Solved

did i neey to upgrade my fortigate unit

Posted on 2009-05-19
5
735 Views
Last Modified: 2013-11-16
hello
i have allso fortigate 60 unit connect to 100 users the memory is always above 72% ,the cpu is 35%
the browsing is very slow .
i add "last 60 minutes  "  traffic history print  screen.

did i need to upgrade the machine ??
and if the answer is yes , which modle you recommende??
fortigate.jpg
0
Comment
Question by:arielbos
5 Comments
 
LVL 23

Expert Comment

by:Mysidia
ID: 24427890
What type of internet connection do you have?   If that's just a T1, your users may be utilizing beyond the capacity of your link, hence the slowness.

Are you running the latest/best software for the Fortigate?


How many users are utilizing the device, and what is their normal expected internet activity; just browsing, and small e-mail messages, or are you running specialized apps  and/or  servers  accessible over the internet?
0
 

Author Comment

by:arielbos
ID: 24429194
hello
sorry but i dont know what is it "T1" our  technology  is could "ATM Direct "  dwonlaod= 2 M ,
Upload 0.5 M
evey user get band width of 1.5 M. (according to the internet sopplier and speedtest.net)
The Version of the fortugate unit is 3.0 this is the last update for this unit.
all the 100 users utilizing  the device most of them use in the computer for Email and browsing
often some group of student work in a learning websites  .
thier is a web software for the teacher in our school, this software take her data from the internet
The ability of the fortigate unit is utilized in its entirety (Anti Virut , IPS, Web Filtering,...)

i hope this is help you to understend the situaton
thanks for the help.
0
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 50 total points
ID: 24484543
I see from the screenshot you are maxed out on your uploading bandwidth.

This is bad since TCP requires you to send an Aknowledge packet for each packet received and you are unable to send more packets, hence you are unable to reach your download capacity.

I do not believe you need to upgrade your box, but either optimize your internet usage or buy more bandwidth.

If you do not have funding for higher bandwidth, or (correctly) think you need to improve your internet usage, here are my recommendations:

a) Add a Squid Proxy. it can run on an inexpensive linux box, and will help to avoid downloading the same pages again and again. this way only new traffic will be using your link. Bonus is you will be able to see WHO is using the bandwidth and WHERE. fortinet supports the proxy protocol so you can do this.

b) traffic shaping. you need to privilege HTTP traffic over SMTP, since for emails to arrive three seconds later means no problem, while taking three more seconds on a simple web page makes your users angry.

here are some links I found on google for traffic shaping on fortinet:
http://docs.forticare.com/fgt/archives/3.0/techdocs/FortiGate_Traffic_Shaping_Tech_Note_01-30006-0304-20080407.pdf
http://kc.forticare.com/default.asp?id=1682&Lang=1

hope this help

http://kc.forticare.com/default.asp?id=1682&Lang=1
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question