vdom limits and why?

With the fortigates, you have the means for deploying vdom resources limits. This is a must in a multi-tenant and where you have concerns for  resources exhaustion.

If you have concern over one tenant abusing the resources and within that vdom, you can set limits for the resource available such as

• firewall address
• firewall policies
• local users
• vpn-tunnels
• etc...

When a firewall admin tries to add a item that exceeds the set limits, they will have awarning display the request action denied

examples

It best to learn the max values for your model and the installed fortiOS. The following link shows various max values for FortiOS.

http://docs.fortinet.com/d/fortigate-maximum-values

Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix  -----a----t---- socpuppets ---dot---com

    ^     ^
=(  *  * )=
       o 
      /  \