Hot!the hardware behind 300E?

New Member
  • Total Posts : 14
  • Scores: 0
  • Reward points: 0
  • Joined: 2010/06/29 07:47:56
  • Status: offline
2017/06/26 10:52:25 (permalink)

the hardware behind 300E?

we´re evaluating the exchange of a 200D (first hardware genration, 2 GB of RAM)
We´re on conserve mode most of the day so we´ve decided to not reduce the security, but offer a good service
Maybe the new revision of 200D (4 GB of RAM) could be used, but we´re evaluation as alternatives:
200E, 500D or, the newly 300E.
But we we have prices of 300E, but fortinet web site have no information on specifications for 300E
we have 1000 devices, 5 IPSec VPNs, two-node CLuster HA/A-A, SSL inspection, webfilter, AV, IPS (client protect default)
Mosf of the day, our 200D operates in 75-90% of RAM and 65-85% of CPU
Which are good alternatives ? 200E? 300E? 500D? (resonable price, of course, cost and benefit)

5 Replies Related Threads

    Silver Member
    • Total Posts : 88
    • Scores: 18
    • Reward points: 0
    • Joined: 2014/05/01 18:22:38
    • Status: offline
    Re: the hardware behind 300E? 2017/11/29 06:00:09 (permalink)
    How many users are behind that 200D? The 200D is quite good. 
    Also what firmware version are you running? Some older firmware seem to use much more ram than current revisions. 
    Try upgrading to whatever is current for the branch you are in. 5.2.x or 5.4.x. Possibly try 5.6... but I'd stay with 5.4 for now.
    Also limiting the session TTL and DNS cache will really reduce the ram usage by not keeping "old" TCP connections open for so long. It has to remember all of these in ram. The only drawback I had when lowering the TTL is on our site-to-site VPN's where clients use telnet. The telnet session will timeout after the TTL and will disconnect. Almost all other kinds of web traffic will simply re-open the connection if needed. 
    If you need to fix the issue like I had with site-to-site and telnet. Don't set the "global" TTL as in the below example. Look up how to set per interface ttl. 
    • change the default session TTL:    config system session-ttl
              set default 300
    • change the fortiguard TTL:    config system fortiguard
              set webfilter-cache-ttl 500
              set antispam-cache-ttl 500
    • change DNS cache:    config system dns
              set dns-cache-limit 300

    300E x3, 200D, 140D, 94D, 90D x2, 80D, 40C, handful of 60E's.. starting to loose track.
    Over 100 WiFi AP's and growing.
    FAC-VM 2 node cluster
    Friends don't let friends FWF!
    New Member
    • Total Posts : 1
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/11/12 05:39:36
    • Status: offline
    Re: the hardware behind 300E? 2019/11/12 05:43:43 (permalink)
    I don't get it why Fortinet does not have this kind of information in their product's datasheet. It would be very easy. Some clients need to have a written proof of the hardware performance from the vendor...they need to see the RAM,CPU and flash. It would be very useful such a document in the future...
    Gold Member
    • Total Posts : 265
    • Scores: 14
    • Reward points: 0
    • Joined: 2010/02/18 04:27:05
    • Location: Austria
    • Status: offline
    Re: the hardware behind 300E? 2019/11/21 10:12:12 (permalink)
    ARMv7 Processor
    3GB RAM
    2xIntel Celeron G1820
    4GB RAM
    4xIntel(R) Core(TM) i5-6500 CPU @ 3.20GHz
    8GB RAM
    The biggest point of evaluation is your internet bandwidth, or the bandwidth you want to scan.
    Gold Member
    • Total Posts : 234
    • Scores: 9
    • Reward points: 0
    • Joined: 2016/02/28 02:55:47
    • Status: online
    Re: the hardware behind 300E? 2019/11/21 14:03:46 (permalink)
    The 100f is 4gb and 8 core arm, it's got some grunt, more than the 200d for sure
    Gold Member
    • Total Posts : 211
    • Scores: 10
    • Reward points: 0
    • Joined: 2014/07/30 11:15:18
    • Status: offline
    Re: the hardware behind 300E? 2019/11/29 00:54:24 (permalink)
    replacing a 200D now isnt weird but still i would contact support or your partner to determine if that CPU and memory usage makes sense compared to the amount of traffic you send through it. in principle if you remain within the specs you shouldnt have such issues.
    Jump to:
    © 2020 APG vNext Commercial Version 5.5