White Paper: FortiGate-VM Sizing and Performance in Microsoft Azure Executive Summary
A specific issue can cause a FortiGate Azure VM to enter "conserve mode," a protective state where non-essential services are stopped. This is often due to a memory leak in the azd daemon, which handles health checks for Azure Network Virtual Appliance (NVA) integration.
Requires signature matching, increasing CPU load. fortigate vm sizing azure
When running an Active-Passive FortiGate cluster using the FortiOS native FGCP (FortiGate Clustering Protocol) or Azure Load Balancers (ALBs), the secondary firewall sits idle or handles sync traffic.
Let’s walk through three actual customer examples. When running an Active-Passive FortiGate cluster using the
Azure offers several VM series optimized for different roles, though some legacy series may no longer appear in the Marketplace:
Sizing a FortiGate-VM on Azure requires balancing three interrelated dimensions: , NIC count needs , and licensed vCPU capacity . The most successful deployments start with a clear understanding of peak traffic expectations and architect for headroom. In the cloud, the ability to resize and adjust means initial sizing doesn't have to be perfect—but informed decisions upfront prevent costly re-architecting later. Use the checklist provided, consult Fortinet's official documentation for the latest supported instance types, and always validate your chosen VM size against your specific feature set and security policy requirements. The most successful deployments start with a clear
FortiGate VM Sizing in Azure: A Comprehensive Engineering Guide
Azure offers several VM families, but not all are suited for high-performance security inspection.