Base backplane gigabit communication | FortiGate-5001FA2-LENC security system |
•Firewall, intrusion protection (IPS), and antivirus, when there is a reasonable percentage of P2P packets.
•Firewall and IPSec VPN applications.
The following traffic scenarios should be handled by the normal (or non- accelerated) FortiGate-5001FA2-LENC interfaces:
•Session oriented traffic when the session lifetime is very short.
•Firewall and antivirus only applications.
Traffic will not be off-loaded to the FortiGate-5001FA2-LENC accelerator module. The result will be high CPU usage because of the high CPU requirement for antivirus scanning.
FA2 interfaces and active-active HA performance
FortiOS v3.0 MR4 firmware can also use FA2 acceleration to improve active-active HA load balancing performance. See the FortiGate HA Overview or the FortiGate HA Guide for more information.
Base backplane gigabit communication
The FortiGate-5001FA2-LENC port9 and port10 base backplane gigabit interfaces can be used for HA heartbeat communication between FortiGate-5001FA2-LENC boards installed in the same or in different FortiGate-5000 chassis. You can also configure FortiGate-5001FA2-LENC boards to use the base backplane interfaces for data communication between FortiGate boards. To support base backplane communications your FortiGate-5140 or 5050 chassis must include one or more FortiSwitch-5003 boards. FortiSwitch-5003 boards are installed in chassis slots 1 and 2. The FortiGate-5020 chassis supports base backplane communication with no additions or changes to the chassis.
For information about base backplane communication in FortiGate-5140 and FortiGate-5050 chassis, see the FortiGate-5000 Base Backplane Communication Guide. For information about the FortiSwitch-5003 board, see the FortiSwitch-5003 Guide.
| FortiGate-5000 Series Introduction |
48 | 01-30000-83466-20090108 |