Fa2 interfaces and active-active ha performance, Base backplane gigabit communication, Fa2 interfaces and active-active ha – Fortinet FortiGate-5000 User Manual
Page 48
FortiGate-5000 Series Introduction
48
01-30000-83466-20090108
Base backplane gigabit communication
FortiGate-5001FA2-LENC security system
• Firewall, intrusion protection (IPS), and antivirus, when there is a reasonable
percentage of P2P packets.
• Firewall and IPSec VPN applications.
The following traffic scenarios should be handled by the normal (or non-
accelerated) FortiGate-5001FA2-LENC interfaces:
• Session oriented traffic when the session lifetime is very short.
• Firewall and antivirus only applications.
Traffic will not be off-loaded to the FortiGate-5001FA2-LENC accelerator
module. The result will be high CPU usage because of the high CPU
requirement for antivirus scanning.
FA2 interfaces and active-active HA performance
FortiOS v3.0 MR4 firmware can also use FA2 acceleration to improve
active-active HA load balancing performance. See the
or
th
for more information.
Base backplane gigabit communication
The FortiGate-5001FA2-LENC port9 and port10 base backplane gigabit interfaces
can be used for HA heartbeat communication between FortiGate-5001FA2-LENC
boards installed in the same or in different FortiGate-5000 chassis. You can also
configure FortiGate-5001FA2-LENC boards to use the base backplane interfaces
for data communication between FortiGate boards. To support base backplane
communications your FortiGate-5140 or 5050 chassis must include one or more
FortiSwitch-5003 boards. FortiSwitch-5003 boards are installed in chassis slots 1
and 2. The FortiGate-5020 chassis supports base backplane communication with
no additions or changes to the chassis.
For information about base backplane communication in FortiGate-5140 and
FortiGate-5050 chassis, see the
. For information about the FortiSwitch-5003 board, see the
.