hello,
we have 2x FG300D in a active-passive cluster in our data center. Since the FG300D is end of life we have to start thinking about changing the FGs and what models would be best to substitute.
I think that the options are a FG200F or a FG400F cluster. We have 600-700 users and all the offices are connected via MPLS (so just one VPN site to site). Traffic from the MPLS site is like 600/600mb and for internet 2x 600/600.
We were checking the data sheets of each model. Technically I would say that 2 FG200F should be more than capable to manage everything. Is there something else we should consider?
Thanks!!
Hello RolandBaumgaertner72,
I like using the Product Matrix when comparing models (this one is February 2023):
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/Fortinet_Product_Matrix.pdf
Both options looks good based on your numbers. As typical ratio of traffic (which may differ in your case) is around 80% is SSL type. This may be a determining factor, if you want now or eventually to inspect this encrypted traffic with security policies, to select a more powerful model.
Correct sizing is also a prediction about the next few years as these devices will probably be there for a long time (5-7 years) and traffic always increase.
Start a discussion with your Fortinet reseller/Fortinet account team on the subject, they probably have good insight on the subject.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.