FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This issue of high CPU may occur when there are more than 2,000 firewall policies in the same VDOM and the majority of the traffic is passing through the policy at the bottom of the list. Any changes made to the firewall policy will result in high CPU for a few seconds and may cause interruption to traffic. This is due to traffic that needs to recheck with all the policies after changes have been made.
To resolve this issue, move the policies with higher traffic load to the top of the firewall policy list.
For the following of a policy list, sequence 2384 has the highest traffic load.
By moving this policy to sequence 1 it will help to resolve the high CPU issue during policy add/modify.