 
					
				
		
Created on ‎12-14-2005 03:04 AM
 
					
				
			
			
				
			
			
				
			
			
			
			
			
			
		 
					
				
		
Created on ‎12-14-2005 03:07 AM
 
					
				
		
Created on ‎12-14-2005 06:51 AM
Have the branch offices they own internet connection for surfing?Yes . In each branch offices , there is an internet export . In VPN channels , main traffic are EMail and database data transfer.
What do you do with the tunnels (work with accounting programs like as400 or something else)I don' t understand as400 exactly , IBM AS400 system ? I just enable MRTG mornitoring .
-disable heuristic feature on the fw for memory performanceWhere I can find this heuristic feature ? For AntiVrs or IPS ? Others , you said Firewall impact CPU utilization . Not Memory performance , right ?
-reduce the number of protocols and services scanned from ids/ips (disable imap, pop3,sql etc.. if you dont use them)IDS/IPS doesn' t differentiate protocols seems . Just can choose " enable or disable " ,right ? IPS IPS Signature Enable (All services) IPS Anomaly Enable (All services
-disable ntp, snmp, telnet, ssh, dhcp to reduce cpu utilizationYou mean I disable its in interface setting ? Or firewall services? In dead , I really want to update the FortiGate model , but I am facing another problem , due to I don' t know each features impact for performance , and each VPN channel will use how many utilization , and how many users A FortiGate can support ? For 60 clients , FortiGate 60 is not enough , then 100A or 200A can support it ? so I do on earth not know to choose FG200A/300A or 3000/4000. All in a word , how can I get an exact value and impact about performance ? so that I can estimate the most adapted model. Are there any documents to instruct the performance issue in FortiNet ? e.g. How much utilization will be used when I enable default IPS/IDS , AntiVrs , AntiSpam and Webfilter .
Avir, Webfilter, Antispam use MEMORY resource Vpn, Management, Update, Fw, IDS/IPS use CPU resourceHow much Memory resource Avir will use , How much CPU A VPN channels will use ? Do we have a number or value to instruct it ? And so on.
 
					
				
		
Created on ‎12-15-2005 03:32 AM
 Remember you can disable/enable protocols on the IDS/IPS configuration tabs.
 -NTP, telnet etc... on both interfaces and firewall services if you dont really need them.
 -exact values arent available. Antivirus works on memory and use much resources .The 60 model is affected of this memory leak problems. (128Mb only) Reduce the threshold value or disable it for protocols you dont use. I have no more of 10 pc' s behind my fgt60 (test lab) and the memory usage is always more than 60%. No fear  this is a normal behaviour for a 60 model.
 Remember you can disable/enable protocols on the IDS/IPS configuration tabs.
 -NTP, telnet etc... on both interfaces and firewall services if you dont really need them.
 -exact values arent available. Antivirus works on memory and use much resources .The 60 model is affected of this memory leak problems. (128Mb only) Reduce the threshold value or disable it for protocols you dont use. I have no more of 10 pc' s behind my fgt60 (test lab) and the memory usage is always more than 60%. No fear  this is a normal behaviour for a 60 model.  -the encrypt engine use cpu resource for the encryption and decryption features on the vpn. You can monitor the usage of the resources by typing this command on the CLI:
 
 diagnose sys top 
 
 and kill processes if you need.
 
 diag sys kill
 
 bye
 pman
 -the encrypt engine use cpu resource for the encryption and decryption features on the vpn. You can monitor the usage of the resources by typing this command on the CLI:
 
 diagnose sys top 
 
 and kill processes if you need.
 
 diag sys kill
 
 bye
 pman
					
				
			
			
				
			
			
				
			
			
			
			
			
			
		 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.