Fortigate Vm Sizing Azure ((full)) May 2026

Deep Inspection

Sizing a FortiGate VM in Azure for (SSL/TLS decryption) is CPU-intensive and requires careful alignment between Azure instance capabilities and Fortinet licensing. For reliable performance with deep inspection enabled, a minimum of 4 GB RAM is recommended. Core Sizing Considerations

FortiGate is a popular network security appliance that provides advanced threat protection, firewall, and VPN capabilities. In Azure, FortiGate can be deployed as a virtual machine (VM) to secure your cloud infrastructure. However, sizing the FortiGate VM correctly is crucial to ensure optimal performance, security, and cost-effectiveness. In this article, we will guide you through the process of sizing a FortiGate VM in Azure. fortigate vm sizing azure

| Use Case | Recommended VM Size (BYOL) | License | Expected Throughput | |----------|----------------------------|---------|----------------------| | Small branch / Dev test | D2sv5 (2 vCPU, 8 GB) | PAYG | 300–500 Mbps | | Medium enterprise hub | D4sv5 (4 vCPU, 16 GB) | BYOL | 1–1.5 Gbps | | IPS + SSL inspection (1 Gbps) | E8sv5 (8 vCPU, 64 GB) | BYOL | 800 Mbps – 1.2 Gbps | | VPN concentrator (500 users) | F8sv2 (8 vCPU, 16 GB) | BYOL | 1.5 Gbps IPSec | | Large perimeter (>2 Gbps) | E16sv5 (16 vCPU, 128 GB) | BYOL | 4–6 Gbps | Deep Inspection Sizing a FortiGate VM in Azure

  1. The Azure VM Instance Type: Determines raw CPU power and network bandwidth limits.
  2. The Fortinet License Tier: Artificially caps throughput based on the entitlement purchased.
  3. The Workload Profile: Inspection requirements (SSL VPN, IPS, Application Control).
  • Extra Large: For extremely large networks with very high traffic volume (> 2000 Mbps) and comprehensive security features.

    Option A: Active-Passive with Azure Load Balancer