Fortigate Vm Sizing Azure | Trusted Source |

With the right-sizing approach, your FortiGate-VM will provide robust, cost-effective security that grows with your Azure infrastructure.

Enabling Threat Protection (IPS, Anti-virus, Application Control, Content Filtering) significantly reduces throughput compared to simple firewalling.

FortiGate-VM licensing works differently on Azure compared to private hypervisors. In public clouds like Azure, . Any RAM size is allowed. For example, you could activate a FG-VM02 (2 vCPU) license on an Azure VM with 8 vCPUs and 64 GB of RAM. The FortiGate would actively use only 2 of those vCPUs to process traffic, leaving the remaining 6 vCPUs unused. However, you pay for the full 8 vCPU Azure VM, even though you're only licensed for 2.

When sizing your instance, performance is determined by more than just raw CPU count. You must consider: fortigate vm sizing azure

At least 4 GB of RAM is recommended for stable operation, especially if you enable features like Unified Threat Management (UTM), Zero Trust Network Access (ZTNA), or Proxy.

If you tell me the you plan to use and what specific security profiles you intend to turn on (e.g., SSL inspection, IPS), I can help you select the most cost-effective Azure VM family . Technical Tip: Resizing an Azure FortiGate VM instance

Deploying FortiGate Virtual Machines (VMs) in Microsoft Azure provides robust, next-generation firewall security for cloud infrastructure. However, choosing the right size is crucial—undersizing leads to performance bottlenecks, while oversizing leads to unnecessary costs. In public clouds like Azure,

Fortinet recommends specific Azure VM series that provide the best balance of compute and high-speed networking. 1. F-Series (Compute Optimized) The series is the "gold standard" for FortiGate VMs.

Azure FortiGate-VM sizing is primarily driven by three factors:

| Scale Units | Aggregate Bandwidth | Suggested License SKU | Notes | | :--- | :--- | :--- | :--- | | 2 | 1 Gbps | FG-VM02 | Two instances of this SKU for HA. | | 4 | 2 Gbps | FG-VM04 | Two instances of this SKU for HA. | | 10 | 5 Gbps | FG-VM08 | Two instances of this SKU for HA. | | 20 | 10 Gbps | FG-VM16 | Two instances of this SKU for HA. | | 40 | 20 Gbps | FG-VM16 | Three instances of this SKU for HA. | | 60 | 30 Gbps | FG-VM16 | Four instances of this SKU for HA. | | 80 | 40 Gbps | FG-VM16 | Five instances of this SKU for HA. | The FortiGate would actively use only 2 of

| VM Size | Max Network Bandwidth (Gbps) | FortiGate Realistic Inspection Throughput | |---------|------------------------------|--------------------------------------------| | D2s v3 | ~1.5 Gbps | ~0.8 Gbps (with basic firewall) | | D4s v3 | ~3.0 Gbps | ~1.5-2 Gbps (with IPS) | | D8s v3 | ~6.0 Gbps | ~3 Gbps (with SSL inspection) | | D16s v3 | ~12.0 Gbps | ~5-6 Gbps (mixed traffic) |

Active/Passive HA deployments, medium-scale IPsec VPN aggregation, and Next-Generation Security (IPS, App Control) for standard web applications. Large Enterprise / Datacenter Hubs (8 vCPUs)