Azure FortiGate-VM sizing is primarily driven by three factors: fortigate vm sizing azure

| Azure Series | Characteristics | Best For | |--------------|----------------|-----------| | Dv5 / Dsv5 (General purpose) | Balanced compute & memory, good for most inspection workloads | Mixed firewall + IPS + SSL inspection (500 Mbps – 2 Gbps) | | Ev5 / Esv5 (Memory optimized) | Higher memory-to-vCPU ratio | Large NAT tables, millions of sessions, VPN termination | | Fsv2 (Compute optimized) | High clock speed (3.4+ GHz) | Low-latency, high-packet-rate environments (e.g., gaming, trading) | | Dasv5 (AMD EPYC) | Cheaper per core, good sustained performance | Cost-sensitive production deployments | This guide covers the critical factors (throughput, instance

Licenses are typically sold by vCPU count (e.g., VM-02, VM-04, VM-08). If you license a (2 vCPUs) but deploy it on a Standard_D4s_v5 (4 vCPUs), the FortiGate will only utilize 2 of those CPUs , wasting half of your Azure compute costs. 4. Performance Expectations Large : For large networks with high traffic

NIC Constraints: A common "gotcha" is that Azure limits the number of Network Interface Cards (NICs) based on VM size. For a standard Active-Passive HA setup, you typically need at least 4 NICs (Management, Untrust, Trust, HA sync).