Properly sizing your FortiGate VM in Azure is crucial to ensure optimal performance, security, and cost-effectiveness. By considering factors such as network traffic volume, network speed, security features, concurrent connections, and throughput requirements, you can choose the right Azure VM size for your FortiGate deployment. Follow the guidelines and best practices outlined in this article to ensure a successful FortiGate VM deployment in Azure.
Good "General Purpose" choice if you need more RAM for heavy logging or large numbers of concurrent SSL-VPN users. Avoid B-Series: fortigate vm sizing azure
High latency during log browsing, occasional firewall reboots. Root cause: FortiGate's logging daemon (logfiled) uses synchronous writes. Premium SSDs (even P30) have inconsistent latency. Fix: Use Ultra SSD (with 5,000+ IOPS) or offload logs to FortiAnalyzer or Azure Log Analytics. Properly sizing your FortiGate VM in Azure is
If you deploy a 4-vCPU Azure instance but only have a 2-vCPU license, FortiOS will only "see" and use 2 cores, leaving you paying Azure for hardware you can't use. 2. Choose the Right Azure VM Family Good "General Purpose" choice if you need more
Internet traffic + Site-to-site VPN + ExpressRoute inspection
: Actual performance depends on Azure host load, packet size, and feature mix. Always validate with your own traffic pattern.