Skip to main content
teritt_dz
teritt_dz
Explorer
October 3, 2024
Solved

Memory optimization on Fortigate 60E

  • October 3, 2024
  • 3 replies
  • 1880 views

Hi All,

 

General question about memory optimization and firmware. I have a 60E that does a lot of work and runs quite high in memory, and has recently started hitting mem conserve mode. I'm aware there are a few ways to bring the memory down, and I am exploring those, but what about firmware?

 

Are there any memory efficiency gains from potentially updating firmware from 7.0.11 to another version? If so, would Fortinet be able to advise which version to try upgrading to?

 

Cheers

 

Best answer by Brunn3r

FortiOS 7.0.11 has several critical vulnerabilities. You should consider an Upgrade anyways.

There is also a Bug regarding the wad process. You can create a automation to restart the wad process on a daily basis.

Further there are a few things you can make to gain some memory. First of all, don't log into your memory. Then proxy based inspection is more memory consuming than flow based.

There is also a technical tip from Fortinet: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Steps-to-optimize-the-Memory-consumption/ta-p/192323

3 replies

Brunn3r
Brunn3rAnswer
Explorer II
October 3, 2024

FortiOS 7.0.11 has several critical vulnerabilities. You should consider an Upgrade anyways.

There is also a Bug regarding the wad process. You can create a automation to restart the wad process on a daily basis.

Further there are a few things you can make to gain some memory. First of all, don't log into your memory. Then proxy based inspection is more memory consuming than flow based.

There is also a technical tip from Fortinet: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Steps-to-optimize-the-Memory-consumption/ta-p/192323

    AEH
    AEH
    Visitor III
    October 3, 2024

    Hello,

     

    Yes. Upgrading the firmware may have a positive impact on memory consumption. Either way you should always consider to upgrade to the latest patch available in the version (in your case upgrade to 7.0.15). That will provide you with patches to the latest vulnerabilities and bugs.

    Also, before any upgrade operation, make sure to check the known issues and the resolved issues for the target version patch.

    Make sure that you check and respect the upgrade path as follows :

    7.0.11 > 7.0.13 > 7.0.14 > 7.0.15.

     

    I hope this answers your question.

     

    amuda
    Staff
    amuda
    Staff
    October 4, 2024

    Hi @teritt_dz 

     

    You may refer here for recommended firmware: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Recommended-Release-for-FortiOS/ta-p/227178

      Terms & ConditionsAccessibility statement