How many sessions can be handled by NP1 , NP2, NP4 sessions for Fortigate firewalls?
Also, what would be the sessions handled by main CPU of Fortigate 3810A and 3040B ?
Regards
Nimmi
That's a strange question but here's the answers;
I'm sure limits ( sessions ) exists for these NPs , but now on the differences, you need to look at the total session and the session max setup. Just total alone serves no good measurement since sessions comes and goes and timeouts varies. The capacity of the network processor is what you really need to look at when you speaking thru-put.
[ul]
[ul]
( remember thru-put and packet sizes )
Than you need to realize that not all ports in a 3040/3140B are accelerate and are actually stacked to difference NPs.
In a NP1 it's capacity is 2gigs, NP2 is 4gigs, & NP4 is 40gigs ( some one please correct me if these numbers are wrong or have changed ) and the type and size of ethernet frames are limited based on the NP types.
If my FTNT SE training was correct, the NP4 will be found in models that have 10gige interface and for the 10gig interfaces SFP+ slots. What I've notice if you have ports nailed to that NP4 you can achieve the max thru-put in the chassis over those ports but traffic across NP4 will not net you the same output.
What's your goal(s)? ( number of session, hardware or content acceleration or interface qty/types )
ken
PCNSE
NSE
StrongSwan
Goal - 1.To verify the number of sessions handled by a NP1 , NP2 and NP4 processor.
2.No. of sessions handled by main CPU.
3.No. of accelerated ports in 3810 A with a 4 port (1 GE) ASM module and the type of NPs used .(I think 9 and 10 connected to NP1 and ASM connected to NP2).
4.The no. of core in 3810 A and 3040B and if it is possible to dedicate a core for management purpose.
Regards
Nimmi
I believe you need to talk to a local FTNT team for these #s. As far cpu, and number of sessions you want to avoid the cpu as much as you can. Nobody can honest say what limit for traffic kicked to t he cpu and too many factors would come into play as to what the cpu can do.
The last part, I never heard of anybody asking for a dedicate core for management.Once again what's the purpose of that?
You should contact your sales team and ask for a POC with these 2 models if your interested in comparative data between the 2 imho. They will probably share non proprietary data with you.
PCNSE
NSE
StrongSwan
User | Count |
---|---|
2677 | |
1412 | |
810 | |
703 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.