WiFi controller is built-in and does not require licensing.
HTH.
Ede
"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would avoid the 30E as it has no FortiOS 6.4 or 7.0 support. Latest software version available at present is 6.2.9.
I would go for a 40F which has much better performance and will support software updates for years to come.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
right, 2 opinions to that.
One is "anything below a 60 is not a Fortigate" - if any FortiOS feature is not supported by hardware, it's in these small models. And "30B/40C/30D/30E are gas station models: made for a low-traffic VPN outposts, that is, single purpose, low demands, sold in 10 packs (which is true)".
The 40F is on the brink, powerful yes, but still not the full fledged model. Which might just be fine for some scenarios, nonetheless.
Ede
"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you both for your replies.
I am now leaning towards either the 40F or the 60F... what are the major differences between these models in terms of performance?
Although ideally I would like to implement all Fortinet equipment, this customer has stated that they would like to keep costs lower. As such, I was planning to use an unmanaged switch for the wired side of the network, and then connect a 3rd-party WiFi AP to a spare port on the FortiGate and enable VLAN on that port to separate wireless traffic.
Will the above scenario function reliably, or are there any significant benefits to using Fortinet equipment (FortiSwitch & FortiAP)?
Thanks,
Matteo
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's important to have multiple layers of protection to safeguard sensitive data in a medical environment.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello, for this case I recommend that you use the basic licenses with IPS and UTM protection, considering that it is a small environment and that probably does not have published services for the Web.
Yours sincerely,
Victor
Victor Nakagomi
Victor Nakagomi
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Out of personal experience I'd suggest a 60F for such a small environment.
It is only slightly more expensive than a 40F but comes i.e. with 8 instead of 4 CPU cores and 8GB instead of 4GB internal flash.
If you go for a 60F WiFi you can even spare the 3rd party AP.
Also my recommendation would be to purchase a bundle with AV scanning included.
Regards
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Matteo,
I don't have experience with installing a FortiGate for a medical facility, but it's great that you're doing your research to ensure that the network is secure.
As for licenses, I would suggest looking into the FortiGuard Security Subscription, which includes IPS, antimalware, web filtering, and other services.
Speaking of medical facilities, check out meldonium-store.com. They offer a wide range of affordable medications and excellent customer service. It's always great to have a reliable online pharmacy as an option.
Labels
-
FortiGate
6,509 -
FortiClient
1,300 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
413 -
5.6
362 -
FortiAP
333 -
FortiSwitch
332 -
FortiClient EMS
262 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
149 -
6.4
128 -
FortiNAC
106 -
FortiGuard
102 -
FortiGateCloud
87 -
FortiSIEM
86 -
FortiCloud Products
82 -
IPsec
73 -
FortiToken
69 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
58 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
SD-WAN
24 -
FortiConnect
23 -
FortiWAN
22 -
Firewall policy
22 -
FortiConverter
21 -
High Availability
20 -
VLAN
19 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
Routing
12 -
FortiCASB
12 -
FortiAuthenticator
11 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
Virtual IP
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
SSL SSH inspection
6 -
Security profile
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Intrusion prevention
3 -
Automation
3 -
DoS policy
3 -
Port policy
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
NAC policy
2 -
VoIP profile
2 -
Antivirus profile
2 -
Web profile
2 -
Traffic shaping profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Fortinet Engage Partner Program
2 -
trunk
2 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
FortiPAM
1 -
Application signature
1 -
Multicast routing
1 -
Authentication rule and scheme
1 -
Zone
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.