Firewall Sizing

i would choose from the following, depending on other factors except NGFW like number of interfaces/speed of the intfs/IPsec, etc and considering that UTP profiles usually take up more RAM and CPU i would focus on that also

- 120G/200G/400F

- 600F/700G/900G

- 1000F/1800F

https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/Fortinet_Product_Matrix.pdf

https://yurisk.info/2021/03/14/Fortigate-Firewalls-Hardware-CPU-model-and-number-Memory-size-datasheet-table/ 

a talk with a Fortinet sales rep and/or SE would help in order to get the best solution suited based on your needs. they would know what to ask and make the necessary recommandations

Hello,

Firewall sizing rather depends on the amount traffic the unit is supposed to process and configuration (i.e. UTM, SSL VPN) rather than the number of users.

I would recommend to check Fortinet firewall performance datasheet "specifications" section.

I also think it mainly depends on traffic amount. If it is edge firewall then typically you need to calculate the sum of all your internet connections bandwidth then you can select the firewall that can easily handle it, with at lease a 100% to 200% safety margin.

You should compare the sum with the value of "Threat Protection Throughput" of the firewall if you intend to use all security services (IPS, App Ctrl, AV, ...).

E.g.: if the sum of all your internet connections is 500 Mbps then I'd take a FG-70G, if the sum is 800 Mbps then I'd take a FG-90G, and if it is 1 Gbps then I'd take take a FG-120G.

I'd also recommend G series (is newer than F) and avoid models with 2GB RAM. For RAM size, check Yurisk page shared above by @funkylicious 

Thanks to all for your excellent & helpful suggestions

Got a new requirement from a customer: Firewall is required for around  1000 users with aggregated Internet links of 1GB today, future scalability of the Internet links will be around 2 GB

I am considering 400F. What are your thoughts on this model? 

Thanks