Fortinet Document Library

Version:


Table of Contents

About FortiGate for GCP

Deploying FortiGate-VM on Google Cloud Marketplace

Deploying FortiGate-VM on Google Cloud Compute Engine

Deploying FortiGate-VM Using Google Cloud SDK

Use Case: High Availability for FortiGate on GCP

Security Fabric Connector Integration with GCP

Resources

Upgrade Path Tool
  • Select version:
  • 6.0
6.0.0
Copy Link

Overview

FortiGate-VM for Google Cloud Marketplace supports using the FortiGate Clustering Protocol (FGCP) in unicast form to provide an active-passive clustering solution for deployments in GCP. This feature shares a majority of the functionality, including configuration and session synchronization, that FGCP on FortiGate hardware provides with key changes to support GCP software-defined networking (SDN).

This solution works with two FortiGate instances configured as a primary and secondary pair, and requires that you deploy each instance with four network interfaces, within the same availability zone. These FortiGate instances act as a single logical instance and share interface IP addressing.

The main benefits of this solution are:

  • Fast and stateful failover of FortiOS and GCP SDN without external automation/services
  • Automatic GCP SDN updates to route targets and IP addresses
  • Native FortiOS session synchronization of firewall, IPsec/SSL VPN, and voice over IP sessions
  • Native FortiOS configuration synchronization
  • Ease of use as the cluster is treated as a single logical FortiGate

You can configure FortiGate high availability (HA) on GCP using one of the following methods:

For information on FGCP, see the High Availability chapter in the FortiOS Handbook.

Resources

Overview

FortiGate-VM for Google Cloud Marketplace supports using the FortiGate Clustering Protocol (FGCP) in unicast form to provide an active-passive clustering solution for deployments in GCP. This feature shares a majority of the functionality, including configuration and session synchronization, that FGCP on FortiGate hardware provides with key changes to support GCP software-defined networking (SDN).

This solution works with two FortiGate instances configured as a primary and secondary pair, and requires that you deploy each instance with four network interfaces, within the same availability zone. These FortiGate instances act as a single logical instance and share interface IP addressing.

The main benefits of this solution are:

  • Fast and stateful failover of FortiOS and GCP SDN without external automation/services
  • Automatic GCP SDN updates to route targets and IP addresses
  • Native FortiOS session synchronization of firewall, IPsec/SSL VPN, and voice over IP sessions
  • Native FortiOS configuration synchronization
  • Ease of use as the cluster is treated as a single logical FortiGate

You can configure FortiGate high availability (HA) on GCP using one of the following methods:

For information on FGCP, see the High Availability chapter in the FortiOS Handbook.