Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Hyperscale Firewall Guide

    Home FortiGate / FortiOS 6.4.12 Hyperscale Firewall Guide
    6.4.12
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.6
    6.2.9
    6.2.7
    6.2.6

    Change log

    Change log

    Date

    Change description

    June 28, 2023

    Added information about hardware logging sending multiple session start log messages if log-processor is set to hardware and log-mode is set to per-session to Hyperscale firewall 6.4.12 incompatibilities and limitations.

    March 20, 2023

    Added a note about ACL policy changes made to a hyperscale firewall VDOM that is processing traffic may take longer than expected to become effective, see Hyperscale firewall 6.4.12 incompatibilities and limitations.

    Added more information about the NP7 hash-config option to Configuring how the internal switch fabric distributes sessions to NP7 processors.

    March 7, 2023

    NP7 hardware logging must use interfaces connected to NP7 processors to communicate with the remove log servers. This information was added to Configuring hardware logging.

    February 23, 2023

    FortiOS 6.4.12 document release.

    February 8, 2023

    Improvements to Displaying IP pool usage information.

    January 11, 2023

    Added more information about arp-reply support limitations for IPv4 and IPv6 firewall VIPs to Hyperscale firewall 6.4.12 incompatibilities and limitations.

    November 22, 2022

    Corrections to Creating hyperscale firewall VDOMs.

    October 31, 2022

    FortiOS 6.4.11 document release.

    October 5, 2022

    More information and explanation added to Hyperscale firewall policy engine mechanics.

    August 25, 2022

    FortiOS 6.4.10 document release.

    August 9, 2022

    Changes to Configuring FGCP HA hardware session synchronization.

    New sections:

    Revised information about using the FortiGate-4200F/4201F and 4400F/4400F HA1, HA2, AUX1 and AUX2 interfaces. Using the following command is no longer recommended. Instead see the new section Recommended interface use for an FGCP HA hyperscale firewall cluster.

    config system npu

    config port-path-option

    set ports-using-npu {ha1 ha2 aux1 aux2}

    end

    July 20, 2022

    Improvements to Hyperscale firewall VDOM session timeouts. New section Session timeouts for individual hyperscale policies.

    April 26, 2022

    FortiOS 6.4.9 document release.

    Added more information to the following sections:

    December 17, 2021

    Removed information about the vlan-lookup-cache option of the config system npu command because this command is available on FortiGates with NP7 processors, whether or not they are licensed for hyperscale firewall features. For information about the vlan-lookup-cache option, see vlan-lookup-cache {disable | enable}.

    December 2, 2021

    Added two new FGCP HA-related limitations to Hyperscale firewall 6.4.12 incompatibilities and limitations.

    Improved the information in Enabling hyperscale firewall features.

    November 29, 2021

    Corrected some of the information in Upgrading hyperscale firewall features to FortiOS 6.4.12.

    November 25, 2021

    FortiOS 6.4.8 document release.

    October 18, 2021

    Removed the incorrect statement "NP7 fragment reassembly is not supported" from Hyperscale firewall 6.4.12 incompatibilities and limitations. New section: Reassembling fragmented packets. Corrected the section Setting the hyperscale firewall VDOM default policy action.

    August 17, 2021

    Misc. fixes. Added more information to .

    July 12, 2021

    Added diagnose commands to Hash table message queue mode. Corrected information about multicast logging in Configuring hardware logging and Multicast logging example.

    July 9, 2021

    FortiOS 6.4.6 document release.
    Previous
    Next

    Change log

    Change log

    Date

    Change description

    June 28, 2023

    Added information about hardware logging sending multiple session start log messages if log-processor is set to hardware and log-mode is set to per-session to Hyperscale firewall 6.4.12 incompatibilities and limitations.

    March 20, 2023

    Added a note about ACL policy changes made to a hyperscale firewall VDOM that is processing traffic may take longer than expected to become effective, see Hyperscale firewall 6.4.12 incompatibilities and limitations.

    Added more information about the NP7 hash-config option to Configuring how the internal switch fabric distributes sessions to NP7 processors.

    March 7, 2023

    NP7 hardware logging must use interfaces connected to NP7 processors to communicate with the remove log servers. This information was added to Configuring hardware logging.

    February 23, 2023

    FortiOS 6.4.12 document release.

    February 8, 2023

    Improvements to Displaying IP pool usage information.

    January 11, 2023

    Added more information about arp-reply support limitations for IPv4 and IPv6 firewall VIPs to Hyperscale firewall 6.4.12 incompatibilities and limitations.

    November 22, 2022

    Corrections to Creating hyperscale firewall VDOMs.

    October 31, 2022

    FortiOS 6.4.11 document release.

    October 5, 2022

    More information and explanation added to Hyperscale firewall policy engine mechanics.

    August 25, 2022

    FortiOS 6.4.10 document release.

    August 9, 2022

    Changes to Configuring FGCP HA hardware session synchronization.

    New sections:

    Revised information about using the FortiGate-4200F/4201F and 4400F/4400F HA1, HA2, AUX1 and AUX2 interfaces. Using the following command is no longer recommended. Instead see the new section Recommended interface use for an FGCP HA hyperscale firewall cluster.

    config system npu

    config port-path-option

    set ports-using-npu {ha1 ha2 aux1 aux2}

    end

    July 20, 2022

    Improvements to Hyperscale firewall VDOM session timeouts. New section Session timeouts for individual hyperscale policies.

    April 26, 2022

    FortiOS 6.4.9 document release.

    Added more information to the following sections:

    December 17, 2021

    Removed information about the vlan-lookup-cache option of the config system npu command because this command is available on FortiGates with NP7 processors, whether or not they are licensed for hyperscale firewall features. For information about the vlan-lookup-cache option, see vlan-lookup-cache {disable | enable}.

    December 2, 2021

    Added two new FGCP HA-related limitations to Hyperscale firewall 6.4.12 incompatibilities and limitations.

    Improved the information in Enabling hyperscale firewall features.

    November 29, 2021

    Corrected some of the information in Upgrading hyperscale firewall features to FortiOS 6.4.12.

    November 25, 2021

    FortiOS 6.4.8 document release.

    October 18, 2021

    Removed the incorrect statement "NP7 fragment reassembly is not supported" from Hyperscale firewall 6.4.12 incompatibilities and limitations. New section: Reassembling fragmented packets. Corrected the section Setting the hyperscale firewall VDOM default policy action.

    August 17, 2021

    Misc. fixes. Added more information to .

    July 12, 2021

    Added diagnose commands to Hash table message queue mode. Corrected information about multicast logging in Configuring hardware logging and Multicast logging example.

    July 9, 2021

    FortiOS 6.4.6 document release.
    Previous
    Next