Prior to Fortinet, Ken Xie founded and served as an executive for NetScreen, a company that was acquired by Juniper Networks in 2004. Michael Xie served as an executive for ServeGate. In 2000, they co-founded Appligation Inc. The company was renamed to ApSecure in December 2000 and later renamed again to Fortinet, based on the phrase “Fortified Networks.”
Fortinet introduced its first product, FortiGate, in 2002, followed by anti-spam and anti-virus software. The company raised $13 million in private funding from 2000 to early 2003. An additional $30 million in financing was raised in August 2003, followed by $50 million in March 2004. Fortinet’s first channel program was established in October 2003. The company began distributing its products in Canada in December 2003, and in the UK in February 2004. By 2004 Fortinet had offices in Asia, Europe and North America.
In April 2005, a German court issued a preliminary injunction against Fortinet’s UK subsidiary in relation to source code for its GPL-licensed elements. The dispute ended a month later after Fortinet agreed to make the source code available upon request.
Growth and expansion
Fortinet became profitable in the third quarter of 2008. Later that year, the company acquired the intellectual property of IPLocks, a database security and auditing company. In August 2009, Fortinet acquired the intellectual property and other assets of Woven Systems, an ethernet switching company.
According to market research firm IDC, by November 2009 Fortinet held over 15 percent of the unified threat management market. Also in 2009, CRN Magazine‘s survey-based annual report card placed Fortinet first in network security hardware, up from seventh in 2007.
In November 2009, Fortinet had an initial public offering, wherein the company planned to raise $52.4 million through the sale of 5.8 million shares. Over 6 million shares were also sold by stockholders. Just before the first day of trading, Fortinet increased the share price from $9 to $12.50 and the price increased in the market to $16.62. By the end of the first day of trading the company had raised $156 million in financing.
Fortinet made four notable acquisitions from 2012 to 2016. The company acquired app-hosting service XDN (formerly known as 3Crowd) in December 2012, Coyote Point in 2013, and Wi-Fi hardware company Meru Networks in 2015. In June 2016, Fortinet acquired IT security, monitoring and analytics software vendor, AccelOps.
In July 2014, Fortinet announced a technical certification program called Network Security Expert (NSE). In March 2016, Fortinet launched a Network Security Academy to help fill open cyber security jobs in the U.S. Fortinet donated equipment and provided information to universities to help train students for jobs in the field. Also in 2016, Fortinet launched a program called FortiVet to recruit military veterans for cybersecurity jobs.
In January 2017, it was announced that Philip Quade, a former member of the NSA, would become the company’s chief information officer. At the end of 2017, Fortinet reported $416.7 million in revenue, a 15 percent increase from the previous year. As of December 31, 2017 Fortinet had 467 U.S. foreign-issued patents and 291 pending. In June 2018, Fortinet acquired Bradford Networks, a maker of access control and IoT security solutions. In October 2018, Fortinet acquired ZoneFox, a threat analytics company. In January 2019, it was announced that Fortinet and founder Ken Xie would participate in the annual World Economic Forum held in Davos, Switzerland.
Products and research
Fortinet released its first product, FortiGate, a firewall, in 2002, followed by anti-spam and anti-virus software. FortiGate was updated to use application-specific integrated circuit (ASIC) architecture. The company has used ASIC in several of its products, including to support its SD-WAN features. Fortinet later merged its network security offerings, including firewalls, anti-spam and anti-virus software, into one product. In April 2016, Fortinet began building its Security Fabric architecture so multiple network security products could communicate as one platform. Later that year, the company added Security Information and Event Management (SIEM) products. In September 2016, the company announced it would integrate the SIEM products with the security systems of other vendors.
In 2017, Fortinet announced the addition of switches, access points, analyzers, sandboxes and cloud capabilities to the Security Fabric, in addition to endpoints and firewalls. Later in 2017, Fortinet created a standalone subsidiary, Fortinet Federal, to develop cybersecurity products for government agencies. Fortinet has received security effectiveness certifications through NSS Labs. Gartner, a research and consulting firm, has ranked Fortinet within the top three companies in its Magic Quadrant for enterprise network firewalls, which measures market trends and direction.
In July 2018, the company launched FortiGate SD-WAN, its proprietary SD-WAN service. FortiGate SD-WAN was included within Gartner’s Magic Quadrant for WAN Edge Infrastructure later that year. Later in 2018, Fortinet released FortiGuard (AI) to better detect new and unknown threats, and also announced the 6.0 version of its FortiOS security operating system with enhanced centralized management and expanded cloud capabilities.
In May 2004, Trend Micro, a competing cyber security and defense company, filed a legal complaint against Fortinet. Though the International Trade Commission initially ruled against Fortinet, the Trend Micro patents at the center of the dispute were later declared as invalid in 2010. In 2005, an OpenNet study suggested that Myanmar, which was under American sanctions, had begun using Fortinet’s FortiGuard system for internet censorship. Fortinet stated that their products are sold by third party resellers, and that they acknowledged US embargoes.
In 2005, Fortinet created the FortiGuard Labs internal security research team.
In 2008, Fortinet researchers sent a report to Facebook highlighting a widget from Zango that appeared to be tricking users into downloading spyware. By 2014, Fortinet had four research and development centers in Asia, as well as others in the US, Canada and France.
In March 2014, Fortinet founded the Cyber Threat Alliance (CTA) with Palo Alto Networks in order to share security threat data across vendors. It was later joined by McAfee and Symantec. In 2015, the CTA published a white paper on the CryptoWall ransomware, which detailed how attackers obtained $325 million through ransoms paid by victims to regain access to their files.
In April 2015, Fortinet provided threat intelligence to Interpol in order to help apprehend the ringleader of several online scams based in Nigeria. The scams, which resulted in compromise of business emails and CEO fraud, had cost one business over $15 million. The following year, in March 2016, Fortinet and technology company, Cisco, joined NATO in a data-sharing agreement to improve their information security capabilities.
In January 2017, Fortinet worked with Interpol to conduct an investigation into web security in several southeast Asian countries. The investigation identified compromised websites, including government-operated web servers. Later that month, Fortinet researchers discovered a spyware that scammed victims by impersonating the IRS. Also in 2017, researchers helped identify malware, called Rootnik, and ransomware, called MacRansom, that targeted Android and MacOS systems respectively. In 2018, Fortinet entered into an information-sharing agreement with Interpol.