hardware version and CPU and RAM for 300D, 400D and 500D

FB · ‎04-06-2017

I have a 200D model and we´re thinking about get a more powerful, but we´re not certain if 300D, 400D or 500D will be enough

My main problem is CPU, i can´t use SSL inspection, IPS, etc and 2GB of RAM looks ok, but will be nice to have more. So i think a unit with 6, 8 ports, 4 GB of RAM and a XEON processor will be ok

how can i know the hardware for a particular model?

i´ve compiled a rough version of info i found, but will be useful to see a official fortinet statement about hardware.

Another issue, i saw 2 200D models, with 2 and 4 GB of ram.. why is that?

Of course the 500D model fits into my scenario, but i´m thinking about 300D and 400D to get a cheaper model

300D 1x Intel Core i3-3220 (Ivy Bridge), 3.3GHz 8 GB (DDR3 4Gx2) 16GB MLC SATA BGA (iSSD) 2 X CP8 1 X NP6

Model name: FortiGate-500D CPU: Intel(R) Xeon(R) CPU E3-1225 V2 @ 3.20GHz Number of CPUs: 4 RAM: 7962 MB

Model name: FortiGate-200D CPU: Intel(R) Celeron(R) CPU G540 @ 2.50GHz Number of CPUs: 2 RAM: 1978 MB

FG200D # get hardware status CPU: Intel(R) Celeron(R) CPU G540 @ 2.50GHz Number of CPUs: 2 RAM: 3956 MB

Model name: FortiGate-1000D CPU: Intel(R) Xeon(R) CPU E3-1275 v3 @ 3.50GHz Number of CPUs: 8 RAM: 15979 MB

Model name: FortiGate-61E CPU: ARMv7 Number of CPUs: 4 RAM: 1866 MB

Model name: Fortigate-1500D CPU: Intel(R) Xeon(R) CPU E5-1650 0 @ 3.20GHz Number of CPUs: 12 RAM: 15978 MB

Model name: FortiGate-3240C CPU: Intel(R) Xeon(R) CPU E5620 @ 2.40GHz Number of CPUs: 16 RAM: 10950 MB

Model name: FortiGate-3600C CPU: Intel(R) Xeon(R) CPU E5-2665 0 @ 2.40GHz Number of CPUs: 32 RAM: 29960 MB

Model name: FortiGate-140D-POE CPU: Intel(R) Atom(TM) CPU D525 @ 1.80GHz Number of CPUs: 4 RAM: 3959 MB

Model name: FortiGate-240D CPU: Intel(R) Celeron(R) CPU G540 @ 2.50GHz Number of CPUs: 2 RAM: 3960 MB

Model name: FortiGate-94D-POE CPU: FortiSOC2 Number of CPUs: 1 RAM: 1838 MB

Model name: FortiGate-100D CPU: Intel(R) Atom(TM) CPU D525 @ 1.80GHz Number of CPUs: 4 RAM: 3955 MB

Fortigate 300D: CPU: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz RAM: 8GB

get hardware status Model name: FortiGate-800C ASIC version: CP8 ASIC SRAM: 64M CPU: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz Number of CPUs: 4 RAM: 7958 MB Compact Flash: 7669 MB /dev/sdb Hard disk: 57241 MB /dev/sda USB Flash: not available Network Card chipset: Broadcom 570x Tigon3 Ethernet Adapter (rev.0x5717100) Network Card chipset: FortiASIC NP4 Adapter (rev.1)

get hardware status Model name: FortiGate-200D ASIC version: CP8 ASIC SRAM: 64M CPU: Intel(R) Celeron(R) CPU G540 @ 2.50GHz Number of CPUs: 2 RAM: 1972 MB Compact Flash: 15331 MB /dev/sda Hard disk: 15272 MB /dev/sda USB Flash: not available Network Card chipset: Intel(R) PRO/1000 Network Connection (rev.0000)

get hardware status Model name: FortiGate-80D ASIC version: not available CPU: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz Number of CPUs: 4 RAM: 1956 MB Compact Flash: 980 MB /dev/sdb Hard disk: 15104 MB /dev/sda USB Flash: not available Network Card chipset: RealTek RTL-8168 Gigabit Ethernet driver 8.038.00 (rev.)

get hardware status Model name: FortiGate-60D ASIC version: CP0 ASIC SRAM: 64M CPU: FortiSOC2 Number of CPUs: 1 RAM: 1839 MB Compact Flash: 3879 MB /dev/sda Hard disk: not available USB Flash: not available

---

eborbolla_FTNT · ‎04-06-2017

If you are loking for more proccesing power with the same RAM than the FG200D, Fortigate 200E could be an option.

FB · ‎04-06-2017

And do you have one, to show us the hardware specifications? (get hardware status)

---

Ron_Uss · ‎04-07-2017

Model name: FortiGate-201E ASIC version: CP9 ASIC SRAM: 64M CPU: Intel(R) Celeron(R) CPU G1820 @ 2.70GHz Number of CPUs: 2 RAM: 3963 MB Compact Flash: 15331 MB /dev/sda Hard disk: 457862 MB /dev/sdb USB Flash: not available Network Card chipset: Intel(R) Gigabit Ethernet Network Driver (rev.0003) Network Card chipset: FortiASIC NP6LITE Adapter (rev.)

NSE8 #3111

Ron_Uss · ‎04-07-2017

and be aware... FGT200E doesn't support hardware switch

NSE8 #3111

romanr · ‎04-07-2017

Hey,

as the Fortigate Products depend very much on the Content and Network ASICs a sizing purely relating to the core CPU isnt easily possible. And also just comparing different Fortigates via its CPU does not make sense.

What is your current load on the 200Ds?

How many sessions do you have?

How many new session/sec do you have?

How many policies do you have? How big is the routing table.

What are the main traffic types being used and what profiles are applied there? Is authentication being used?

What FortiOS do you run?

Do you use proxy or flow mode inspection.

With mainly this information it will be easy to decide for a model.

300D and 400D will feature same perfomance - normally a 200E will be faster then those, if content inspection is your main goal - the fully featured NP6 boxes will just be massively stronger on the VPN side and on massive Layer 4 performance. And this is just because auf the new content processor in the 200Es....

Br,

Roman

FB · ‎04-07-2017

now, beggining of the day, a 200D cluster with 2 ISPs of 100 mb/s in dual wan lado balance, 1 IPSec VPN, no SSL inspection, no IPS, only webfilter, AV and 10.000 sessions (tem Thousand total), using 75% of RAM in Unit1 and 65% of RAM in the Unit2

CPU is under 10% in both units

The goal here is to use AD Authentication, SSL INspection and IPS and change a MPLS to VPN, puting more load on the VPN

Looks like 200E coudl handle because it double the RAM but the processor is a Celeron too, i´m afraid of not being enough in log term

There are 100 polcies, proxy and flow modes are being used in some policies, FortiOS 5.2.7, 5 static routes and nothing else.

I don´t know how to measure sessiosn/second, but with 10.000 sessions active i´m not sure if it is relevant

https is 90% of the processed traffic

---

FB · ‎04-07-2017

Just to mention, now i´m using 8000-9000 total sessions

sessions/sec is ranging from 55 to 155 (most of the time, bwlow 100), IMHO, very low

FortiOS 5.2.9 in NAT Mode, no VDOMs, sending logs to a FAZ1000D, no Wificontroller active, no explicit proxy and only app control

get system performance status CPU states: 5% user 7% system 0% nice 88% idle CPU0 states: 4% user 9% system 0% nice 87% idle CPU1 states: 6% user 5% system 0% nice 89% idle Memory states: 80% used Average network usage: 51699 kbps in 1 minute, 44025 kbps in 10 minutes, 40617 kbps in 30 minutes Average sessions: 8877 sessions in 1 minute, 9005 sessions in 10 minutes, 8666 sessions in 30 minutes Average session setup rate: 92 sessions per second in last 1 minute, 77 sessions per second in last 10 minutes, 72 sessions per second in last 30 minutes

---

James_G · ‎04-07-2017

I have 300d's - but if I was to purchase today I would purchase 200e's. The performance is near the same - see matrix below - but 200e is not limited on number of interfaces in the same way as the 300d is (that's caused me to have to use vlan interfaces.) https://www.fortinet.com/...net_Product_Matrix.pdf And they are cheaper - what's not to like :)

emnoc · ‎04-07-2017

I have to go with romanr logic. Measuring just cpu power does not give a complete picture imho.

Yes the 200E is newer, has CP9 more thru-put than a 300D

Also take into consideration it's new, what forties you can run, etc......

Ken

PCNSE

NSE

StrongSwan

hardware version and CPU and RAM for 300D, 400D and 500D

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website