Fortinet FortiSwitch - Data Center Review

Good visibility, a seamless connection with FortiGate and very easy to configure


What is most valuable?

The FortiSwitches together with FortiGate give users more visibility into the network. It also offers up straight intelligence when paired with FortiGate when it's connected through the security fabric, which helps improve security. For example, if you've got your FortiSwitches in place, you can actually control FortiSwitch using FortiGate.

The solution has the switch controller built into FortiGate, which is a bonus. From there you are able to see, for example, the number of switches that you actually have. You have logical topology of the switches that are interconnected into your environment. From that logical topology, you're able to drill down into each switch and see what devices are connected to what, within which port. Together with Fortinet in the security fabric with Forticlient, you'll be able to see the clients that are of high risk within the network.

If you've got a server that has got a vulnerable application, that information can be shared through the switch. It also has the functionality whereby if one machine within the network tries to send infected information or is infected itself, it will result in traffic being blocked. That way, the spreading of viruses is drastically reduced.

The solution has made configuration and setup very, very easy.

In terms of usability, they give us very good visibility.

The device, when using it with FortiGate, is seamless.

What needs improvement?

The Solution is robust as it is currently but there is room to added more automated responses on the fortigate such that if vulnerability is picked by the forticlient it can auto-remediate example is that when Forticlient picks that a software on an endpoint is not patched you will have manually allow forticlient to patch it but in future if this can be automated for the fortigate or forticlient to automatically patch such vulnerability it will be of great help to keep the network secure all times.

What do I think about the stability of the solution?

In terms of stability, the switches are very stable. We haven't had any issues since we started deploying them.

What do I think about the scalability of the solution?

In terms of scalability, I think it's very scalable. If implemented properly, in most cases, it's all about the number of ports that you've got and the speed that you expect from them.

How are customer service and technical support?

We've been in touch with Fortinet's technical support. We haven't been in touch in terms of the deployment of the switches, but, in general, I'd rate them nine out of ten. Most of the time, when we work with them, they find a solution to our issues. On very rare occasions, when we open a ticket, there may be a slight delay in response, which is why I didn't give them a full ten out of ten. However, we've found them to be very good and very reliable.

How was the initial setup?

FortiSwitch implementation is quite straightforward and very simple, unlike other products. It's easy in part because we already have FortiGate in our environment and the integration is seamless. It's just a matter of enabling FortiSwitch. It's like dedicating an interface on FortiGate. You simply dedicate that FortiGate interface for FortiSwitches and FortiSwitch will automatically connect to FortiGate.

Instantly, you've got visibility to that switch, which you can manage everything through FortiGate. 

You can also use FortiGate as a standalone unit. However, we mostly work with FortiSwitch through FortiGate. The beauty of that is that you don't have to log in to several switches if you've got FortiGate to manage them. You can simply manage them from one interface through FortiGate.

What's my experience with pricing, setup cost, and licensing?

We use FortiSwitch together with the FortiGate. So there wasn't any licensing that was required on our unit.

What other advice do I have?

We partnered with a company called Maxtech, which has a direct partnership with Fortinet.

The integration that Fortinet has is what we call Forti security fabric. When you've got your FortiGate and you've got your FortiSwitches, this device communicates that intelligence. To add to that, you can get Forticlient. Forticlient is responsible for sharing information about the vulnerabilities on any particular machine. If there is any vulnerability, that information is shared with FortiGate. You don't really have to guess which devices are connected to your network and what they're doing on the network. 

The security fabric of Fortinet is really a game-changer for us. When you have your switches in that security fabric, the solution is quite good.

Overall, I'd rate the solution eight out of ten. We had a slight issue with the device when it was working as a standalone product in an environment where there wasn't any FortiGate in place. In this case, half the time most of the clients would say they wouldn't really benefit much in terms of visibility unless when they logged in. However, when it's incorporated with FortiGate, I'd easily rate it a full 10 out of 10.

**Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Add a Comment
Guest