What is most valuable?
The virtual and hardware versions of the solution are mostly the same.
The VM it's very quick for deployment. If we need to have a POC for a customer, if we don't have any hardware physically at our premises, at our store, in our office, we can download the VM from Fortinet and install all the VM to their environment in order to run it. If we have a customer that says "let's start tomorrow" we are able to do that in a way that's not possible with a hardware version.
Normally Fortinet is very flexible that it supports almost all environments.
The solution is user friendly.
The cost of the solution is pretty fair.
The documentation is very good.
The SD-WAN is very good, as compared to, for example, Citrix SD-WAN which has an overall lack of security and needs to leverage other devices, like Palo Alto, to cover this.
What needs improvement?
The licensing needs to be improved. We need longer licensing periods, especially for POCs and trials. It should be for six months. Right now, it's too short of a timeframe.
Overall as I say, the features-wise and performance-wise the VM and hardware versions are the same. The main difference is that the hardware-based option ins is more powerful compared to the VM version.
Their technical support is not helpful and I try to avoid using it.
For how long have I used the solution?
I've been using the solution for ten years. It's been a decade now.
What do I think about the stability of the solution?
We do occasionally get bugs on the solution, and when that happens, we do need to go to technical support to get the issue resolved.
What do I think about the scalability of the solution?
Let's say tomorrow we want to upgrade in terms of memory, in terms of processor. If we are VM based we are using files and by default, we have some spec which is set to the VM. If tomorrow we need more capacity for this logging, we can just upgrade it. We take an analyzer like G1 or G5 and we upload the license, and it will upgrade automatically.
It's so much easier as compared to hardware, due to the fact that, with hardware, you need to change everything completely.
We have nine people on our team working with the solution regularly.
How are customer service and technical support?
The support for Fortinet is not very good, and so I tend not to contact them if I can avoid it. They are not good in their general response time. Some team members are quite technical, however, that's not everyone, and you aren't guaranteed to get someone who knows what they are talking about. Sometimes their answers are irrelevant as if they aren't even replying to your actual questions. Other times they tell you what you need is not possible.
Fortinet has forums for users, and if you go there, you'll see that there are a lot of others saying they are unhappy with support as well. While I'm a big fan of Fortinet, I do not like their support.
We only really use it now if we have an issue with a bug and there's no workaround except to go right to them. Otherwise, we don't contact them.
What's my experience with pricing, setup cost, and licensing?
The cost of the solution is good.
What other advice do I have?
Normally I don't really push a virtual appliance. Some customers may be interested in a virtual appliance for scalability. For most of our customers, we are pushing hardware-based solutions and not a virtual appliance.
For example, if we have a customer that has a private data center in Mauritius and wants to have a hybrid solution, let's say to interconnect on the public cloud, and they want to do SD-WAN to secure it from the public to its current on-premises data center, normally we will go with the virtual appliance on the public side.
I would recommend Fortinet's hardware 100% of the time, especially in comparison to Palo Alto. With the VM, it's a harder question to answer. A better question would be: what do you will prefer for a next-generation firewall? Do you prefer Fortinet? Do you recommend Fortinet or Cisco or Palo Alto? I would say personally I always recommend Fortinet. I will continue to due to the fact that the cost and the integration, and the general user-friendliness, are all impressive.
I'd rate the solution eight out of ten. I'd rate it higher if it had a longer trial, better licensing, and stronger technical support. There are still places for improvement in the solution.