We finally have it — an appliance that combines practically every information technology security feature you can think of.
We obtained one of Fortinet Inc.'s new FortiGate 3600 units and decided to see if combining a smorgasbord of security services on one machine can work in an enterprise setting. This device integrates six functions in one box: antivirus, firewall, Web and e-mail content filtering, virtual private networking, network-based intrusion detection and prevention, and network bandwidth controls or traffic shaping.
The FortiGate 3600 offers a Web-based and a command line interface to configure the device. We give the FortiGate a thumbs up for ease of use. On the left side of the main screen there are buttons generally corresponding to each of the six major functions, plus one button for a monitor screen and one for reporting. Each of these buttons has a drop-down list for subfunctions. The design team made sure that a minimal number of mouse clicks are needed to navigate the system.
Once installed, the device can be managed by users with read and write permissions and by users with read-only permissions. This allows the most experienced analysts to configure the device and then train less experienced staff to respond to FortiGate alerts. This spreads out the work, ensuring that a few administrators are not overloaded with security chores, which often happens.