Enhanced Redundancy:

Deploying an active-passive (A-P) FortiGate cluster across two availability zones (AZs) provides

enhanced redundancy by ensuring that if one AZ fails, the other can take over, maintaining high

availability and uptime.

IP Addressing and Subnetting:

One of the major differences when deploying across different AZs compared to the same AZ is that IP

addressing and subnetting are not shared between the instances. Each AZ operates independently

with its own set of subnets and IP addresses, which must be managed separately (Option D).

Other Options Analysis:

Option A is incorrect because the FortiGate devices in an A-P setup do not act as a single logical

instance; they operate in a failover setup.

Option B is incorrect because secondary IP address configuration is used in both single AZ and multi-

AZ deployments.

Option C is incorrect because the number of subnets required is typically more when deploying

across multiple AZs for redundancy.

Reference:

FortiGate HA Configuration Guide: FortiGate HA

AWS Availability Zones: AWS AZ

Thank you for your visit.