Benchmarking Security Performance with Fortinet’s Security Compute Ratings

The latest advances in computing, such as edge device hyperconnectivity and the hyperscalability achievements of advanced data center architectures are the result of the ongoing and increasing desire to achieve better performance. Speed is the driving force behind the digital transformation of today’s business infrastructures. It enables access to critical data and resources, drives business efficiencies, scales application development, increases productivity, generates revenue, and accelerates ROI. 

Key to these successes – especially critical now as we continue to push the envelope of digital innovation even further and faster – has been the move away from traditional, off-the-shelf computer processors to custom hardware designed to take on very specific tasks. This specialized hardware enables organizations to push performance in the cloud and devices to new levels.

However, security benchmarks around specialized hardware are hard to find. Therefore, to measure how the security industry is helping to drive innovation at the speed of business, Fortinet uses the Security Compute Rating to benchmark performance.

The Problem Lies in the Security Performance Gap

When it comes to security – a critical component that keeps all of our data flying around cyberspace without being stolen, corrupted, or ransomed – performance limitations have become a serious challenge for organizations. Increasingly, many organizations can no longer rely on security devices to effectively perform their tasks without bottlenecking traffic, reducing user experience, or interfering with business strategies. Inspecting and securing data is an inherently complex and processor-intensive proposition, and vendors have traditionally responded to increased demands by simply soldering more traditional CPUs to their motherboards – and raising their prices. 

That strategy has now met its functional limits. Because of the unreasonable price/performance ratio of most security solutions on the market, organizations have been forced to purchase overpriced security and networking devices that only provide limited performance and scalability headroom. This not only has an impact on digital innovation, forcing many organizations to replace the security devices in their data centers with things like VLANs and Layer 4 security – it also led organizations to buy expensive VPN upgrades or even purchase new firewalls to support their remote work initiatives, which grew exponentially as a result of the COVID-19 pandemic.

The problem is that most of the security community has steadfastly refused to invest in the sorts of specialized development needed to meet today’s demands, let alone the challenges coming around the corner due to the imminent arrival of 5G, or the new demands of smart operational technology. This lack of specialized, performance-enhancing hardware has meant that organizations have been put in the very uncomfortable position of having to choose between security and performance.

The Solution? Accelerate Security-Driven Networking with Purpose-Built Technology

Fortinet is one of the few security vendors truly committed to securing and driving forward today’s essential digital innovation efforts. With a deeply rooted passion for innovation since we first opened our doors in 2000, we have continually set industry records for performance and speed. A crown jewel of innovation has been Fortinet’s development of specialized security processors (SPUs). 

The Fortinet Family of SPUs features specially designed security processors that have been engineered to provide unmatched performance at a fraction of the cost of traditional CPUs. This uniquely allows Fortinet solutions to provide accelerated network security and accelerated AI in the cloud – and at a price/performance point no one in the industry can match. 

Fortinet’s Security-Driven Networking-based NGFW, SD-WAN, SD-Branch, IPS, and Segmentation solutions are powered with the following security processors:

• Content Processor 9 (CP9): This ninth generation of our content processor protects applications while optimizing the user experience with the least performance degradation. The CP9 works as a CPU co-processor, taking on resource-intensive security functions such as SSL/TLS decryption – including TLS1.3, IPS, and anti-malware.

• System-on-a-Chip 4 (SoC4): Fortinet’s SoC4 is a purpose-built security, and the industry’s only, Secure SD-WAN processor that has achieved the highest Security Compute Ratings in the industry in supporting WAN Edge transformation. The SoC4 consolidates network and content processing functions onto a single chip to deliver blazingly fast application identification, steering, and overlay performance.

• Network Processor 7 (NP7): Fortinet’s NP7 SPU works with FortiOS functions to deliver superior firewall performance for IPV4, IPV6, and multicast traffic – with ultra-low latency as little as three microseconds to support latency-sensitive applications and services operating in the most demanding professional environments.

Security Benchmarks for Fortinet Security Processors

To highlight the difference that purpose-built processors can provide, Fortinet developed the Security Compute Rating benchmark that compares the performance of Fortinet’s ASIC-based Next-Generation Firewall appliance to other NGFW and SD-WAN vendors that utilize generic CPUs for networking and security capabilities.

The industry average is computed by calculating the average performance of leading solutions, including listed vendors. Security Compute Rating performance numbers are based on each vendor's datasheets. A "N/A" input reflects that the vendor chooses not to publish certain critical performance specifications, such as SSL inspection. As a result, the calculated industry average may actually be much lower, and the performance gap between Fortinet and that vendor may be significantly wide.

Fortinet SPUs outpace other solutions in the market with the highest Security Compute Ratings for benchmarks such as:

• Stateful Firewall throughput

• IPsec VPN performance

• Concurrent sessions

• Sessions per second 

• Inspection of encrypted data

Speed + Scalability + Cost = Enhanced Business Value

Security-driven networking solutions are not only faster and scale further than the competition: They are also much more cost-effective due to the greater affordability of custom chips. As a result, organizations can enjoy far greater headroom for digital innovation with Fortinet TCO savings, or have the resources to respond to unexpected events. 

In a world where reliable, high-performance security is not only essential but also increasingly difficult to come by, Fortinet is the only vendor able to apply 20 years of unique security hardware innovation to offer its customers a tangible and proven solution to the problem. This ensures that businesses, industries, governments, and other organizations around the world are able to innovate freely and respond immediately to critical events without compromise. 

Learn how to enable digital innovation with massive speed, scale, and performance.

Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.