Fortinet FortiGate Review

I don't need to have a cluster because it's stable, but rules are not intuitive and the admin UI needs improvement.


What is most valuable?

It offers a proxy and a firewall.

How has it helped my organization?

It has a better processor than CheckPoint.

What needs improvement?

It's not intuitive, as the rules will be in the last place you look. You can look for a report for an hour, eventually getting a blank page. User experience for the administrator is basically not good as it needs to be more proficient.

For how long have I used the solution?

I've used it for two years.

What was my experience with deployment of the solution?

I have five ISPs, and it was hard to connect the LAN to the WAN. It did not go well and I had do to a roll-back.

What do I think about the stability of the solution?

The product is so stable I don't need to have a cluster.

How are customer service and technical support?

Customer Service:

I use a service given by the integrator and it's better than Fortigate’s. The integrator gives me a guarantee that they will immediately replace my machine if a problem occurs.

Technical Support:

I use a service given by the integrator and it's better than Fortigate’s. The integrator gives me a guarantee that they will immediately replace my machine if a problem occurs.

Which solution did I use previously and why did I switch?

I used an open-source product name Squid.

How was the initial setup?

It's straightforward, and was transparent for the users.

What about the implementation team?

We did it in-house.

What was our ROI?

It costs $200,000 and is only a bit better than the open source solution, which was free.

What's my experience with pricing, setup cost, and licensing?

You don’t have to buy the Fortigate analyzer, as you can also get the reports using Fortinet.

What other advice do I have?

It's fine as a firewall and as a proxy. You need to configure the rules right or else it will be hard to keep up with the logs.


Disclosure: I am a real user, and this review is based on my own experience and opinions.

Add a Comment
Guest
5 Comments

author avatarAndrew S. Baker (ASB)
Top 5PopularConsultant

I would be interested to know what you found unintuitive about the rules. From your review it seems that the focus in more on the proxy than the firewall itself.

author avatarSystems Engineer at a healthcare company with 1,001-5,000 employees
Vendor

When you're looking for something it BETTER be in the last place you look! Continuing the search after finding it is just silly.

Seriously, I have had similar issues with rules being obtuse, and I have experience with about a dozen firewalls. Like other IT tech, 'intuitive' is a misnomer, but it does seem to be less obvious than any other that I have experience with.

author avatarTechnical Specialist with 5,001-10,000 employees
Consultant

Fotigate is enhanced their GUI from 5.0 onwards . firmware 5.2.2 is very good GUI , user friendly. more stable , Webfiltering, explicit proxy and Application controls are awesome. I would suggest Fortigate devices at perimeter level, because which will eliminates the standalone IPS at perimeter level for inspection.

author avatarFabrizio Volpe
Top ReviewerTop 5Real User

The review misses a fundamental point about Fortigate. It is an UTM device, which integrates multiple security layers in a single device. Pointing out only firewall and proxy features is (IMHO) a bit misleading.
Talking about the GUI, it requires a little bit of time to understand the logic and the different tools but it is not complex as many other firewalls are (again, we are talking about perceptions).
Last but not least: it is strange to have no cluster enabled. I have always seen Fortigates sold and configured in an active / passive pair.

author avatarAndrew S. Baker (ASB)
Top 5PopularConsultant

The v5.6 GUI is much improved, IMO. Very happy to see the changes there. Some things are still a little hard to find, but not as many.