Fortinet FortiGate Reviews

Our clients' main use case for Fortinet FortiGate is for the firewall on the outside perimeter to the internet. Some of them have started using it for SD-WAN.

We are software integrators. 

Our clients like the packaging because it's an appliance. It has specific chip sets to accelerate different features in the product.

Additionally, it's inexpensive compared to some of the other technology out there.

In terms of what can be improved, they do have certain features that you can only configure through a CLI and there's no GUI interface for it. That's a pain. But it's nice that the user can do everything one way or the other.

They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI.

I have been using Fortinet FortiGate for at least the last 12 months.

Fortinet FortiGate is pretty stable.

It is hard to judge this year because of everybody working from home. Everybody is using up a lot of bandwidth so I'm not sure if that is a cause for some of the instability with the Forti client. The only place we've seen instability would be updating Forti client with their software called EMS.

So pushing out the client with EMS, like a client update to remote users, has proven a pain in the butt. But that could be because the end users' VPNs are maybe a little bit unstable just because of the high bandwidth demands. It is hard to determine. Maybe it is because some of these users are in remote areas, or non-urban or smaller towns, as opposed to being in an urban area where bandwidth is a little better.

We never jump ahead and say, "Oh, yes. 6.5 just came up. Let's jump on that." We'll probably just wait six months and see what goes on first. And I guess that's probably what a lot of people do because it's protecting your intellectual property and everything which that company owns.

I'm not saying that there's no instability. People will generally just wait and not jump out unless they're testing in the lab. They're not going to jump out and put the first revision that comes out on their firewalls.

In terms of scalability, it scales very well.

They have different models for different sizes. Obviously, if you buy too small and you have to upgrade, then it's a box swap. Some other vendors can just add another unit and you cluster them together. In their case it's more of just switching the box out for more performance boxes if you go too low.

Their technical support is very good.

Every time we've had to open up a case or get their help, if we surpass that person's ability, it gets escalated right away. So it's very good. It usually gets resolved within a day or two.

The initial setup is fairly straightforward.

In terms of ROI, they're inexpensive. Because they're inexpensive, they're just everywhere, in the Federal Government, schools, everywhere where budgets are fairly tight. And it is a very good product. It's a product that's built that if you need to you can add a different box and remove that feature from your main FortiGate and just run it on a different box.

So if you need to expand, you can always do it that way too.

They have good integration if you have multiple firewalls and it allows you to be able to push out policies to all of them at the same time.

Fortinet FortiGate's pricing is pretty hard to beat.

On a scale of one to ten, I would give Fortinet FortiGate a 10 out of 10.

We are a system integrator and Fortigate is one of the firewalls that we implement for our clients. I am a solution architect.

Our primary use for this firewall is the IPS.

One of the things I like best is the ease of configuration.

Management-wise, it is very good.

The most important feature, normally for small business customers, is link load balancing.

The firewall throughput is very good. Most of the customers in this region use FortiGate for their data center firewalls, and the main reason is because of its high throughput.

Fortinet is good in terms of security and threat prevention, but they are not leading. For example, the signature database can be improved.

If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement. Customers that have ISE implemented are able to provide inputs based on malicious traffic, and then ISE will automatically block it.

We have been working with Fortinet FortiGate for the past two years.

Stability-wise, they are good at the job of a data center firewall. For a perimeter firewall, it is for smaller customers, preferably.

The scalability depends on the design and how it was done. You have to think about the next five years. We get lots of new updates on the older versions and if the product is still in support then the new features will be included.

The responsiveness of the support depends on the level of support that you have. If you have premium support then you will get immediate access to them. Otherwise, you have to wait for some time, perhaps an hour, before they get back to you.

On the technical details, there are different levels of access. Once you have engineer access then most of the cases are going to get resolved, or otherwise, they will go to their development team.

In addition to FortiGate, we are using Cisco SFR.

The initial setup is straightforward. We have field configuration guides that we follow and you don't need to have much in-depth knowledge to set it up initially. However, performing the fine-tuning requires that you have proper training on the device.

Deploying the firewall for a new customer will be completed within two to three days, or perhaps a week at the most.

Compared to vendors like Cisco and Palo Alto, FortiGate is the cheapest. However, they only have a small segment of the market. Fortinet is trying to appeal to small and medium-sized customers, and I think that their prices should be a little lower for this segment.

On the high-end devices, it is fine. However, the problem is that their subscription price is very high. If you purchase a one-year subscription with the hardware and then you want to renew for the second year, it is very costly. Your whole price ends up being very high.

As a system integrator, we sell a lot of similar solutions from a variety of vendors. We have found that the Fortinet firewall has a much better throughput than that of the other vendors.

If a large customer is looking for a perimeter firewall then we suggest another vendor, such as Check Point or Palo Alto.

FortiGate is a product that we recommend and we have migrated many customers from other vendors. FortiGate is a better option, although small customers don't care much about security. They only care about basic security. There are only a very few who are really concerned about it and most of them don't have a proper IT group in their company. 

I would rate this solution an eight out of ten.

We are currently using manual router failover that can be configured on the Fortinet security appliance’s second network interface to provide network edge redundancy if the primary managed router fails. If the edge router fails, traffic can be moved to the security appliance with a simple cable swap.

We are looking for a fully redundant solution with automatic failover between both Fortinet Security appliances. I am currently looking at battle card information between Fortinet and Zscaler. I have to do a competitive analysis.

The low cost of ownership was a benefit with all of the features we wanted.    

Preconfigured images have been developed for quick deployment. However, if we need a custom policy or have to include an existing policy then that can be accommodated as well. 

Virtual Domains (VDOMs) are a feature that we found valuable.

We found the Firewall, VPN, Application Control, IPS, Fortiguard Web filtering, anti-botnet, FortiGuard, Anti Spam Wireless LAN controller, WAN optimization, vulnerability assessment, and endpoint control all to be valuable.

Fortinet certifications include NSS Labs for NGFW, firewall, IPS, SSL, antivirus, and antispam.

Fortinet provides a consolidated security platform for the market place and certifications with NSS labs prove their security assurance.

To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution. Fortinet claims to do everything Zscaler is capable of and I'm looking for a comparison between the supported features.

Fortinet VPN and DDoS capabilities are great, yet we need to provide a solution that enables CASB and integration to the cloud.

We have been using FortiGate for three years.

Fortinet is very easy to service and set up.

Fortinet is the least expensive solution.

We are comparing the features of Zscaler vs. Fortinet. We are trying to determine what features Zscaler has over Fortinet and vice versa.

Fortinet was initially scoped as 25 rules for small, 50 for medium, and 100 for large. We need to incorporate more rules but there would be additional professional services or staging services. We are looking to incorporate the cloud access with the Fortinet UTM solution.

• GUI
• Flexibility
• Easy to configure
• UTM

• Option to control application = increased productivity
• Data leak prevention = increased security
• Anti-virus & IPS = increased security

I'm happy with the product, however the licensing fees could be lower.

I've used it for six years.

No issues encountered.

There is a specific way of deploying a Fortigate product, and the scalability is related to the new unit deployment so there are no problems here. If you need more power/space, you just have to add a new box.

It's very good, I've never had any problems with customer service.

It's very good, I've never had any problems with technical support.

I was using Cisco ASA, and I switched due to a lack of features (e.g. poor SSL VPN support).

It's a very simple setup as everything is well documented online and via the Fortigate channel on YouTube. Also, I posses a large amount of knowledge gained during the years that has helped me to deploy all my solutions. Even from the the beginning, it was easy as Fortigate has a great GUI and good online help,

We did an in-house implementation, with no third party involvement.

The product is deployed as part of, and an add-on to, the MPLS solution for the majority of my customers. There is no ROI as this is not the major expectation, as the ROI is coming from the whole solution, not just this product.

All the costs are for the annual licenses. The cost of the original deployment fell below £5,000, and licenses are priced at around £3,000.

We considered Cisco, however we decided to go with Fortigate as it provides a good set of the features for the price paid,

Enjoy it. The product is easy to implement, easy to manage, and easy to develop and grow.

We have deployed this firewall for many companies. Our clients are financial and medical companies.

It enabled our clients to reach locations and access their applications easily with no latency. It provided ease of access.

Its threat prevention capabilities are most valuable. 

It's a user-friendly firewall. Most of the tasks are very simple. It's simple to configure and troubleshoot this firewall. 

The improvement is related to logs. Instead of the CLI, we should be able to have more insights into the logs of the firewall in the GUI.

I faced a lot of issues when I was trying to deploy the firewall through FortiManager. The firewall is stable, but FortiManager is too buggy, and it doesn't work properly. It gives too many errors.

There are some issues with Fortinet SD-WAN. It's quite complex.

I've been using this solution for more than four years.

It's a very stable product.

It's scalable. We have plans to increase its usage.

Most of the time, they are helpful, but there are times when they don't resolve an issue right away. They take the log, and then they take their time to give input on the issue. Most of the time, they take one or two days to get back after analyzing the logs. Instead of that, they can just schedule a session to resolve the issue right away because sometimes the issue impacts the production environment, so we need to resolve that issue as soon as possible. Overall, I'd rate them a six out of ten.

Neutral

I have worked with other firewalls. Fortinet FortiGate is better than Palo Alto and Check Point firewalls. It's more user-friendly.

I have deployed it for a bank at a core level. On the perimeter, there was a Palo Alto firewall, and at the core level, we deployed the FortiGate firewall at DC and DR locations. After that, we deployed SD-WAN. We replaced the MPLS switch with the Fortinet SD-WAN device, so the whole branch traffic comes to the SD-WAN box, and from there, it comes to the FortiGate firewall, and then it goes to the Palo Alto firewall for the internet access and resource access. While migrating branches from MPLS to SD-WAN, we did require a maintenance window.

There was no difficulty. It was very user-friendly. I have had many difficulties with the Check Point firewall. I have deployed major projects on the FortiGate firewall. I migrated more than a thousand branches on Fortinet SD-WAN and implemented FortiGate super massive firewalls at DC and DR locations. There were no complexities. Only at one location, I had an issue related to SD-WAN, but my query was resolved by Fortinet's local team.

It's an on-premises firewall for the DC and DR locations. I have never worked on cloud projects, but if there is any opportunity to deploy it on the cloud, I will do it. I have only done on-premises deployment.

I am an implementation engineer. I deployed and configured the whole firewall. I also troubleshot any issues. When I had any queries, they were clarified by Fortinet's engineers.

Its pricing is good. It's average or normal as compared to Palo Alto and Check Point firewalls. 

I didn't evaluate other options.

I'd recommend this firewall to others. Most of the time, when I do PoCs, I recommend Fortinet FortiGate. It's quite easy to manage and deploy.

I'd rate Fortinet FortiGate an eight out of ten.

Fortinet FortiGate is a firewall that protects your assets and data. We have 15 people using this solution. I am an infrastructure engineer. We require 3 people to maintain the solution.

What I like about this solution is that it is simple to use, has less complications and is very straightforward. Their interface is very easy to use, it is without bugs. 

Fortinet Fortigate could benefit by simplifying some of their processes. For example, if you are using Cisco, and you want to find a source and a destination, you type the IP of the source and then the IP of the destination. Cisco will find any denied packet by highlighting it in yellow.  To access it with Cisco, all you need to do is right click. FortiGate is not that simple.

I have been using Fortinet FortiGate for approximately 4 months. I am taking a course regarding this solution.

We had been using Cisco and Firepower prior to FortiGate. FortiGate is easier to use. We encountered a lot of problems when we integrated Firepower on Cisco devices.

The initial setup of Fortinet FortiGate is very straightforward. I would give it a 5 out 5 on ease of setup.

Currently, we have not added licenses for all the features we want. For example, we do not have intrusion prevention and detection.

I would recommend Fortinet FortiGate, it is a good firewall, especially for beginners because of its ease of use.

I would rate the solution an 8 out 10.

It is used as a defense mechanism for securing the internal network from the external network. We also use it to have VPN tunnels between us and our partners and the support organizations we work with.

We are using FortiGate 200F.

We are mostly using it as a defense mechanism. It has many more possibilities, but at this moment, it is only used for defense against attacks. It is doing what it should do with the FortiGuard subscription on it, which is an advanced security subscription.

It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working.

I don't see any area of improvement at this moment. I'm responsible for the IT infrastructure. I'm not a security specialist. The IT security is being managed by the CSO in our company. 

We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine.

It has been a little over a year since we have the firewall cluster in place.

It is a stable product. We had some issues in the beginning while setting it up, but we received an update of the firmware, and since then, it has been stable.

It is being implemented for everybody. It is our security layer.

Their support is good. We had some issues in the beginning, and they were resolved within a couple of days after we explained what we were trying to do. They confirmed that it is a bug, and they would give us a fix. A couple of days later, we had the fix.

We were using SonicWall firewalls. We found FortiGate better, and we switched everything. We decommissioned all SonicWall firewalls. One of the reasons why we changed from SonicWall was that its licensing was user-based and function-based. So, every time we did something, we had to add another license or subscription. The licensing of FortiGate is clear. We know what is the price.

We migrated last year from a typical MPLS network to a complete and only one network between the sites. For firewalls, we now have a few solutions in place in our headquarters. We have Fortinet Firewall Cluster, and on the remote sites, we are using Meraki firewalls that are being used as a router at the same time. 

It is easy to use.

Its price is reasonable. They have a clear pricing policy. It is not complicated by the number of VPN users at a time. We know what the price is. The yearly subscription for the security license is rather high, but it is all included for whatever number of users you have and the kind of functions you need.

I would rate it a nine out of ten.

We use Fortinet FortiGate for the internet, particularly to provide protection against internal and external threats.

What I found most valuable from Fortinet FortiGate is that it gave us better protection against internet-based threats. Aside from giving us good protection, it is also easy to use, and it's fully automated.

An additional feature I'm expecting from Fortinet FortiGate is for it to have an analysis feature, rather than having the analysis done via integration with a different product.

We have been using Fortinet FortiGate for six years.

I found Fortinet FortiGate to be a stable product.

Fortinet FortiGate is a scalable product.

I had issues with Fortinet FortiGate more than three years ago, and I opened a support ticket, and we were able to solve the issues. The support for this product was fast.

The installation process for Fortinet FortiGate was very easy. Installation was done by one technician, e.g. one technician was enough.

This product was implemented by a Fortinet partner.

We've been using this version of Fortinet FortiGate: 300E. I also have experience with Fortinet FortiAnalyzer.

We have one technician in charge of the installation, and one manager in charge of managing this product. We have 500 users of Fortinet FortiGate, and we currently have no plans of increasing the number of users.

My recommendation to people looking into implementing this product is that they should use Fortinet FortiAnalyzer with Fortinet FortiGate to analyze the traffic.

My rating for Fortinet FortiGate is nine out of ten.