Fortigate 90D for XG-7100
-
I am thinking about changing my Fortigate 90D equipment for an XG-7100, since currently with 3000 sessions per second and 200,000 concurrent sessions 24 hours a day, the firewall uses 100% of the CPU and its administration is very slow. Ask about the features of Netgate and they tell me they do not have a datasheet like Fortigate ..http://openskytech.com/pdf/FortiGate_FortiWiFi_90D_Series.pdf
Can you say that you have to have the equipment? Better real data is not what the manufacturer says.
Thank you
-
@fjsantos said in Fortigate 90D for XG-7100:
I am thinking about changing my Fortigate 90D equipment for an XG-7100, since currently with 3000 sessions per second and 200,000 concurrent sessions 24 hours a day, the firewall uses 100% of the CPU and its administration is very slow. Ask about the features of Netgate and they tell me they do not have a datasheet like Fortigate ..http://openskytech.com/pdf/FortiGate_FortiWiFi_90D_Series.pdf
Can you say that you have to have the equipment? Better real data is not what the manufacturer says.
Thank you
Real data now.
-
I fine it hard to believe you're establishing 3000 sessions per second and only moving 5Mbps consistently. Anything peculiar about your traffic makeup?
-
Hi Derelict.
There are many cases in which there may be an unusual traffic for so many sessions, one of them, for example mine, server ntp stratum 1.
Regards.
-
! -
Good night friends.
Netgate has not been able to easily provide data on how many sessions per second the XG-7100 can manage without affecting performance.
I have been able to replace a Fortigate 90D with a Fortigate 100D and here are the captures.
As a comment, all this to serve an NTP Stratum 1.
Could someone from the forum working with an XG-7100 performance be opting, with a service exposed to the Internet as a public DNS at the national level, an NTP or similar sercicios where the important thing is the sessions per second and concurrent and not the traffic generated?
Thank you all.
-
@fjsantos said in Fortigate 90D for XG-7100:
200,000 concurrent sessions
The spec page for the 7100 (https://www.netgate.com/solutions/pfsense/xg-7100.html) shows 8 million "Max Active Connections." The PDF you linked shows 2 million "Concurrent Sessions."
I'm not sure if you're questioning pfSense, or the XG-7100, or both. Do you have an old PC you can install a second network card and install pfSense on, and just try it? Picking a random CPU benchmark web site they list these as similar benchmark numbers:
Intel Celeron G1830 @ 2.80GHz
AMD Phenom 9550 Quad-Core
Intel Atom C3558 @ 2.20GHz <-- the 7100
Intel Xeon X5270 @ 3.50GHz
Intel Core i3-2328M @ 2.20GHzNote the 7100 has two SFP+ ports and a switch, not two Ethernet plus a switch.
-
Hi Steve.
My question is about the "real" capabilities of the XG-7100. I love PfSense software and I know you can trust it on critical sites, that with good hardware, do everything you want.
I know that with an old PC and a couple of nic I could solve this, but I would like to know how the XG-7100 works. We installed many fortigate at the end of the year and are becoming more expensive.
Thanks for the idea.
Regards
-
We are light on marketing materials as we find that most of our competitor's test criteria is not stated or the data is subjective and incomparable.
Both the XG-7100 and the SG-5100 will be very capable unit's for what you are trying to achieve. I don't think many people on the forums are doing exactly what you are doing, any numbers they share won't be comparable.
-
Good Morning.
Thanks for the info. Finally locate a partner in Spain and buy an XG-7100.
I only doubted the hardware, never the pfSense software.Regards.
-
Hi fjsantos,
I'm also interested in adquire a XG-7100 in spain. Could you recommend the partner ?
Thanks.
