Version:

Version:


Table of Contents

New Features

Download PDF
Copy Link

Introduce distributed topology and security rating reports 7.2.1

The Security Fabric backend has been improved to allow physical topology, logical topology, and security rating report information to be gathered by distributed means through each downstream FortiGate device. This results in less delays and memory usage on the Fabric root, and less API calls to the downstream devices.

For example, in a Security Fabric configured with 35 downstream devices, the following output shows normal CPU and memory usage.

To verify the system performance on the root FortiGate:
# get system performance status
CPU states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU0 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU1 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU2 states: 1% user 0% system 0% nice 99% idle 0% iowait 0% irq 0% softirq
CPU3 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
Memory: 1911252k total, 722276k used (37.8%), 1089216k free (57.0%), 99760k freeable (5.2%)
Average network usage: 10 / 13 kbps in 1 minute, 411 / 155 kbps in 10 minutes, 143 / 53 kbps in 30 minutes
Maximal network usage: 55 / 32 kbps in 1 minute, 33156 / 4491 kbps in 10 minutes, 33156 / 4491 kbps in 30 minutes
Average sessions: 40 sessions in 1 minute, 27 sessions in 10 minutes, 22 sessions in 30 minutes
Maximal sessions: 45 sessions in 1 minute, 61 sessions in 10 minutes, 61 sessions in 30 minutes
Average session setup rate: 1 sessions per second in last 1 minute, 0 sessions per second in last 10 minutes, 0 sessions per second in last 30 minutes
Maximal session setup rate: 5 sessions per second in last 1 minute, 18 sessions per second in last 10 minutes, 18 sessions per second in last 30 minutes
Average NPU sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes
Maximal NPU sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes
Average nTurbo sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes
Maximal nTurbo sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 7 days,  0 hours,  17 minutes

Introduce distributed topology and security rating reports 7.2.1

The Security Fabric backend has been improved to allow physical topology, logical topology, and security rating report information to be gathered by distributed means through each downstream FortiGate device. This results in less delays and memory usage on the Fabric root, and less API calls to the downstream devices.

For example, in a Security Fabric configured with 35 downstream devices, the following output shows normal CPU and memory usage.

To verify the system performance on the root FortiGate:
# get system performance status
CPU states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU0 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU1 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
CPU2 states: 1% user 0% system 0% nice 99% idle 0% iowait 0% irq 0% softirq
CPU3 states: 0% user 0% system 0% nice 100% idle 0% iowait 0% irq 0% softirq
Memory: 1911252k total, 722276k used (37.8%), 1089216k free (57.0%), 99760k freeable (5.2%)
Average network usage: 10 / 13 kbps in 1 minute, 411 / 155 kbps in 10 minutes, 143 / 53 kbps in 30 minutes
Maximal network usage: 55 / 32 kbps in 1 minute, 33156 / 4491 kbps in 10 minutes, 33156 / 4491 kbps in 30 minutes
Average sessions: 40 sessions in 1 minute, 27 sessions in 10 minutes, 22 sessions in 30 minutes
Maximal sessions: 45 sessions in 1 minute, 61 sessions in 10 minutes, 61 sessions in 30 minutes
Average session setup rate: 1 sessions per second in last 1 minute, 0 sessions per second in last 10 minutes, 0 sessions per second in last 30 minutes
Maximal session setup rate: 5 sessions per second in last 1 minute, 18 sessions per second in last 10 minutes, 18 sessions per second in last 30 minutes
Average NPU sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes
Maximal NPU sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes
Average nTurbo sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes
Maximal nTurbo sessions: 0 sessions in last 1 minute, 0 sessions in last 10 minutes, 0 sessions in last 30 minutes
Virus caught: 0 total in 1 minute
IPS attacks blocked: 0 total in 1 minute
Uptime: 7 days,  0 hours,  17 minutes