This content is part of the Buyer's Guide: Database security products: A buyer's guide
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Fortinet FortiDB: Database security tool overview

Expert Ed Tittel examines Fortinet FortiDB, an add-on product for better securing databases through database activity monitoring and vulnerability assessment.

Fortinet's broad portfolio of security products includes firewalls, network security access products and unified threat management (UTM) products, as well as its FortiDB family of database security appliances and software. The Fortinet FortiDB platform is highly scalable and geared mainly toward large enterprises, and it combines database activity monitoring and vulnerability assessment in one product.

Product features

Organizations can deploy FortiDB as an appliance or as software in virtualized environments. The Fortinet FortiDB platform provides discovery and vulnerability management, database activity monitoring and auditing (for application users and privileged users), as well as user access management and risk management and compliance, all accessible from a Web-based console.

Database scans can detect all the databases on a network and on wide area network (WAN) subnets. Unlike its competitors, FortiDB lets administrators collect data in three different ways. The native audit option does not use agents and captures all events, impacting performance at 3% to 4% (5% or less is industry standard). The network agent option doesn't capture as much data as the native audit, but the impact on server performance is lower as well (2% to 3%). The sniffer option has no impact on server performance.

Policy and signature updates come from the FortiGuard Global Threat Research Team. The intrusion protection feature automatically stops malicious transactions based on policy settings. Preconfigured policies are automatically updated when regulatory or industry best practices -- like Payment Card Industry compliance, Digital Signature Standard, Sarbanes-Oxley Act or Health Insurance Portability and Accountability Act -- change. FortiDB also provides change control management for changes made to database structure, and user privilege change monitoring.

FortiDB comes with a large collection of vulnerability and compliance-based reports, which include information for remediating or mitigating issues.

Product specs

As of this writing, Fortinet offers three appliances: FortiDB 500D, 1000D and 3000D. The FortiDB 500D appliance is licensed for up to 15 database instances; the 1000D handles up to 30 instances; and the 3000D up to 90 database instances. Each appliance has 4 TB of storage capacity and a mix of RJ45 and small form-factor pluggable ports.

Note: Fortinet offers a full working online demo of a FortiDB appliance for prospective customers to work with the dashboard, explore policy settings, perform a database vulnerability assessment and run reports.

Pricing and licensing

Fortinet FortiDB appliances cost $15,000 to $37,000, with annual subscriptions for FortiCare and FortiGuard support adding from $3,700 to over $9,300 to the cost, at a minimum. The FortiDB 500D appliance lists for $15,000, but climbs to $18,700 for the appliance plus a one-year subscription to FortiCare 8x5 and FortiGuard.

The mid-priced FortiDB 1000D sells for $20,000 retail, with an additional $5,000 for a one-year subscription to FortiCare 8x5 and FortiGuard. The top-of-the-line FortiDB 3000D lists for $37,000; a one-year bundle with FortiCare 8x5 and FortiGuard goes for about $9,300.


Support for Fortinet FortiDB is subscription-based. FortiCare 8x5 Enhanced Support is available during business hours via telephone, chat or the online portal. FortiCare 24x7 Comprehensive Support makes support engineers available to customers 24 hours, 7 days a week. Premium Services offer a technical account manager, priority escalation, enhanced service-level agreements, extended software support, as well as regular review meetings and onsite visits.

FortiGuard is a service that draws current threat information from the Fortinet Global Threat Research Team.

Next Steps

Part one of this series examines the basics of database security in the enterprise

Part two of this series looks at enterprise deployment scenarios for database security tools

Part three of this series offers nine steps for purchasing database security software

Part four of this series compares the top database security tools in the industry

This was last published in October 2015

Dig Deeper on Data security technology and strategy