Skip to main content
brucereed
brucereed
New Member
December 2, 2016
Question

90d vs 90e and 91e

  • December 2, 2016
  • 2 replies
  • 16840 views

I need to purchase a new Fortigate 90 series for a small office, currently 40 people and could go as high as 70. We've used 90D firewalls for our smaller offices of ~20-30 people and it is performing well. Is the 90 series the right firewall for an office that could go to 70 people? We are heavily cloud software based and aside from an IPsec VPN link to our hub, there will be no other VPN users or complex needs. 

 

I'm also looking at the newer 90 and 91 'E' series. Seems like there is a significant uplift for these newer models. Looks like they have a newer ASIC that's capable of handling more more UTM throughput, but I'm not sure that justifies the cost.  The biggest rise is between the 90 and 91, just to get 128 GB of flash storage. Other than local logging which it seems both Fortinet and the user community recommends against, what would be advantage of having local flash vs not having it? The 90D has 32GB of flash. 

 

Appreciate any insight folks!

    2 replies

    kallbrandt
    kallbrandt
    New Member
    December 4, 2016

    Hello,

     

    It all comes down to what kind of throughput you want, and how much filtering you will use. And your internet connection. Don't want to slow that down much if you depend on cloud based stuff. Wire speed on the filtering is preferred if you're gonna use it.

     

    90E will work fine with 70 people. The specs are more or less x10 the specs for 90D when it comes to utm/av.

    Huge difference in processing power compared to the 90D. 70-90D is pretty easy to overload if you want to go heavy on the inspection part. Will 90D work with 70 peeps? Yep, but plain firewalling, skip utm/av/webfilter.

     

    To be fair, it also depends on what kind of clients you will have - Plain workers, or a lot of BYOD units, cell phones and video streaming?

     

    90E can take care of all of it with utm/av ON, 90D can take some of it without utm/av.

     

    No need for logdisk really. Get an Analyzer. :)

     

    If you collect logs from +10 firewalls, the Analyzer gets very cheap per firewall. Very powerful tool when troubleshooting too.

     

    Don't buy a too skinny fw. Just my 2c.

     

    Or: Start with a 90D, when office grows - Change it for a 90E, and use the 90D in some small office instead.

    :)

    ecsupport
    ecsupport
    New Member
    December 5, 2016

    90E is SLOWER than the 60E for many different UTM feature throughputs, it's unbelievable. There was another thread on this recently, with someone suggesting the 90E was more CPU driven while the 60E had the (SoC3?) full ASIC.

    FGTuser
    FGTuser
    New Member
    December 7, 2016

    Since E boxes are out there is absolutely no sense (except stability of 5.2.x OS not available on E) to buy older D boxes. Same price for less performance.

    BTW. 60E/61E has better performance than 90D.

    If you want to use UTM, do yourself a favor and stay away from SoC2 (90D, 60D,...). 

     

    Just my 2c.

    braveang
    braveang
    New Member
    March 24, 2017

    Hi all,

     

    Currently our office is using fortigate 60D of 40+ users, so far, everything is fine. however, we plan to upgrade to 90E to support more user around 70+, can 90E capable to support this load as well as two wan link, one is for Internet and another link goes toward corporate via VPN.

     

    Besides, as I heard it from others, currently, 90E may exceptional with stability of 5.2.x OS not available and in bug issue? please advise me if I am wrong.

     

    Thank you.

    Terms & ConditionsAccessibility statement