FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the feature "user-device-store-max-unified-mem' available under 'config system global' in FortiOS, which maintains an internal database to keep track of user logins, device identities, and related session information.
This parameter is being used so that this tracking does not consume excessive system resources, and the administrators can set memory usage limits.
Scope
FortiGate.
Solution
The 'user-device-store-max-unified-mem' is a system global setting that defines the maximum amount of memory the user device store can utilize. By capping the allocated memory, FortiGate prevents device and user information from overwhelming system resources, which is particularly important on hardware models with limited memory.
This parameter works alongside other limits, such as:
user-device-store-max-users: maximum number of users that can be stored.
user-device-store-max-devices: maximum number of devices that can be stored.
The values are important to user-based firewall policies, device-based security profiles, and IP-to-user and device mappings.
CLI:
config system global set user-device-store-max-unified-mem <value> set user-device-store-max-users <value> set user-device-store-max-devices <value> end
The values can vary depending on versions. To get the minimum, maximum, and default values, check the CLI reference guide from the Document Library of FortiGate.
