In traditional security appliances, multi-purpose CPU-based architectures become an infrastructure bottleneck. The only way for these network security appliances to scale is through purpose-built ASICs that accelerate specific parts of the packet processing and content scanning functions. ASIC technology also offers the ability to run multiple security applications without degradation in performance.
Fortinet has developed several key ASICs, including:
- Content Processor ASIC (CP8): Accelerates content security
- Network Processor: Accelerates network security tasks such as firewall, VPN and IPv6 translation
- Flow Processor: Provides line rate DDoS and resource mapping
- Integrated Switching Fabric ASIC: Connects resources for larger models
- System-On-A-Chip Processor SOC2 (Hybrid ASIC): Integrates all ASICs (including CPU) into a single process for best price/performance
- Multi-core CPU: Provides policy and management functions
These ASICs are used to scale from 20Mbps to 500Gbps of firewall throughput—independent of packet size, while simultaneously maintaining a high number of sessions with low latency. Optimum path processing (OPP) enhances the different resources available in packet flow.
Mid-range models use segmented CPUs plus a network processor to provide additional performance. High-end models use multiple ASICs for even greater performance.