We currently use FortiGate 60c and finding it is struggling at times. We have a office of ~30 employees that are online in different Provider portals throughout the day.
Any thoughts on a way to determine which FortiGate to upgrade to? The nature of our business requires us to be fairly security conscious, so we would be using the full potential of the security profiles on the unit.
Jody- once you make a final decision, it would be great if you would update us all about which you chose and why.
Thanks for further input folks. Asad, good thought on VPN. We do occasionally have remote staff working from home. This may be something that is happening more often, But I wouldn't foresee more than 2 or 3 concurrent connections of this type. And they would all be within same city. Rarely we will have a staff out of town for business, but these are very limited, and usually only for a couple days. I think both the 100D and 200D are going to be valid choices. I will dig into the specs a little deeper and see if there is a point to run with the 200 over the 100.
Good Day!!
Sorry for delay. Actually it depends on your throughput requirement mainly
& type of network. Also you have to consider site-to-site vpn tunnels, vpn
client tunnels and sslvpn tunnels etc.
If your network is medium type and remote users are within 300 range for
simultaneous connectectivity to office network, then you can go for
Fortigate 100D. or if it is more than this, i.e. round about 500 then you
can go for Fortigate 200D.
Security is for sure in Fortigate all models if your fortiguard services
are active and your fortigate is registered.
For your requirements and selection please visit the following links to
make your choice.
*Fortigate 100D: *
www.fortinet.com
*Fortigate 200D:*
www.fortinet.com
Thanks & Regards,
Asad Khan
N/W Support Engineer
We have sold and supported Fortigates for 5 years and while the 60 and 80 series are impressive, we never recommend less than the 100D for enterprises. One reason is models less than 100 don't have the dedicated ASIC's.
Thanks folks, By monitoring CPU and memory usage on the 60C I see the IPS engine frequently spike up into high percentages. My thoughts are leading to assume the IPS throughput on that unit is just not enough to handle our office. There are days of the week were all staff are in the office and a good portion of them are accessing portals for other institutions, moving files etc etc. Kavin, I appreciate your offer, but not comfortable with that. I have been in contact with Fortinet support already. We are also upgrading servers at same time and moving to a rack mount system. So being rack mountable isn't a bad thing. Although Desktop form factor isn't a deal breaker either. I will take all your considerations to mind. And any other input is always appreciated!
Hi Boley,
92D is a good model too which is worth of consideration.
Kevin, they are not asking for customer support for you to trouble shoot.
The 200D might be a little overkill for only 30 users. An 80C would probably suit your needs especially if you don't have all 30 users on at the same time. That box provides IPS, AV, web filtering subscriptions, and VPN capabilities.
www.fortinet.com
krishnaraj Raveendran Nair, agreed this would be a good model for the listed requirements. However if the desktop form factor was a requirement, I'd recommend considering FG-92D.
www.fortinet.com
This model still has IPS throughput approximately 7 more than a 60C.
For 30 employees your box is more than enough. No need to upgrade the
Unit. If you are facing trouble, give me a remote session and I can try to solve your problem.
Hello,
As per my understanding fortigate 200D will be a good choice for the above requirement.
You can use all the security features a FG can offer and the 30 existing users will have enough throughput to play with. Since it has IPS throughput of 1.7 Gbps, the performance would be good. Also for furture enhancement the same can be used.
www.fortinet.com