Hi All,
In our primary production site we're running a HA cluster of 100D's that are over 6 years old. Everything is running well (6.0.10) but my Foritguard subscription is up for renewal so Im debating if it's worth it to replace with a pair of 100F's.
Just wondering how long the community runs production boxes. Until EOL of the OS? Time based? When you have budget? When you're bored and want to work all weekend? ;) I've run smaller units (60A's, etc) 8-10years, but they were in less important home office sites.
Any opinions?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
We manage/maintain about 40-50 fgt in the field (200D/101E/92D/80E), in mostly remote areas - all educational type institutions, so the requirement for us is the model is still supported by Fortinet and/or the subscription can still be renewed. Then there is whether the OS is still supported or can be firmware upgraded. In recent years, if we have seen a bandwidth explosion, mostly due to increased mobile usage - with that in mind, we are watching out for system resource exhaustion (.e.g. CPU/memory/sessions near maxing out) - which is telling us we are are outgrowing these models and it is time to replace them.
NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
The 100D reached EOO(end of order) on 2018-07-26, then 2022-07-26 is the LSE(last service extention) then 2023-07-26 is EOS(end of service). So you can renew the 1yr support a couple of more times.
On the other hand, 6.2 or later OS doesn't support 100D due to unsupported ASIC NP4Lite. So 6.0.x is the last version of OS on the unit.
I would expect FTNT would keep update 6.0.x when major vulnerabilities are found and need to be patched at least until the EOS date due to the fact no options to go up to 6.2 or above.
My personal opinion is it's completely up to the situations if the current 100D with 6.0.x is well enough and comfortable for your needs. If that's the case, why would you spend money now while you can save it for next or the following fiscal year? But, if you want to have a better performance with new feature sets and want to explore them, going to "F" version would provide you lots of opportunities.
If you can't decide now, I would just renew it for one more year then, secure the budget for next year well ahead, which actually we decided to do for 200Ds.
FG-100D is really old enough Update to replace it is needed The best choice is FG-101F
But if you don’t use new features such as security fabric It’s a pity, but FG-40F or FG-60F can be used
It really depends on specifics of the site in question. We are VAR/Partner and I see these points clients take into account:
[ul]
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1720 | |
1093 | |
752 | |
447 | |
234 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.