FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nevan
Staff
Staff
Article Id 407174
Description

This article describes the feature "user-device-store-max-unified-mem' available under 'config system global' in FortiOS, which maintains an internal database to keep track of user logins, device identities, and related session information.

This parameter is being used so that this tracking does not consume excessive system resources, and the administrators can set memory usage limits.

Scope FortiGate.
Solution

The 'user-device-store-max-unified-mem' is a system global setting that defines the maximum amount of memory the user device store can utilize. By capping the allocated memory, FortiGate prevents device and user information from overwhelming system resources, which is particularly important on hardware models with limited memory.

This parameter works alongside other limits, such as:

  • user-device-store-max-users: maximum number of users that can be stored.

  • user-device-store-max-devices: maximum number of devices that can be stored.

 

The values are important to user-based firewall policies, device-based security profiles, and IP-to-user and device mappings.

CLI:


config system global
     set user-device-store-max-unified-mem <value>
     set user-device-store-max-users <value>
     set user-device-store-max-devices <value>
 end

 

The values can vary depending on versions. To get the minimum, maximum, and default values, check the CLI reference guide from the Document Library of FortiGate.

 

Contributors