Fortinet FortiGate-5000 User Manual
Introduction
Warnings and cautions
FortiGate-5000 Series Introduction
01-30000-83466-20090108
01-30000-83466-20090108
11
FortiSwitch-5003 system
The FortiSwitch-5003 system
provides base backplane
communication between
FortiGate security boards installed in FortiGate-5140 or FortiGate-5050 chassis.
Base backplane communication can be used for HA heartbeat communication
and for data communication. The FortiSwitch-5003 board can also provide HA
heartbeat and data communication between chassis. The FortiSwitch-5003 board
is only used in FortiGate-5140 and FortiGate-5050 chassis. For details about the
FortiSwitch-5003 board, see
provides base backplane
communication between
FortiGate security boards installed in FortiGate-5140 or FortiGate-5050 chassis.
Base backplane communication can be used for HA heartbeat communication
and for data communication. The FortiSwitch-5003 board can also provide HA
heartbeat and data communication between chassis. The FortiSwitch-5003 board
is only used in FortiGate-5140 and FortiGate-5050 chassis. For details about the
FortiSwitch-5003 board, see
FortiGate-5005-DIST security system
The FortiGate-5005-DIST security system is
very similar to a single FortiGate unit, but with
much higher capacity and with support for
failover protection and scalability. The
FortiGate-5005-DIST security system consists
of a FortiGate-5050 or FortiGate-5140 chassis
with one or two Input/Output or I/O boards
(FortiController-5208 boards) and one or more worker boards (FortiGate-5005FA2
boards running in DIST mode). The I/O boards provide 10 gigabit and 1gigabit
network connections and distribute traffic to the worker boards. The worker
boards provide FortiGate security system functions including firewall, VPN, IPS,
antivirus, antispam, and so on. For details about the FortiGate-5005-DIST security
system, see
very similar to a single FortiGate unit, but with
much higher capacity and with support for
failover protection and scalability. The
FortiGate-5005-DIST security system consists
of a FortiGate-5050 or FortiGate-5140 chassis
with one or two Input/Output or I/O boards
(FortiController-5208 boards) and one or more worker boards (FortiGate-5005FA2
boards running in DIST mode). The I/O boards provide 10 gigabit and 1gigabit
network connections and distribute traffic to the worker boards. The worker
boards provide FortiGate security system functions including firewall, VPN, IPS,
antivirus, antispam, and so on. For details about the FortiGate-5005-DIST security
system, see
.
FortiController-5208 system
An integral part of a
FortiGate-5005-DIST Security
System, the FortiController-5208
board provides all Fortigate-5005-DIST 10gigabit and 1 gigabit network
interfaces. The FortiContro0ller-5208 board also provides the management
interface to the FortiGate-5005-DIST system and controls backplane
communication between all FortiGate-5005-DIST components.
FortiGate-5005-DIST Security
System, the FortiController-5208
board provides all Fortigate-5005-DIST 10gigabit and 1 gigabit network
interfaces. The FortiContro0ller-5208 board also provides the management
interface to the FortiGate-5005-DIST system and controls backplane
communication between all FortiGate-5005-DIST components.
You can create a FortiGate-5005-DIST high-throughput multi-threat network
security system using one or two FortiGate boards and multiple FortiGate-5005
boards in a FortiGate-5050 or FortiGate-5140 chassis. A FortiGate-5020 chassis
cannot be used to create a FortiGate-5005-DIST system. Functionally, one or two
FortiGate boards using the processing power of multiple FortiGate-5005 boards
function much like a single FortiGate unit, but with far greater capacity. For details
about the FortiController-55208 board, see
security system using one or two FortiGate boards and multiple FortiGate-5005
boards in a FortiGate-5050 or FortiGate-5140 chassis. A FortiGate-5020 chassis
cannot be used to create a FortiGate-5005-DIST system. Functionally, one or two
FortiGate boards using the processing power of multiple FortiGate-5005 boards
function much like a single FortiGate unit, but with far greater capacity. For details
about the FortiController-55208 board, see
Warnings and cautions
Only trained and qualified personnel should be allowed to install or
maintain FortiGate-5000 series equipment. Read and comply with all
warnings, cautions and notices in this document.
maintain FortiGate-5000 series equipment. Read and comply with all
warnings, cautions and notices in this document.
MANAGEMENT
SYSTEM
E1
ZRE
LED MODE
15
14
13
12
11
10
9
8
7
6
5
4
3
2
1
0
E0
OK
CLK
INT
EXT
FL
T
HOT SW
AP
RESET
FL
T
CONSOLE
E T H O
R S 2 3 2
Z R E 0
Z R E 1
Z R E 2
1
2
2
3
4
5
SMC
1
SMC
POWER
5050SAP
SERIAL
1
SERIAL
2
ALARM
10/100
link/Act
link/Act
ETH0
Service
RESET
ST
A
T
US
Hot Swap
link/Act
ETH0
ETH1
10/100
5000SM
10/100
link/Act
link/Act
ETH0
Service
RESET
ST
A
T
US
Hot Swap
link/Act
ETH0
ETH1
10/100
5000SM
PAYLOAD OPERATION
STATUS
IPM
X 1
X 2
1/2
3/4
D15/D16
C15/C16
1
2
3
4
5
6
7
8
9
10
11
12
D
13
14
15
16
D
1
2
3
4
5
6
7
8
9
10
11
12
C
13
14
15
16
C
10/100/1000 MBPS ETHERNET ACTIVITY
DATA
CONTROL
1
2
3
4
MANAGEMENT
COM 1
COM 2
X 1
X 2
CONSOLE
ACT
ACT
LINK
LINK
F
A
BRIC
BASE
USB
USB
3
4
1
2
5
6
7
8
OOS
ACC
STATUS
IPM
CONSOLE
ACT
ACT
LINK
LINK
F
A
BRIC
BASE
USB
USB
3
4
1
2
5
6
7
8
OOS
ACC
STATUS
IPM
CONSOLE
ACT
ACT
LINK
LINK
F
A
BRIC
BASE
USB
USB
3
4
1
2
5
6
7
8
OOS
ACC
STATUS
IPM
CONSOLE
ACT
ACT
LINK
LINK
F
ABRIC
BASE
USB
USB
3
4
1
2
5
6
7
8
OOS
ACC
STATUS
IPM
PAYLOAD OPERATION
STATUS
IPM
X 1
X 2
1/2
3/4
D15/D16
C15/C16
1
2
3
4
5
6
7
8
9
10
11
12
D
13
14
15
16
D
1
2
3
4
5
6
7
8
9
10
11
12
C
13
14
15
16
C
10/100/1000 MBPS ETHERNET ACTIVITY
DATA
CONTROL
1
2
3
4
MANAGEMENT
COM 1
COM 2
X 1
X 2