Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pizzaman
New Contributor

Memory Conserve Mode - Friend or FOE?

Hello members,

 

Im fairly new in IT so my knowledge is very slim when it comes to advanced networking features.  I deployed a 100F out in the field that I have been monitoring quite extensively.  The unit was going into memory conserve mode at least once a day.  I made some changes to the setting and we are good.  Whether there is a memory leak that's causing the issue or not, I believe I have addressed the issue for the time being.  

 

The reason for my post is actually an inquiry.  I read that when the FW goes into memory conserve mode, AV functionality is dropped.  Since by default Fortigate functions this way, can this feature be used as a means of compromise?  Can external attacks cause memory usage to go up to the point of invoking memory conserve mode?  Can this feature become vulnerability?

 

Thank you in advance for sharing your knowledge.

 

Sincerely,

 

Tony

 

2 REPLIES 2
Toshi_Esumi
Esteemed Contributor III

I probably wouldn't try putting it in a conserve mode if I were a hacker to get inside because it wouldn't allow a new session in the conserve mode. It would make more difficult to sneak into.

But it can go into a conserve mode when DOS attacks happen, which happened to one of our FGTs recently. 

Kangming

Hi

 

What version are you using?

 

These commands may be able to find clues:

# diagnose sys top-mem 10

# diagnose sys top 3 20 5

# get system performance status  

# diagnose debug crashlog read 

# execute tac report 

Thanks

Kangming

Labels
Top Kudoed Authors