Fortinet FortiGate Review

For price criteria, Fortinet wins over competitors. That being said, certain areas of the product need improvement

What is most valuable?

  • Performances
  • VDOM
  • UTM
  • Consolidated Management
  • FortiGuard

    How has it helped my organization?

    • Endpoint control of mobile devices with Security Profiles compliancy checking, captive portal redirection, Antivirus, IPS and Web Filtering enabled on outgoing traffic (coupled to FortiClient solution)
    • Identity-based policies used to authenticated and profile users and guests whatever the media used to access the network (ie. Wired and WiFi)
    • Dynamic BGP routes injections to divert traffic requiring UTM inspection or DDOS mitigation
    • Two-Factor Authentication VPN SSL for itinerant users (coupled to FortiToken solution)
    • Active/Active cluster load-balancing http/https traffic
    • GTP tunnels inspections over GPRS backbones for pure-player telco operators
    • Distributed WiFi infrastructure with UTM enabled and managed from the central console like signatures and firmware updates
    • Classical IP/IPv6 Firewall with consolidated-management

    What needs improvement?

    • Fix all pending bugs present in 5.0.x branch
    • Improve the testing process of newly published firmware like using real and representative configurations submitted to consequent traffic load during a while
    • Support SNMPv3 INFORM requests
    • Uniform the scheduled backup between FortiGate, FortiManager and FortiAnalyzer
    • Integrate graphical troubleshoot tools for policies based on devices or user identities

    For how long have I used the solution?

    4.5 years

    What was my experience with deployment of the solution?

    Some few non-blocking bugs present in the latest release and which are now solved. In the past I encountered serious bug regarding SCTP and GTP supports. Fortinet helped me to qualify the bug, implement a temporary workaround and then published appropriate patches rapidly.

    What do I think about the stability of the solution?

    No. I always used the latest qualified-stable firmware recommended by Fortinet and check by own testing methods the stability of HW and SW before deploying anything into customer premises.

    What do I think about the scalability of the solution?

    With design and dimensioning parts well achieved I never encountered scalability issue. However it happened I had to troubleshoot some slowness and latency issues on existing projects already running live. Most of the time they were due to some design issues and non-optimized configurations like for instance “in” and “out” ports not handled by the same NP, policy rules non-optimized and non-used features enabled.

    How are customer service and technical support?

    Customer Service:

    Very good.

    Technical Support:

    Very good.

    Which solution did I use previously and why did I switch?

    • CISCO ASA: Too expensive, performances issues, non-consolidated management between traditional ASA and inspection ASA CX, not the best security engines
    • Checkpoint: Very expensive but good solutions, not the leader in UTM segment
    • Juniper: Expensive but good solutions, not the leader in UTM segment
    • Cyrberoam: Attractive prices but not yet tested, looks like promising
    • Arkoon/Netasq: Obsoletes (Stormshield not yet tested)

    How was the initial setup?

    It was quite simple if you have at least a minimum of experiment with Firewalls integration. It is now even simpler thanks to the FortiExplorer application.

    What about the implementation team?


    Which other solutions did I evaluate?

    Taking into account the price criteria, nowadays Fortinet always wins offers in front of competitors like CISCO and Checkpoint. Mixing this key-point with other success keys like UTM features and performances.

    What other advice do I have?

    Contact Fortinet or Fortinet’s partner and ask for a POC.

    Which version of this solution are you currently using?

    **Disclosure: I am a real user, and this review is based on my own experience and opinions.
    More Fortinet FortiGate reviews from users
    ...who work at a Comms Service Provider
    ...who compared it with Cisco ASA Firewall
    Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
    476,483 professionals have used our research since 2012.
    Add a Comment