Fortinet FortiADC Review

Great inbuilt firewall feature; content compression is limited

What is our primary use case?

We mainly use FortiADC for load balancing the application traffic for our customers. The aim is for the traffic to be equally balanced between servers, whether there are two, 10 or 20 servers. There are different load balancing algorithms that we have on the FortiADC and based on that we configure and we load balance the traffic. We have a static website, so we can use FortiWeb instead of the connection coming from the client each time. FortiADC gets the request from the cache Instead of it being sent to the server. If we have different ISP links, then we do our link load balancing using FortiADC. I'm a senior cyber security engineer and we are distributors of FortiADC.

How has it helped my organization?

There are a lot of benefits to the customer using this solution. Because FortiADC helps in load balancing traffic, at peak times the logs get sent to FortiAnalyzer where they have an automated SOAR, security orchestration and automation for the incident response. Whenever it detects an attack, it will automatically trigger an alert on the service ticket and send it to the appropriate team. That's the benefit of this solution to the company. 

What is most valuable?

The most valuable features would be content caching and content compression. It also has an inbuilt firewall. I doubt whether any other ADC supports this firewall feature. It also has a web application firewall feature.

What needs improvement?

Any issues with this solution seem to be connected to technical support. They need to respond more quickly, providing a one or two day response time is not adequate. In addition, the company hasn't provided good technical documentation. It requires step by step procedures on how to configure some of the features on the FortiADC. They should come up with good KB articles and information related to the workings of the product. Fortinet specifies that the solution can be used for 1,000 clients, but actually we've found that you can't go above 400 for content compression and rewriting. If you go above 400, the solution becomes unresponsive. 

For how long have I used the solution?

I've been using this solution for about five years. 

What do I think about the stability of the solution?

It's a reliable solution but I think F5 is better as a load balancer. We sometimes get bugs but Fortinet has a specialized bug team that can create a patch within a specified period of time, two weeks or maybe within a month and the issue will be rectified. The solution needs maintenance each time they release a new firmware. The stability needs to be tested and we need to check whatever we are running, and make sure there are no critical bugs.

What do I think about the scalability of the solution?

The solution is scalable up to a point. If you're expanding your company and have a lot of customers, say 2,000, you need to go for a higher end model. Otherwise you'll have problems if you're using the hardware model. With the cloud and with the VM, you can always scale to your requirements. We have 400 users. We implement the solution and if customers want to use our website and database servers, the client traffic will hit the ADC and it will load balance to all the servers. If the company decides to expand, then we might need to scale FortiADC. 

How are customer service and technical support?

Technical support has a policy that only a priority one ticket will be given priority. Without that, there can be a significant delay in getting a response from technical support. It's not good enough. 

Which solution did I use previously and why did I switch?

I've had minimal experience with F5 which has more features and I think most people would go for F5. In cases where customers are using other Fortinet products they will prefer to go with FortiADC because of the SOAR feature on the FortiAnalyzer and automatic incident response on other things. 

How was the initial setup?

The initial setup is straightforward. You bring up FortiADC and you configure the interfaces, then you configure the load balancing profiles. That's it. I carry out the deployment myself and it generally takes a week or two. Deployment time is based on the customer configuration, load balancing profiles, but it generally takes a maximum of two weeks. 

The deployment plan is to get the topology of the customer. Once that is complete, we create this HLD and LLD and also the solution diagram. Those are the main things that we do before deployment. Once we have the HLD, LLD reports, then we implement within the customer environment and we test if everything works, and if everything is good it gets put into production. 

What was our ROI?

The main reason a client wants this load balancer is because there is a load on the web server and one of them becomes unresponsible and that means a big loss for the company. It's the main reason they purchase FortiADC. Once they implement this solution there are no issues with the load server. 

What's my experience with pricing, setup cost, and licensing?

From a pricing perspective, I believe FortiADC is cheaper than the F5 and also cheaper than some of the well established load balancers. There is a subscription fee but I'm not sure of the exact cost.

What other advice do I have?

I would recommend using FortiADC, they seem to be coming up with some new features. They have a lot of patents compared to other security companies. They're coming up with new machine learnings and other features. The solution provides an overall good experience. 

I would currently rate this solution a seven out of 10. 

Which version of this solution are you currently using?

**Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
More Fortinet FortiADC reviews from users
...who compared it with Brocade ADX [EOL]
Find out what your peers are saying about Fortinet, F5, Kemp and others in Application Delivery Controllers. Updated: June 2021.
511,773 professionals have used our research since 2012.
Add a Comment
ITCS user