Fortigate Vm Sizing Azure 〈1080p 2027〉

In Azure Marketplace, FortiGate-VM offers different throughput tiers based on license. The license determines the licensed throughput (e.g., 1 Gbps, 2 Gbps, 5 Gbps). The VM size must support that throughput.

| License SKU (Example) | Max Licensed Throughput | Recommended Azure VM Size | |----------------------|------------------------|----------------------------| | FG-VM01 (PayG/BYOL) | 1 Gbps | D2s v3, D2ds v4, B2s | | FG-VM02 | 2 Gbps | D4s v3, D4ds v4 | | FG-VM04 | 4 Gbps | D8s v3, D8ds v4 | | FG-VM08 | 8 Gbps | D16s v3, D16ds v4 | | FG-VM16 | 16 Gbps | D32s v3, D32ds v4 | | FG-VM32 (rare) | 32 Gbps | D64s v3 |

Important: Pay-as-you-go (PAYG) licenses are tied to VM size changes—resizing may break licensing. BYOL (Bring Your Own License) is more flexible. fortigate vm sizing azure

Sizing a FortiGate Virtual Machine (FGT-VM) in Azure requires a different methodology than sizing physical appliances. While physical firewalls are sized by hardware specs (CPU/RAM chips), virtual firewalls are sized by Throughput capacity and vCPU limits imposed by licensing.

In Azure, the performance of the FortiGate is bound by three factors: Important : Pay-as-you-go (PAYG) licenses are tied to

Fortinet licensing is strictly tied to vCPU count. This creates a "Tax" on oversizing.

| Family | Example Size | vCPUs | Memory | Best For | | :--- | :--- | :--- | :--- | :--- | | D-Series v5 (Dsv5) | Standard_D2s_v5 | 2 | 8 GB | General purpose – ideal for most. High CPU perf, fair price. | | D-Series v4 (Dsv4) | Standard_D4s_v4 | 4 | 16 GB | Mature, widely available, good for mid-range. | | F-Series (Fsv2) | Standard_F4s_v2 | 4 | 8 GB | CPU-optimized – excellent for IPsec VPN termination. | | E-Series (Esv5) | Standard_E4s_v5 | 4 | 32 GB | Memory-heavy – only needed for huge session tables (>2M). | | B-Series (Burstable) | Standard_B2s | 2 | 4 GB | NOT recommended for production – CPU credits run out quickly. | Sizing a FortiGate Virtual Machine (FGT-VM) in Azure

Avoid: Any -as v4 sizes (they have less network acceleration) and older A-series VMs.