Very hard to make recommendations and size it correctly as most requirements are today to specify in detail how to guarantee 5Gbps / 10 Gbps current recommendations with SSL Inspection and exact nature of traffic tested.
Also one would like to see the difference between IPS Engine and Proxy Engine.How to approach it, without doing a POC?
Hi Patrick, I empathize with your dilemma. However, what the datasheets reflects is an "average" traffic pattern for an Enterprise customer and a related suggestion to the amount of throughput each of FortiGates is able to protect.
There are things like new sessions per second, concurrent sessions, packet size, application type, IPS policy etc.. that can have an affect on overall throughput numbers. However, we've found that the average Enterprise customer can expect performance numbers in line with the datasheet numbers. It's also why we recommend doing some type of sizing exercise or POC to get very specific.
IMO, the easy approach is to add 15-20% to the desired maximum bandwidth and it will be fine is a majority of situations.
Hope this helps,
Products Solutions Support Partners Threat Research Contact Us