Fortinet Document Library

Version:


Table of Contents

Deploying FortiGate-VMX

Resources

Upgrade Path Tool
5.6.3
Download PDF
Copy Link

Introduction

Fortinet's FortiGate-VMX is a next generation firewall virtual appliance for VMware environments that provides purpose-built integration for VMware's Software-Defined Data Center (SDDC) and interoperability with VMware vSphere and NSX. FortiGate-VMX provides visibility into virtualized network traffic in the vSphere hypervisor through direct API-level integration and management orchestration to secure workloads in dynamic software-defined networks and infrastructure without protection and compliance gaps.

FortiGate-VMX 5.6.3 is certified for use with NSX 6.2.3+, 6.3.0+, and 6.4.0, and vSphere ESXi 5.5, 6.0, and 6.5.

For information on additional supported software, see the VMware Compatibility Guide.

There are two components comprising FortiGate-VMX:

Component

Description

FortiGate-VMX Service Manager (SVM)

  • Dedicated VM providing management/visibility across all VMX security nodes. The SVM communicates with NSX through an API.
  • A single SVM can handle an almost unlimited number of FortiGate-VMX security nodes, up to the licensed number of security nodes.
  • The SVM must be able to connect to the Internet to validate its license against FortiGuard.

FortiGate-VMX instances

  • A FortiGate-VM firewall to protect each segment on NSX. Usually multiple VMX nodes depending on the segmentation complexity.
  • Only one FortiGate-VMX security node is required per ESXi host.
  • Simple in that one security node requires one license.

Resources

Introduction

Fortinet's FortiGate-VMX is a next generation firewall virtual appliance for VMware environments that provides purpose-built integration for VMware's Software-Defined Data Center (SDDC) and interoperability with VMware vSphere and NSX. FortiGate-VMX provides visibility into virtualized network traffic in the vSphere hypervisor through direct API-level integration and management orchestration to secure workloads in dynamic software-defined networks and infrastructure without protection and compliance gaps.

FortiGate-VMX 5.6.3 is certified for use with NSX 6.2.3+, 6.3.0+, and 6.4.0, and vSphere ESXi 5.5, 6.0, and 6.5.

For information on additional supported software, see the VMware Compatibility Guide.

There are two components comprising FortiGate-VMX:

Component

Description

FortiGate-VMX Service Manager (SVM)

  • Dedicated VM providing management/visibility across all VMX security nodes. The SVM communicates with NSX through an API.
  • A single SVM can handle an almost unlimited number of FortiGate-VMX security nodes, up to the licensed number of security nodes.
  • The SVM must be able to connect to the Internet to validate its license against FortiGuard.

FortiGate-VMX instances

  • A FortiGate-VM firewall to protect each segment on NSX. Usually multiple VMX nodes depending on the segmentation complexity.
  • Only one FortiGate-VMX security node is required per ESXi host.
  • Simple in that one security node requires one license.