Created on ‎02-26-2024 01:51 AM Edited on ‎04-23-2024 02:53 PM By aallisonftnt
Before you subscribe, we recommend reviewing the FortiGate-VM on AWS datasheet, pages 6 and 7, to learn about the bandwidth, throughput, and specifications of each instance type and ensure the deployment fulfills your needs.
You might also consider deploying with an Amazon Graviton-based EC2 instance for potential compute cost optimization.
This 11-minute video walks you through how to subscribe, deploy, and configure FortiGate-VM from AWS Marketplace, with information on creating VPCs, subnets, routing tables, and connecting to the FortiGate-VM.
You may also want to take our free, hands-on QuickStart Workshop, where an example corporation is migrating on premise apps and workloads to AWS.
It covers foundational AWS networking concepts such as symmetrical routing traffic in and out of VPCs for various traffic flows, how to use FortiGate instances in AWS to secure inbound, outbound, and East/West traffic flows, and how FortiGate resolves concerns and requirements when migrating applications & workloads to public cloud.
Note: You must first be subscribed to FortiGate-VM via AWS Marketplace. These deployment templates will not automatically subscribe users.
AWS CloudFormation Templates, Terraform Templates, scripts and other content are available on GitHub to help you get started with Fortinet Solutions in AWS: https://github.com/FortinetCloudCSE/.github/tree/main/profile/AWS
These include:
FortiGate Standalone
FortiGate FGCP HA Dual AZ (use cases)
FortiGate FGCP HA Single AZ
FortiGate & Gateway Load Balancer (use cases)
FortiGate Active-Active & Transit Gateway Connect
FortiGate FGCP HA Dual AZ & Transit Gateway Connect
FortiGate Auto Scale
The AWS Administration Guide offers complete step-by-step documentation and information for the latest versions, and can be found here:
You can view guides for your current FortiOS deployment by choosing from the dropdown menu:
You can also find our complete AWS Cloud Security documentation library here: https://docs.fortinet.com/cloud-solutions/aws
We also encourage you to register your on-demand instances with FortiCloud so that you can create a support account. Details are available here:
https://docs.fortinet.com/document/fortigate-public-cloud/7.4.0/aws-administration-guide/315515/on-d...
You may next want to explore the following:
The datasheet (page 6-7) provides the specifications of model VM01, VM02.... But on the pricing page on the AWS listing with its EC2 model. How can map these items accordingly? Or enterprise has to pay both: the AWS and to Fortinet Reseller?
Hi Happii, in datasheet you will see the performance based on C6in family. You have two main options on using FortiGate: BYOL or PAYG.
BYOL: is used when you already have a FortiGate VM license bought from a reseller or using FortiFlex. In this case you dont need to pay for license in AWS, you will only pay for AWS EC2 instance usage. This is the marketplace page https://aws.amazon.com/marketplace/pp/prodview-lvfwuztjwe5b2?sr=0-1&ref_=beagle&applicationId=AWSMPC...
PAYG: is used when you dont have a FortiGate VM license already bought. So you pay for AWS EC2 instance usage and FortiGate licensing. This is the page https://aws.amazon.com/marketplace/pp/prodview-wory773oau6wq?sr=0-1&ref_=beagle&applicationId=AWSMPC...
In both cases, the performance, mentioned on datasheet is the same.
Thank you Gallego!
Hi Gallego,
One more question. I would like to host a Fortigate on AWS using BOYL. How many vCPU and vCPU type should be chosen to make a similar capability like the Fortigate 101F ?
thanks,
You can compare both datasheets to give you a direction. For example, NGFW throughput is similar to VM04. However, these are "standard" values and probably your traffic will be somehow different. I'd go with the data you will use in AWS and the security features enabled to size it correctly.
Physical devices are very different from VMs, due to ASIC processors. If you are going to use BYOL, your Fortinet partner can also help you with these questions.
Welcome to your new Fortinet Community!
You'll find your previous forum posts under "Forums"
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.