Solved

did i neey to upgrade my fortigate unit

Posted on 2009-05-19
5
737 Views
Last Modified: 2013-11-16
hello
i have allso fortigate 60 unit connect to 100 users the memory is always above 72% ,the cpu is 35%
the browsing is very slow .
i add "last 60 minutes  "  traffic history print  screen.

did i need to upgrade the machine ??
and if the answer is yes , which modle you recommende??
fortigate.jpg
0
Comment
Question by:arielbos
5 Comments
 
LVL 23

Expert Comment

by:Mysidia
ID: 24427890
What type of internet connection do you have?   If that's just a T1, your users may be utilizing beyond the capacity of your link, hence the slowness.

Are you running the latest/best software for the Fortigate?


How many users are utilizing the device, and what is their normal expected internet activity; just browsing, and small e-mail messages, or are you running specialized apps  and/or  servers  accessible over the internet?
0
 

Author Comment

by:arielbos
ID: 24429194
hello
sorry but i dont know what is it "T1" our  technology  is could "ATM Direct "  dwonlaod= 2 M ,
Upload 0.5 M
evey user get band width of 1.5 M. (according to the internet sopplier and speedtest.net)
The Version of the fortugate unit is 3.0 this is the last update for this unit.
all the 100 users utilizing  the device most of them use in the computer for Email and browsing
often some group of student work in a learning websites  .
thier is a web software for the teacher in our school, this software take her data from the internet
The ability of the fortigate unit is utilized in its entirety (Anti Virut , IPS, Web Filtering,...)

i hope this is help you to understend the situaton
thanks for the help.
0
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 50 total points
ID: 24484543
I see from the screenshot you are maxed out on your uploading bandwidth.

This is bad since TCP requires you to send an Aknowledge packet for each packet received and you are unable to send more packets, hence you are unable to reach your download capacity.

I do not believe you need to upgrade your box, but either optimize your internet usage or buy more bandwidth.

If you do not have funding for higher bandwidth, or (correctly) think you need to improve your internet usage, here are my recommendations:

a) Add a Squid Proxy. it can run on an inexpensive linux box, and will help to avoid downloading the same pages again and again. this way only new traffic will be using your link. Bonus is you will be able to see WHO is using the bandwidth and WHERE. fortinet supports the proxy protocol so you can do this.

b) traffic shaping. you need to privilege HTTP traffic over SMTP, since for emails to arrive three seconds later means no problem, while taking three more seconds on a simple web page makes your users angry.

here are some links I found on google for traffic shaping on fortinet:
http://docs.forticare.com/fgt/archives/3.0/techdocs/FortiGate_Traffic_Shaping_Tech_Note_01-30006-0304-20080407.pdf
http://kc.forticare.com/default.asp?id=1682&Lang=1

hope this help

http://kc.forticare.com/default.asp?id=1682&Lang=1
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question