Fortigate Vm Sizing Azure -

  • Target: If you need >5 Gbps inspected throughput, look at D16s_v5 or larger to get enough Azure network quota.

    • Pros:

    Cons:

    Fortinet licensing is strictly tied to vCPU count. This creates a "Tax" on oversizing. fortigate vm sizing azure

    Not all Azure VMs behave the same. FortiGate is sensitive to three things: CPU stability, network PPS (packets per second), and memory bandwidth.

    Migrating from a physical firewall appliance to a virtual firewall in Microsoft Azure is not a simple 1:1 core-to-core replacement. In the physical world, sizing was governed by ASIC acceleration and fixed port speeds. In Azure, your FortiGate VM (Fortinet’s Virtual Next-Generation Firewall) runs on shared or dedicated infrastructure, where CPU credits, RAM speed, and network latency are dynamic variables. Target: If you need >5 Gbps inspected throughput,

    Incorrect sizing is the leading cause of cloud network failure. An undersized FortiGate leads to packet drops, high latency, and VPN reconnections. An oversized VM wastes hundreds or thousands of dollars per month on idle vCPUs.

    This 3,000+ word guide will walk you through the anatomy of FortiGate VM sizing in Azure, covering SKU selection, throughput calculations, licensing models, high availability (HA) implications, and real-world deployment patterns. network PPS (packets per second)

    Sizing impact: Double the VM resources (two VMs active). For A/A, you also need more throughput per VM.

    Do not use burstable (B-series) for production workloads. Use general purpose or memory-optimized families.

  • Target: If you need >5 Gbps inspected throughput, look at D16s_v5 or larger to get enough Azure network quota.

    • Pros:

    Cons:

    Fortinet licensing is strictly tied to vCPU count. This creates a "Tax" on oversizing.

    Not all Azure VMs behave the same. FortiGate is sensitive to three things: CPU stability, network PPS (packets per second), and memory bandwidth.

    Migrating from a physical firewall appliance to a virtual firewall in Microsoft Azure is not a simple 1:1 core-to-core replacement. In the physical world, sizing was governed by ASIC acceleration and fixed port speeds. In Azure, your FortiGate VM (Fortinet’s Virtual Next-Generation Firewall) runs on shared or dedicated infrastructure, where CPU credits, RAM speed, and network latency are dynamic variables.

    Incorrect sizing is the leading cause of cloud network failure. An undersized FortiGate leads to packet drops, high latency, and VPN reconnections. An oversized VM wastes hundreds or thousands of dollars per month on idle vCPUs.

    This 3,000+ word guide will walk you through the anatomy of FortiGate VM sizing in Azure, covering SKU selection, throughput calculations, licensing models, high availability (HA) implications, and real-world deployment patterns.

    Sizing impact: Double the VM resources (two VMs active). For A/A, you also need more throughput per VM.

    Do not use burstable (B-series) for production workloads. Use general purpose or memory-optimized families.

    IconicNetwork © 2026