USA
Catalog   /   Computing   /   Networking   /   Routers & Firewalls

Comparison Fortinet FortiGate 101F vs Fortinet FortiGate 100E

Add to comparison
Fortinet FortiGate 101F
Fortinet FortiGate 100E
Fortinet FortiGate 101FFortinet FortiGate 100E
Compare prices 2Compare prices 1
TOP sellers
Main
This modification is equipped with a built-in 480 GB SSD drive.
TypeFirewallFirewall
Mountdesktoprack-mount
Ports
Connections
Ethernet
optics (SFP/SFP+)
Ethernet
 
Gigabit Ethernet
21 pcs /2xFortiLink/
18 pcs /+ 2 HA ports/
SFP (optics)2 pcs
SFP+ (optics)
10 pcs /4xCombo RJ45/SFP/
Of which dedicated WANs2 pcs2 pcs
Of which dedicated LAN16 pcs
USB ports11
Console port
 /2xRJ45/
 /RJ45/
Features
Control
SSH
Telnet
Web interface
SNMP
SSH
Telnet
Web interface
SNMP
Basic features
DHCP server
load balancing
channel reservation
port forwarding
VPN
DDNS
DHCP server
load balancing
channel reservation
port forwarding
VPN
DDNS
Hardware
SSD drive480 GB
Security
Security
MAC address filtering
DoS protection
web content filtering
antivirus
antispam
DMZ
MAC address filtering
DoS protection
web content filtering
antivirus
antispam
DMZ
Firewall performance20000 Mbps7400 Mbps
Intrusion prevention2600 Mbps1900 Mbps
VPN performance11500 Mbps4000 Mbps
VPN tunnels
16000 /gateway-gateway up to 2500/
10000 /gateway-gateway up to 2000/
General
PSUexternalbuilt-in
Operating temperature0 °C ~ +40 °C
Dimensions (WxDxH)445x432x254 mm
Weight3300 g
Added to E-Catalogmay 2020april 2020

Mount

Desktop. Desktop routers include routers that do not use special rack mounts and are suitable for placement on any suitable surface — a table, shelf, etc. Although there are quite advanced models among desktop devices, however, most of them have relatively simple functionality and are designed for use in small networks where an abundance of equipment is not required.

Rack mounted. Routers that are standard installed in a telecommunications rack are usually 19 "standard (although technically many of them can also be used as desktop ones, albeit with less convenience). Racks are used in extensive networks that require a large amount of equipment; accordingly, routers of this type in general, more powerful and advanced than the desktop, and are designed primarily for professional use.

To the mast. Installation on a mast or other vertical structure — a tower, a pole, etc. Quite a rare form factor; It is mainly used in waterproof models designed for the possibility of working outdoors. Mobile network capable devices in this category may have a directional antenna to improve connectivity.

Connections

How the router connects to the Internet or other external network.

Almost all modern routers have ethernet network connectors for this purpose, however, in addition to them, other connection options can be provided — both wired ( ADSL, SFP / SFP + optics) and wireless (mobile access via 3G / 4G modem or SIM card). Here are the features of each option:

— Ethernet. A standard LAN network cable connector (“twisted pair”) is the most popular modern wired connection format in computer networks. Widely used both in "local" and to provide access to the Internet. This standard is somewhat inferior to SFP / SFP + (see below) in terms of speed and noise immunity, but it is much cheaper. The speed of work in modern versions of Ethernet can reach 10 Gbps (see "Connection speed of WAN ports"), theoretically, a further increase in throughput is possible.

— SFP / SFP + (optics). A connector for transmitting network traffic over a fiber optic cable. The main advantage of such a cable is complete insensitivity to electromagnetic interference. And data transfer rates can reach 2.7 Gbps in the original SFP and 16 Gbps in SFP+. At the same time, maintaining this standard is not cheap, and the benefits mentioned are not often needed in fact. Therefore, SFP / SFP + is found mainly in mid-range a...nd top-level routers.

— ADSL. Connecting to the Internet through a fixed telephone network using ADSL technology. The key advantage of this connection is the ability to use existing networks without laying additional wires; at the same time, Internet access is completely separated from telephone communication and traffic does not interfere with voice calls. On the other hand, the bandwidth of ADSL is very low by modern standards (less than 24 Mbps), moreover, the data transmission speed is noticeably lower than the reception speed. This can create problems for video communication and some other specific tasks. So nowadays ADSL is used less and less.

— 3G/4G modem (USB). Internet connection via mobile network using a separate 3G or 4G modem connected to the USB port. This feature can be useful where there is no full-fledged wired connection (for example, in rural areas), and also as a fallback option in case the main communication channel fails. And the type of network supported depends mainly on the modem used (the compatibility of the router with different models needs to be specified separately, but most often there are no problems with this). As for specific types of networks, most 3G modems work in UMTS networks (the same ones that are massively used by mobile phones); the data transfer rate in such networks can reach 75 Mbit / s (however, usually it is much lower). Less common are 3G modems for EV-DO networks based on CDMA — this standard has lower speeds (up to 14.7 Mbps) and not as extensive coverage as UMTS, however, both the equipment and the connection itself can be cheaper. And the designation "4G" means only one type of networks — LTE; it provides speeds up to 173 Mbps, but is not as widespread as 3G.

— SIM card. Another option for connecting to the Internet via mobile networks is its own SIM card slot provided in the design of the router. This option is convenient because you do not need to buy an additional device (modem) for mobile Internet — you just need to purchase an operator's SIM card. On the other hand, due to the built-in mobile communication modules, such routers themselves are more expensive than analogues for USB modems. In addition, the connectivity options in them are limited by the characteristics of the module: for example, a router for 3G networks will not be able to fully use 4G networks (whereas a USB modem can usually be changed to a more advanced one). As a result, this option is relatively rare in modern equipment.

Gigabit Ethernet

The number of standard Gigabit Ethernet RJ-45 network connectors provided in the device design.

As the name suggests, these connectors provide data transfer rates up to 1 Gbps. Initially, Gigabit Ethernet was considered a professional standard, and even now the real needs for such speeds arise mainly when performing special tasks. Nevertheless, even relatively inexpensive computers are now equipped with gigabit network adapters, not to mention more advanced technology.

As for the number of connectors, it corresponds to the number of network devices that can be connected to the "switch" directly, without the use of additional equipment. At the same time, it is worth noting that in some "switches" individual connectors of this type are combined with optical SFP or SFP +. Such connectors are marked "combo" and are taken into account both when counting RJ-45 and when counting SFP / SFP +.

SFP (optics)

The number of optical network ports of the SFP standard provided in the design of the device. We emphasize that we are talking about "ordinary" SFPs; SFP+ data is usually listed separately.

Specifically, in switches, the marking “SFP” usually means a connector for fiber with a connection speed of 1 Gbps. Technically, this is not much compared to RJ-45 speeds; however, this connection format has a number of advantages. One of the main ones is a greater effective range: the mentioned gigabit standard works with a cable length of up to 550 m, and by the standards of optical fiber, this is still very little. True, the cable itself is sensitive to kinks and requires quite delicate handling; on the other hand, it is completely immune to electromagnetic interference. On the other hand, in general, the SFP format is noticeably less popular in network equipment than RJ-45; therefore, there are few ports of this type even in advanced devices ( 1 port or 2 ports, less often more). It is also worth considering that there may be so-called combo connectors that combine SFP and RJ-45; the presence of such ports is specified in the notes, they are taken into account both in the calculation of RJ-45 and in the calculation of SFP.

SFP+ (optics)

The number of SFP+ optical ports provided in the device design.

The general advantages of fiber optics over regular Ethernet cables are longer communication ranges and insensitivity to electromagnetic interference. Specifically, SFP+ is a development of the original SFP standard; Such connectors operate at a speed of 10 Gbit/s as standard. As for the number of such ports, despite all its advantages, optical fiber in network equipment is still used quite rarely and most often there is only 1 port(less often 2 ports or more). It is also worth considering that there may be so-called combo connectors that combine SFP+ and RJ-45; the presence of such ports is specified in the notes; they are taken into account both when calculating RJ-45 and when calculating SFP+.

Of which dedicated LAN

In this case, dedicated LANs mean directly marked network connectors designed for wired connection of LAN devices - PCs, servers, additional access points, etc. The number of ports corresponds to the number of devices that can be directly connected to the equipment by wire.

SSD drive

The amount of SSD installed in the router.

Such a drive performs a service function: it is intended for storing logs, as well as for caching some data, which allows you to significantly speed up access to them. The more capacious the SSD, the wider the router's capabilities for working with these tasks; on the other hand, the volume of the drive significantly affects the cost. Thus, manufacturers usually select SSD modules taking into account the general class and functionality of a particular device, so this parameter plays a secondary role when choosing — first of all, you should focus on the characteristics directly related to the operation of the router (number of ports, basic functions, security, performance, etc.).

Firewall performance

Performance of a Firewall type device (see "Type") in intrusion prevention mode.

Intrusion protection is carried out on the same principle as the general processing of traffic by a firewall — by checking the received and transmitted data. However, the principles of filtering are somewhat different: Firewall cuts off certain types of traffic, preventing them from reaching network devices, while intrusion protection allows all traffic, but checks it for suspicious activity. Actions upon detection of such activity can be different: in some models, protection only notifies the administrator about the attack, in others, it independently takes retaliatory measures. Anyway, fine-grained traffic inspection is more resource-intensive than running a firewall in normal mode, which is why the performance in intrusion prevention mode is inevitably lower than the overall performance of the Firewall.

Note that this parameter is specified for optimal conditions — in particular, for those types of traffic that do not require a large amount of resources for scanning. So the real throughput of the firewall will inevitably be lower than the claimed one, and when choosing according to this indicator, it is worth taking a certain margin — at least 10 – 15%.

Intrusion prevention

Performance of a Firewall type device (see "Type") in intrusion prevention mode.

Intrusion protection is carried out on the same principle as the general processing of traffic by a firewall — by checking the received and transmitted data. However, the principles of filtering are somewhat different: Firewall cuts off certain types of traffic, preventing them from reaching network devices, while intrusion protection allows all traffic, but checks it for suspicious activity. Actions upon detection of such activity can be different: in some models, protection only notifies the administrator about the attack, in others, it independently takes retaliatory measures. Anyway, fine-grained traffic inspection requires more resources than running a firewall in normal mode, which is why the performance in intrusion prevention mode is inevitably lower than the overall performance of the Firewall.

Note that this parameter is specified for optimal conditions — in particular, for those types of traffic that do not require a large amount of resources for verification. So the real throughput of the firewall will inevitably be lower than the claimed one, and when choosing according to this indicator, it is worth taking a certain margin — at least 10 – 15%.