New E series will show initial bugs for sure, just remember when introducing the D series (100D). Forcing the bleeding edge v5.4 for the new hardware won't help either.

But that said, there's not much to say about the 30D although there's a saying anything below a 60x isn't a real firewall. It will surely depend on the extent of UTM you want to apply. The small boxes with SoC are weak on CPU intensive tasks like AV, IPS, SSL VPN.

Have you considered deploying only a remote Forti-AP and no FGT at all? Will create a tunnel to the HQ FGT and all traffic will traverse it (so the upstream bandwidth needs to be high). This would shift the requirement from the branch to HQ equipment.

I will look into this. Interesting idea. Thanks!

For home use, Sophos offers free UTM firewall(s).

It's safe to go with the 60D as it's a well tested unit. 

But 50E seems to be a good performing FW and not everyone has problems with the unit.

I highly recommend the Sophos UTM also! Free for home use and full featured! I was using it before I took the 50E home for testing and training. 

BUT!!! this all depends on your use case. If this is for business and the business will be supporting this home user.. Get the FortiGate and FortiAP's. 

Don't mess-around with unsupported and unfamiliar equipment. You will spend to much of your time messing with it.

As for your question about speed.. simply look at the product sheets. They clearly state the speeds the unit is capable. If you plan on using all of the UTM features then no, nether unit will be fast enough to handle the full 1GB connection. That is a crazy fast connection for a home user! 

Why don't people work with their Fortinet reseller or rep for sizing and product info? Never understood that... 

Sounds like this might be for the boss ;)  We deployed a 60D (running 5.2.6) with a 224D in a similar situation, but we use Ruckus for the Wifi because their radios are amazing.  That being said I just deployed a FortiAP-221C using FortiCloud only and it was insanely quick and easy.  No security filtering/policies with that model unless run through a FG though.

Not sure about the throughput hit with the 60D.  Remember it will only slow down when doing AV scanning.  I think streaming content would not be impacted.

Not sure why ltguy's post isn't being displayed.  I got the email notice.  Come on Fortinet, this is an open forum.

I think suggesting Untangle for a home user (unless they are an IT person) will lead to frustration for the OP who sounds like he will need to support it.  I'm assuming this is for an Exec where the cost of a 60D and WAPs will not be an issue.  If cost is a concern, then suggestions should be reevaluated.  Someone with 1Gbps residential will most likely not be getting that most of the time anyway (we just did at work and we get ~850Mbps through a 500D with all the filters cranked up), nor will many of the sites they are connecting to be able to provide that in response.  The main benefit of a connection like that will hopefully be low latency and burst-able connection speeds.  

I'd rather have more dependable security scanning for my clients (especially if they are click on anything kids) than a super fast wide open pipe.  The extra time and hassle to get an OpenSource firewall up and running simply isn't worth it.  I don't think anyone can stand up to Fortinet's threat detection and prevention.  I see it in our hardware on a daily basis when reviewing what we block.  For a home user, Fortinet's malware scanning (getting certs on home devices to enabled SSL checking might be tricky) and a few good web filtering policies will ensure they aren't exposed to all the crap that everyone running Netgears and Linksys are.

Untangle is ideal for a home user, especially since it provides THREE antivirus scanning technologies that run at 1Gb speeds, a very advanced web filter, and a tweaked up Snort IPS with 33,000 signatures. I could teach my 9 year old daughter to install Untangle it's so easy. At $49 a year for the full package these days, it's a no brainer. Snort does very well compared to Fortinet IPS, possibly better in some areas - both release emerging threat database updates in a timely fashion.

Remember, when someone pays for a high speed connection - they usually expect that. The fact is, Fortinet doesn't have any low cost, lower end devices capable of running on a 1Gb connection with all of the UTM features enabled. So it's really not a good option. The new 30E will pull 150Mbps, that's an improvement over the abysmal 30D and 60D units but not where we need to be yet.

I can't imagine recommending a 60D on anything but a slow 50Mbps or less internet connection. While you can CLI enable the extended IPS on a 60D it will take a performance hit. Remember the 60D has around 5585 IPS signatures, an 80D and higher has around 9900 signatures for IPS.