New - Fortigate 709
| Task | Command (CLI) | GUI Location |
|------|---------------|---------------|
| Sessions | diagnose sys session list | Dashboard > Sessions |
| CPU/Network NP offload | diagnose npu np7 statistics | FortiView > Health |
| HA status | get system ha status | System > HA |
| Packet capture | diagnose sniffer packet any "host 10.0.0.1" 4 0 l | Network > Packet Capture |
The most significant "new" component is under the hood. The 709 is built on Fortinet’s seventh-generation Network Processor (NP7) and ninth-generation Content Processor (CP9). Compared to the NP6 used in the 700E, the NP7 offers:
The "new" FortiGate 709 is not a stopgap. Fortinet typically supports hardware for 7-8 years (End of Sale in 2031, End of Support in 2036). But more importantly, the NP7 architecture is forward-compatible. fortigate 709 new
This is where the 70F distinguishes itself from the smaller 60F.
For existing Fortinet customers, migrating to the new 709 is painless. | Task | Command (CLI) | GUI Location
The port layout is dramatically different from older models:
One of the most frustrating aspects of firewall marketing is "IMIX" or "UDP throughput" claims. We dug into the actual data sheet for the FortiGate 709 new. Here is the performance you can actually expect with all security features enabled: The most significant "new" component is under the hood
| Feature | Raw Spec (1518 bytes) | Real-world (HTTPs/480 bytes) | | :--- | :--- | :--- | | FW Throughput | 140 Gbps | 140 Gbps | | NGFW (IPS + AppCtrl) | 35 Gbps | 28 Gbps | | Threat Protection (IPS + Malware) | 22 Gbps | 18 Gbps | | Full SSL Inspection (TLS 1.3) | 9 Gbps | 6.5 Gbps |
Note: The 20% drop in real-world environments is typical, but the 709 still outperforms the competing Palo Alto PA-460 and the Check Point 6900 by a factor of nearly 2x in SSL inspection.
New models run a lightweight AI model directly on the CP9 chip to block zero-day malware in microseconds, without sending files to the cloud first.