Hello members,
Im fairly new in IT so my knowledge is very slim when it comes to advanced networking features. I deployed a 100F out in the field that I have been monitoring quite extensively. The unit was going into memory conserve mode at least once a day. I made some changes to the setting and we are good. Whether there is a memory leak that's causing the issue or not, I believe I have addressed the issue for the time being.
The reason for my post is actually an inquiry. I read that when the FW goes into memory conserve mode, AV functionality is dropped. Since by default Fortigate functions this way, can this feature be used as a means of compromise? Can external attacks cause memory usage to go up to the point of invoking memory conserve mode? Can this feature become vulnerability?
Thank you in advance for sharing your knowledge.
Sincerely,
Tony
I probably wouldn't try putting it in a conserve mode if I were a hacker to get inside because it wouldn't allow a new session in the conserve mode. It would make more difficult to sneak into.
But it can go into a conserve mode when DOS attacks happen, which happened to one of our FGTs recently.
Hi
What version are you using?
These commands may be able to find clues:
# diagnose sys top-mem 10
# diagnose sys top 3 20 5
# get system performance status
# diagnose debug crashlog read
# execute tac report
Thanks
Kangming
User | Count |
---|---|
1922 | |
1144 | |
769 | |
447 | |
277 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.