I need to purchase a new Fortigate 90 series for a small office, currently 40 people and could go as high as 70. We've used 90D firewalls for our smaller offices of ~20-30 people and it is performing well. Is the 90 series the right firewall for an office that could go to 70 people? We are heavily cloud software based and aside from an IPsec VPN link to our hub, there will be no other VPN users or complex needs.
I'm also looking at the newer 90 and 91 'E' series. Seems like there is a significant uplift for these newer models. Looks like they have a newer ASIC that's capable of handling more more UTM throughput, but I'm not sure that justifies the cost. The biggest rise is between the 90 and 91, just to get 128 GB of flash storage. Other than local logging which it seems both Fortinet and the user community recommends against, what would be advantage of having local flash vs not having it? The 90D has 32GB of flash.
Appreciate any insight folks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
It all comes down to what kind of throughput you want, and how much filtering you will use. And your internet connection. Don't want to slow that down much if you depend on cloud based stuff. Wire speed on the filtering is preferred if you're gonna use it.
90E will work fine with 70 people. The specs are more or less x10 the specs for 90D when it comes to utm/av.
Huge difference in processing power compared to the 90D. 70-90D is pretty easy to overload if you want to go heavy on the inspection part. Will 90D work with 70 peeps? Yep, but plain firewalling, skip utm/av/webfilter.
To be fair, it also depends on what kind of clients you will have - Plain workers, or a lot of BYOD units, cell phones and video streaming?
90E can take care of all of it with utm/av ON, 90D can take some of it without utm/av.
No need for logdisk really. Get an Analyzer. :)
If you collect logs from +10 firewalls, the Analyzer gets very cheap per firewall. Very powerful tool when troubleshooting too.
Don't buy a too skinny fw. Just my 2c.
Or: Start with a 90D, when office grows - Change it for a 90E, and use the 90D in some small office instead.
:)
Richie
NSE7
90E is SLOWER than the 60E for many different UTM feature throughputs, it's unbelievable. There was another thread on this recently, with someone suggesting the 90E was more CPU driven while the 60E had the (SoC3?) full ASIC.
Since E boxes are out there is absolutely no sense (except stability of 5.2.x OS not available on E) to buy older D boxes. Same price for less performance.
BTW. 60E/61E has better performance than 90D.
If you want to use UTM, do yourself a favor and stay away from SoC2 (90D, 60D,...).
Just my 2c.
Yeah, the E series is the way to go. Remember though that just because it was a SOC as a D model doesn't mean it is a SOC on the E model (ie 90D vs 90E etc) so be sure to check the datasheets
Mike Pruett
Mike is right. The only model that I'm aware of right now with the SOC3 is the 60E/61E. The 90E/91E is CPU only, so it won't give you any significant improvement.
Today if the 60E/61E isn't big enough, I'm recommending the jump to 100D or above as necessary.
There is another E model on the price sheet that isn't yet ready to ship. It might make it out Q1 2017. The 60E/61E shipped in the quarter after the quarter that it showed up in the price list.
Norris Carden
Fortinet XTreme Team USA (2015, 2016)
CISSP (2005), CISA (2007), NSE4 (2016)
I believe the 9xE(no CP) is x86 console...
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
Hi Mike,
May we seek your advice. is E series ok for the load of 70+ users, our setup is one link for Internet traffic and second wan link is for Corporate traffic via VPN.
Besides, I also heard that E series also exceptional with stability of 5.2.x OS not available and in bug issue, is it true, please correct me if I am wrong.
Thanks
Hi all,
Currently our office is using fortigate 60D of 40+ users, so far, everything is fine. however, we plan to upgrade to 90E to support more user around 70+, can 90E capable to support this load as well as two wan link, one is for Internet and another link goes toward corporate via VPN.
Besides, as I heard it from others, currently, 90E may exceptional with stability of 5.2.x OS not available and in bug issue? please advise me if I am wrong.
Thank you.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.