Fortinet black logo

Hyperscale Firewall Guide

Home FortiGate / FortiOS 7.2.3 Hyperscale Firewall Guide
7.2.3
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.6
6.2.9
6.2.7
6.2.6

Change log

Change log

Date

Change description

June 27, 2023

Added information about hardware logging sending multiple session start log messages if log-processor is set to hardware and log-mode is set to per-session to Hyperscale firewall 7.2.3 incompatibilities and limitations.

March 20, 2023

Added a note about ACL policy changes made to a hyperscale firewall VDOM that is processing traffic may take longer than expected to become effective, see Hyperscale firewall 7.2.3 incompatibilities and limitations.

Added more information about the NP7 hash-config option to Configuring how the internal switch fabric distributes sessions to NP7 processors.

March 7, 2023

NP7 hardware logging must use interfaces connected to NP7 processors to communicate with the remove log servers. This information was added to Configuring hardware logging.

February 8, 2023

Improvements to Displaying IP pool usage information.

January 10, 2023

Added more information about arp-reply support limitations for IPv4 and IPv6 firewall VIPs to Hyperscale firewall 7.2.3 incompatibilities and limitations.

November 18, 2022

Corrections to Creating hyperscale firewall VDOMs.

November 10, 2022

FortiOS 7.2.3 document release.

October 4, 2022

FortiOS 7.2.2 document release. More information and explanation added to Hyperscale firewall policy engine mechanics.

September 28, 2022

FortiOS 7.2.3 Hyperscale firewall VDOMs support consolidated firewall policies. The statement about Hyperscale firewall VDOMs not supporting consolidated firewall policies has been removed from Hyperscale firewall 7.2.3 incompatibilities and limitations.

August 17, 2022

Changes to the following sections to reflect that FortiOS 7.2.1 FGSP supports HA hardware session synchronization:

New sections: FGSP HA hardware session synchronization and Basic FGSP HA hardware session synchronization configuration example.

Changes to FCGP HA hardware session synchronization.

August 8, 2022

New sections:

August 4, 2022

Changes to Recommended interface use for an FGCP HA hyperscale firewall cluster and Configuring FGCP HA hardware session synchronization.

Revised information about using the FortiGate-4200F/4201F and 4400F/4400F HA1, HA2, AUX1 and AUX2 interfaces. Using the following command is no longer recommended. Instead seeRecommended interface use for an FGCP HA hyperscale firewall cluster.

config system npu

config port-path-option

set ports-using-npu {ha1 ha2 aux1 aux2}

end

August 4, 2022

FortiOS 7.2.1 document release. FortiOS 7.2.1 includes main branch support for FortiGates with NP7 processors and hyperscale firewall features.

New sections:
Previous
Next

Change log

Date

Change description

June 27, 2023

Added information about hardware logging sending multiple session start log messages if log-processor is set to hardware and log-mode is set to per-session to Hyperscale firewall 7.2.3 incompatibilities and limitations.

March 20, 2023

Added a note about ACL policy changes made to a hyperscale firewall VDOM that is processing traffic may take longer than expected to become effective, see Hyperscale firewall 7.2.3 incompatibilities and limitations.

Added more information about the NP7 hash-config option to Configuring how the internal switch fabric distributes sessions to NP7 processors.

March 7, 2023

NP7 hardware logging must use interfaces connected to NP7 processors to communicate with the remove log servers. This information was added to Configuring hardware logging.

February 8, 2023

Improvements to Displaying IP pool usage information.

January 10, 2023

Added more information about arp-reply support limitations for IPv4 and IPv6 firewall VIPs to Hyperscale firewall 7.2.3 incompatibilities and limitations.

November 18, 2022

Corrections to Creating hyperscale firewall VDOMs.

November 10, 2022

FortiOS 7.2.3 document release.

October 4, 2022

FortiOS 7.2.2 document release. More information and explanation added to Hyperscale firewall policy engine mechanics.

September 28, 2022

FortiOS 7.2.3 Hyperscale firewall VDOMs support consolidated firewall policies. The statement about Hyperscale firewall VDOMs not supporting consolidated firewall policies has been removed from Hyperscale firewall 7.2.3 incompatibilities and limitations.

August 17, 2022

Changes to the following sections to reflect that FortiOS 7.2.1 FGSP supports HA hardware session synchronization:

New sections: FGSP HA hardware session synchronization and Basic FGSP HA hardware session synchronization configuration example.

Changes to FCGP HA hardware session synchronization.

August 8, 2022

New sections:

August 4, 2022

Changes to Recommended interface use for an FGCP HA hyperscale firewall cluster and Configuring FGCP HA hardware session synchronization.

Revised information about using the FortiGate-4200F/4201F and 4400F/4400F HA1, HA2, AUX1 and AUX2 interfaces. Using the following command is no longer recommended. Instead seeRecommended interface use for an FGCP HA hyperscale firewall cluster.

config system npu

config port-path-option

set ports-using-npu {ha1 ha2 aux1 aux2}

end

August 4, 2022

FortiOS 7.2.1 document release. FortiOS 7.2.1 includes main branch support for FortiGates with NP7 processors and hyperscale firewall features.

New sections:
Previous
Next