Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
YADM
New Contributor

Created on ‎09-04-2023 05:29 AM Edited on ‎09-04-2023 05:56 AM

Direct connect servers to FG

Hello

 

I have a small network. 2 dell hosts with 500gb ram each, one disk shelf connected in DAC 25gb/s mode to the servers. Servers connected 2x10Gb/s. Max 20 VMs
1x FG 100F 3-4x NAS each 1GB/s and about 80 users per LAN. 2-3 VLANS.

Currently, servers and all other network devices, as well as other switches in the company, are connected to two main switches (HA), which are further connected to the FG.
Soon I have to replace the above-mentioned main switches and I wonder if with such a small network and number of devices, I could connect most of the critical devices, e.g. servers and NAS directly to FG. Buy one instead of 2 switches.


What could be the disadvantages of such a solution, not counting a single point of failure, which is present in the current situation anyway. (I have insurance for FG and SLA unavailability time which I am able to accept)
Won't the FG be too heavy in such an environment?

My current switches are Dell 5548.

FG 100F has more then 12x 1GB and few 10GB ports...

Labels:
874
0 Kudos
1 REPLY 1
spoojary
Staff
Staff

Created on ‎09-04-2023 11:26 AM

Advantages:

  1. Simplified Network: Fewer devices make network management easier.

  2. Visibility and Control: Better control and security monitoring.

  3. Cost Savings: Fewer switches can save money.

Disadvantages:

  1. Single Point of Failure: A failure in the FG can disrupt all connected devices.

  2. Performance Impact: FG may become a bottleneck with heavy traffic.

  3. Complexity: Increased configuration complexity.

  4. Security Risk: Single firewall for all devices increases risk.

  5. Performance Isolation: Devices' performance may not be fully isolated.

Recommendations:

  1. Consider Redundancy: Plan for redundancy, possibly with a secondary FG.

  2. Evaluate FG Performance: Ensure FG can handle traffic without issues.

  3. Segmentation: Use VLANs for traffic isolation and security.

  4. Regular Backups: Back up FG configurations regularly.

  5. Monitoring and Alerting: Implement robust monitoring.

  6. Consult Professionals: Seek expert advice for network design.

Siddhanth Poojary
842
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.