Fortinet

Fortinet, Inc. is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.

Brothers Ken Xie and Michael Xie founded Fortinet in 2000. The company's first and main product was FortiGate, a physical firewall. The company later added wireless access points, sandbox and messaging security. The company went public in November 2009.

Early history
In 2000, Ken Xie and his brother Michael Xie co-founded Appligation Inc. The company was renamed ApSecure in December 2000 and later renamed again to Fortinet, based on the phrase "Fortified Networks."

Fortinet introduced its first product, FortiGate, in 2002, followed by anti-spam and anti-virus software. The company raised $13 million in private funding from 2000 to early 2003. Fortinet's first channel program was established in October 2003. The company began distributing its products in Canada in December 2003 and in the UK in February 2004. By 2004, Fortinet had offices in Asia, Europe, and North America.

In April 2005, a German court issued a preliminary injunction against Fortinet's UK subsidiary in relation to source code for its GPL-licensed elements. The dispute ended a month later after Fortinet agreed to make the source code available upon request.

Growth and expansion
Fortinet became profitable in the third quarter of 2008. Later that year, the company acquired the intellectual property of IPLocks, a database security and auditing company. In August 2009, Fortinet acquired the intellectual property and other assets of Woven Systems, an Ethernet switching company.

According to market research firm IDC, by November 2009, Fortinet held over 15 percent of the unified threat management market. Also in 2009, CRN Magazine's survey-based annual report card placed Fortinet first in network security hardware, up from seventh in 2007. In November 2009, Fortinet had an initial public offering. By the end of the first day of trading, the company had raised $156 million.

By 2010, Fortinet had $324 million in annual revenues and held the largest share of the unified threat management market according to IDC.

Fortinet made four acquisitions from 2012 to 2016. The company acquired app-hosting service XDN (formerly known as 3Crowd) in December 2012, Coyote Point in 2013, and Wi-Fi hardware company Meru Networks in 2015. In June 2016, Fortinet acquired IT security, monitoring and analytics software vendor, AccelOps.

Recent history
In July 2014, Fortinet announced a technical certification program called the Network Security Expert (NSE) program. In March 2016, Fortinet launched a Network Security Academy to help fill open cybersecurity jobs in the U.S. Fortinet donated equipment and provided information to universities to help train students for jobs in the field. Also in 2016, Fortinet launched a program called FortiVet to recruit military veterans for cybersecurity jobs.

In January 2017, it was announced that Philip Quade, a former member of the NSA, would become the company's chief information security officer. At the end of 2017, Fortinet reported $416.7 million in revenue, a 15 percent increase from the previous year. In June 2018, Fortinet acquired Bradford Networks, a maker of access control and IoT security solutions. In October 2018, Fortinet acquired ZoneFox, a threat analytics company. In January 2019, it was announced that Fortinet and founder Ken Xie would participate in the annual World Economic Forum held in Davos, Switzerland.

In September 2019, Fortinet settled a whistleblower lawsuit regarding what the company has described as an "isolated incident" of sales of intentionally mislabeled Chinese-made equipment to U.S. government end users. In late 2019, Fortinet acquired enSilo and CyberSponse. Also in 2019, Fortinet's FortiGate SD-WAN and Next Generation Firewall received a "Recommended" rating from NSS Labs.

In July 2020, Fortinet acquired OPAQ Networks. OPAQ is a Secure Access Service Edge (SASE) cloud provider based in Herndon, Virginia.

In December 2020, Fortinet acquired the automated incident management company Panopta.

In 2021, Fortinet acquired application security company Sken.Ai to offer continuous application security testing.

In September 2021, Fortinet pledged to train one million people in support of President Joe Biden's call to action to address the talent shortage in American cybersecurity.

In March 2022, Fortinet announced the termination of operations in Russia. The company has stopped all sales, support, and professional services within Russia. In the same month, Fortinet acquired cloud and network security firm ShieldX.

Also in 2022, NetworkWorld reported that Fortinet had introduced new AI and ML-based security services utilizing telemetry from its global network.

In 2023, Fortinet Fortiguard devices were revealed by Microsoft and members of the Five Eyes intelligence network to be the subject of a wide-ranging and ongoing cyberattack by a state-sponsored entity in China.

In June 2024, Fortinet acquired Lacework, a data-driven cloud security company for an undisclosed amount.

Products
Fortinet released its first product, FortiGate, a firewall, in 2002, followed by anti-spam and anti-virus software. As functions like anti-spam were added, they were made available in a unified product along with the firewall and other functions. FortiGate was updated later to use application-specific integrated circuit (ASIC) architecture. The company has used ASIC in several of its products, including to support its SD-WAN features.

Initially, FortiGate was a physical, rack-mounted product but later became available as a virtual appliance that could run on virtualization platforms such as VMware vSphere.

In May 2004, Trend Micro, a competing cyber security and defense company, filed a legal complaint against Fortinet. Though the International Trade Commission initially ruled against Fortinet, the Trend Micro patents at the center of the dispute were later declared invalid in 2010. In 2005, an OpenNet study suggested that Myanmar, which was under American sanctions, had begun using Fortinet's FortiGuard system for internet censorship. Fortinet stated that their products are sold by third-party resellers and that they acknowledged US embargoes.

In April 2016, Fortinet began building its Security Fabric architecture so multiple network security products could communicate as one platform. Later that year, the company added Security Information and Event Management (SIEM) products. In September 2016, the company announced it would integrate the SIEM products with the security systems of other vendors.

In 2017, Fortinet announced the addition of switches, access points, analyzers, sandboxes and cloud capabilities to the Security Fabric, in addition to endpoints and firewalls. Later in 2017, Fortinet created a standalone subsidiary, Fortinet Federal, to develop cybersecurity products for government agencies. Fortinet has received security effectiveness certifications through NSS Labs. Gartner, a research and consulting firm, has ranked Fortinet within the top three companies in its Magic Quadrant for enterprise network firewalls, which measure market trends and direction.

In July 2018, the company launched FortiGate SD-WAN, its proprietary SD-WAN service. FortiGate SD-WAN was included in the Challenger category of Gartner's Magic Quadrant for WAN Edge Infrastructure later that year, joining the Leader category in 2020. Later in 2018, Fortinet released FortiGuard (AI) to better detect new and unknown threats, and also announced the 6.0 version of its FortiOS security operating system with enhanced centralized management and expanded cloud capabilities.



In 2019, Fortinet grew to 21,000 WAN edge customers, according to a Gartner report.

In February 2020, Fortinet released FortiAI, a threat-detection program that uses artificial intelligence. In July 2020, Fortinet launched multi-cloud SD-WAN. That year, BT Security selected Fortinet and other Threat Alliance members as Critical Partners.

As of January 2021, the FortiGate line of firewalls is and remains the company's main product which accounts for most of the gross revenue.

Accomplishments in cybersecurity
In 2005, Fortinet created the FortiGuard Labs internal security research team.

In 2008, Fortinet researchers sent a report to Facebook highlighting a widget from Zango that appeared to be tricking users into downloading spyware. By 2014, Fortinet had four research and development centers in Asia, as well as others in the US, Canada and France.

In March 2014, Fortinet founded the Cyber Threat Alliance (CTA) with Palo Alto Networks in order to share security threat data across vendors. It was later joined by McAfee and Symantec. In 2015, the CTA published a white paper on the CryptoWall ransomware, which detailed how attackers obtained $325 million through ransoms paid by victims to regain access to their files.

In April 2015, Fortinet provided threat intelligence to Interpol in order to help apprehend the ringleader of several online scams based in Nigeria. The scams, which resulted in compromise of business emails and CEO fraud, had cost one business over $15 million. The following year, in March 2016, Fortinet and Cisco joined NATO in a data-sharing agreement to improve their information security capabilities.

In January 2017, Fortinet worked with Interpol to conduct an investigation into web security in several southeast Asian countries. The investigation identified compromised websites, including government-operated web servers. Later that month, Fortinet researchers discovered a spyware that scammed victims by impersonating the IRS. Also in 2017, researchers helped identify malware, called Rootnik, and ransomware, called MacRansom, that targeted Android and MacOS systems respectively. In 2018, Fortinet entered into an information-sharing agreement with Interpol.

In March 2022, Fortinet participated in the Mitre Corporation's Attack Flow project which created "a data format describing adversary behavior sequences to help identify cyberthreat choke points".