What is our primary use case?
It is primarily for VPN access and restricting access into the network. One of our clients has a shared system between multiple counties, and it is used to keep the right traffic flowing between counties and blocking the rest.
Each client has a specific version. We're trying to get them all current. Our number one client has the current version.
How has it helped my organization?
It provides greater security and flexibility. Instead of just opening it all up, it allows access to only those people who should have access. The network itself is pretty open, and with FortiGate, we can lock down exactly what they have access to.
What is most valuable?
Primarily, the VPN solution is most valuable. It allows you to have more flexibility in terms of what is there on the end-user device, and what is not there. You can check and make sure that they're current. It has more flexibility than just a straight VPN solution.
It works really well. It has the features that 99% of people need.
What needs improvement?
They should keep us up to date about the latest version. That's the biggest thing. Currently, we have to go looking for the latest version. We should get notified about what's going on with the versions.
I would like to see easier dual-factor authentication.
For how long have I used the solution?
Our clients have been using it for several years, and we've been helping them with that.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
It is reasonably scalable. It is not as flexible in scalability as Cisco Firepower with their FMC.
Usually, the clients who use it are cost-conscious. They don't want to spend money on a Cisco device, so they go for Fortigate. A large organization usually goes with Cisco. A smaller organization tends to go for Fortigate or some other solution because of the price.
Our clients use it all over the place. It is not just for their internet. It is used for their internal networks and the rest of it.
How are customer service and technical support?
It was average. I wasn't overly impressed. I was also not disappointed.
How was the initial setup?
There is a little complexity to it but not more than other solutions. I haven't noticed greater complexity.
The deployment duration depends on how detailed you are and what you don't want to get. You can deploy one of these firewalls in half an hour, but if you're going to add a bunch of complexities and things to it, it can take at least a couple of hours to get it all set up the way you want. It ranges from half an hour to four hours.
What about the implementation team?
We help our clients in implementing it. We also manage it. We just have one network support person to take care of things. It is not a job that requires more than one person.
What's my experience with pricing, setup cost, and licensing?
There is no additional cost. Once you get the licensing fee, you're good.
What other advice do I have?
Realize that it is not Cisco, and it doesn't work the same way. You got to pay attention to what you're doing. Those who are super familiar with Cisco got to pay attention to what you're doing because it works differently.
I would rate this solution a nine out of ten. It works well. Except for the dual-factor authentication feature, it has all the next-generation features that you need for a standard user.
Which deployment model are you using for this solution?