- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Lab suggestions - 600E in production
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Lab suggestions - 600E in production
We recently put two 600E's into production and want to get something in the lab for prototyping work. Would two 60F's do the job? Obviously performance wise and interface wise there will be a difference but feature wise would the 60F work?
Thanks,
Scooby
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have a look to see if any feature you need is missing on 60e (sorry, can't see same doc for 60f)
https://docs.fortinet.com...sfeatureplatformmatrix
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why not use VMs? Easier to upgrade, snapshot, maintain than a physical box that needs to be replaced every three or four years. Looks like price for VM0 is just a bit more per unit than 60F. That is surprising. Not sure how much memory the 60F has in it. If you buy something that is too lean (physical or VM), you won't be able to test the same level of features in your 600Ds due to RAM limitations. I'd ask your rep what they suggest. I still think VMs are the way to go because if you are using VMWare it is very easy to setup a vSwitch and a few FortiVMs that you can test with in isolation. Being able to snapshot before loading new firmware is great for rollbacks if you run into problems. Same should be true for Hyper-V.
http://www.avfirewalls.com/Fortigate-Virtual-Appliances.asp
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Generally, there are only a few features missing on the 'desktop' FGTs (FGT 30-90).
1- I think LACP is available only on FG-100's on upwards. (wait, LACP will be available on a 60F with a recent FOS 6.x - check on the forums)
2- Some higher-up FGTs have an internal switch (ISF) which distributes traffic between the ports and the ASICs (a.k.a. SPs, security processors). This can have a marked influence on throughput if you expect high loads which need to be offloaded. In short, a desktop model cannot simulate a missing internal switch fabric, which in turn leaves you without proper prediction of the behavior of special configurations.
All small models are based on a SoC3 or SoC4 where the ASICs (NP and CP) are integrated with a RISC CPU on a single die. IMHO not having a 'real' CPU has less impact than not having a switch hardware. But, YMMV.
As you already take into account that smaller boxes feature less memory and CPU power you might get away with a, like, 200E. Real CPU, decent memory size, but still no hardware switch. A 300E will have all of that.
If a FGT-VM is 'similar' enough for your demands is hard to tell. It's quite a challenge to run a VM with 20 Gbps throughput whereas a 60F will just allow to do that. Again, feature-wise there are not many differences between HW and VM but only you can tell if these are important.
Ede
"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Related Posts
- Inter-VLAN routing issues - FortiGate 14554 Views
- Migrate FortiGate 600C to 600E 1211 Views
- using two different fortigate products together 1365 Views
- Firmware upgrade of central and remote... 1852 Views
- Latest safe FortiOS version with basic... 1197 Views
Labels
-
FortiGate
6,481 -
FortiClient
1,292 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
412 -
5.6
362 -
FortiSwitch
331 -
FortiAP
330 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
149 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
86 -
FortiCloud Products
82 -
FortiToken
69 -
IPsec
69 -
Customer Service
69 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
57 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
SD-WAN
24 -
FortiConnect
23 -
FortiWAN
22 -
Firewall policy
22 -
High Availability
21 -
FortiConverter
21 -
VLAN
18 -
FortiPortal
17 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
BGP
11 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
FortiAuthenticator
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
SSID
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSL SSH inspection
5 -
Security profile
5 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiDB
3 -
Port policy
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
TACACS
1 -
4.0MR1
1 -
NAC policy
1 -
SDN connector
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
FortiPAM
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
FortiManager-VM
1 -
Zone
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
Explicit proxy
1 -
System settings
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.