These tables show the maximum number of configuration objects or limits that vary by them, and are not a guarantee of performance. For values such as hardware specifications that do not vary by software version or configuration, see your model’s QuickStart Guide.
Model | Max ADOMs |
---|---|
FortiWeb 100D, FortiWeb 400B, FortiWeb 400C, FortiWeb 1000B, FortiWeb 1000C, FortiWeb 3000C/CFsx, FortiWeb 4000C | 32 |
FortiWeb-VM, FortiWeb 1000D, FortiWeb 3000D/DFsx, FortiWeb 3000E, FortiWeb 4000D | 64 |
The below values are per ADOM. For example, the maximum number of server policies is 256 on a FortiWeb 4000D. Each additional ADOM can have an additional 256 server policies. However, due to the performance impact relative to each model's RAM constraints, maximizing the number of objects in all ADOMs is obviously not recommended.
FortiWeb model |
Policies per appliance |
---|---|
FortiWeb 100D | 32 |
FortiWeb 400B | 32 |
FortiWeb 400B | 32 |
FortiWeb 400C | 64 |
FortiWeb 1000B | 64 |
FortiWeb 1000C | 128 |
FortiWeb 1000D | 256 |
FortiWeb 3000C | 256 |
FortiWeb 3000CFsx | 256 |
FortiWeb 3000D | 512 |
FortiWeb 3000DFsx | 512 |
FortiWeb 4000C | 512 |
FortiWeb 4000D | 1024 |
Web UI item | Main table | Sub-table | |
---|---|---|---|
System | |||
Network | Interface | 32 (total physical interfaces and VLAN subinterfaces) | N/A |
Certificates | Local | 255 | N/A |
SNI | 255 | 255 | |
CA | 255 | N/A | |
CA Group | 255 | 255 | |
Intermediate CA | 255 | N/A | |
Intermediate CA Group | 255 | 255 | |
CRL | 255 | N/A | |
Certificate Verify | 255 | N/A | |
Policy | |||
Server Policy | See Maximum policies (physical appliances) | ||
Web Protection Profile | Inline Protection Profile | 255 | N/A |
Offline Protection Profile | 255 | N/A | |
Server Objects | |||
Virtual Server | 255 | N/A | |
Server Pool | 255 | 1024 | |
Health Check | 256 (excludes predefined rules) | N/A | |
Persistence | 255 | N/A | |
HTTP Content Routing | 255 | 255 | |
Protected Hostnames | 255 | 64 | |
Service | Predefined | 255 | N/A |
Custom | 255 | N/A | |
Global | Custom Global White List | No limit | N/A |
X- Forwarded-For | 255 | 255 | |
Error Page |
255 The size of the uploaded file cannot exceed 1 MB. |
N/A | |
Application Delivery | |||
URL Rewriting Policy | Policy | 255 | 255 |
Rule | 255 | 10 | |
Authentication Policy | Policy | 255 | 255 |
Rule | 255 | 255 | |
Site Publish | Policy | 255 | 255 |
Rule | 255 | N/A | |
Compression | File Compress Policy | 255 | 255 |
File Uncompress Policy | 255 | 255 | |
Exclusion Rule | 255 | 255 | |
Caching | Web Cache Policy | 255 | 255 |
Web Cache Exception | 255 | 255 | |
Web Protection | |||
Known attacks | Signatures/Exceptions | 32 | Enabled main classes: 64 |
Disabled sub-classes: 255 | |||
Disabled signatures: 2048 | |||
Filters: 10240 | |||
Custom Signature Group | 255 | 64 | |
Custom Signature | 255 | 255 | |
Advanced Protection | Custom Policy | 255 | 255 |
Custom Rule | 255 | 255 | |
Padding Oracle Protection | 255 | 255 | |
Input Validation | Parameter Validation Policy | 255 | 255 |
Parameter Validation Rule | 1024 | 1024 | |
Hidden Fields Policy | 255 | 255 | |
Hidden Fields Rule | 255 | 32 | |
File Upload Restriction Policy | 255 | 255 | |
File Upload Restriction Rule | 255 | 255 | |
Protocol | HTTP Protocol Constraints | 255 | 255 |
HTTP Constraints Exception | 255 | 32 | |
Access | Brute Force | 255 | 255 |
URL Access Policy | 255 | 255 | |
URL Access Rule | 255 | 32 | |
Page Access | 255 | 16 | |
Start Pages | 255 | 32 | |
Allow Method Policy | 255 | 255 | |
Allow Method Exceptions | 255 | 32 | |
IP List | 255 | 255 | |
Geo IP | 255 | 255 | |
Geo IP Exceptions | 255 | 255 | |
Web Anti-Defacement | Anti Defacement | 200 | N/A |
Anti-Defacement File Filter | 255 | 255 | |
DoS Protection | |||
Application | HTTP Access Limit | 255 | N/A |
Malicious IPs | 255 | N/A | |
HTTP Flood Prevention | 255 | N/A | |
Network | TCP Flood Prevention | 255 | N/A |
Dos Protection Policy | 255 | N/A | |
IP Reputation | |||
IP Reputation | Exceptions | 255 | N/A |
Auto Learn | |||
Auto Learn Profile | 255 | N/A | |
Report | The number of Auto Learn reports which FortiWeb has learned. For each report, the maximum node number of the report tree is16384. | N/A | |
Predefined Pattern | Data Type Group | 255 | 512 |
Data Type | None | N/A | |
URL Pattern | 1 (one) | N/A | |
Suspicious URL | 255 | 512 | |
Custom Pattern | Data Type | 255 | N/A |
Suspicious URL Policy | 255 | 64 | |
Suspicious URL Rule | 255 | N/A | |
Application Templates | Application Policy | 25 | 255 |
URL Replacer | 255 | N/A | |
Web Vulnerability Scan | |||
Web Vulnerability Scan | Web Vulnerability Scan Policy | 255 | N/A |
Web Vulnerability Scan Profile | 255 | N/A | |
Web Vulnerability Scan Schedule | 255 | N/A |
FortiWeb-VM has 4 virtual network interfaces (vNICs, or virtual ports).
The maximum number of server policies initially varies by the maximum amount of virtual memory (vRAM) available to FortiWeb-VM in VMware, up to a hard limit. FortiWeb-VM allows up to 20 policies for the first 1 GB of vRAM, then an additional 15 policies per additional 1 GB of vRAM, up to a maximum of 255 server policies.
In other words, at first, the server policy limit increases linearly with vRAM. But after 7 GB of vRAM, further increasing the vRAM no longer has an affect. 8 GB or more vRAM allows up to 255 server policies. (Keep in mind that increasing the vRAM may still benefit performance.)
The capability of each model’s hardware determines the capacity of the data analytics database.
Model | Max. Number Records per Table | Max. Number Tables | Max. Tables Searched per Query |
---|---|---|---|
FortiWeb 100D | 1,000,000 | 20 | 1 |
FortiWeb 400B | 1,000,000 | 20 | 1 |
FortiWeb 400C | 1,000,000 | 20 | 1 |
FortiWeb-VM | 1,000,000 | 20 | 1 |
FortiWeb 1000B | 1,000,000 | 100 | 2 |
FortiWeb 1000C | 1,000,000 | 100 | 2 |
FortiWeb 1000D | 1,000,000 | 100 | 2 |
FortiWeb 3000C/CFsx | 1,000,000 | 200 | 3 |
FortiWeb 3000D/DFsx | 1,000,000 | 200 | 3 |
FortiWeb 4000C | 1,000,000 | 300 | 4 |
FortiWeb 4000D | 1,000,000 | 300 | 4 |