Original price was: CAD$18,620.35.CAD$12,544.23Current price is: CAD$12,544.23.
The FGR-60F-BDL-809-60 is the maximum-coverage option for the FortiGateRugged 60F platform: the FGR-60F hardware paired with five years of Enterprise Protection. Enterprise adds OT/SCADA-specific security signatures, AI Inline Malware Prevention, Data Loss Prevention, and Inline CASB to the full UTP baseline — the complete FortiGuard stack for industrial environments where a NERC CIP, IEC 62443, or ISO 27001 compliance requirement demands more than IP-level filtering. Five years eliminates four renewal cycles on a device typically mounted inside sealed panels at remote substations, pipeline stations, or factory automation cells.
The FGR-60F-BDL-809-60 packages the FortiGateRugged 60F hardware with a 5-Year FortiCare Premium and FortiGuard Enterprise Protection subscription. Hardware: 4× GE RJ45, 2× shared GE RJ45/SFP, 1× bypass pair (PORT4/WAN1), FortiSoC4 processor, TPM, DB9 serial console, and dual DC power inputs supporting 12V–125V. The Enterprise subscription activates the full service stack including OT/Industrial Security signatures and AI Inline Sandbox.
| Interfaces | 4× GE RJ45, 2× shared GE RJ45/SFP, 1× bypass pair (PORT4/WAN1) |
| Processor | FortiSoC4 |
| IPS Throughput | 950 Mbps |
| NGFW Throughput | 550 Mbps |
| Threat Protection | 500 Mbps |
| Firewall Throughput | 6 / 6 / 5.95 Gbps (1518/512/64 byte) |
| Concurrent Sessions | 600,000 |
| New Sessions/Sec | 19,000 |
| IPsec VPN Throughput | 3.5 Gbps |
| SSL Inspection Throughput | 460 Mbps |
| Virtual Domains (Default/Max) | 10 / 10 |
| Form Factor | Desktop / DIN-rail / Wall Mount |
| Operating Temperature | -40°C to 75°C |
| IP Rating | IP20 |
| Certifications | IEC 61850-3, IEEE 1613 |
| High Availability | Active-Active, Active-Passive, Clustering |
Enterprise Protection extends the UTP service set with capabilities specifically relevant to OT and industrial control deployments. The OT/Industrial Security component adds ICS/SCADA-specific detection signatures for Modbus, DNP3, IEC 61850, EtherNet/IP, and BACnet alongside asset profiling for industrial devices. AI Inline Malware Prevention uses an on-device ML model for real-time file analysis without a round-trip to the cloud sandbox — important for intermittently connected or latency-sensitive industrial networks. DLP adds policy controls for data moving out of the OT segment.
| Service | ATP (811) | UTP (950) | Enterprise (809) |
|---|---|---|---|
| FortiCare Premium (24×7 + RMA) | ✓ | ✓ | ✓ |
| Intrusion Prevention (IPS) | ✓ | ✓ | ✓ |
| Advanced Malware Protection | ✓ | ✓ | ✓ |
| Application Control | ✓ | ✓ | ✓ |
| Web / URL Filtering | — | ✓ | ✓ |
| Anti-Spam | — | ✓ | ✓ |
| Security Rating Service | — | ✓ | ✓ |
| AI Inline Malware Prevention | — | — | ✓ |
| Data Loss Prevention (DLP) | — | — | ✓ |
| Inline CASB | — | — | ✓ |
| Attack Surface Security Rating | — | — | ✓ |
| OT / Industrial Security | — | — | ✓ |
The five-year Enterprise bundle targets utilities, critical infrastructure operators, and industrial integrators building to the highest security baseline with the longest planning horizon. NERC CIP compliance programs, IEC 62443 zone-and-conduit models, and oil and gas operational security frameworks all benefit from the OT signature overlay and the extended term that matches major infrastructure planning cycles. The DLP and CASB capabilities address IT/OT convergence scenarios where operator workstations in the OT zone access cloud services or shared document repositories alongside the control network.
The Enterprise bundle is also available in a 1-year term (FGR-60F-BDL-809-12) and 3-year term (FGR-60F-BDL-809-36). If your budget or risk profile fits the UTP tier without the OT-specific overlay, the UTP 5-year bundle (FGR-60F-BDL-950-60) provides IPS, AMP, AppCtrl, and Web Filtering at a lower entry cost. The FGR-60F-3G4G Enterprise bundles are available for sites requiring an integrated LTE modem with GPS.
DataCenter360.ca stocks the FGR-60F-BDL-809-60 as an authorized Fortinet Select Partner and MSSP with Canadian inventory. Hardware orders ship new and sealed, typically within one business day, with free shipping across Canada. Our team supports application-specific sizing, multi-unit deployments, and co-term renewal planning for existing FGR-60F installations.
Enterprise Protection adds three key capabilities beyond UTP: (1) OT/Industrial Security signatures that cover ICS/SCADA protocols including Modbus TCP, DNP3, IEC 61850, and EtherNet/IP; (2) AI Inline Malware Prevention — an on-device ML inference engine for file inspection that does not require a cloud sandbox round-trip; and (3) Data Loss Prevention and Inline CASB for policy enforcement on data crossing the IT/OT boundary. These additions make Enterprise the appropriate tier for industrial environments with compliance obligations or mixed IT/OT traffic.
OT equipment has long operational cycles — substations and pipeline control rooms commonly run hardware for 7–15 years. A 5-year FortiGuard bundle eliminates four annual renewal cycles, aligns with capital investment planning horizons, reduces the risk of a coverage lapse on critical infrastructure, and typically offers the best per-year cost of the available term options. For teams that manage dozens of remote sites, eliminating renewal touch-points on each unit is a meaningful operational saving.
The FortiGuard Industrial Security Service included in the Enterprise bundle covers detection signatures for Modbus TCP and RTU, DNP3, IEC 61850 (GOOSE, MMS, SV), EtherNet/IP, BACnet, PROFINET, and other major ICS/SCADA protocols. Signatures are updated via FortiGuard and include both known exploit detection and industrial protocol anomaly detection. This is in addition to the standard IT-focused IPS signature set also included in the bundle.
The FGR-60F with an Enterprise subscription provides core technical controls relevant to NERC CIP: network segmentation, interactive remote access monitoring, electronic security perimeter enforcement, IDS/IPS, and logging. It does not replace the compliance program itself — attestation, evidence collection, and assessment processes remain the responsibility of the organization. Fortinet publishes NERC CIP-specific deployment guides for FortiGate that describe how to configure each required control.
The FGR-60F has a hardware bypass pair on PORT4 and WAN1. When the unit loses power or fails a watchdog check, these ports connect directly, allowing traffic to pass without inspection. This fail-open mode prevents a firewall failure from cutting critical OT network communications. Fail-open vs. fail-closed behavior can be configured in FortiOS. In Enterprise deployments, bypass mode behavior should be documented in the site’s incident response plan since traffic passes without DLP or IPS inspection during a bypass event.
| Weight | 2.72 kg |
|---|---|
| Dimensions | 41 × 36 × 28 cm |
| Manufacturer | Fortinet |
| Model | FortiGateRugged-60F |
| GTIN | 195875311914 |
| Product Type | |
| Product Group | |
| End of Order Date (EOO) | Not published yet |
| Last Service Extension Date (LSED) | Not published yet |
| End of Support Date (EOS) | Not published yet |
| Product Family | FG-10 to FG-100 |
| MPN | FGR-60F-BDL-809-60 |
| 5 star | 0% | |
| 4 star | 0% | |
| 3 star | 0% | |
| 2 star | 0% | |
| 1 star | 0% |
Sorry, no reviews match your current selections