Više od 20 godina sa Vama!

Fortigate Vm Sizing Azure !full! (2027)

To ensure stable performance, especially with high-demand features like or Proxy , a minimum of 4 GB RAM is strongly recommended . FortiGate Model vCPU Limit Recommended Azure Instance Key Performance (Firewall/NGFW) FG-VM01 Standard_F1 / D1 ~12 Gbps / 250 Mbps FG-VM02 Standard_F2 / D2s_v5 ~15 Gbps / 550 Mbps FG-VM04 Standard_F4 / D4s_v5 ~28 Gbps / 1.3 Gbps FG-VM08 Standard_F8 / D8s_v5 ~33 Gbps / 2.2 Gbps Recommended Azure Instance Families

Follow this process before clicking “Deploy”:

Example : is a popular choice for FG-VM04 due to its high CPU-to-NIC ratio .

| Feature | BYOL | PAYG | | :--- | :--- | :--- | | | You purchase a perpetual or annual license from a Fortinet partner. | The license is included in the hourly cost of running the VM. | | VDOM Support | Supported (critical for virtual domains/multi-tenancy). | Not supported (billed as a single entity). | | Activation | Requires manual license file upload after deployment. | Activated immediately upon VM creation. | | Cost | Typically lower for stable, 24/7 workloads. | Better for burstable, unpredictable, or short-term workloads. | | Flexibility | Licenses are tied to a specific vCPU count. Resizing requires a new license. | VM size can be adjusted; the PAYG license is tied to the compute instance. |

Run diag hardware sys console log read to check if the system has triggered conserve mode alerts due to memory exhaustion. fortigate vm sizing azure

This 3,000+ word guide will walk you through the anatomy of FortiGate VM sizing in Azure, covering SKU selection, throughput calculations, licensing models, high availability (HA) implications, and real-world deployment patterns.

Fortinet provides capabilities for Azure, allowing you to deploy FortiGate-VMs as part of a scale set. New instances are created or existing instances are removed based on predefined policies such as CPU utilization or network throughput exceeding a threshold (e.g., 70%). This approach is ideal for fluctuating traffic patterns.

Note: Throughput figures are architectural estimates. Actual performance varies significantly based on packet sizes (IMIX vs. Jumbo frames) and the exact compilation of security profiles. 4. Architectural Constraints in Azure That Impact Sizing

Without it, you lose SR-IOV, and throughput drops by >70%. | The license is included in the hourly

For optimal performance, choose Azure instances that support , which drastically improves throughput and reduces latency.

FortiGate on Azure supports various VM families, each with a , which can be a critical factor.

To properly size your FortiGate-VM, you need to understand the key performance numbers provided in the official FortiGate VM datasheet:

Absolute numbers are difficult to provide because real-world performance heavily depends on the specific (e.g., simple allow rules vs. deep SSL inspection). Therefore, the most practical approach is a tiered sizing strategy , moving from lower to higher performance. | | Activation | Requires manual license file

FortiGate-VM on Azure is available in two primary licensing models:

: The azd process consumes extremely high memory (>50% of total RAM).

: Double the VM resources (two VMs active). For A/A, you also need more throughput per VM.

Match your Fortinet core count license perfectly to the Azure instance vCPU count.