What is our primary use case?
I am a senior Network and Security Solution architect and having certifications, like JNCIE-SP, JNCIP-Sec, JNCDA, Fortinet certified, Sophos Certified Engineer, and certified in ethical hacking v10. with hands-on experience of Tele 3G, 4G, Metro Ethernet, IGW, and large Data Center Design. my primary focus is to recommend cost-effective solutions, to save End customer CAPEX & OPEX.
How has it helped my organization?
Comprehensive protection and user visibility when using FortiGate Firewall with FortiClient.
What is most valuable?
Right now, my opinion is that FortiClient is very inexpensive for what it is. They have a very feature-rich product available in the UTP (Unified Threat Protection) bundle when compared to what other vendors offered Endpoint. Other vendors sell different parts of their security solutions in different pieces, but Fortinet sells all the features like a unified solution in one UTP bundle. For example, they included limited WAF (Web Application Firewall) features, load balancing, SD Wan (a very important feature), cloud sandbox, antivirus, anti-spam, web filtering, IPS protection, and Remote VPN including SSL VPN. All of this is included in the one UTM bundle.
If we compare with other products like Cisco, Juniper, Sophos, and Palo Alto, those companies require separate purchases for all the different features. So this is why I consider Fortinet very inexpensive. But it is also not a sacrifice because even with low cost for what you get, their security rating is very high. Many customers right now in the situation caused by the pandemic are having budget issues. These companies have lower budgets right now and they have to be aware of the value. They still have the same security need and they want a very feature-rich solution. Fortinet fits in their budget and that is why customers prefer to buying Fortinet as compared to other solutions.
What needs improvement?
The improvement required for Fortinet is that they must increase RAM in low-end Firewalls. because low-end Firewalls come with very low RAM, due to low RAM users faced performance issues when increase user traffic, that can cause performance issues. even we know other vendors are using a minimum of 04 GB RAM. But Fortinet for their low-end entry-level box is using only one/two GB RAM. That is very low and can be a performance issue.
If we compare the performance based on their datasheet, it does not really meet the full requirements. For example, if we are using the FG-60F Network Security Firewall 10xGE, the throughput is 10 gigs. But the memory is two GB. Two GB of memory is too low to handle the throughput. So they should increase the memory in the box. Fortinet can gain end customer confidence.
For how long have I used the solution?
I have been working with Fortinet products and FortiClient for five years.
What do I think about the stability of the solution?
FortiClient is stable as per my experience with multiple clients. Right now, we have installed the FortiClient internally as well. It is protecting our network as well so we are not only resellers. We do not experience any issues with the endpoint security.
How are customer service and technical support?
Fortinet technical support requires a little bit of effort to improve their services. The level of services is based on the customer's purchased support bundle. So if a customer purchases a 360 support bundle, then the customer can contact directly at a higher level with the technical support team. But if the customer purchases the normal 24/7 bundle and they try to open a ticket and make a case for service — either on a call or using the websites — your customer can open only a maximum P3 (Third Priority) level case. This is a low level of priority and it is not suitable for more serious problems. My experience with Cisco and Juniper is different. Those companies have an excellent way of dealing with support cases and they are very skilled. A customer can open a P1 case via phone immediately. With Fortinet, if you want to open a P1 case, you can not do it that way with a standard support package. Support for FortiClient needs to be more in line with the severity of the case.
Which solution did I use previously and why did I switch?
I previously worked with Kaspersky and Sophos Intercept X products. I used both as endpoint security.
The main difference is the advantage of FortiClient in CAPEX cost and feature-richness.
One problem I faced was when a customer went to renew FortiClient for their second Year, in Fortinet SKU is the same as a new purchase.
even other venders having renewed SKU for next year.
The case was really more like an upgrade than an initial purchase and should have been somehow included as a bundle. If we compare that with Intercept X and Kaspersky, those companies give the option to renew in similar cases and the renewal pricing is very low compared to the initial cost. It is maybe a place where the Fortinet pricing structure could be modified to appear more competitive.
How was the initial setup?
As per my experience, Fortinet has the simplest way of making deployments compared to other products and companies like Sophos. It is very simple and predictable. Just follow the simple steps and — one, two, three — the firewall is ready to deploy. So you do not need to get more experience and you do not need to study up too much documentation or courses to determine how to configure it. All the information you need is available for free. The customer does not need a technical expert to configure and operate Fortinet products. But if the customer wants to configure competing products like Juniper, Cisco, Palo Alto, and Sophos, they need the technical knowledge to configure the products to achieve proper functionality.
FortiClient is very simple and user-friendly. The GUI is very user friendly and it is the simplest GUI compared to other vendor products. This is another plus point for Fortinet.
What's my experience with pricing, setup cost, and licensing?
Clients need not only to look at the price of the product as a bottom line. Some products offer more as a package, as Fortinet does in this case. Some customers see only dollar signs when there is more to evaluating the value of a product offering than the only cost.
What other advice do I have?
My advice to Fortinet is that they should make a change to FortiClient pricing. They should have a renewal price that is lower than the new purchase price. They should include the price bundle as a renewal price, like say you were purchasing UTM (Unified Threat Management) next year for support. They should include a renewal process in their pricing scheme, and not just treat all purchasing as a new contract.
On a scale from one to ten where one is the worst and ten is the best, I would rate FortiClient as an eight-out-of-ten.
Which deployment model are you using for this solution?