Fortigate Vm Sizing Azure

If you need only 2 vCPUs of FortiGate capacity, choose an Azure VM with 2 vCPUs. Avoid choosing a 8 vCPU VM just to get more NICs or more network bandwidth—in many cases, you can find a smaller VM that still meets your NIC and throughput requirements at a lower cost.

: A minimum of 32 GB to 40 GB is required for the operating system and configuration, though additional space may be needed for extensive logging. Selecting Azure Instance Types fortigate vm sizing azure

Before selecting an Azure virtual machine family, consider these performance factors: If you need only 2 vCPUs of FortiGate

When running an Active-Passive FortiGate cluster using the FortiOS native FGCP (FortiGate Clustering Protocol) or Azure Load Balancers (ALBs), the secondary firewall sits idle or handles sync traffic. Selecting Azure Instance Types Before selecting an Azure

| | Bandwidth | License SKU | |---|---|---| | 2 | 1 Gbps | FG-VM02 | | 4 | 2 Gbps | FG-VM04 | | 10 | 5 Gbps | FG-VM08 | | 20 | 10 Gbps | FG-VM16 | | 30 | 15 Gbps | FG-VM16 (3 instances) | | 40 | 20 Gbps | FG-VM16 (4 instances) | | 60 | 30 Gbps | FG-VM16 (5 instances) |

: Double the VM resources (two VMs active). For A/A, you also need more throughput per VM.

High CPU impact. Full deep packet inspection (DPI) requires the FortiGate to act as a transparent proxy, decrypting TLS traffic, scanning the payload, and re-encrypting it. This reduces nominal throughput by 60% to 80% compared to basic routing. Azure Network Throttling