Fortinet FortiGate-5000 Base backplane gigabit communication, FortiGate-5005-DIST security system

Page 44

Base backplane gigabit communication

FortiGate-5005FA2 security system

Firewall and intrusion protection (IPS), when there is a reasonable percentage of P2P packets.

Firewall, intrusion protection (IPS), and antivirus, when there is a reasonable percentage of P2P packets.

Firewall and IPSec VPN applications.

The following traffic scenarios should be handled by the normal (or non- accelerated) FortiGate-5005FA2 interfaces:

Session oriented traffic when the session lifetime is very short.

Firewall and antivirus only applications.

Traffic will not be off-loaded to the FortiGate-5005FA2 accelerator module. The result will be high CPU usage because of the high CPU requirement for antivirus scanning.

FA2 interfaces and active-active HA performance

FortiOS v3.0 MR4 firmware can also use FA2 acceleration to improve active-active HA load balancing performance. See the FortiGate HA Overview or the FortiGate HA Guide for more information.

Base backplane gigabit communication

The FortiGate-5005FA2 base1 and base2 backplane gigabit interfaces can be used for HA heartbeat communication between FortiGate-5005FA2 boards installed in the same or in different FortiGate-5000 chassis. You can also configure FortiGate-5005FA2 boards to use the base backplane interfaces for data communication between FortiGate boards. To support base backplane communications your FortiGate-5140 or FortiGate-5050 chassis must include one or more FortiSwitch-5003 boards. FortiSwitch-5003 boards are installed in chassis slots 1 and 2. The FortiGate-5020 chassis supports base backplane communication with no additions or changes to the chassis.

For information about base backplane communication in FortiGate-5140 and FortiGate-5050 chassis, see the FortiGate-5000 Base Backplane Communication Guide. For information about the FortiSwitch-5003 board, see the FortiSwitch-5003 Guide.

FortiGate-5005-DIST security system

You can install FortiGate-5005FA2 boards as worker boards in a FortiGate-5005-DIST security system. Worker boards apply FortiGate security system functionality such as applying firewall policies, virus scanning, IPS and routing to distributed traffic.

For complete information about the FortiGate-5005-DIST security system and the role of worker boards, see the FortiGate-5005-DIST Security System Administration Guide.

 

FortiGate-5000 Series Introduction

44

01-30000-83466-20090108

Page 43 Page 45
Image 44
Page 43 Page 45
Contents Product updates, technical support, and FortiGuard services FortiGate-5000 SeriesTrademarks Contents FortiGate-5050 chassis FortiGate-5020 chassisFortiGate-5001A security system FortiGate-RTM-XB2 systemFortiSwitch-5003A system FortiSwitch-5003 systemFortiGate-5001SX security system FortiGate-5005-DIST security systemContents FortiGate-5000 Series Introduction Revision History IntroductionRevision history About the FortiGate-5000 series chassis FortiGate-5050-R chassis on FortiGate-5050 chassis onAbout the FortiGate-5000 series boards AboutFortiGate-RTM-XB2 module FortiGate-5001FA2 security systemCommunication between A FortiGate-5050 or FortiGate-5140 chassisFortiGate-5000 Series Introduction Fortinet documentation About Data Center DC powerCustomer service and technical support Register your Fortinet product FortiGate-5140-R chassis FortiGate-5140 chassis front panel SlotFortiGate-5140 chassis back panel Slot numbersPhysical description of the FortiGate-5140 chassis FortiGate-5140 chassis FortiGate-5140 chassis back panel RTN 21 x 19 x 16.8 in .3 x 48.3 x 42.7 cm FortiGate-5050-R chassis Power LED FortiGate-5050 front panelFortiGate-5050 back panel FortiGate-5050 chassis back panelFortiGate-5050 chassis physical description Dimensions Physical description of the FortiGate-5050 chassisFortiGate-5050 chassis FortiGate-5050 chassis Weight Physical description of the FortiGate-5050 chassis FortiGate-5020 chassis FortiGate-5020 front panelFortiGate-5020 physical description Dimensions Power dissipationFortiGate-5020 back panel Physical description of the FortiGate-5020 chassisFortiGate-5001A security system Front panel LEDs and connectors FortiGate-5001A-DW front panelLEDs Lists and describes the FortiGate-5001A LEDsConnectors Lists and describes the FortiGate-5001A connectorsBase backplane communication Fabric backplane communicationAMC modules FortiGate-RTM-XB2FortiGate-ASM-FB4 FortiGate-RTM-XB2 system From the FortiGate-RTM-XB2 font panel includes a power LED FortiGate-RTM-XB2 power LEDState Description Power Front panel LEDFortiGate-5005FA2 security system FortiGate-5005FA2 front panelLists and describes the FortiGate-5005FA2 board LEDs ACTLink StatusLists and describes the FortiGate-5005FA2 connectors Accelerated packet forwarding and policy enforcementFA2 interfaces and active-active HA performance Base backplane gigabit communicationFortiGate-5005-DIST security system FortiGate-5001FA2-LENC security system FortiGate-5001FA2-LENC front panelLists and describes the FortiGate-5001FA2-LENC board LEDs FortiGate-5001FA2-LENC board LEDsPWR STALists and describes the FortiGate-5001FA2-LENC connectors State Description LinkBase backplane gigabit communication FortiGate-5001SX security system FortiGate-5001SX front panelLists and describes the FortiGate-5001SX board LEDs FortiGate-5001SX LEDsLists and describes the FortiGate-5001SX connectors Base backplane gigabit interfacesBase backplane gigabit interfaces FortiSwitch-5003A system FortiSwitch-5003A front panel Lists and describes the FortiSwitch-5003A front panel LEDs MGMT, B1Base channel interfaces SH1CLI Fabric channel interfacesBase 10G Base and fabric gigabit switching within a chassis FortiSwitch-5003A configurationsFront panel connectors Fabric 10-gigabit switching within a chassis FortiSwitch-5003A base channel 1 HA heartbeat communicationLayer-2 link aggregation and redundancy configurations Basic link aggregation configurationFortiSwitch-5003 system ZRE CLKReset About the ZRE network activity LEDsEXT FLT INT FLTBase backplane communications ETH0ZRE0 ZRE1Base backplane communications Base backplane communications Basic FortiGate security system configuration FortiGate-5005-DIST security systemFortiController-5208 I/O boards Example basic FortiGate-5005-DIST security systemFortiGate-5005FA2 worker boards FortiGate-5005-DIST security system chassis FortiGate-5005-DIST interface names WhereFortiGate-5005-DIST interface names FortiController-5208 system Lists and describes the FortiController-5208 board LEDs FortiController-5208 board LEDsPayload Operation DataControl ManagementBackplane gigabit interfaces D15, D16C15, C16 COM1, COM2
Top Page Image Contents