Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
ipsengine 76 R < 45.8 9.5 miglogd 49 S 0.2 5.1 updated 124 S 0.0 2.7 cmdbsvr 43 S 0.0 2.0 httpsd 129 S 0.0 2.0 httpsd 123 S 0.0 1.9 pyfcgid 5091 S 0.0 1.9 pyfcgid 5093 S 0.0 1.9 pyfcgid 5092 S 0.0 1.9 pyfcgid 5094 S 0.0 1.9 proxyworker 69 S 0.0 1.4 httpsd 56 S 0.0 1.3 httpsd 122 S 0.0 1.3 newcli 5556 R 0.0 1.2 newcli 5555 S 0.0 1.2 wad 89 S 0.0 1.2 fgfmd 111 S 0.0 1.2 hasync 92 S < 0.0 1.1 scanunitd 5549 S < 0.0 1.1 scanunitd 5548 S < 0.0 1.1
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Scanning Windows signatures for a policy that protects your Linux Apache server is not the best use of available resources.Pretty much my own thinking. Some years back, our company " standardize" our fgt configs, including tailoring the IPS signatures for different network traffic. After doing this, we saw a tremendous performance gain in almost all UTM areas. :)
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
- So, the " ASM-FB4" doesn´t help at all, I guess?No, just accelerates firewalling and IPsec. And yes, of course you' d think of tailoring the IPS profiles first; in case of your 310Bs, they' re probably both speed and memory limited. As I don' t see much headroom for future releases or features you will want to use I recommend new hardware. The new ASICs mentioned are deployed in the 1500D and 3700D. I' ve got no further info on that hardware. For your figures a (pair of) 200D would suffice, at a fraction of the cost of a 1500D. Firewalling at 3 Gbps, IPS at 1.7 Gbps, 1.4 M concurrent sessions. And it' s got the CP8 as well.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1633 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.