Fortigate Vm Sizing Azure !!top!! 【Complete · 2025】

The Ultimate Guide to FortiGate VM Sizing in Microsoft Azure

Option C: Autoscaling (PAYG only)

  • Fortinet’s Azure autoscaling solution deploys a scale set behind an Azure Load Balancer. Each instance handles a portion of traffic.
  • Sizing rule: Each instance must handle 50% of the normalized load to survive a single instance failure. For 3 nodes, each sized for 50% of peak.

5.3 Availability Set / Zone Redundancy

  • Sizing must account for active-passive or active-active cluster. In active-active, each unit handles ~50% traffic → each can be smaller.

Part 9: Cost Optimization Strategies

Sizing isn’t just about performance – it’s about spend. Here’s how to save money without breaking throughput.

| Strategy | Impact | Implementation | |----------|--------|----------------| | Reserved Instances (RI) | Save 40-60% | Purchase 1-year RI for BYOL FortiGate VM after 30 days stable usage | | Right-size at night | Save 50% | Use Azure Automation to scale down FG-VM08 → FG-VM02 from 2 AM to 6 AM (if traffic allows) | | Use AMD-based instances | Save 20% | Dasv4 series same vCPU count as Dv3 but 20% cheaper – good for non-VPN workloads | | Offload SSL inspection | Save vCPUs | Use Azure Application Gateway for public SSL termination, then send plain HTTP to FortiGate | | Enable Flow-based inspection | Save 30% CPU | Use set policy-mode flow instead of proxy-mode (default in new FortiOS 7.4+) | fortigate vm sizing azure

A. Entry Level (Small Branch / Test / Dev)

  • Target Throughput: < 1 Gbps
  • License: VM01 / VM02
  • Recommended Azure Sizes:
    • Standard_D2s_v3 (2 vCPU, 8GB RAM) – Standard for VM01.
    • Standard_D2s_v4 / v5Newer generations, slightly better network burst.

Executive Summary: The "Useful" Review

Verdict: FortiGate-VM is the industry standard for Azure network security, but sizing is significantly more complex than on-premises hardware. Unlike a physical appliance where hardware is fixed, Azure requires you to balance Compute Power (vCPU/RAM) against Network Throughput limits imposed by Azure, not Fortinet. The Ultimate Guide to FortiGate VM Sizing in

The Golden Rule: In Azure, you are rarely limited by the FortiGate software capacity; you are almost always limited by the Azure Virtual Machine tier bandwidth caps. Fortinet’s Azure autoscaling solution deploys a scale set