Fortigate will cause lots of latency

Asked By 70 points N/A Posted on -
qa-featured

Hi,

 

I am working on a small setting that has few basic security zones, with a Fortigate 60c sitting at the middle acting traffic monitoring agent.

Now I have noticed that even very light load to the Fortigate will cause lots of latency, and when it gets heavily loaded it will be crapping out well below the rated speed. I am assuming that this is because we are running a Dinky box near the bottom of the range in NAT mode with a few IDS features enabled.

Right now, this isn't really a big issue, but looking forward to the next level of platform, I am afraid that this may cause a significant problem. My predictions are pushing us around 5gbs between various security zones with a hard requirement to run IDS/IPS against all of it. In added to that, we will be running our antivirus/application firewalling against ~100mbit of traffic coming in from the internet to our web server.

I was speculating what is the latency sensitive folks, like the High Frequency Traders, are using for their security.

There are a lot available article about the storage, server and switching used in HFT, but I didn't see much about basic firewalling, IDS, IPS and Application Firewalling. I don’t believe that they just skip in the name of lower latency.

Thanks.

SHARE
Best Answer by Hazel R King
Best Answer
Best Answer
Answered By 0 points N/A #139147

Fortigate will cause lots of latency

qa-featured

 

Hello,

 

Please check if Hardware acceleration is activated, since some programs can miss configurations or they do not properly configure security policy’s which can prevent the ASIC from accelerating.

Also, check the traffic processing in NP ASIC

You could use the pathping tool also to determine where the actual latency occurs and why, and iPerf to determine bandwidth allocated to your connection

IT usage should not create latency. 

Answered By 0 points N/A #197894

Fortigate will cause lots of latency

qa-featured

Hi.

Fortigate is one of best firewalls on market. Compact. High power and low latency data center firewall. It`s unique approach offers customers high security combined with Linux kernel and GNU packages. Fortigate if proper configured should not have high latency so check your configuration. If it is proper configured then you should contact Fortinet.

Queen Norman

Related Questions