Where do I start ;)

1: let go with  this

I'm considering a 100D, 140E, or 200E with a couple big 802.3ad link aggregate interfaces (8x or more physical interfaces each) to give me close to 10GbE to the 10GbE switch.

Price per port get's extreme high in this model if you  compare it to a 10gige appliance to begin , worst if you add HA ( a 2nd  cluster  node)

e.g

how much does  8x 1GIGE port cost vrs the  max thru-put? over one  model that has a 10gige SFP+ to begin with?

2: Using a 100D/140E/200E are still considered branch series  models with limited  process. A FGT100D/140D has no NP4 and the 200E I believe also has no great hardware acceleration. Heck I have most of  these in my lab.

3:  next, I doubt yo could even link AG 8x or more ports on the 100D/140D model to begin with,  nor would you  gain anything  but a lot  of ports bundle and waste.

Next ,

The "cheapest" FortiGate with a few SFP+ ports is the 500E, which is way more than we need.  We won't have a vmware platform to run a VM FortiGate using the platform's 10GbE nics till much later, so that isn't really an option.

What are you wanting? 1GIGE or 10GIGE interfaces? What your technical requirements? yes it has  10gige interface but it bound to the same  NP6

You should answer those questions  1st and then design and then look at what it  cost to get to your dsesign. You mention IPS/AV ,  but do you now the bottom number of what these  unit offer with regards to IPS/AV?

Using  my quick  calculations of FTNT numbers,  which are under-best-conditions

100D  no 10gige no NP or better.... really not alot to say except they are reliable branch devices

140D no 10gige  no NP or better, shared SFP ports , limited number of 1gige copper ports, lower thruput than a 200E, and a lot more ports than a 100D ...again a reliable branch   friewall imho.

200E  no 10Gige, Np6lite, no cross-NP LAGs,  2.2 gbps ips ( AV thru-putt..... no real numbers could  found , but probably  less than IPS thru-put NPlite technology okay but nothing to write home about,etc....),

500E way-much more the earlier listed model, it has 10GIGE interfaces but one single NP6, traffic flow might not stay fast-path so  ????s on what  real expect thru-put  estimation? What  can you get over a single  tengige interface in/out and  few 1GIGE interfaces?

I would drive my selection on hardware & around what are your business-objectives, and then gather the devices you need. Make  adjustment if you can't meet the objects and know what the PRO/CON are.

From what you mention, I would get out of the branch-lowenterprise models,  and would look at  1000-1500D or even higher.

Here's why

These models has more than 1NP

possible switch connection-fabric

more ports

higher thruput ( raw fw, IPS, AV,etc...)

These don't have Np6lites processor , and the limited thru-put that it provides

They do cost more ( no shock ), but it would money better spent than to buy  yugo and how it works in your favor.

;)

Ken