Using the policy monitor, it is possible to see which policy is currently handling the largest number of sessions. Upon identifying the actual policy it is possible to find that some form of UTM may be applied, and therefore could be the root cause for entering in conserve mode.
To see which process is most used and puts the system in conservation mode, use:# diagnose sys topFor example, if the process is ipsengine, and the policy detected as having the largest number of sessions has IPS enabled, then the combination UTM on this policy may be overloading the system.
# diagnose sys top-summary
# diagnose debug crashlog read
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.