What’s the Difference Between the FortiGate 80F & FortiGate 80E?

By Andrew Harmon

Posted On August 5, 2020

Fortinet’s latest models, the FortiGate 80F and 81F have just launched. With a SoC4 security processor, application-specific chips, and new WAN edge features, the 80F series is another entry in Fortinet’s steady upgrade from the excellent E Series to the faster, even more secure F Series firewalls. The FortiGate 80F follows in the footsteps of the FortiGate 40F, FortiGate 60F, & FortiGate 100F. So what exactly is the difference between FortiGate 80E UTM appliances and the FortiGate 80F next generation firewall?

The FortiGate 80F

FortiGate 80F Tech Specs – Datasheet

Firewall Throughput: 10 Gbps

IPS Throughput: 1.4 Gbps

NGFW Throughput: 1 Gbps

SSL VPN Throughput: 900 Mbps

Concurrent Sessions (TCP): 1,500,000

New Connections per Second: 45,000

Firewall Latency: 4 μs

Not sure what these numbers mean? Check out our post explaining firewall Tech Specs!

FortiGate 80F Overview

The FortiGate 80F brands itself as a secure SD-WAN and security appliance. This focus on the WAN edge is growing more and more popular in the network security space as small businesses and enterprises alike step up to the challenges of digital transformation and remote work. SD-WAN provides secure, direct Internet access for the kinds of cloud-connected applications businesses now depend on like Dropbox, GitHub, Salesforce, Office 365, and more.

Fortinet’s security-driven networking approach focuses on seamless integration, simple deployment, and intuitive, feature-rich management. This is made possible by Fortinet’s SD-WAN Application-Specific Integrated Circuit (ASIC). The first-of-its-kind technology handles identification and steering for over 5,000 known cloud applications.

The FortiGate 80F joins its F-Series brethren as leaders of the SD-WAN race. For any organization looking to deploy applications, devices, or cloud environments across multiple branch locations, the WAN edge efficiency of these models should put them at the top of any shortlist.

The FortiGate 80E

FortiGate 80E Tech Specs – Datasheet

Firewall Throughput: 4 Gbps

IPS Throughput: 450 Mbps

NGFW Throughput: 360 Mbps

SSL VPN Throughput: 200 Mbps

Concurrent Sessions (TCP): 1,300,000

New Connections per Second: 30,000

Firewall Latency: 3 μs

Not sure what these numbers mean? How about another reminder about our post explaining firewall Tech Specs!

FortiGate 80E Overview

The FortiGate 80E is well-recognized in the industry as a powerhouse of network security, fit for most mid-sized businesses and larger branch offices. The FG-80E includes a SoC3 system-on-a-chip build that optimizes processing power and performance without sacrificing security. As part of the Fortinet Security Fabric, the FortiGate 80E integrates multiple layers of security across small business networks, letting systems communicate in real time to detect and stop advanced threats.

The FortiGate 80E is a Unified Threat Management (UTM) platform that delivers wired and wireless networking for networks up to roughly 50 users. This model also comes with variants that boast improved internal storage as well as Power-over-Ethernet capabilities. A USB port located on the rear of the appliance allows for 3G/4G compatibility that allows for additional WAN connectivity and redundancy.

How much does the FortiGate 80F cost?

Pricing for FortiGate 80F starts with an MSRP of $1200 for the Appliance Only model (though Firewalls.com highly discourages buying “appliance only” products as a primary firewall). However, Requesting a Quote or connecting with a Firewalls.com account representative via Live Chat will immediately shave hundreds of dollars off your final price tag.

Compared to the FG-80E, the FortiGate 80F nets you four times the UTM throughput, extra space for site-to-site tunnels, and connection per second gains an order of magnitude greater than E Series counterparts. And don’t forget that whole purpose-build secure SD-WAN, too.

Visit our Fortinet FortiGate 80F/81F page to Request a Quote or Live Chat now.

What Is Barracuda Email Security

By Andrew Harmon

Posted On July 9, 2020

barracuda barracuda essentials barracuda sentinel email security phishline total email security

Barracuda email security is more than just one product – it’s a philosophy. If you’ve spent any time following cyber threats, you know that email is a favorite point of entry for hackers. And while training your workforce to spot email threats is a must, humans are in fact human. That means you need a comprehensive plan to keep your network safe. In fact, comprehensive is a great word to describe Barracuda email security. It encompasses a variety of solutions with options for any business need. So let’s dive into some of the components of Barracuda’s email security lineup.

What is Barracuda email security used for

Use Barracuda email security to protect your network from all manner of email-borne threats with multi-layered protection. Those layers include:

Defense at the gateway
Email resiliency
Protection from fraud
Email privacy
Greater user security awareness

In sum, deploying the right Barracuda solutions gives you peace of mind that hazards like spam, phishing messages, viruses, and more won’t bring down your network.

How does Barracuda email encryption work

Barracuda email encryption comes through two possible methods: the Email Security Gateway appliance or the cloud-based Barracuda Email Security Service. Both offer secure, outbound email encryption, with multiple policies available that give admins granular control over exactly which outbound emails to encrypt. Once administrators decide on specific policies, users can send emails – and any attachments – that match policy to the Barracuda Message Center with secure TLS encryption.

Backing up a bit, email encryption ensures that only the intended recipient can access an email and its attachments. Traditionally, that access for recipients is tricky, as they’ll need an encryption key. In this case, the web-based Barracuda Message Center handles everything. First, the recipient receives an email notifying them that they have an encrypted message with a link to the message center. Next, the user must choose a password upon first accessing the center. Then, they can view their encrypted messages, download attachments, and reply – all through the Barracuda Message Center. And the best part, once users choose a password, they can use it anytime they need to access subsequent encrypted messages.

What is Barracuda spam filter

Barracuda spam filter stops spam emails that often make it through other email filters. It does so without blocking important messages, thanks to one of the industry’s lowest false-positive rates. Just like Barracuda email security as a whole, spam filtering is a multi-pronged effort. The award-winning spam filtering technology finds email from known spammers, analyzes any embedded URLs to find malicious links, and even catches spammers’ attempts to evade filters by placing embedded text within images.

You may be thinking, won’t these processes slow down email delivery? Barracuda thought of that too, and the answer is no. These spam detection processes take place in the Barracuda cloud, so they don’t slow you down. Spam emails are pre-filtered before they reach your server. That means you also get protection from denial-of-service (DOS) attacks that spammers may launch your way.

How do you use Barracuda spam filter

You get the award-winning Barracuda spam filter through Barracuda Essentials, an all-in-one, cloud-based email protection platform. Barracuda Essentials combines spam filtering with Advanced Threat Protection, which filters more hazards including email-based malware and even zero-day threats – as we know that spam filtering is just one part of the email protection puzzle.

And Barracuda Essentials doesn’t stop at inbound email filtering. In essence, it’s a way to get your business – regardless of size – into Barracuda email security as a whole. This combines inbound filtering with:

Outbound email filtering
Archiving
Email retention enforcement
Full backup and recovery of every email/file

In other words, it not only protects your network from incoming email threats, it also safeguards against data loss with data leak protection policies and the aforementioned encryption. And it’s got your back with full cloud backup and recovery of every email and file.

How much does Barracuda email security cost

How much Barracuda email security costs depends on which solutions you deploy and the needs of your business. If you’re a business with about 50 employees for example looking for the comprehensive protection of Barracuda Essentials, you can get it for under $150 a month.

Barracuda Essentials is available for deployments as small as 10 users or as large as 10,000-plus, with prices per user going down the larger the company. Get started with Barracuda email security today!

What is the Fortinet Security Fabric?

By Andrew Harmon

Posted On June 26, 2020

fortigate fortinet security fabric

The Fortinet Security Fabric: An Overview

Whether you own a Fortinet product or you’re just shopping around, the Fortinet Security Fabric is a term you’re probably seeing a lot of these days. But what is it? Just like actual fabric – many individual fibers weaved together – the Security Fabric is Fortinet’s vast security portfolio intertwined. In short, it’s an integrated solution allowing you to see, manage, and secure your network products in one place. In long? Let’s get into it.

It Starts With the Firewall

Here at Firewalls.com, we often refer to a firewall as the cornerstone of any network setup. The Fortinet Security Fabric treats it that way as well. It’s the hub around which all the spokes of the wheel connect – forgive the mixed metaphors. In this case, with your FortiGate next generation firewall – aka NGFW – you can coordinate the behavior of other Fortinet (and partner) products. That means your FortiGate can run your security show with visibility into all corners of your network. And by the way, it can also function as a Secure SD-WAN powerhouse in case you’ve missed that news. It supports a variety of other security technologies all under the same FortiOS operating system, including:

Secure Wi-Fi and Switching Access
Network Access
The single-console Fabric Management Center
Open Fabric Ecosystems for partner integrations
Cloud Infrastructure
Business-Critical Applications
Security Operations for automated threat detection, prevention, & response
Endpoint Protection

What is the goal of the Fortinet secure access solution?

The Fortinet secure access solution as it’s sometimes termed, encompasses secure switching and wireless. The goal is network access that’s easy to manage for admins while at the same time high performing for users.

Access is a word that pops up a few times in this conversation – as both creating and controlling it is key for an optimized, secure network. The Security Fabric integrates with FortiAPs to provide and manage secure wireless access and FortiSwitches to do what switches do – essentially create a network. And speaking of access, with the Fortinet Security Fabric, you can implement a zero-trust network access policy throughout your network.

It starts with network access detection, continuous monitoring, and control. Next, you can implement multi-factor authentication with a solution like FortiToken. Finally, ongoing visibility and access control of all your endpoints is a must – something you can accomplish with FortiClient. When implemented together, you’ll make it extremely difficult for hackers to gain access to your network – keeping your important data secure.

How does the Security Fabric secure my network?

The Security Fabric is designed with network security as a priority. Fortinet refers to this as security driven networking. This begins with the FortiGate firewall as the front-line network protector. But it also includes the secure access solutions of the switch and wireless appliances, and dynamic cloud security to secure your cloud presence.

We’ve already discussed some of the role the FortiGate plays in the Security Fabric, but let’s expand a bit more. We already know the FortiGate is a firewall. But it also includes other critical security measures. These include a secure web gateway to help stop phishing attacks, SSL/TLS decryption to catch encrypted threats without slowing performance, and intent-based segmentation. And we can’t forget about the Secure SD-WAN component which extends this security outside the physical boundaries of the office to branch locations.

As for the cloud, the Security Fabric integrates a wide array of cloud-based security solutions. We know everyone has some type of cloud presence, so staying protected in that space is paramount. In addition to the FortiGate firewall, Fortinet offers FortiWeb web application firewalls. Email is also a major player in the cloud, and we know that email is a main entry point for malware. The good news is FortiMail is built to stop both traditional and advanced email threats.

Another note on all this security talk. The Fortinet Fabric Manager is your single console to manage all of the solutions mentioned above – and more. But the beauty is you won’t have to micromanage your security. Fortinet’s solutions heavily leverage artificial intelligence and automated security. FortiGuard AI incorporates real-time threat data gathered by FortiGuard Labs to ID and stop just about any online hazard you can think of. In essence, Fortinet Security Fabric solutions are constantly working behind the scenes to stop threats.

Who are Fortinet Security Fabric partners?

The list of Fortinet Security Fabric open fabric ecosystem partners is too numerous to include here. But these partners include heavyweights like Amazon Web Services, Google Cloud, Intel, Oracle, and Siemens to name just a few. The partners leverage the Security Fabric to offer end-to-end security solutions in partnership with Fortinet. It’s just one more way your network gets comprehensive coverage.

How do I get started with the Security Fabric?

We’ve touched on a number of aspects of the Security Fabric in this piece. But in the end, as in the beginning, it all comes back to the firewall. To get started on your Security Fabric journey, find the FortiGate firewall that’s right for your network.

SonicWave vs Ubiquiti Wireless Access Points

By Andrew Harmon

Posted On June 22, 2020

access points SonicWALL sonicwave wifi wireless network

SonicWave vs Ubiquiti Wireless Access Points

Comparing SonicWave wireless access points to competitors like Ubiquiti can pose a challenge. Which stats are important when selecting an AP? What makes SonicWave so secure? How does high performance Wave 2 wireless factor in when it comes to super fast WiFi at a low total cost?

SonicWave is the latest series of wireless access points from SonicWall. In short, Wave 2 wireless provides:

Gigabit WiFi potential
More bandwidth for connected devices
Additional 5 GHz channels
Improved user experience
Beamforming & bandsteering

Beamforming & Bandsteering

In the past, wireless coverage acted sort of like a lightbulb. For instance: you turn it on, light spills out in all directions, and the whole room is evenly lit. Beamforming is more like a flashlight (or a torch for our UK friends). That is to say, it allows more direct and focused paths for connectivity. When a device attempts to connect to your wireless AP, onboard engines determine which channel and device will provide the highest quality connection at the time.

To sum up, key benefits of beamforming include:

More stable, reliable connectivity
Faster data transfers & fewer errors
Reduced interference
Better “signal-to-noise” ratio

In addition, bandsteering is a game changer for WiFi. Bandsteering is the process of using dual-band WiFi, allowing APs to choose which Gigahertz band will provide the highest performance.

2.4 GHz – Slower data transfer, more interference, but larger coverage area & penetration
5 GHz – Higher speeds, more reliable connections, & less congestion

Sometimes the higher capacity 5 GHz band is the faster option. However, in some cases the 2.4 GHz can be the best bet if 5 GHz is congested or a little out of reach. With bandsteering, you do not have to decide. SonicWaves automatically connect to the most efficient band. In other words, the AP does the thinking for you.

Go Controller-Free with SonicWave

SonicWall SonicWave APs feature easy deployment and management options that lower costs. There is no need to purchase a separate wireless controller because your wireless network can be managed through the firewall. Single pane of glass management means less clicking around in multiple tabs and windows to find what you’re looking for. You also have the option of SonicWall’s WiFi Cloud Manager, which offers several bonus features of its own.

Network Security Integration

SonicWall comes backed by multiple decades in the greater network security world. While Ubiquiti excels in their own little fish bowl, SonicWall is a shark that has prowled every corner of the cybercrime seven seas. Above all, SonicWave access points integrate into a larger, centrally managed network with real-time communication and unified threat protection operating across several security layers.

Because SonicWall sports a pedigree in security, SonicWave APs are built with security foremost in mind. That means SonicWaves benefit from:

Automatic firmware updates
Security alerts & rich analytics
SSL/TLS decryption & inspection
Wireless intrusion detection & prevention

Dedicated Security Radio

SonicWave 400 series access points include three radios. The first two radios operate on the 2.4 GHz and 5 GHz bands. Most importantly – when it comes to a protected network – the third radio is there just to secure your WiFi! SonicWave’s security radios scan for rogue access points and perform other wireless security tasks. Additional security-related features include:

Rogue AP Scanning
Virtual AP Segmentation
RF Monitoring
Passive Scanning
Wireless Packet Capture

SonicWave 432i vs Ubiquiti Quick Comparisons

Here we break out a few quick side-by-side stats comparing SonicWave APs vs a Ubiquiti UniFi Pro:

Antennas

SonicWave: 8 fully internal antennas
Ubiquiti: 3 dual-band antennas

802.11ac Max Date Rates

SonicWave: 2.34 Gbps – 3.47 Gbps
Ubiquiti: 450 Mbps – 1.3 Gbps

Interfaces & Ports

SonicWave: (1) 10/100/1000 RJ-45 Ethernet/PoE; (1) 100/1000/2.5 GbE RJ-45 Ethernet; (1) RJ-45 Console; (1) USB 2.0
Ubiquiti: (2) 10/100/1000 RJ-45 Ethernet; (1) USB 2.0

MIMO

SonicWave: 4×4 MU-MIMO
Ubiquiti: 3×3 MIMO

If you’re looking for the bare bones to get a Wi-Fi network up, a Ubiquiti UniFi access point may do the job. If you’re serious about wireless networking, unified security, and user experience, a SonicWave 432i or SonicWave 231c is a better fit for you. SonicWave access points come with the peace of mind that your wireless equipment was home-grown by a company steeped in network security know-how. The demand for fast, stable wireless access continues to grow. Therefore, the volume and variety of advanced attacks targeting WiFi networks will also grow. A SonicWave wireless AP is the way to go for small businesses with cyber security in mind.

How to Choose a Cisco Meraki MS Switch for your Small Business

By Andrew Harmon

Posted On June 5, 2020

How to Choose a Cisco Meraki MS Switch for your Small Business

cisco meraki ms switch network switch

Shopping for Cisco Meraki MS Switches

Cisco Meraki MS Network Switches provide Layer 2 switching that unifies devices. Meraki switches fit best in small businesses, branch offices, distributed enterprises, campuses, and other complex deployment settings. These gigabit switches include SFP+ uplinks on all models. At the high end, Meraki switches reach up to 800 Gbps of switching capacity. In other words, a Cisco Meraki MS Switch is an ideal fit for a wide range of situations.

Managed through a simple single-pane-of-glass interface, Cisco Meraki MS switches excel in the cloud. Extend greater visibility and control across the network. Because of these features, admins can easily track:

User activity
Security events
Configuration changes

Cisco Meraki MS Switches are stackable. So SMBs can easily add future switches to meet business growth – perfect for scalability.

Why Cisco Meraki MS Switches?

Network switches connect all the devices your business uses. Whether they be VoIP phones, wireless APs, firewalls, SMA devices, or others, a switch acts at the central hub of traffic routing. Cisco Meraki MS Switches intelligently link devices across your network. As a result, admins can take control with:

Role-based administration
Fully cloud-based management
Remote diagnostics tools
Packet capture
Automated downtime email alerts

Cisco Meraki MS switches let small businesses take advantage of enterprise-grade features without paying enterprise prices. In addition to traditional Ethernet features, MS switches include:

MAC Whitelists & MAC Authentication Bypass (MAB)
Dynamic ARP Inspection
VLAN configuration settings for individual ports
Traffic monitoring through port mirroring

And there’s more: deploying a Cisco Meraki MS switch is simple. Plug it in. That’s it.

With auto-provisioning, SMBs that lack IT talent can quickly deploy across multiple sites. That is to say, no messing around with command lines. No complex setup needed. Zero-touch deployment makes Meraki switches a plug-and-play experience.

Choosing a Cisco Meraki MS Switch

Finding a network switch can be a challenge if you’re not familiar with important tech specs and features. So here are a few key features to keep an eye out for:

Power Configuration

Cisco Meraki MS switches include a single power supply, with additional power supply units sold separately. Power supply configurations are hot-swappable, so you can say goodbye to downtime.

Switching Capacity

Switching capacity refers to the total amount of data that a network switch can handle. Vendors measure this in Gbps. If you’re getting a gig or more from your ISP, then you’ll want a network switch that can handle that traffic volume without losing the speed you paid for.

Interfaces

The whole point of a network switch is to act as a central hub. That means you’ll want a lot of ports and types of interfaces to meet the needs of your setup. Cisco Meraki MS switches come in:

8-port
16-port
24-port
48-port

Uplinks

Network switch uplinks are important for stacking. To clarify, uplinks allow two similar devices to directly connect. Whereas devices once required a crossover cable to “talk” back and forth, an uplink port allows your MS appliance to internally route communication between devices.

Still Have Questions about Network Switches?

To sum up, Cisco Meraki MS switches are great for SMBs and branches to centralize all their devices. Firewalls.com provides plain-language product knowledge to our customers. This ensures you make a wise security investment. Next, check out our other network switch tools to see if a Cisco Meraki switch is right for you.

Read our article “Five Things to Consider Before Buying a Network Switch“

Watch our Video Buyers Guide for Network Switches

← Older posts Newer posts →