Fortinet black logo

Handbook

Benefits

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:975549
Download PDF

Benefits

VDOMs provide the following benefits:

Savings in physical space and power

To increase the number of physical FortiGate devices, you require rack space, cables, and power. You also need to change your network configuration to accommodate the new devices. Finally, if you don't need as many devices in the future, you're left with expensive hardware that you aren't using.

Increasing the number of VDOMs requires no additional hardware and minimal changes to existing networking configurations. VDOMs save physical space and power. You're limited only by the size of your VDOM license and the physical resources of your FortiGate. By default, most FortiGate devices support a maximum of ten VDOMs, and many models allow you to buy a license to increase the maximum number of VDOMs.

Each physical FortiGate also requires a separate FortiGuard license to access security updates. VDOMs don't require you to buy separate licenses, as the same license is shared for all VDOMs located on the same FortiGate. When you update or upgrade the license, the changes are immediately available for all VDOMs.

Combining NAT mode and transparent mode

With multiple VDOMs, you can configure one VDOM configured in transparent mode and other VDOMs in NAT mode. In this configuration, you can use the transparent mode VDOM for troubleshooting your network and the NAT mode VDOMs for networking.

MSSP configuration

If you require a managed security service provider (MSSP) configuration, you can use VDOMs to provide a multi-tenant solution, with each tenant's network connected to a unique VDOM that's configured to meet the network requirements. For each VDOM, you can either manage it globally using the management VDOM or allow tenants to manage their own VDOM.

Virtual clustering

Virtual clustering is an extension of FortiGate high availability for a cluster of two FortiGate units with multiple VDOMs. Virtual clustering provides failover protection for a multiple VDOM configuration and can load balance traffic between the VDOMs to improve overall network performance.

Virtual-clustering load balancing efficiently load balances all traffic between VDOMs and can be adjusted in real time to actively optimize load sharing between the cluster units without affecting the operation of VDOMs in the cluster.

Benefits

VDOMs provide the following benefits:

Savings in physical space and power

To increase the number of physical FortiGate devices, you require rack space, cables, and power. You also need to change your network configuration to accommodate the new devices. Finally, if you don't need as many devices in the future, you're left with expensive hardware that you aren't using.

Increasing the number of VDOMs requires no additional hardware and minimal changes to existing networking configurations. VDOMs save physical space and power. You're limited only by the size of your VDOM license and the physical resources of your FortiGate. By default, most FortiGate devices support a maximum of ten VDOMs, and many models allow you to buy a license to increase the maximum number of VDOMs.

Each physical FortiGate also requires a separate FortiGuard license to access security updates. VDOMs don't require you to buy separate licenses, as the same license is shared for all VDOMs located on the same FortiGate. When you update or upgrade the license, the changes are immediately available for all VDOMs.

Combining NAT mode and transparent mode

With multiple VDOMs, you can configure one VDOM configured in transparent mode and other VDOMs in NAT mode. In this configuration, you can use the transparent mode VDOM for troubleshooting your network and the NAT mode VDOMs for networking.

MSSP configuration

If you require a managed security service provider (MSSP) configuration, you can use VDOMs to provide a multi-tenant solution, with each tenant's network connected to a unique VDOM that's configured to meet the network requirements. For each VDOM, you can either manage it globally using the management VDOM or allow tenants to manage their own VDOM.

Virtual clustering

Virtual clustering is an extension of FortiGate high availability for a cluster of two FortiGate units with multiple VDOMs. Virtual clustering provides failover protection for a multiple VDOM configuration and can load balance traffic between the VDOMs to improve overall network performance.

Virtual-clustering load balancing efficiently load balances all traffic between VDOMs and can be adjusted in real time to actively optimize load sharing between the cluster units without affecting the operation of VDOMs in the cluster.