: For high-throughput requirements, ensure the chosen VM size supports Accelerated Networking (SR-IOV) to reduce CPU overhead for networking tasks. Recommended Azure Instance Types
Always choose an Azure VM size that supports Accelerated Networking.
The most flexible option. You are charged based on the Azure instance size, and the license scales automatically as you resize the VM. Bring Your Own License (BYOL):
If your chosen Azure VM size supports only two NICs, you cannot deploy a standard multi-NIC security architecture. Compute Architecture: Standard vs. Compute-Optimized fortigate vm sizing azure
To get the performance you sized for, you must enable specific features:
High throughput, IPS, and SSL inspection. Often the best price-to-performance ratio for firewalls. Standard_F4s_v2 , Standard_F8s_v2 (General Purpose)
: Fortinet recommends at least 4 GB of RAM for proper operation, especially if you enable Unified Threat Management (UTM), ZTNA, or proxy features. : For high-throughput requirements, ensure the chosen VM
The balances compute resources and memory. It is highly resilient and serves as an excellent all-rounder for mid-tier enterprise architectures.
FortiOS assigns processing worker threads to available virtual CPUs. More vCPUs translate directly to higher parallel processing capabilities for heavy security tasks like Deep Packet Inspection (DPI) and Antivirus scanning.
Some deployments may require more than the default two network interfaces (external and internal) created by the Azure Marketplace template. You are charged based on the Azure instance
This guide covers the technical architecture, sizing metrics, Azure VM series selection, and best practices for sizing your FortiGate NGFW (Next-Generation Firewall) deployment in Azure. 1. Understanding FortiGate VM Architecture in Azure
High memory availability, strong network bandwidth allocations. Sizing Examples: Standard_D4s_v5 (4 vCPUs, 16 GB RAM) Standard_D8s_v5 (8 vCPUs, 32 GB RAM)