FortiGate FG-70G vs FG-90G: In-depth Comparison
Introduction
Leveraging the official FortiGate FortiWiFi 70G and 90G Series datasheets, this comparison highlights how each model balances performance, security, and connectivity for branch and SMB deployments. We’ll present side-by-side specs drawn directly from Fortinet’s documentation, then provide guidance on which appliance best suits your needs.
Hardware & Performance Specifications
| Specification | FG-70G | FG-90G |
|---|---|---|
| Firewall Throughput (1518/512/64 byte UDP) |
10 / 10 / 10 Gbps | 28 / 28 / 27.9 Gbps |
| IPS Throughput (Enterprise Mix) |
2.5 Gbps | 4.5 Gbps |
| NGFW Throughput (Enterprise Mix) |
1.5 Gbps | 2.5 Gbps |
| Threat Protection (Enterprise Mix) |
1.3 Gbps | 2.2 Gbps |
| IPsec VPN Throughput (512 byte) |
7.1 Gbps | 25 Gbps |
| SSL VPN Throughput | — | 1.4 Gbps |
| SSL Inspection (IPS, avg. HTTPS) |
1.4 Gbps | 2.6 Gbps |
| Application Control (HTTP 64K) |
3.6 Gbps | 6.7 Gbps |
| Concurrent Sessions (TCP) |
1.4 Million | 3 Million |
| New Sessions/sec (TCP) |
100,000 | 124,000 |
| Interfaces | 2× GE WAN, 6× GE RJ45, 2× FortiLink, 1× USB, 1× Console | 8× GE RJ45, 2× shared 10 GE RJ45/SFP+, 1× USB, 1× Console |
| Internal Storage | — / 64 GB SSD | 120 GB SSD |
| Max FortiAPs (Total / Tunnel) |
96 / 48 | 128 / 64 |
| Max FortiSwitches Supported | 24 | 24 |
| Virtual Domains (Default / Max) |
10 / 10 | 10 / 10 |
| High-Availability Modes | Active-Active, Active-Passive, Clustering | Active-Active, Active-Passive, Clustering |
Source: FortiGate FortiWiFi 70G & 90G Series Data Sheets, May 2025
Key Differences & Deployment Guidance
Performance vs. Threat Inspection
The FG-90G delivers significantly higher raw firewall throughput (up to 28 Gbps) and IPS rates (4.5 Gbps), ideal for high-traffic sites. The FG-70G’s balanced 10 Gbps firewall and 2.5 Gbps IPS performance suit smaller branches with moderate UTM needs.
VPN & Remote Access
Only the FG-90G provides rated SSL VPN performance (1.4 Gbps) with support for 200 concurrent users, making it the clear choice for larger remote-access deployments. The FG-70G lacks a dedicated SSL VPN rating and is better for site-to-site IPsec.
Connectivity & Expansion
The FG-90G’s 10 GE-capable WAN ports, larger 120 GB SSD, and greater VPN tunnel capacity (2,500 client-to-gateway) support deeper segmentation and analytics. The FG-70G offers flexible SKUs with built-in WiFi, PoE variants, and 64 GB storage—perfect for specialized branch setups.
Session Handling & Latency
FG-70G achieves lower latency (2.46 µs) and handles 1.4 M sessions with 100K new sessions/sec, while FG-90G scales to 3 M sessions at 124K new sessions/sec but with slightly higher latency (3.23 µs). Choose based on session load and latency sensitivity.
Which Should You Choose?
- Choose FG-70G if you require moderate UTM performance, flexible WiFi/PoE variants, and cost-effective security at smaller branch sites.
- Choose FG-90G when you need maximum firewall/IPS throughput, high SSL VPN capacity, extensive port density, and larger local storage for analytics.
Conclusion
Both FG-70G and FG-90G integrate NGFW, SD-WAN, and Security Fabric on FortiOS. Align your selection with traffic volumes, VPN/user counts, connectivity requirements, and growth plans to maximize security efficacy and ROI.