Hope someone can recommend a device. I help a small school that has a total of maybe 200 devices. I'm guessing no more than 100 people would be using the internet at a given time. Their internet connection is 150Mb via Comcast. I plan to implement firewall, IPS, SSL intertercept, and web categories. There could be some very light VPN use (but this would probably be when no one is there). Oh... and some APs (but only the Guest network will be tunneled to firewall). A 92D seems like it should be enough, but maybe a 100D?
It depends on what your doing. For example, I had a similar setup that I did many years ago using comcast business but at 50mbps. It for a private school with a bunch of k5 grade classes. I'm using a pair of FGT60C ( that all they could afford ) and in one case a FGT80CM.
We are doing URL filtering for the most part, no AP, no DMZ hosted devices, etc....
A FGT90D or 100D should fit your needs but how much AP traffic to you see and really how many APs?
note: a FGT90D has more thruput than the 92D and is still cheaper priced, not to sure on cpu/memory requires of the 92D.
if you budget can afford it the FGT100D are great in the low-end spectrum and not a whole lot more. Review the specs and matrix and then go from that point and the needs you forecast now and in the future. Fortinet always stress more than less.
PCNSE
NSE
StrongSwan
emnoc wrote:It for a private school with a bunch of k5 grade classes. I'm using a pair of FGT60C ( that all they could afford essaytyper.pro ) and in one case a FGT80CM.
For small school pair of FGT60C is more than enough.
both the 90 and the 100 will be enough.
150mb is not a problem even for the 40C device, however its the amount of connectio and connection rate that actually dictate the sizing.
200 users on school, I'm guessing can be 500 new connection/sec and damn I took it far.
90D can take 4K new session on basic configuration.
So yeah, you are on the safe side. Please notice that as my friend above mentioned, the 90D is superior to the 92D (go figure...)
//Chura CCIE, NSE7, CCSE+
Most of the fortigates we manage are deployed at educational institutions in rural areas, about half on ForiWifi 80CMs, the rest on 200Bs or 200Ds. Soon we will be evaluating a suitable replacement for our ageing (1st generation) 80CMs (they just don't cut it under 5.x., even after following fortinet's recommended optimization). Have looked at FortiWiFi-90D and FortiWifi 92D. While the 90D has better throughput, I have decided on demoing the 92D for the evaluation because almost all of the traffic going through the Fortigate will be subject to all/most of the UTM features: IPS, anti-virus, web filter, Application control. And on paper, the 92D looks more promising in that area (better firewall new sessions per second, IPS throughout, and anti-virus throughput). Cost-wise, (from one online vendor) there seems to be $300-400 difference between the two.
(Re 90D can take 4K new session, The linked document shows the 92D with 22K new sessions unless that is a typo.)
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
If purchasing the 92D new, it should automatically come with a 1-year subscription. But check with your local Fortinet dealer and consult with the school admins on what 1-3 year subscription/support bundles are affordable to the school. Let the school admins know what the approx. cost to renew the subscription if they choose to renew it yearly.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.