Fortinet FortiNDR Cloud Virtual Sensors
Network Detection and Response

Fortinet FortiNDR 3500F

Available in AWS Marketplace

Fortinet Products

FortiNDR Cloud Virtual Sensors

FortiNDR Cloud Virtual Sensors with Bundle 1 Year Subscription license for FortiNDR Cloud to intake 3rd party logs for detections (e.g. Zscaler). SKU is based on 100 ESP

#FC1-10-NDRCL-1247-02-12
~~List Price: $10,664.00~~
Our Price: Request a Quote

FortiNDR Cloud Virtual Sensors with Bundle 3 Year Subscription license for FortiNDR Cloud to intake 3rd party logs for detections (e.g. Zscaler). SKU is based on 100 ESP

#FC1-10-NDRCL-1247-02-36
~~List Price: $31,991.00~~
Our Price: Request a Quote

FortiNDR Cloud Virtual Sensors with Bundle 5 Year Subscription license for FortiNDR Cloud to intake 3rd party logs for detections (e.g. Zscaler). SKU is based on 100 ESP

#FC1-10-NDRCL-1247-02-60
~~List Price: $53,318.00~~
Our Price: Request a Quote

Click here to jump to more pricing!

Please Note: All Prices are Inclusive of GST

Overview:

Fortinet’s SaaS-based FortiNDR Cloud leverages artificial intelligence (AI) and machine learning (ML), behavioral, and human analysis to inspect network traffic to detect malicious behavior early while reducing false positives. FortiNDR Cloud provides unified network traffic visibility across multi-cloud and hybrid environments as well as distributed workforces and constrained, mission-critical environments.

FortiNDR Cloud automatically identifies anomalous and malicious behavior, provides risk scores, and shares relevant threat intelligence to assist security teams in prioritizing response efforts.

Highlights

365-day historical deep network traffic visibility and analytics
Curated threat intelligence powered by FortiGuard Labs to reduce false positives
Integrates with Fortinet Security Fabric and third-party solutions
Leverages AI, expert analysis, and cloud compute for threat detection
Provides coverage for over 90% of MITRE ATT&CK techniques

Features:

FortiNDR Cloud Deployment

Features	FortiNDR Cloud
Deployment	SaaS
Security Analyst	Guided-SaaS with TSM* (Technical Success Manager)
Data Storage Location	Cloud-based (US or EU)
Data Retention	365 Days
Investigation / Threat Hunting	Guided Queries and Parallel Hunting
Malware Identification	FortiGuard Malware feed; VirusTotal lookup
MITRE ATT&CK Framework Mapping	Detections and Playbooks mapped to MITRE ATT&CK Framework
Response Integration	Fortinet Security Fabric Third-party API (Rest) MetaStream (AWS S3)
Integrations include	CrowdStrike Falcon EDR, FortiEDR, FortiSIEM, FortiSOAR, Cortex, Splunk, QRadar, Microsoft Sentinel, FortiGate, and Crowdstrike SIEM
Sensors	Hardware: FortiNDR Cloud-2540G (Extra Large sensor) Hardware: FortiNDR Cloud-900G (Large sensor) Hardware: FortiNDR Cloud-500G (Small sensor) Virtual Sensors (AWS / Azure / ESXi / HyperV / GCP / KVM)
FortiGuard Labs Threat Research

* for customers over 1Gbps

Specifications:

Category	FNDR Cloud 500G small sensor	FNDR Cloud 900G large sensor	FNDR Cloud 2540G extra large sensor	FNDR Cloud Virtual Sensors
Deployment
Sniffer / SPAN / 802.1q support
Cloud based sensors + SaaS portal
Hypervisor Support	—	—	—	ESXi6.7 U2+, KVM, HyperV, GCP, AWS, Azure
Hardware Specifications
Total Interfaces	2x 10/25GbE SFP28, 4x 1GbE RJ45, 2x 10GbE RJ45	2x 10/25GbE SFP28, 4x 1GbE RJ45, 2x 10GbE RJ45	1x 1GbE RJ45 (mgmt), 2x 10GbE SFP+, 2x 25GbE SFP28, 1x Console (RJ45)	1 mgmt + min 1 TAP
Sniffer Interfaces	3x 1Gbps RJ45, 2x 10Gbps RJ45, 2x 10/25GbE SFP28	3x 1Gbps RJ45, 2x 10Gbps RJ45, 2x 10/25GbE SFP28	2x 10GbE SFP+, 2x 25GbE SFP28 (breakout supported)	min 1 vNIC / max 3 vNIC
Transceivers Included	purchase separately	purchase separately	purchase separately	—
Storage Capacity	2x 1.6TB	2x 1.6TB	3.84TB (4x 960GB 2.5” NVMe SSD)	100GB (min) - 300GB (rec)
Default RAID level	RAID 1	RAID 1	10	Hypervisor dependent
Removable Hard Drives	Yes	Yes	Yes	—
Redundant Hot Swappable Power Supplies	Yes	Yes	Yes	—
Technical Specifications
vCPU Support (Recommended)	—	—	—	16
Memory Support	—	—	—	16 GB / 32 GB
System Performance
NDR Sniffer Throughput*	14Gbps (enterprise mix)	18Gbps (enterprise mix)	38Gbps (enterprise mix)	Hypervisor dependent
Malware Lookups	Hash lookup (Virus Total) + FortiGuard Malware Feed	Hash lookup (Virus Total) + FortiGuard Malware Feed	Hash lookup (Virus Total) + FortiGuard Malware Feed	Hash lookup (Virus Total) + FortiGuard Malware Feed
Dimensions (mm)	42.8 x 482 x 809.04	42.8 x 482 x 809.04	88 x 483 x 740.8 (with handle) 88 x 438 x 695.8 (w/o handle)	—
Weight	17.23 kg / 38 lbs	17.23 kg / 38 lbs	18.14 kg	—
Environment
AC Power Supply	100-240 VAC, 50/60 Hz, 12-6.3A	100-240 VAC, 50/60 Hz, 12-6.3A	100-240 VAC, 60-50 Hz	—
Power Consumption	350 W / 500 W	455 W / 685 W	524.8 W / 682.2 W	—
Heat Dissipation	1706 BTU/h	2337.3 BTU/h	2327.8 BTU/h	—
Operating Temperature	10°C to 35°C	10°C to 35°C	0°C to 40°C (no direct sunlight)	—
Storage Temperature	-40 to 65°C	-40 to 65°C	-20°C to 70°C	—
Humidity	Op: 8%–80%RH, Non-Op: 5%–95%RH	Op: 8%–80%RH, Non-Op: 5%–95%RH	5%–90% RH non-condensing; Op: 10%–80%	—
Operating Altitude	10,000 ft / 3048 m	10,000 ft / 3048 m	Up to 10,000 ft / 3048 m	—
Compliance
Certifications	FCC, ISED, CE, RCM, VCCI, BSMI, UL/cUL, CB	FCC, ISED, CE, RCM, VCCI, BSMI, UL/cUL, CB	FCC, ISED, CE, RCM, VCCI, BSMI, UL/cUL, CB	—

Documentation:

Download the FortiNDR Data Sheet (PDF).

Pricing Notes:

All Prices are Inclusive of GST
FortiCare Premium Support
FortiCare Premium Ticket Handling, Advanced Hardware Replacement (NBD), Firmware and General Upgrades
FortiCare Premium plus FortiGuard Bundle Contract
Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Premium Support, FortiDB Security Service (DBS)
Prices are for one year of Premium RMA support. Usual discounts can be applied.
Annual contracts only. No multi-year SKUs are available for these services.
Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
Pricing and product availability subject to change without notice.