Instance type support
FortiGate-VM supports the following instance types on AWS. Supported instances in the AWS marketplace listing may change without notice and vary between bring your own license (BYOL) and on-demand models. See Order types. C3 and M-series instances do not appear as recommended instances.
When you run FortiGate-native active-passive high availability, each FortiGate-VM instance requires four network interfaces (port 1 to 4). See Deploying FortiGate-VM A-P HA on AWS within one zone.
For up-to-date information on each instance type, see the following links:
|
Downgrading to a previous GA version that does not support UEFI boot mode when using a UEFI-enabled FortiGate instance is not supported. FortiOS 7.4 supports UEFI boot mode. |
|
FortiGate-VM 7.4 AMIs are labeled with UEFI-Preferred boot mode, which allows for an instance with UEFI support to boot in UEFI boot mode without user interaction. The instance defaults to the legacy BIOS if the instance type does not support UEFI. See Boot modes. |
The following table summarizes instance type support for x64 instances. For a list of all supported instances for x64 FortiGate-VM deployments, see Fortinet FortiGate (BYOL) Next-Generation Firewall.
|
Instance category |
Instance type |
vCPU |
Max NIC (AWS-enabled) |
FortiGate minimum order (BYOL) to consume all instance CPU |
|---|---|---|---|---|
|
General purpose |
t2.small |
1 |
2 |
FG-VM01 or FG-VM01v |
|
t3.small |
2 |
3 |
FG-VM02 or FG-VM02v |
|
|
t3.medium |
2 |
3 |
FG-VM02 or FG-VM02v |
|
|
t3.xlarge |
4 |
4 |
FG-VM04 or FG-VM04v |
|
|
Compute optimized |
c4.large |
2 |
3 |
FG-VM02 or FG-VM02v |
|
c4.xlarge |
4 |
4 |
FG-VM04 or FG-VM04v |
|
|
c4.2xlarge |
8 |
4 |
FG-VM08 or FG-VM08v |
|
|
c4.4xlarge |
16 |
8 |
FG-VM16 or FG-VM16v |
|
|
c4.8xlarge |
36 |
8 |
FG-VMUL or FG-VMULv |
|
|
c5.large |
2 |
3 |
FG-VM02 or FG-VM02v |
|
|
c5.xlarge |
4 |
4 |
FG-VM04 or FG-VM04v |
|
|
c5.2xlarge |
8 |
4 |
FG-VM08 or FG-VM08v |
|
|
c5.4xlarge |
16 |
8 |
FG-VM16 or FG-VM16v |
|
|
c5.9xlarge |
36 |
8 |
FG-VMUL or FG-VMULv |
|
|
c5.18xlarge |
72 |
15 |
||
| c5d.large | 2 |
3 |
FG-VM02 or FG-VM02v |
|
| c5d.xlarge | 4 |
4 |
FG-VM04 or FG-VM04v |
|
| c5d.2xlarge | 8 |
4 |
FG-VM08 or FG-VM08v |
|
| c5d.4xlarge | 16 |
8 |
FG-VM16 or FG-VM16v |
|
| c5d.9xlarge | 36 |
8 |
FG-VMUL or FG-VMULv |
|
|
c5d.12xlarge |
48 |
8 |
||
| c5d.18xlarge | 72 |
15 |
||
| c5n.large | 2 | 3 | FG-VM02 or FG-VM02v | |
| c5n.xlarge | 4 | 4 | FG-VM04 or FG-VM04v | |
| c5n.2xlarge | 8 | 4 | FG-VM08 or FG-VM08v | |
| c5n.4xlarge | 16 | 8 | FG-VM16 or FG-VM16v | |
| c5n.9xlarge | 36 | 8 | FG-VMUL or FG-VMULv | |
| c5n.18xlarge | 72 | 15 | ||
|
c6i.large |
2 |
3 |
FG-VM02 or FG-VM02v |
|
|
c6i.xlarge (recommended by default) |
4 |
4 |
FG-VM04 or FG-VM04v |
|
|
c6i.2xlarge |
8 |
4 |
FG-VM08 or FG-VM08v |
|
|
c6i.4xlarge |
16 |
8 |
FG-VM16 or FG-VM16v |
|
|
c6i.8xlarge |
32 |
8 |
FG-VMUL or FG-VMULv |
|
|
c6i.16xlarge |
64 |
15 |
||
|
c6i.24xlarge |
96 |
15 |
||
|
c6in.large |
2 |
3 |
FG-VM02 or FG-VM02v |
|
|
c6in.xlarge |
4 |
4 |
FG-VM04 or FG-VM04v |
|
|
c6in.2xlarge |
8 |
4 |
FG-VM08 or FG-VM08v |
|
|
c6in.4xlarge |
16 |
8 |
FG-VM16 or FG-VM16v |
|
|
c6in.8xlarge |
32 |
8 |
FG-VMUL or FG-VMULv |
|
|
c6in.16xlarge |
64 |
15 |
||
|
c6a.large |
2 |
3 |
FG-VM02 or FG-VM02v |
|
|
c6a.xlarge |
4 |
4 |
FG-VM04 or FG-VM04v |
|
|
c6a.2xlarge |
8 |
4 |
FG-VM08 or FG-VM08v |
|
|
c6a.4xlarge |
16 |
8 |
FG-VM16 or FG-VM16v |
|
|
c6a.8xlarge |
32 |
8 |
FG-VMUL or FG-VMULv | |
| c6a.16xlarge | 64 | 15 |
The following table summarizes instance type support for ARM-based CPU instances. For a list of all supported instances for ARM-based CPU FortiGate-VM deployments, see Fortinet FortiGate (BYOL) Next-Generation Firewall (ARM64/Graviton).
|
Instance category |
Instance type |
vCPU |
Max NIC (AWS-enabled) |
FortiGate minimum order (BYOL) to consume all instance CPU |
|---|---|---|---|---|
| General purpose |
t4g.small |
2 |
3 |
FG-VM02 or FG-VM02v |
|
t4g.medium |
||||
|
t4g.large |
||||
|
t4g.xlarge |
4 | 4 |
FG-VM04 or FG-VM04v |
|
|
t4g.2xlarge |
8 |
FG-VM08 or FG-VM08v |
||
| m6g.large | 2 | 3 |
FG-VM02 or FG-VM02v |
|
| m6g.xlarge | 4 | 4 |
FG-VM04 or FG-VM04v |
|
| m6g.2xlarge | 8 |
FG-VM08 or FG-VM08v |
||
| m6g.4xlarge | 16 | 8 |
FG-VM16 or FG-VM16v |
|
| m6g.8xlarge | 32 |
FG-VMUL or FG-VMULv |
||
| m6g.12xlarge | 48 | |||
| m6g.16xlarge | 64 | 15 | ||
| Compute optimized
|
c6g.large | 2 | 3 |
FG-VM02 or FG-VM02v |
| c6g.xlarge | 4 | 4 |
FG-VM04 or FG-VM04v |
|
| c6g.2xlarge | 8 |
FG-VM08 or FG-VM08v |
||
| c6g.4xlarge | 16 | 8 |
FG-VM16 or FG-VM16v |
|
| c6g.8xlarge | 32 |
FG-VMUL or FG-VMULv |
||
| c6g.12xlarge | 48 | |||
| c6g.16xlarge | 64 | 15 | ||
|
c6gn.medium |
1 |
2 |
FG-VM01 or FG-VM01v | |
|
c6gn.large |
2 |
3 |
FG-VM02 or FG-VM02v | |
|
c6gn.xlarge |
4 |
4 |
FG-VM04 or FG-VM04v | |
|
c6gn.2xlarge |
8 |
FG-VM08 or FG-VM08v | ||
|
c6gn.4xlarge |
16 |
8 |
FG-VM16 or FG-VM16v | |
|
c6gn.8xlarge |
32 |
FG-VMUL or FG-VMULv | ||
|
c6gn.16xlarge |
64 |
15 |
||
|
c7g.medium |
1 |
2 |
FG-VM01 or FG-VM01v | |
|
c7g.large |
2 |
3 |
FG-VM02 or FG-VM02v | |
|
c7g.xlarge |
4 |
4 |
FG-VM04 or FG-VM04v | |
|
c7g.2xlarge |
8 |
FG-VM08 or FG-VM08v | ||
|
c7g.4xlarge |
16 |
8 |
FG-VM16 or FG-VM16v | |
|
c7g.8xlarge |
32 |
FG-VMUL or FG-VMULv | ||
| c7g.16xlarge | 64 | 15 | ||
|
c7gn.large (recommended by default) |
2 |
3 |
FG-VM02 or FG-VM02v |
|
|
c7gn.xlarge |
4 |
4 |
FG-VM04 or FG-VM04v |
|
|
c7gn.2xlarge |
8 |
4 |
FG-VM08 or FG-VM08v |
|
|
c7gn.4xlarge |
16 |
8 |
FG-VM16 or FG-VM16v |
|
|
c7gn.8xlarge |
32 |
8 |
FG-VMUL or FG-VMULv |
|
|
c7gn.16xlarge |
64 |
15 |
You can apply a smaller FortiGate-VM license if you are OK with consuming less CPU than is present on your instance. See Models.
For more information about checking and enabling ENA support on AWS instances, see Enable enhanced networking with the Elastic Network Adapter (ENA) on Linux instances.
FortiOS supports hot-adding vCPU and RAM. However, AWS may not support this. See Requirements for changing the instance type.