Known limitations for IBM Cloud® Virtual FortiGate Security Appliance

There are some limitations to be aware of when using IBM Cloud® Virtual FortiGate Security Appliance.

• There is no support to upgrade from Stand-alone to High Availability mode.

• There is no support to downgrade from High Availability to Stand-alone mode.

• There is no support to upgrade from 1 Gbps to 10 Gbps or downgrade from 10 Gbps to 1 Gbps.

• Only IBM Cloud certified versions of vFSA are supported for actions like OS Reload, License Update, Rebuild Cluster. The list of supported versions can be found here.

• Only the latest IBM Cloud certified vFSA releases are available for new orders and upgrades. Requests for older IBM Cloud certified vFSA releases should be made through an IBM Support case. Limitations for upgrading and downgrading can be found in Upgrading the vFSA.

• vFSA license validation requires a public internet connection to the Fortinet Cloud for license entitlement.

• There is no access to FortiCloud or FortiGate Cloud logging and management because licensing is registered to IBM's Fortinet Account.

• The licensing shown when ordering the vFSA is the only licensing available through IBM Cloud currently. All other licensing can only be implemented through a "third party". This includes FortiClient licensing for endpoint protection, as well as ZTNA, FortiToken, FortiEMS installed on Windows Server (this licensing is included with Forticlient licensing), virtual FortiManagers and virtual FortiAnalyzers.

  Both the virtual FortiManagers and FortiAnalyzers are currently tested and deployable through VPC custom images.