Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

MartTwom
Staff
Staff

Created on ‎09-28-2016 04:58 AM

Sizing FortiGate in Azure

Caveat from product development:

There is no accurate way to test performance in Cloud environments.  There are no tools for such an undertaking, as such our BMRK team doesn't provide any official performance numbers for Azure.  The closest you will find are the Hyper-V numbers, because Azure and Hyper-V share a common hypervisor.

With that caveat in mind, here's what we can say about sizing FortiGate in Azure:

There are three current BYOL FortiGate license options in Azure:

FG-VM02-AZ, FG-VM04-AZ, FG-VM08-AZ

Sizing based on network interface count

Azure limits the number of virtual network interfaces based on the instance type. 

For VM02, we support D2 and D2v2 instance types.  These are the only 2 vCPU instance types that support multiple NICs.  They each support 2 NICs only.
For VM04, we support A3, D3, and D3v2 instance types.  A3 supports only 2 NICsD3 and D3v2 support only 4 NICs
For VM08, we support A4, D4, and D4v2 instance types.  A4 supports only 4 NICsD4 and D4v2 support only 8 NICs

Azure does not provide any instance type which supports more than 8 NICs.  This is subject to change by Microsoft.  A current reference can be found here:

https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-sizes/

Sizing for performance

Keeping in mind the caveat above, here are some numbers from basic iperf tests in active Azure virtual networks.

VM02 expected performance with AV, IPS, and App inspection: 600mbps
VM04 expected performance with AV, IPS, and App inspection: 1.2Gbps.
VM08 expected performance with AV, IPS, and App inspection: 1.3Gbps.  

VM02 expected IPSec performance is 250Mbps
VM04 expected IPSec performance is 350Mbps
VM08 expected IPSec performance is 500Mbps

For more performance numbers and specifications, refer to the Hyper-V image referenced on our virtual FortiGate datasheet:
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/FortiGate_VM.pdf

 

Labels:
254
0 Kudos
1 REPLY 1
fcnsp1027
New Contributor

Created on ‎10-05-2016 12:15 PM

Where did you find this info? VM02 expected performance with AV, IPS, and App inspection: 600mbps
VM04 expected performance with AV, IPS, and App inspection: 1.2Gbps.
VM08 expected performance with AV, IPS, and App inspection: 1.2Gbps (same as VM04).  

I need the same info for VM00 and VM01 please and Linux KVM.

235
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.