In the past 2-3 years many of my Fortigate devices have lost features due to the removal of internal storage. WAN Acceleration, web cache, logging.. From 90D, 60D, 94D and so on. Many new units also don't come with internal storage 50E. Fortinet, please consider allowing at least logging to a user provided USB device. We could use a USB flash drive or external HD. I understand maybe all 500GB on that HD may not be accessable for logging on say a 30D but something reasonable the device could support would be great!
-It costs Fortinet nothing, and could save Fortinet money.
-Assists in troubleshooting problems with TAC.
-Reduces RMA on devices as only user replaceable USB flash is being used, not affecting internal storage with read/write cycles. -Build loyalty with users like myself by restoring features the unit was sold with.
Users please speak with your sales rep and maybe comment in this post if you'd like to see this feature added.
300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track.
Fortigate has no CPU dedicated to Log/disk usage. So, the I/O speed of a remote USB/disk will affect all Firewall performance... It's the architecture, not business policy.
Others vendors, like Palo Alto (), can do it because they have a "Management Plane" outside of "Dataplane" on hardware architecture.
Fortinet try to solve this putting SSD high performance disks in new "D" devices. But only for 100D and higher. On small devices this impact on hardware price (here we can talking about business policy)
I have to agree pcraponi, no dedicate CPU for logging. Also most of these smaller device will not have NPs or other items, so how much impact on the CPU could be a concern and I wonder how it impacts the thru-put.
So if you enable a heavy amouint of logging or archival, would it impact the FW? I believe yes.
If you take for example a FGT140D and see the process in a heavily logging fw you will see it continously running in some cases. ( R )
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.