One of the benefits of Fortigate devices, is the ability to offload in real-time network traffic and security inspections processes from the main CPU to a dedicated hardware ASICS on the data plane. There are two ASICS processors on most models of Fortigate. The NP(network processor)and the CP(Content Processor).The NP works on the interface level.

The NP Network Processor

The NP offloads network traffic from the main CPU. It allows for high-speed real-time hardware acceleration processing of network traffic at the interface level. The main CPU is the control plan and the ASICS NP is the data-plane for network process.

For TCP traffic the first three way handshake is inspected by main CPU if the conditions are met for hardware acceleration, it is forwarded to the NP ASIC. For UDP traffic it’s the first packet that’s inspected by CPU and rest is forwarded for hardware acceleration when conditions are met.

The CP Content Processor

The CP (content processor) offloads threat inspection and detection from the main CPU. It performs threat detections scans on traffic passing through the Fortigate. Content inspection is a resource-intensive process, the Mina CPU control plane determines what inspections to perform and which content gets accelerated via the CP.

The CP does not accelerate security inspection on unencrypted IPSEC traffic.

It also does not support some encryption algorithms on IPSEC phase 1 proposal of the VPN tunnnel (e.g AES-GMAC) therefore its processed by the main CPU.

Fortigate by default acclarates Diffie-Hellman.