In the past 2-3 years many of my Fortigate devices have lost features due to the removal of internal storage. WAN Acceleration, web cache, logging.. From 90D, 60D, 94D and so on. Many new units also don't come with internal storage 50E. Fortinet, please consider allowing at least logging to a user provided USB device. We could use a USB flash drive or external HD. I understand maybe all 500GB on that HD may not be accessable for logging on say a 30D but something reasonable the device could support would be great!
-It costs Fortinet nothing, and could save Fortinet money.
-Assists in troubleshooting problems with TAC.
-Reduces RMA on devices as only user replaceable USB flash is being used, not affecting internal storage with read/write cycles. -Build loyalty with users like myself by restoring features the unit was sold with.
Users please speak with your sales rep and maybe comment in this post if you'd like to see this feature added.
300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track.
Over 100 WiFi AP's and growing.
FAZ-200D
FAC-VM 2 node cluster
Friends don't let friends FWF!
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I consider small box are normaly used for only few users and not all UTM stuffs on and hundred VPN.
On my small box (40C) I don't have big CPU usage (high memory usage : yes), I don't think performance will be impact.
And it could be our choice to loose some perf for logging.
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
You can log to forticloud with internet speed and you can not log to local usb because is going to slow down the firewall?
I think it's impossible for their business policy....XD...
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
Fortigate has no CPU dedicated to Log/disk usage. So, the I/O speed of a remote USB/disk will affect all Firewall performance... It's the architecture, not business policy.
Others vendors, like Palo Alto (), can do it because they have a "Management Plane" outside of "Dataplane" on hardware architecture.
Fortinet try to solve this putting SSD high performance disks in new "D" devices. But only for 100D and higher. On small devices this impact on hardware price (here we can talking about business policy)
Regards, Paulo Raponi
Pcraponi.. I think you are wrong and can give examples to prove it.. like well.. the 90D.. it has logging to what basically amounts to flash. It just wares out.
Also look up the 51E.. again has integrated SSD for logging.
I have no idea what you're talking about with your dedicated CPU comment.. but ok..
300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track.
Over 100 WiFi AP's and growing.
FAZ-200D
FAC-VM 2 node cluster
Friends don't let friends FWF!
I have to agree pcraponi, no dedicate CPU for logging. Also most of these smaller device will not have NPs or other items, so how much impact on the CPU could be a concern and I wonder how it impacts the thru-put.
So if you enable a heavy amouint of logging or archival, would it impact the FW? I believe yes.
If you take for example a FGT140D and see the process in a heavily logging fw you will see it continously running in some cases. ( R )
PCNSE
NSE
StrongSwan
I consider small box are normaly used for only few users and not all UTM stuffs on and hundred VPN.
On my small box (40C) I don't have big CPU usage (high memory usage : yes), I don't think performance will be impact.
And it could be our choice to loose some perf for logging.
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
You can log to forticloud with internet speed and you can not log to local usb because is going to slow down the firewall?
rcarreras wrote:forticloud is limited service for free and it's not cheap....You can log to forticloud with internet speed and you can not log to local usb because is going to slow down the firewall?
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
What on earth makes you think logging to usb would be "slow".. god never mind..
300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track.
Over 100 WiFi AP's and growing.
FAZ-200D
FAC-VM 2 node cluster
Friends don't let friends FWF!
new box like 50E, it's cpu is defintely better than 60D...
Marvell Armada 385 is usually used for NAS application...
IMHO, performance impact is not a good reason I think...
if someone means 60D, okay..
I agreed, maybe...
cpu of D box sucks...
but for new E box, I don't think...
FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2
FSW224B x1
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1536 | |
1029 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.