Fortinet FortiGate IPS Room for Improvement
It is very complex.
There are a variety of improvements that can be made.
The reporting was limited. I had to use FortiAnalyzer to obtain a complete solution. The reports are very limited with the solution, basically. Once you implement FortiAnalyzer, you can create very, very detailed reports for all the networks.
View full review »The biggest problem we have is the way they handle virtual IPs. It's not handled well at all and even pfSense handles that better. There are three different ways to configure it, depending on whether it is an internal or a through process, and it's just unnecessarily complicated. It would be nice if everybody got together and agreed on some language in their CLIs, but that's not going to happen. If you only dealt with one product on a regular basis, then the problem wouldn't be as evident.
Buyer's Guide
Fortinet FortiGate IPS
April 2024
Learn what your peers think about Fortinet FortiGate IPS. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
767,847 professionals have used our research since 2012.
The dashboard is not user friendly so is a bit complicated. Training is important or you will suffer when completing tasks.
We would like the ability to divide users by position and assign different rules to each position. For example, managers are allowed to browse YouTube but employees are not allowed.
View full review »BA
BeshoyAmin
ICT Professional at a tech services company with 51-200 employees
FortGate's IPS reporting could be made better by giving more details regarding the source and destination of network traffic when it comes to the overview section. This would allow me to more easily follow the flow of traffic based on IP addresses, without having to integrate the IPS with other products that perform more sophisticated traffic analysis.
Another improvement, that may only tangentially relate to the IPS, would be to include more functionality and details regarding SD-WAN (such as the ISDB), in order to make it more secure.
There could be more modifications. Some features are enabled, however, compared to Fortinet, some features are not easy.
Sometimes the dashboard does not open properly. When we add more options, SD-WAN features, and user control features, the opening is very slow. It does not sync properly.
Fortinet has serious vulnerabilities. Some of their interfaces are exposed to attacks. Since they are more prevalent, they may attract more attacks and have more vulnerabilities discovered.
AA
Aziz-Ahmed
Group IT Manager at Direct Remit Limited
The solution’s stability could be improved because we sometimes face some drops. It was not due to the box, but it was due to some misconfiguration on our end.
View full review »The customization is a little bit difficult because we have to customize everything. Typically, we will enable everything.
DV
DJ Van Den Berg
CEO at Merit Technology Solutions (Pty) Ltd
There is room for improvement in being proactive about identifying and integrating new signatures.
The initial deployment could be minimally improved. It's fairly good right now but it could be better.
We sometimes have issues when carrying out inspections because the system slows down and our clients complain about it. The only other drawback is that we have to manually insert certificates for our clients. Most social networking sites have dependencies and to completely block them requires a deep inspection profile. For protection, we need to put the certificates in for all of our clients. It's a major drawback not having it embedded in the system. I would very much like to see Forticlient's new TNA technology included with the original license for Fortigate. It currently requires an additional license which is quite costly for us as a middle-size organization. We could include it with VPN for our clients.
SR
reviewer1929939
Medical Coder at a tech services company with 1,001-5,000 employees
Fortigate is always innovating. I'm not sure if any improvements are needed.
We'd like to have multi-factor authentication via fiber.
View full review »RF
Ron Francisco
Network Cybersecurity Consultant at a tech services company with 1-10 employees
FortiGate IPS is somewhat pricey compared to other solutions. There is also room for improvement in terms of the radio signals. The FortiGate WiFi has a relatively short range. I've found there is a lag in its zero-day malware response that could be better, and FortiGate could integrate better with other brands of equipment or identity management solutions.
View full review »They can improve in the area of creating daily, monthly, and item-wise reporting. I think they should focus on including IP-controlling functions.
I would like for Fortinet to add a ransomware protection feature in the next release.
View full review »Fortinet FortiGate IPS could improve the VPN. There are times it is slow.
View full review »The interface could be better.
We would like the initial setup to be a bit easier.
It isn’t missing any features. We’re pretty happy with it.
View full review »IZ
IvanZabaluyev
Broadcast Engineer
It's a bit more complex to configure in comparison to Cisco.
The learning curve is a bit higher.
It's not the least expensive solution on the market.
View full review »TM
reviewer1995546
Security Analyst at a healthcare company with 10,001+ employees
It would be helpful to have a better tool for migrating all policy rules using an automatic script. The current tool does not place entire configurations in their desired locations. It takes time to manually configure for compatibility across different platforms or vendors.
View full review »AP
Azharudheen Parangodath
Network administrator at PISystems
They should provide us with a CSV number for patch updates. It will help us block specific signatures as well.
View full review »KM
KhushruMistry
Chief Information Officer and Senior Vice President at Eureka Forbes Ltd
When everything is taken into account, the migration is quite painless. I believe that improvements will continue to come from the fact that as threat vectors get more complex around the world, advanced threat protection and deep packet inspection will become increasingly vital. That is where technology needs to advance much more quickly.
The most important feature to have is zero trust, which is lacking in Fortinet FortiGate IPS.
Zero trust is something that has to be embedded and I would still like to see how Fortinet approaches it.
View full review »BA
Bassam Alsabri
Network Engineer at PTC (Public Telecomuncation Corporation)
So far, everything has been good for us. We haven't had any issues.
While the security is good, we'd always prefer if it was even better to ensure protection.
View full review »Fortinet FortiGate can improve performance. There was a huge challenge in terms of CPU and memory where the IPS engine would keep triggering. There were random spikes of overutilization in the CPU and memory resources. They have to work on CPU and memory stability considering these IPS engines. A few versions were very unstable.
The current Fortinet FortiGate IPS package has only standard options. If they could work around optimizing those packages for different needs it would be better. There might be a media company, or banking organization, which needs a different set of signatures and different bundles on priority. If they could segregate that in terms of organization and needs, or at least institutional-wise segregation, that could be great.
View full review »SA
SergeAkpro
CTO at itecks
The speed of the detection could be improved. The prevention mechanisms and implementation are not easy and could be better. In addition, filtering and IDS could be added.
SA
SRHAVAN ACHARYA
CEO at a computer software company with 1-10 employees
Fortinet can add some Machine Learning and AI to improve its accuracy and give it an edge on IPS detection and protection. They have some machine language learning but can still improve using AI.
Whitelisting could be better. We'd like to be able to automate more so we can whitelist in bulk. It would be ideal to have the ability in this tool or to have a tool that could plug in and allow us to do whitelisting in batches.
View full review »We'd like more integration with the analyzer so we can track down any problem and have a correlation to try to find the root cause.
The solution could maybe use more integration with artificial intelligence to be more proactive.
View full review »SD
Santo Delgadillo
Infrastructure manager at a financial services firm with 1,001-5,000 employees
I would like to be able to generate reports about the protections that we have. I would like a report feature.
For example, I would like to see that in VPN and FortiGate, that the equipment that connects to the network is evaluated. Right now, FortiGate validates the users in the active directory and the users have the right permissions to connect. I would also add the user and the computers that are allowed in the active directory. It evaluates the actual active directory, and some computers are allowed but not all. Only the computers that are in the active directory. Right now, when you connect to the VPN, FortiGate checks the active directory. They have the check feature but it should be improved.
This solution has records but I would like to see that in IPS you could define your rules - we have almost 10 or 15 rules, and see if these rules provided protections over the month. For example, to track a specific rule across the IPS solution.
View full review »I have been pretty satisfied with the application as it is. I am pleased with the layout and how everything is integrated. Sometimes we will have a client who has a firewall that is not FortiGate, and often times we are able to convince them to switch over to using FortiGate as their solution because of our recommendations.
On a little different subject, the software for antivirus that we usually use with FortiGate is called Webroot. I know that some of our Apple / Mac clients experience some issues with the integration of that product. The integration, in that case, is not seamless. That is an issue that could be addressed.
KL
Kenneth Lim
Network Engineer at Masterfox
The tool is expensive for small businesses, making it an area where the tool can improve the product by making it available at a cheaper rate.
FR
Fabiano Rodrigues
Occupational safety technician at Concremat
The interface and product support could use improvement.
View full review »Fortinet FortiGate IPS could improve the configuration. In some use cases, there can be some configuration conflicts.
View full review »The graphical interface could be improved.
View full review »Overall, the integration could be better. The FortiManager is likely not good. I can't use it as it is unstable most of the time. We'd like to have an SD-WAN for a sandbox, for the Fortinet perimeter. We'd like to be able to manage different boxes.
View full review »HS
Harshama Silva
Solutions Manager, Corporate Technology at a tech services company with 51-200 employees
Price is a major competitor in the market for solutions. When we compare solutions, it's important to consider the pricing. To stay ahead of the competition Fortinet FortiGate IPS needs to think about how to adjust pricing. Most people prefer to use Apollo setpoint.
View full review »CN
CARLOS NASCIMENTO
Security System Consultant at Secureway Tecnologia da Informação Ltda
The price of the solution could be cheaper.
View full review »SB
Sharlton Bedward
System Administrator at a financial services firm with 51-200 employees
The solution is quite expensive and I'd like to see the cost reduced. I think Fortinet could raise their level of security. Their VPN service for users gives them the ability to direct remote users to exactly where they're supposed to go. It's good but some other solutions don't give access for remote users to come on to the network. Rather the cloud platform relays or reflects the application that the remote user would've wanted to get access to on the network. It means that remote users don't get to the physical network of the company and that's good for security.
View full review »BS
Bhupinder Sachdeva
Managing Director at ARS Pte Ltd
It would be better if they had a dashboard where we could see what attacks were happening. It would be good to see who's trying to get into our network.
View full review »JM
reviewer1138167
Gerente Regional at a comms service provider with 51-200 employees
I can't speak to coming across any missing features.
The solution has limited scalability. The sizing is based don't eh scale of the hardware.
View full review »JB
reviewer1355757
Lead Network Solution Developer at a comms service provider with 1,001-5,000 employees
They can probably improve the reporting feature. Reporting and report alerting are the main key features of this solution. They can always find ways to improve these.
View full review »We would like to see an improvement in the consistency of the product's performance levels.
View full review »M.
Marhaendy .
Team Lead at pgascom
The IPS monitoring can be improved.
The price could be better.
The installation was comparatively on the complex side when the solution's ease of use is stacked up against such products as Palo Alto.
BP
Bertrand PARE
Presales Engineer Individual Contributor at Talentys S.A
I would like to be able to see more log details.
View full review »PD
reviewer1513287
Network & Security Engineer at a tech services company with 11-50 employees
Its performance can be better. We have had performance issues in the past, but we sometimes tend to find that it is more related to what we do in our network than anything else. It is quite a good product, and there isn't much to improve.
View full review »MA
reviewer1206225
Presale and Operation Manager at a comms service provider with 51-200 employees
The solution could improve the integration.
View full review »AJ
reviewer1194234
Assistant IT Manager at a financial services firm with 201-500 employees
The web filtering categories could improve in Fortinet FortiGate IPS. There are too many websites under the category of Unknown and the other categories are not featuring all the necessary sites.
View full review »OY
reviewer634083
Senior Officer - IT Cyber Security Admin at a media company with 501-1,000 employees
The solution could improve the configuration, there are times the configuration is missing.
View full review »AS
Alberto Scalia
COO at Spincube Inc
The user interface needs a bit of upgrading.
Pricing could be better.
Customers are looking for 24/7 protection, but it's not as critical in the end. The pricing is preventing them for adopting it so they should be competitive.
View full review »MP
reviewer1729623
Sr. Corporate Marketing Executive at a tech services company with 11-50 employees
FortiGate's logging and reporting could be improved. I would also like to see Fortinet add a guest management portal.
View full review »AO
Ayokunmi Ogundapo
Systems Administrator at Interswitch
I think they could improve the monitoring.
View full review »Buyer's Guide
Fortinet FortiGate IPS
April 2024
Learn what your peers think about Fortinet FortiGate IPS. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
767,847 professionals have used our research since 2012.