See my email below and Fortinet blade doc, 250 per 5001 fortigate blade so yes in a filled chassis of forigate blades you could get up to 3000 vdoms. (get 500 vdoms per blade with license upgrade on 5001b) But I agree, talk to your sales rep. The numbers I gave is what my company tested/recommended by the vendors that runs in our production environments.
fortinet.com/doc/FGT5000Series.pdf On Jul 9, 2011, at 12:22 PM, Derick Winkworth <dwinkwo...@att.net> wrote: > From Fortinets website: > > ##### > > Chassis-based models can support up to 3000 VDOMs > ##### > > Talked to Fortinet rep and confirmed it. its not that they "recommend" 250, > its > just that beyond 250 there is no support for some of the advanced features > Fortinet considers their special sauce (e-mail scanning, etc). > > I'm pretty sure the actual maximum number of allowed VRs/zones on a 3k SRX is > 1000. Or it will be soon. I'll verify that later this evening. The number > of > LSYS is in fact 32. However you don't get all those zones/vrs/nats/FW rules > per > lsys, those are just spread out across the LSYS... > > The ASA I think can support up to 500 contexts now, but with contexts enabled > I'm hearing there is no crypto support. I'm not sure this is an impediment > for > us but I can see it being an issue for folks. > > > > Derick Winkworth > CCIE #15672 (RS, SP), JNCIE-M #721 > http://blinking-network.blogspot.com > > > > > ________________________________ > From: Matthew M North <matthew.no...@gmail.com> > To: Chandler Bassett <cbass....@gmail.com> > Cc: dwinkwo...@att.net; juniper-nsp@puck.nether.net; cisco-...@puck.nether.net > Sent: Thu, July 7, 2011 9:57:21 PM > Subject: Re: [c-nsp] Firewalls "as-a-service" in an MPLS infrastructure... > >>> Fortinet does thousands of thier VDOMs (virtual-firewalls) on a single >>> unit... > > Thousands->no. > They do 250 VDOMs on the high end units (3000 series), 500 VDOMs I > heard on the 5001B (with some special licensing, haven't see or tested > yet, they recommend max 250). > > Juniper SRX you can use VRs & security zones. On Junos 10.4+ get 250 VRs. > 5800 you can get 500 VRs. Have gotten # for lsys yet. > > > On Thu, Jul 7, 2011 at 2:35 PM, Chandler Bassett <cbass....@gmail.com> wrote: >> I thought the ASA blade was for the 6500's? >> >> On Wed, Jul 6, 2011 at 11:47 AM, Derick Winkworth <dwinkwo...@att.net>wrote: >> >>> Thoughts on this blog entry? >>> I wonder if Cisco will support BGP on ASA soon.. I know people have been >>> asking for it. It would be nice if it had something Netconf on it too... >>> The new ASA blade is coming out for Nexus I hear, anyone know how many >>> virtual-firewalls it will support? Juniper's SRX will do LSYS soon.. 32 per >>> box. That seems like a low number. Fortinet does thousands of thier VDOMs >>> (virtual-firewalls) on a single unit... >>> _______________________________________________ >>> cisco-nsp mailing list cisco-...@puck.nether.net >>> https://puck.nether.net/mailman/listinfo/cisco-nsp >>> archive at http://puck.nether.net/pipermail/cisco-nsp/ >>> >> _______________________________________________ >> cisco-nsp mailing list cisco-...@puck.nether.net >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp