Fortinet has expanded its FortiGate G family with two new models, the FortiGate 3500G and FortiGate 400G, aimed at protecting enterprise infrastructures that are growing around Artificial Intelligence, encrypted traffic, and increasingly distributed architectures. The company positions these devices in two different scenarios: the 3500G for high-capacity data centers and the 400G for enterprise edge locations, where many organizations need more performance without redesigning their entire network.
The announcement comes at a time when network security is evolving in scale. Companies no longer just need to inspect north-south traffic—that entering and exiting the traditional perimeter—but also must monitor much more east-west traffic—between applications, internal services, private clouds, hybrid environments, and AI workloads. Adding to this is the increasing use of unauthorized AI applications, sensitive data exchanges with external assistants, and the need to implement zero-trust policies without creating bottlenecks.
Fortinet endeavors to address this pressure with a well-known combination: hardware acceleration, a common operating system, and integrated threat intelligence services. The new FortiGate 3500G and 400G operate with FortiOS and are powered by Fortinet’s NP7 and SP5 processors, two custom ASICs designed to offload network and security tasks that could hamper performance on more generic platforms.
Enhanced Visibility Into Actual AI Usage
One of the most notable messages from the launch is the detection of “shadow AI,” or clandestine AI. In many companies, employees are already using generative AI tools to write texts, summarize documents, analyze data, program, or automate tasks. The problem is that they do so not always using IT- or security-approved services, nor with guarantees about what data is sent, where it’s processed, or how it’s stored.
The new FortiGate G devices extend Fortinet’s Security Fabric architecture with native visibility into these unauthorized AI applications. The goal is to enable security teams to see what tools are in use, apply controls, and reduce the risk of sensitive data leaks. It’s not just about blocking AI but governing it through more precise policies.
Fortinet also links these devices to FortiGuard AI-Powered Security Services, its threat intelligence and machine learning-based security offerings. With FortiOS 8.0, the company mentions increased visibility into MCP traffic and agent-to-agent communications. This highlights a growing trend: AI architectures are not only connecting users with models but also connecting agents—tools, APIs, repositories, and internal systems—to each other. This new layer of traffic will require inspection, access control, and finer data policies.
The challenge will be doing this without compromising performance. Activating deep inspection, IPS, application control, anti-malware protection, or decryption in many environments can significantly reduce a firewall’s effective capacity. Fortinet claims its ASIC architecture allows for maintaining advanced protection with more predictable performance. As always with such comparisons, it’s important to note that these figures come from the manufacturer and may vary depending on methodology, configuration, packet size, enabled features, and deployment conditions.
FortiGate 3500G: Security for Data Centers Handling AI Traffic
The FortiGate 3500G is designed for data centers and high-density environments. Fortinet states a firewall throughput of 595 Gbps, 163 Gbps on IPsec VPN, 105 Gbps of threat protection, and up to 179 million concurrent sessions. These figures target infrastructures where internal traffic between applications, regions, or security zones could grow rapidly with AI adoption.
Connectivity of 400 Gb is another key aspect. In modern data centers—especially those with AI workloads, distributed storage, and many internal calls—the network needs to move large volumes of data without security becoming the bottleneck. Fortinet positions the 3500G as a platform that introduces inspection and segmentation without requiring a complete redesign of the data center.
The company also emphasizes trusting its security infrastructure itself, mentioning hardware-level validation, secure firmware deployment, and system transparency. This echoes the growing concern over supply chain integrity, firmware security, and ensuring that security appliances do not become weak points.
Energy efficiency is also part of the message. Fortinet compares the 3500G to competing solutions, claiming 1.6 watts per Gbps in firewall performance and 6 watts per Gbps in IPsec VPN. The clear message: in data centers where energy and cooling costs are rising, efficiency per protected gigabit is becoming as commercially important as raw performance.
FortiGate 400G: Upgrading the Edge Without Increasing Complexity
The FortiGate 400G addresses a different need. Many organizations have distributed offices, campuses, retail stores, industrial environments, or edge locations where encrypted traffic, SaaS applications, hybrid cloud, and segmentation demand more capacity than before. In these contexts, security must scale without turning each site into a mini-data center that’s difficult to manage.
Fortinet cites a performance of 164 Gbps in firewall throughput, 55 Gbps on IPsec VPN, 13 Gbps of threat protection, and 28 million sessions for the 400G. It is presented as a modernization of mid-range firewalls, with an easy upgrade path for existing FortiGate users.
Operational consistency is as critical as hardware. By leveraging FortiOS, FortiManager, FortiAnalyzer, and FortiGuard Labs, Fortinet aims for organizations to manage policies, visibility, analysis, and response from a unified platform. For security teams with limited resources, reducing tool proliferation can be advantageous—so long as integration is seamless and reliance on a single vendor does not become a vulnerability.
This product rollout reflects broader market trends: AI not only demands more GPUs, storage, and energy, but also requires rethinking network protection for the links connecting models, data, APIs, users, and agents. Companies deploying AI on their own data centers, hybrid clouds, or at the edge need control over application use, data flows, access permissions, and traffic inspection—without hampering business operations.
Fortinet aims to fill this space with a unified platform combining performance, AI visibility, segmentation, security services, and centralized management. Its approach aligns with current market directions, though its actual value will be proven through real-world testing, integration with existing environments, and the ability to detect unauthorized AI use without producing excessive noise.
AI security won’t be handled solely by a firewall, but firewalls remain a vital component when encrypted traffic, agents, and sensitive data traverse increasingly complex networks. At this layer, Fortinet seeks to demonstrate that high performance and advanced inspection can coexist effectively.
Frequently Asked Questions
What has Fortinet announced?
Fortinet has expanded the FortiGate G series with the FortiGate 3500G and 400G models, designed to protect data centers, hybrid environments, and enterprise edges with increasing AI workloads and encrypted traffic.
What are the differences between FortiGate 3500G and FortiGate 400G?
The FortiGate 3500G targets high-capacity data centers, offering 400 Gb connectivity and higher performance. The FortiGate 400G is aimed at the enterprise edge and mid-range firewalls, providing an accessible upgrade path for existing FortiGate users.
What is shadow AI detection?
It’s the ability to identify unauthorized or unmanaged AI applications within an organization to enforce controls and mitigate risks related to sensitive data.
Why is ASIC acceleration important in firewalls?
Because it offloads intensive network and security tasks onto hardware, maintaining better performance when activating features such as IPS, application control, VPN, or threat protection.
via: fortinet