We have a new potential customer that wants to replace their old FortiGate 200B with a new FortiGate. I'm not familiar with FortiGates prior to the D models. What would a new E or D series firewall that would be equivalent to this firewall? They will have about 100 users using VPN with a 500 MB pipe. They can only get 100 MB through their 200B.
Starting with some of the "C" models. WAN ports were GB. After that most models had them on most ports. You should check out the spec sheets for today's models to see what's offered. With the CPU and technology improvements over the years, the smaller number models now have more horsepower than the larger ones of yesteryear did.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Thanks!
We replaced our 200Bs with 200Ds, but overall they were both a bit over powering for the remote locations we placed them in. Originally the 200B was the recommended replacement for the 200A (from a Fortinet partner). This time around, we will be replacing the 200Ds with 101Es. I agree with Bob - the new models are more powerful then models of yesteryear.
That said, with regards to possible suitable replacement it's been suggested to look at the CPU/Memory/current session usage on your current model then find a suitable replacement with perhaps better specs. If you find more than one comparable model, I suggest checking the VPN related system performance of the models involved.
Other things to keep in mind, performance wise, is optimizing the configuration on the fgt - even an high-end fgt model can be "dog slow" if the config is not tailored to the network/traffic and with all the bells and whistles enabled (unless of course you need it).
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
All true but still there is a fine line between SoC models and those with a proper CPU.
Up to and including the 100E/F, these FGTs are considered "desktop models" and feature a SoC3/4. There are tasks which demand high CPU performance, like session buildup, SSLVPN, IPsec tunnel buildup (not: usage) and more. A look into the datasheet will reveal if these figures suit your needs - and future needs.
I personally was always grateful to my customer when he decided for a 'real' FGT. Work on and manage a 60X and then a 600X and you'll see what I mean. There is a reason why the 1500D with several Xeon multicore CPUs still is around a lot, though being a D series model.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.