In that case 200D is quite unusable.

And do you have any evidence of this? or are you speculating?

my  cisco ASA have 12gig of RAM but are 10gig FW

my  biggest SRX 650s have 2gig   of RAM but are a 7.5gig FW

my 200D are  a 3gig FW

And those models are  like double and quadruple the performance of a 200B or 200D. These models are also far superior than a 200B bu chassis design. This goes back to the ; "  you have to look at what your doing  or trying to do ".

Your comparison to other vendors doesn't make too much sense to me.

The comparison was to show you similar other vendors devices that has 2gig of memory at  the same/similar  sustain sessions and pps counts. Just saying 2GB is not enough and with no supportive information as to why, doesn't really buy it.

This goes back to you have to really sit down and size the components, & to what you intentions are. This is regardless  of the model. I bet you if you go out and enabled all features and services on a 300D, you too might run into high memory usage and conserve modes.

The proper sizing  is a must & with any firewall type. The numbers FTNT provides on the datasheet and not ideal for ALL cases and scenarios.

Now we are talking about Ds

Somehow you can't understand that 2GB of RAM is not enough for 100D/200D with FortiOS 5.x doing something more than L4 FW only

Than I must be very  lucky in my   2x100 & 1x 200Ds

Memory has always been tight and high,  but I never had a single performance glitch and they are still running 5.0.6 & 5.0.8 code. They are sized and performing  url filtering, AV inspection on a few policies, ips, and have anywhere from 30-45k sessions as the peak during the day over a 50mbps verizon business solution. But than again these are D  series and not a 200B. So I believe  FTNT is doing thing rights and maybe your over utilized the box or have it configure incorrectly or just plain need to stopping complaining about the 200B performance, and upgrade  or review what your trying to do within that chassis. If it's covered by support, open a case.

So within the 2gig or memory that used for OS and system related items, they are doing great.  As a fact my FGT100/200D are the most stable thing out of all of the Fortigates that I assist or manage. Big thumbs up to FTNT .

"my  biggest SRX 650s have 2gig   of RAM but are a 7.5gig FW"

Yes on the datasheet !

But in production environment, SRX is one of the slowest box I ever tested ! Completely rubbish...

HA

Slow in what aspect since you mention it?  (Slow in moving packets across two interfaces, ips,  management gui, commital changes/verifications, etc..... )

Also what have you tested ?

and what results indicate its rubbish?

So the thousands upon thousands  firewall appliance that are out in the world,  enterprise, branch or carrier & that happens to be SRXs are rubbish.

I upgraded from 5.0.7 to 5.0.10 last night on my 600C.

It went well except that split-tunnel mode for my SSL VPN tunnel no longer routes traffic properly. I can't ping any IPs on the remote side of the tunnel. It sends traffic but I don't seem to be able to receive anything. I have tried using the latest Forticlient for Windows 8.1 as well as the stand-alone SSL client.

Web VPN works fine.

I am going to dig in a bit deeper, but if anyone else had SSL VPN trouble after upgrading, I'd be interested in hearing about your experiences. Has anyone ditched SSL VPN completely for IPSEC? .

I am going to try creating a new VPN portal/tunnel from scratch to see if that helps.