We are in the process of replacing a Cisco ASA with a Fortigate 201E. Currently the ASA connects to a 1GB switch, with several servers connected, then connects to a Cisco 4500 switch for the clients. 

Because there are only a few ports in use on the 1GB switch, we plan to use the first two ports on the Fortigate as an aggregate to the Cisco 4500, then connect the servers to the other 8 ports. We are considering configuring ports 3-10 as a Zone (for the servers), over a vswitch to provide the same functionality as the 1GB switch and eliminate the physical device.  Then setting up policies to allow everything from the Zone interface for servers to the LAN interface. We can fine tune the policy after as we move forward. 

Does this make the best sense, or are there better ideas?