What needs improvement?
In terms of what features should be improved with Fortinet, I feel it should give better reports. They provide some basic reports in the entry-level and middleware products but I would love this product if they gave more reports, including more MIS from the traffic because they capture everything in the UTM. They don't produce a team value report. They don't produce a usable report where the IT manager, IT head or CTO can analyze where the attack happened or figure out where the bridge is down, etc. The reports are basic. There are engines which make everything on the GUI. All the user can potentially access for the risky function in the Fortinet but it should be on the GUI, it should not be behind the command line. They could definitely provide the FortiAnalyzer with the basic UTM in a bundle pack.
People should not have to ask for another FortiAnalyzer. It's an entry-level product. I understand that FortiAnalyzer is an expert level product but the functionality should be available at the entry-level as well. Fortinet should think about the entry-level and give it managing capabilities. That's why I selected Sophos because, for a small or medium office, all the reports are available there.
Secondly, Sophos is cost-effective. It is comparatively much cheaper. Sophos is available for a much cheaper price than Fortinet. Also, they have some other functions like sandboxing and others. FortiGate should be more customer-friendly and budgeted better. If I am a buyer, I do not want multiple appliances to manage. It should be one box, one appliance. One mobile should do everything. Multiple products require IT to create a workaround. You have to buy two products and then there is actually another one with that, one plus one, and then there is multiple management, so the product is definitely cumbersome. The beauty of the product is implementation and maintenance without it.
I have my own team to maintain this product. We are very happy as a Sophos user, as we get whatever we want from the reporting point of view. There are no glitches. There is no one issue in particular. When I ask, or my team asks, how the network is working and why there is network latency there are reports about where the traffic is going and I do not have the input after moving or switching to Sophos. I can get the support regarding which IP is working where and which IPs are making traffic, and more.
For how long have I used the solution?
I have been personally using FortiGate-VM for two years.
Which solution did I use previously and why did I switch?
We already procured Sophos. I already ordered two devices from our Indian partner.
We are now partners with Sophos. We were partners with FortiGate for the last year.
The first reason that we switched is because of our work use cases. We moved 80% of our infrastructure to AWS outsource. So we do not require a big firewall anymore. We are a 50 to 70 employee organization so a different firewall is required. We have a 310 exchange enterprise-level firewall. So we moved to 83210 Sophos. The reason why we are changing to different technologies is the comprehensive reports that Sophos provides at the very basic entry-level firewall. In the FortiGate, we have to also have another plan for data analyzer.
The second thing which I believe is that FortiGate has some special functions in the CLI (command-line interface) mode. Sophos does not support that and all its functions are on the UI. So it's easier management in Sophos compared to FortiGate.
In terms of ease of use, if you implement FortiGate in your organization, you must have a FortiGate person who knows FortiGate and then three, four, or five years to learn to maintain the FortiGate device. Whereas Sophos doesn't require that much because all the things are on the UI. So anybody can understand it from the UI.
I can give you an example of the issue with UI. This is a basic thing. In the UI, you could go to the FortiGate console and work directly in the command. You can manage it from the command but you must have command line experience to manage the FortiGate device. If I want to see the traffic and where it goes and where it's from or any attack, in case of an attack, you need FortiAnalyzer to analyze, to track the packet, to protect the traffic. So that's easily available in other products like Sophos 83210.
The cost of Sophos and other players is better compared to the FortiGate. FortiGate is a more important product in the industry. It is recommended, but the cost is also a major point in evaluating Fortinet's firewall solutions in our niche.
What other advice do I have?
On a scale of 1 to 10, I'd give it a 9.
FortiGate is a nice and very good product but the implementation and post-implementation of the product are cumbersome. You have to manage four devices instead of two devices if I go for FortiAnalyzer. For a small, entry-level business, Fortinet should give the entire reporting on the UI so that end to end engineers can manage efficiently. So as technology is concerned, I give eight out of 10, but because of reporting, I would give five out of 10. I am just giving an example: if I know everything or you know everything but if you can't explain it, how do other people come to know that you know everything? FortiGate clearly captures each and everything for the backup capture and everything but it doesn't show what it is acquiring. Analytical reports are missing from there.