Description
This article describes how to make an informed decision for firewall administrators on when to use ASIC offload & NPU offload for specific tasks.
Scope
FortiGate.
Solution
The table below helps to understand the core usage in more detail:
ASIC and NPU offloading are different and effective hardware acceleration technologies that offer intense performance manipulation on different traffic types. ASIC offload boosts security functions and is tailored for specific tasks, whereas NPU offload enhances network processing and offers more versatility in handling various network operations.
Both methods typically improve performance on a large scale in different areas. The point to note here is that disabling ASIC offload might sometimes lead to unexpected performance gains, possibly indicating a software issue.
From a configuration point of view, ASIC offload is usually managed at the policy level, while NPU offload can be fine-tuned for specific interfaces or functions like IPSEC VPNs along with policy-level management.
The above information and approach set the stone for a further investigation deep dive once isolation testing is a success and fault domains are identified.
