We just raised a $30M Series A: Read our story

Fortinet FortiGate OverviewUNIXBusinessApplication

Fortinet FortiGate is the #1 ranked solution in our list of best firewalls. It is most often compared to Cisco ASA Firewall: Fortinet FortiGate vs Cisco ASA Firewall

What is Fortinet FortiGate?

The FortiGate family of NG firewalls provides proven protection with unmatched performance across the network, from internal segments, to data centers, to cloud environments. FortiGates are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

Fortinet FortiGate is also known as FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate.

Fortinet FortiGate Buyer's Guide

Download the Fortinet FortiGate Buyer's Guide including reviews and more. Updated: October 2021

Fortinet FortiGate Customers

Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co.

Whitepaper and case studies here

Fortinet FortiGate Video

Archived Fortinet FortiGate Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
KO
Consultant at WorldNet ICT Solutions Limited
Consultant
Provides good security features, and generating FortiCloud reports is helpful to us

Pros and Cons

  • "The security features are about the best that I've seen anywhere."
  • "Technical support for this solution can be improved."

What is our primary use case?

We use this solution for our company firewall.

What is most valuable?

This solution has many good features. The security features are about the best that I've seen anywhere.

I really like the fact that I am able to generate FortiCloud reports.

What needs improvement?

FortiWAN was supposed to help in doing intersite linking, but we've realized that most of the ISPs use BGP. FortiWAN supports OSPF but does not support the BGP protocol. This is a problem for us because without BGP they are not doing anything, and we've had to pack them up. I would like to see the BGP protocol supported on FortiWAN.

Technical support for this solution can be improved.

For how long have I used the solution?

We have been using this solution since 2017.

What do I think about the stability of the solution?

The stability is very good.

What do I think about the scalability of the solution?

The scalability of this solution is fantastic.

How are customer service and technical support?

I've been in contact with technical support a few times and it is good. It might be better, but as far as I'm concerned, it's good.

How was the initial setup?

The challenge for the initial setup was at the ISP level. We have the Fortinet firewall running, but between the various sites, we wanted to implement FortiWAN. It didn't work because of the BGP issue.

What's my experience with pricing, setup cost, and licensing?

The pricing for this solution is good.

What other advice do I have?

This is a product that I recommend.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Ibrahim El Sayed
Network & Hardware Administrator at Nile Projects & Trading Co.
Real User
Top 20
SD-WAN allows me to better manage and load balance our traffic

What is our primary use case?

We use this solution for securing and controlling our company, as well as to improve VPN services.

How has it helped my organization?

This solution has helped us by controlling our incoming and outgoing traffic. It blocks the vulnerabilities that can negatively impact us.

What is most valuable?

The most valuable feature is the SD-WAN because I can manage many lines and load balance them all.

What needs improvement?

I would like to have logs, monitoring, and reporting for a month without extra fees.

For how long have I used the solution?

We have been using this solution for more than eight years.

What is our primary use case?

We use this solution for securing and controlling our company, as well as to improve VPN services.

How has it helped my organization?

This solution has helped us by controlling our incoming and outgoing traffic. It blocks the vulnerabilities that can negatively impact us.

What is most valuable?

The most valuable feature is the SD-WAN because I can manage many lines and load balance them all.

What needs improvement?

I would like to have logs, monitoring, and reporting for a month without extra fees.

For how long have I used the solution?

We have been using this solution for more than eight years.
Disclosure: My company has a business relationship with this vendor other than being a customer: Fortigate
Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
540,984 professionals have used our research since 2012.
ZS
Network Engineer at Concentus
Real User
An intuitive user interface for our SOHO edge protection solution

What is our primary use case?

We use this solution for edge protection in SOHO and K-12 environments.

How has it helped my organization?

FortiOS has a very good, intuitive GUI.

What is most valuable?

This solution has solid UTM features combined with a nice GUI.

What needs improvement?

The Web-filter in this solution is not very good. Perhaps because Fortinet does not want to compete with its own dedicated solution.

For how long have I used the solution?

Three years.

What is our primary use case?

We use this solution for edge protection in SOHO and K-12 environments.

How has it helped my organization?

FortiOS has a very good, intuitive GUI.

What is most valuable?

This solution has solid UTM features combined with a nice GUI.

What needs improvement?

The Web-filter in this solution is not very good. Perhaps because Fortinet does not want to compete with its own dedicated solution.

For how long have I used the solution?

Three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
DW
President at a tech services company with 1-10 employees
Reseller
Top 5
A solution that impresses our customers and saves them money in the long run

What is our primary use case?

Our primary use for this solution is as an SMB boundary firewall, and we now use their Security Fabric.

How has it helped my organization?

This is a quality product with ok support, and it is better than the competition we've tried.

What is most valuable?

Security Fabric makes VLANs a breeze. It impresses customers, as well as saves them money over the long run when comparing apples to apples.

What needs improvement?

FortiOS is not simple. Too many people think it should be simple to use, but the complexity of the product makes that impossible.

For how long have I used the solution?

Seventeen years.

How are customer service and technical support?

The support for this solution is ok.

What is our primary use case?

Our primary use for this solution is as an SMB boundary firewall, and we now use their Security Fabric.

How has it helped my organization?

This is a quality product with ok support, and it is better than the competition we've tried.

What is most valuable?

Security Fabric makes VLANs a breeze. It impresses customers, as well as saves them money over the long run when comparing apples to apples.

What needs improvement?

FortiOS is not simple. Too many people think it should be simple to use, but the complexity of the product makes that impossible.

For how long have I used the solution?

Seventeen years.

How are customer service and technical support?

The support for this solution is ok.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PK
User at GOldair Handling
Real User
Has a friendly GUI and CLI to access its many features

What is our primary use case?

We primarily use this solution for our firewall, Application Control, QoS, IPSec, and SSL VPN.

How has it helped my organization?

This solution has a very friendly GUI and CLI as compared to other vendors.

What is most valuable?

The features that we have found most valuable are the SSL VPN and the user Portal.

What needs improvement?

This product could be improved with active directory integration and better handling in IPsec and GRE Tunnels. There are not enough recent online materials to assist in integration with Cisco for VPN, GRE, and IPSec.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Our experience with this solution is that it is stable and reliable.

Which other

What is our primary use case?

We primarily use this solution for our firewall, Application Control, QoS, IPSec, and SSL VPN.

How has it helped my organization?

This solution has a very friendly GUI and CLI as compared to other vendors.

What is most valuable?

The features that we have found most valuable are the SSL VPN and the user Portal.

What needs improvement?

This product could be improved with active directory integration and better handling in IPsec and GRE Tunnels. There are not enough recent online materials to assist in integration with Cisco for VPN, GRE, and IPSec.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Our experience with this solution is that it is stable and reliable.

Which other solutions did I evaluate?

We found the user interface to be better than what is found in other products.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Fernando Neto
Network Analyst at Aloo Telecom
Real User
A stable product that allows us to offer several services in a single box

Pros and Cons

  • "We have been able to offer several services to customers in a single box."
  • "I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."

What is our primary use case?

Our primary use case for this solution is the provision of services to our customers, the end users.

How has it helped my organization?

This solution has improved our organization a lot. We have been able to offer several services to customers in a single box.

What is most valuable?

The firewall is a valuable feature because it offers more security for end customers. The HA function is fantastic, as the link switching time is almost imperceptible. It also offers dedicated IP, all in one box.

What needs improvement?

I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity.

For how long have I used the solution?

Trial/evaluations only.

What do I think about the stability of the solution?

My impression of the stability is very good. It is very difficult to have to replace the equipment due to lack of resources.

What do I think about the scalability of the solution?

I found this product to be good for scalability. It offers several features, among them I can mention Application Control, Antispam, QoS and others.

How are customer service and technical support?

I found the technical support team to be careful and committed to delivering what we needed.

Which solution did I use previously and why did I switch?

Prior to using the FortiGate solution, I used the MikroTik RB1100AHx2e. I found that the FortiGate 60D offered more security.

How was the initial setup?

The setup was straightforward and easy, and the equipment has a good command line interface.

What about the implementation team?

We were given all the support that we needed for implementation. The vendors were fantastic.

What was our ROI?

The return is inevitable when you have equipment that offers stability and quality in services.

What's my experience with pricing, setup cost, and licensing?

Before choosing a piece of equipment you have to take into account the cost-benefit offered by each one. Sometimes it is not worth paying a very cheap price to have a minimum level of security.

Which other solutions did I evaluate?

Our evaluation of the MikroTik RB1100AHx2e revealed that it lacks antivirus software and has no lock for botnet control centers.

What other advice do I have?

There is a VOIP feature that by default is enabled on the Fortigate 60D. This greatly increases the CPU usage, which causes bad behavior in the equipment. This feature should be disabled and if necessary, the user can re-enable it.

The FortiGate 60D is a fantastic piece of equipment.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Vineeth Babu P
IT System Administrator at emirates hospital
Real User
Enables us to control our internet usage with the web filter for application features

Pros and Cons

  • "The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes."
  • "Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."

What is our primary use case?

We use Fortinet FortiGate mainly for web filtering and site-to-site VPN connectivity. We establish filters based on the type of application for filtering purposes.

How has it helped my organization?

With Fortinet FortiGate I can do over forty enlaces. We give all of the log-based runtime support to every user and the web traffic coming in. Also, we can enlace all of the security projects from our two servers with the other forty enlaces.

What is most valuable?

The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes. All branch FortiGate devices are integrated with FortiAnalyzer and easy to download and monitor the logs from all other locations. It's easy to change the configurations using CMD-SSH. FSSO is also another good feature. 

What needs improvement?

It is mainly our own application of FortiGate that we need to improve. If you compare FortiGate to any other products, all of the other products have more signatures. I couldn't find that many signatures available in the application.

Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server.

Fortinet should make it so that we are not able to use analytics from Cisco at the same time that FortiGate is installed. We are not able to do real-time network monitoring.

For the next release, FortiGate should be improved to support these issues. For the setup, you need to prepare a lot for that before engaging the deployment. 

I learned a lot about FortiGate from books. That should be important in preparation. Fortinet should implement these changes, then we would be able to do more.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

Stability is good. The only issue is that in the VPN, I have seen many times that there is no stability in the VPN configuration and VPN connectivity. That is our only issue.

What do I think about the scalability of the solution?

If we implement Fortinet to Fortinet connections, then the solution works fine and there are no issues. If we connect with any other vendor like Cisco, Palo Alto, or these kinds of devices, I can see sometimes that the connectivity issue is there.

From IIS, the I/O packet works and connectivity is ideal. Connectivity is fine, but the title clock unnecessarily comes in and sometimes it doesn't reach the destination.

We use Fortinet FortiGate in twenty to twenty-five locations at the time, although we are basically focused on healthcare industry requirements.

For the deployment and maintenance, we have two people we are using right now. Regarding maintenance and deployment, we employ experts in network and security support. 

We don't have any plans to increase usage of Fortinet FortiGate. We only use it in 25 locations.

How are customer service and technical support?

We have evaluated Fortinet FortiGate's technical support and it is good.

How was the initial setup?

The initial setup is straightforward. The normal VLAN interface configuration with the LAN configuration is fine. There is no problem with that. 

Our deployment took a maximum of half an hour to forty-five minutes. It only took this much time for the entire configuration including the LAN and policy configuration.

What about the implementation team?

We did not use an integrator or consultant. Our security engineers completed the configuration.

What other advice do I have?

In terms of rating, Fortinet FortiGate will come in with an eight out of ten. We are satisfied with the product overall. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
DA
Directorate at a wholesaler/distributor with 51-200 employees
Real User
A user friendly solution that helps protect us against spam

Pros and Cons

  • "It is user friendly, and has all the features you need."
  • "I feel that the reporting needs to be improved."

What is our primary use case?

Our primary use case for this solution is to protect ourselves against email spam.

How has it helped my organization?

This solution helps to protect us against spam and offers features like intrusion prevention.

What is most valuable?

The most important feature is that it's easy to use. It is user-friendly and has all the features you need. You can have IDS (Intrusion detection systems) and IPS (Intrusion prevention systems) in just one device. You don't need multiples. 

What needs improvement?

The reporting needs to be improved. Also, the VPN (Virtual private network) monitoring needs improvement.

Beyond these improvements, I cannot think of any additional features that I would like.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It is a stable solution. We rarely have problems.

What do I think about the scalability of the solution?

Regarding scalability, we have bought a very large box, so it meets all of our requirements.

We have a big company, with fifteen hundred end points.

How are customer service and technical support?

The technical support is excellent.

How was the initial setup?

I was not there when the initial setup was done.

Currently, we have five staff in charge of maintenance.

What's my experience with pricing, setup cost, and licensing?

Each feature costs money, so it is important to study your needs.

What other advice do I have?

Before implementing this solution, you have to study your network first, and then consider your needs. Decide what features you need and what features you don't need.

It is important to know what is required from the device because they come in very different models. There are different features and each feature costs money, so you need to be prepared so that you can optimize your cost. You don't want to end up buying something that you won't use in the future.

I would rate this solution eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
MM
Assistant Manager IT at Urmi Garments Ltd
Real User
Excellent Bandwith Agility from Webstie to Website

Pros and Cons

  • "We are very happy with the general bandwidth agility we have seen from one website to another website."
  • "I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."

What is our primary use case?

Our primary use case is providing cybersecurity applications to internet (IT) clients throughout India. 

How has it helped my organization?

Since we are still in the implementation period we still need more time to evaluate how this solution can add value to our organization.

What is most valuable?

We are very happy with the general bandwidth agility we have seen from one website to another website.

What needs improvement?

Since we are in the initial stages of implementation I can't suggest any additional features for the next release. At this point, I really need more time to evaluate the tool. The only thing I can recommend at this time is to make improvements for the user end when the user website is running slowly; the speed can definitely be improved. There is room to include IP wise and net-wise and bandwidth settings.

For how long have I used the solution?

Still implementing.

What do I think about the scalability of the solution?

Currently, we have more than 600 employees using this product. Our users range from IT staff, management, and senior executives. We are all using it. And we plan on increasing the number of users to more than what we are currently at.

How are customer service and technical support?

My technical support experience has been very poor. I think the technical support personnel isn't experienced in Bangladesh. They have much less technical experience and aren't as able to handle the work, as I am.

Which solution did I use previously and why did I switch?

Initially, we were using an IPVanish. We switched to this tool because we believed it would be easier to set up and use but it turns out it wasn't easier.

How was the initial setup?

The initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run.

What about the implementation team?

Our vendor team implemented the tool for us; the vendor team is based here in Bangladesh.    

What other advice do I have?

Maintenance only requires two or three people. At the moment both a Senior Executive and an IT manager are in charge of maintenance.

Besides wanting to see a faster connection speed I would like to see the expanded bandwidth, IP, and proprietary net settings feature included within the tool. 

I rate this product an 8 out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Gamal Al-Hamzah
Network Engineer at LinkTech
Real User
Improves internet speed and improves network security

Pros and Cons

  • "The most important features of Fortinet FortiGate are the Intrusion Prevention System (IPS) and firewall control applications."
  • "The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."

What is our primary use case?

We are a reseller of Fortinet products. We use FortiGate for Intrusion Prevention System (IPS) support. This is the most important reason that we use Fortinet FortiGate.

How has it helped my organization?

We required our network to be more secure. We also use FortiGate for improving the speed of the internet because the network here does not perform as we would like it to.

What is most valuable?

The most important features of Fortinet FortiGate are the Intrusion Prevention System (IPS) and firewall control applications.

What needs improvement?

The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing.

The network routing with Fortinet FortiGate can be an issue, but it generally depends on the size of the company.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

FortiGate is a wonderful appliance.

What do I think about the scalability of the solution?

We have knowledge of other firewall products but FortiGate is the best.

How are customer service and technical support?

We like the Fortinet technical support and how they have responded in the past.

How was the initial setup?

The initial setup was easy and not complex at all.

What's my experience with pricing, setup cost, and licensing?

There is only one issue with Fortinet FortiGate: It's the price. If the company makes its products cheaper then we can convince our clients to buy more.

What other advice do I have?

I would rate Fortinet FortiGate a nine out of ten because I don't know all of the features of the platform personally.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
NA
Manager systems at HOCL
Real User
Offers good threat protection and stability

Pros and Cons

  • "Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
  • "One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at the peak time when the number of contracts and users are at maximum."

What is our primary use case?

We use Fortinet FortiGate as a firewall. On some particular days, when our network traffic is very busy, we use a separate debit line. We need additional monitoring to know whether our production was cut by peak rates or not.

How has it helped my organization?

It satisfies all of our requirements.

What is most valuable?

The most valuable feature is the threat protection. With many users, I've found an issue where sometimes I need to monitor the traffic that I need to filter.

What needs improvement?

We have many users currently with this solution. One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at peak time when the number of contracts and users are at maximum. We feel a kind of bottleneck.

When I first entered the log section, I could not find any results. I did not find any proof, i.e. reporting and analytics on the speed and network availability were not optimized. I could not find any such log from the server, maybe Fortinet could improve this service.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

Fortinet FortiGate is stable.

What do I think about the scalability of the solution?

Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough.

How are customer service and technical support?

We are very well satisfied with the Fortinet technical support.

Which solution did I use previously and why did I switch?

We had been using another solution for approximately ten years. The product was not up to date, so we were not getting any support for it.

How was the initial setup?

The initial setup is straightforward. The total amount of deployment time required depends upon the number of users. Fortinet FortiGate automatically corrects any mistakes you make in the installation process.

What other advice do I have?

I cannot find anything lacking in Fortinet FortiGate. I would rate it a nine out of ten. We advise other users to go for Fortinet.

There is a back-up service that needs to be included with the firewall support.

I have the requirement to filter what information goes to the user to see which user require the most bandwidth and other resources. When there is a disconnection, that should be shown somewhere in the reports.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
VeerSharma
Branch Manager at a tech services company with 51-200 employees
Consultant
Effective bandwidth management saves us money and keeps our customers happy

Pros and Cons

  • "This solution made it very easy to manage our bandwidth."
  • "Compared to some other products, the DLP is not at par for the moment."

What is our primary use case?

Our primary use case for this solution is to manage bandwidth for our customers. This is done by setting the appropriate firewall rules and policies.

How has it helped my organization?

This solution made it very easy to manage our bandwidth. It is important because we do not have to buy additional bandwidth from our ISPs. The rules and policies are set such that our users are happy, and we can maintain our current cost of bandwidth.

What is most valuable?

One of the most valuable features for us is that it is easy to configure. It is also very easy to manage. One of the things we were looking at was a product that is user friendly, and this helps us to generate and analyze the reports we need.

What needs improvement?

I recently saw the new updates that are coming, such as the ability to quarantine a user's machine. Once done, you have the ability to connect to it from the FortiManager Console and you can bring it back online, out of quarantine. This is all very good news.

One of the areas that I feel need improvement is on the DLP (Data Leak Prevention) side of things. Compared to some other products, the DLP is not at par for the moment.

Also, if in the next few years this solution can be made to support HE between models, it would be better.

I feel that improvements can be made on the security side. Sometimes the product does a good job, but sometimes not.

For how long have I used the solution?

More than five years.

What do I think about the scalability of the solution?

The scalability is good, although I see that some brands are now coming up with an important advancement. Currently, when you want to do HE (High-end), you have to have the same model or a similar model. Some competing solutions are now able to do HE between mixed models.

How are customer service and technical support?

I hardly ever use their technical support, but when I do they are pretty good.

Which solution did I use previously and why did I switch?

Previously we were using SonicWall, and we had no trouble after switching to FortiGate. One of the reasons that we switched is because we needed something that is easy to configure and manage.

One of the problems we had is that we could not get SonicWall to print out a comment. The documentation says that it should be able to, but it was not printing. The currently solution meets this requirement.

How was the initial setup?

The initial setup is straightforward and it is easy to configure.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, the cost of the product is important because we do not want to pay for something that is too expensive. At the same time, however, pricing is not as important as manageability and support. I would say that all things considered, the pricing is pretty good.

Which other solutions did I evaluate?

After switching from SonicWall, we did not evaluate options other than the current solution.

What other advice do I have?

We look for a couple of things when selecting a vendor or product. First, we look at the user interface and figure out whether it is easy to manage. We also consider the price because we do not want to overpay. That said, price is not our number one priority; user manageability is. 

We have been using a pretty wide range of products. We have used models such as the Fortinet FortiGate-30E, 51E, 90D, and 200D. They are all pretty good at doing the job that they are configured for. Obviously, the firewall sizing has to be done right, but if the product sizing is done correctly then they will never go wrong.

I have not yet used the cloud access capability, but we do plan on testing it.

After we purchased FortiGate we grew by forty percent, and it was able to continue to perform as it had before.

Overall it is user-friendly, easy to configure, easy to manage, the support is pretty good, they are priced low, and they do the job that you require.

I would rate this solution nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
DY
Principal Mining Consultant at senhwabio
Consultant
Auto-scans for viruses, worms, and malware

Pros and Cons

  • "The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
  • "Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."

What is our primary use case?

We use Fortinet FortiGate out of fear for malware on the internet, to protect our users from malware. We also use FortiGate to prevent connections to the internet.

How has it helped my organization?

We mainly use Fortinet FortiGate to prevent infections of technology on our network devices. We use it to auto-scan for viruses, worms, and malware.

What is most valuable?

The feature that prevents internet connections, the filtering, is the most valuable feature because we did not have any internet protection before.

What needs improvement?

Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Fortinet FortiGate is very stable. We use it for 20 hours a day only. It is a firewall so it cannot be shut down.

What do I think about the scalability of the solution?

Fortinet FortiGate is scalable, but it is not a requirement for us. We only have 25 users. They are general users, not engineers. I am the only engineer needed to maintain FortiGate.

How are customer service and technical support?

We didn't need Fortinet customer support because FortiGate was already configured.

Which solution did I use previously and why did I switch?

We started with Fortinet FortiGate. We weren't previously using another solution. 

How was the initial setup?

The initial setup of Fortinet FortiGate is not so difficult. We got the instructions for the installation from Fortinet online.

The majority of the work was implemented by our vendor. The deployment took about two days to complete.

What about the implementation team?

The installation of Fortinet FortiGate was implemented by our vendor. They are a third-party selling company, not the original manufacturer.

What's my experience with pricing, setup cost, and licensing?

Fortinet is reasonable in pricing and licensing. Overall, FortiGate is affordable. The licensing fee can be a little high, depending on the budget for your project.

Which other solutions did I evaluate?

Other products are not so popular in Taiwan, but the IBM IPM solution is a major competitor to Fortinet FortiGate for firewalls.

What other advice do I have?

Fortinet FortiGate is a stable and affordable product. I would rate Fortinet FortiGate an 8/10. So far, Fortinet FortiGate has been enough for our business requirements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Emmanuel  Salamat
Solutions Architect at UAS
Reseller
Optimizes security on the network and protects the company from attacks from outside

Pros and Cons

  • "Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. With FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access."
  • "Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites."

What is our primary use case?

We use Fortinet FortiGate as the firewall for our networks and as a security device. Fortinet FortiGate is used in our organization for:

  • making policies
  • security profiles
  • identity management
  • blocking applications on websites
  • making objects
  • future groups
  • user management
  • network reports
  • data analytics
  • other stuff

FortiGate is not just a security solution, but also a network solution, because it can do SD-WAN which provides innovation to security.

How has it helped my organization?

Originally, I used Fortinet FortiGate for SD-WAN. There is actually a feature for the SD-WAN. I could find a port and use it for SD-WAN. Then I also used FortiGate for security rules.

We implement solutions categorizing the insurers by Fortinet, i.e. what are the network users that are allowed in this particular instance or for these particular policies.

We program every port you can set the policies on with Fortinet FortiGate. You can actually see the users that access the particular website and govern the rules for web traffic.

What is most valuable?

First and foremost, Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. 

With Fortinet FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access. 

It can also do detailed reporting and analytics that comprise information from recorded events on the network by traffic location, device, IP address, etc.

What needs improvement?

Flexibility is questionable when it comes to the hardware parts. If Fortinet can make FortiGate modular so that you can actually upgrade it without changing the parts, I would prefer it. 

If Fortinet FortiGate could actually integrate with the hybrid cloud architecture without changing the storage parts, i.e. the hardware, it would be better.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The Fortinet FortiGate solution is 81% stable. I would say it is very flexible. I would grade it an eight or nine.

What do I think about the scalability of the solution?

Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites.

With FortiGate, if you want to upgrade, it is physical and you have to buy a bigger box. You have to replace it with a bigger one. The boxes of Fortinet are not modular, so you have to replace the entire box. That's one of the bad sides of Fortinet. 

When it comes to security, it's not really possible if the other solution is actually plausible. 

How was the initial setup?

The deployment of Fortinet FortiGate is complex. It depends on how long you are going to maintain the network of the client. For us, it would only take a day or two.

What about the implementation team?

We are resellers of Fortinet products.

What other advice do I have?

The Fortinet FortiGate solution has to have a system-wide update for improvements. First and foremost, you need to have a patch. You have to continually improve FortiGate by having continuously updated patches applied. 

Then always check for the admin reports from Fortinet that the patch was applied. When it comes to the features of this device, I would rate Fortinet FortiGate an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Amgad Soliman
Senior System & Security Administrator at a legal firm with 51-200 employees
Real User
Offers side-to-Side VPN Support for Secure Networking

Pros and Cons

  • "Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E."
  • "Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."

What is our primary use case?

We use Fortinet FortiGate 100E for a VPN. We also use the solution for word filtering. These are our primary business requirements.

How has it helped my organization?

We were not fully operational previously. Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. 

In Egypt, to make this possible, we built connections for everything between the two sides through the internet using the VPN side-to-side with Fortinet. 

We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E.

What is most valuable?

The main feature that Fortinet FortiGate has that is very useful for me, is that I can connect two sides of the network to each other with Fortinet. 

I can make two VPNs run side-to-side. VPN is very simple and so easy with FortiGate.

What needs improvement?

Fortinet needs more memory to save the log files (like in the 101E, the old product). We need it to save the logs on the hardware and not in the cloud. 

I know this feature is available in FortiCloud, but if we need to log locally, it is not available. Also, the log only records a little time and needs to be longer.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Fortinet FortiGate offers good stability. I have been using it for around two years.

What do I think about the scalability of the solution?

FortiGate is a very scalable tool. They have an app to manage the access points, switches, and other solutions. 

For our project, now we're over a hundred users at the headquarters. The other branch supports about 20 persons.

How are customer service and technical support?

Fortinet tech support is very helpful. I have not faced any trouble with their technical support. 

Which solution did I use previously and why did I switch?

The other product I was previously using was ForgeRock but did not have the experience of integrating it with Fortinet FortiGate.

How was the initial setup?

For the Fortinet installation, our initial setup was for word filtering. It was very easy and did not take a lot of time. The deployment took about three days. 

FortiGate is very easy. The entire solution setup processes took about three days. I can make many of the rules for most users as we need it configured easily.

What about the implementation team?

I am the integrator for Fortinet FortiGate solutions at our company.

What's my experience with pricing, setup cost, and licensing?

The licensing price for the Fortinet products is approximately a thousand of dollars per year for the FortiGate 100E and $200 per year for the FortiGate 50E. 

I don't use additional licensing, just the yearly subscription.

Which other solutions did I evaluate?

We did not evaluate any other options for this purchase.

What other advice do I have?

If anyone asks me for my experience with Fortinet solutions, I would recommend FortiGate, especially if they need to use it for security. 

I would recommend the FortiGate series for integration with any hardware or software product. I am very satisfied with Fortinet. I would rate it a 9 out of 10 overall.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
NC
Director, CFO at IT Green Public Company Ltd.
Real User
Securely Protects Databases in Business Operations

Pros and Cons

  • "Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
  • "Fortinet already improved FortiGate, but in the current market, many brands of security devices have improved together. Fortinet still needs to catch up with market standards. Fortinet is lacking in features in comparison to competitors."

What is our primary use case?

Fortinet FortiGate has many use cases: firewall, security, and wifi controller. We use the solution for our project's internet gateway.

How has it helped my organization?

My company operates a large data center with many useful applications, sections, and databases. We have to put the security function into FortiGate to protect the databases in the organization.

What is most valuable?

Fortinet FortiGate has many excellent functions and good security. The firewall is the most common function that we have used for a long time.

What needs improvement?

The Fortinet FortiGate firewall has been improved with many new functions. Fortinet is working to develop a new generation of firewalls with better security.

Fortinet already improved FortiGate, but in the current market, many brands of security devices have improved together. Fortinet still needs to catch up with market standards. 

Fortinet is lacking in features in comparison to competitors.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Fortinet FortiGate is very stable.

What do I think about the scalability of the solution?

Our experience with Fortinet FortiGate depends more on the sizing of the customer. Fortigate is very scalable to serve our customers' needs.

We have scaled from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers. 

We are not a distributor for Fortinet, so we will not actively promote it as a solution.

How are customer service and technical support?

The technical support with Fortinet is good. We have our engineers required to have certification in Fortinet products. We provide training classes for our engineers.

Which solution did I use previously and why did I switch?

We also implement solutions with Palo Alto Networks and WatchGuard.

How was the initial setup?

Fortinet FortiGate is user-friendly to set up. The UI is fine. We still have concerns about security with Fortinet. 

The security could be improved compared with Palo Alto Networks equipment. Palo Alto Networks products have more technical issues than Fortinet.

Overall, Fortinet FortiGate is not complicated to set up. 

What about the implementation team?

We had a team for implementing Fortinet FortiGate on these projects. We also have many business partners for service work as integrators. 

Our partner for the Fortinet FortiGate installation was one of the few consultancies that have exceptionally good service in the market currently.

We have begun Fortinet FortiGate training through the consultant company and now have many partners for service contracts. 

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing of Fortinet FortiGate are good if they stay the same. The price is not too high now, but license pricing still changes too much. 

Fortinet FortiGate is comparable with the other products in the current market.

Which other solutions did I evaluate?

We are not sole-distributors of Fortinet products currently. It is part of a portfolio of solutions that we offer our business clients.

What other advice do I have?

The policy for integration and for configuring Fortinet FortiGate should be friendlier than in the version we are using now. Because Fortinet has been in the market for a really long time, and we are very experienced with Fortinet products, I would rate FortiGate with an eight or nine out of 10. I would rate it this score because of the experience that Fortinet has as a market leader for such a long time.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user819147
Head of IT at CGP
Real User
Next-Generation Advanced Firewall Protection

Pros and Cons

  • "Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others."

    What is our primary use case?

    Our primary use of Fortinet FortiGate is for a firewall. I use it as the firewall system and protection from spam. I mainly use Fortinet FortiGate for protection and security.

    How has it helped my organization?

    Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others.

    What is most valuable?

    I like all of FortiGate's features. 

    What needs improvement?

    The FortiGate reporting system needs to be more detailed about files. Palo Alto Networks is more detailed in the reporting system than Fortinet.

    Currently, as for our security, we don't need more. The main reporting in Palo Alto Networks is much more developed than Fortinet, especially in the part of the file exchange.

    As a security lead, I think Fortinet FortiGate is much more reliable than Palo Alto Networks.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    The Fortinet FortiGate solution is very stable for our installations.

    What do I think about the scalability of the solution?

    The scalability of Fortinet FortiGate is sufficient. What we bought was sufficient for what we need. I don't know if we're going to need to upgrade it or not, it depends on if we need to increase or lessen it. 

    Since we built Fortinet FortiGate we didn't need to do anything more for it. Over 200 users are currently using this solution and only one staff is required for maintaining it.

    How are customer service and technical support?

    The Fortinet technical support is very good.

    How was the initial setup?

    Setup and installation of Fortinet FortiGate were very straightforward. The deployment stage took five days. We used an integrator company and they were very good.

    What about the implementation team?

    We implemented Fortinet through a third-party integrator company.

    What's my experience with pricing, setup cost, and licensing?

    With Fortinet licensing, you have to buy a license for every product: for the stamp, for the email, for the firewall, for everything. This is all the same for all vendors. You have to buy a license for each service. 

    In terms of pricing, they are reasonable compared to Palo Alto Networks. FortiGate is much cheaper than Palo Alto Networks with more efficiency in operations.

    Which other solutions did I evaluate?

    We talked to several vendors like Cisco and Palo Alto Networks. There was another system and they gave us a test drive for a week running it on their premises to see how reliable it is.

    We tested Cisco, a next-generation firewall, two years ago. We also tested the Palo Alto Networks equipment.

    What other advice do I have?

    We may increase our usage of Fortinet next year. 

    I would recommend to anyone to buy Fortinet FortiGate. I would rate the product ten out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Mohamed Abdullah
    Senior Security Engineer at crystal networks
    Real User
    Enables us to load balance more than six internet lines but they should develop better visibility, monitoring, and reporting

    What is our primary use case?

    Our primary use case is as a firewall. 

    How has it helped my organization?

    Customers want to load balance more than six internet lines. FortiGate is the only solution that can accomplish this. 

    What needs improvement?

    The monitoring and the visibility, in this proxy, is very weak. I would for them to develop better visibility, monitoring, and reporting.  

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It's not always stable. When there's heavy traffic, we get hardware problems. 

    How are customer service and technical support?

    Their technical support is very good. 

    How was the initial setup?

    The configuration was very easy. I didn't have any problems with it.  It depends…

    What is our primary use case?

    Our primary use case is as a firewall. 

    How has it helped my organization?

    Customers want to load balance more than six internet lines. FortiGate is the only solution that can accomplish this. 

    What needs improvement?

    The monitoring and the visibility, in this proxy, is very weak. I would for them to develop better visibility, monitoring, and reporting.  

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It's not always stable. When there's heavy traffic, we get hardware problems. 

    How are customer service and technical support?

    Their technical support is very good. 

    How was the initial setup?

    The configuration was very easy. I didn't have any problems with it.

     It depends on the project, but I don't need a lot of resources to maintain it. One or two staff are enough to deploy and maintain it.

    What about the implementation team?

    I integrated it myself. 

    What's my experience with pricing, setup cost, and licensing?

    Our licensing costs are on a yearly basis. 

    What other advice do I have?

    I would rate it a seven out of ten. Not a ten because of the monitoring and the stability issues. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    Derrick Slaton
    IT Specialist 3 at a financial services firm with 51-200 employees
    Real User
    Enables us to to set up remote systems and has good stability

    Pros and Cons

    • "The ability to set up remote systems is the most valuable feature."
    • "They should improve the interface to make it more user-friendly."

    What is our primary use case?

    We use this solution as our firewall. 

    How has it helped my organization?

    We have branches that we use for the net clients to VPN back into our network.

    What is most valuable?

    The ability to set up remote systems is the most valuable feature. 

    What needs improvement?

    They should improve the interface to make it more user-friendly. 

    I would like to see some sort of reporting if there was an issue with the connecting network sources or connections.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It's definitely stable. We haven't had any issues with it. 

    What do I think about the scalability of the solution?

    I would rate the scalability an eight out of ten. We have just over 100 users using this solution.  

    How was the initial setup?

    The initial setup was complex. The user interface was a little bit difficult so it made actually setting it up a little bit complicated. The deployment took a week to roll out four branches.

    What about the implementation team?

    We used an integrator for the deployment and had a good experience with them. They made it easier to get everything set up.

    What's my experience with pricing, setup cost, and licensing?

    There are no additional costs aside for the standard licensing fees.

    What other advice do I have?

    FortiGate is very good if you're thinking of expanding where you have remote offices, then it's a good solution.

    I would rate this solution an eight out of ten. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    RO
    IT Manager at Soporte Antivirus Ltda
    Real User
    Enables us to check our sites and emails for threats

    What is our primary use case?

    Our primary use case is for checking sites, threat prevention, ransomware, and email check.  

    How has it helped my organization?

    We can use our devices to check all of the perimeters. It secures email websites. 

    What needs improvement?

    They need to improve their technical support. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    The stability is good. 

    What do I think about the scalability of the solution?

    It's scalable. We have 22 users. 

    Which solution did I use previously and why did I switch?

    We were previously using Sophos XG. 

    How was the initial setup?

    The initial setup was easy. The implementation took around two hours. 

    What other advice do I have?

    I would…

    What is our primary use case?

    Our primary use case is for checking sites, threat prevention, ransomware, and email check.  

    How has it helped my organization?

    We can use our devices to check all of the perimeters. It secures email websites. 

    What needs improvement?

    They need to improve their technical support. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    The stability is good. 

    What do I think about the scalability of the solution?

    It's scalable. We have 22 users. 

    Which solution did I use previously and why did I switch?

    We were previously using Sophos XG. 

    How was the initial setup?

    The initial setup was easy. The implementation took around two hours. 

    What other advice do I have?

    I would rate it an eight out of ten. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    KS
    ICT Administrator at a mining and metals company with 11-50 employees
    Real User
    Enables us to bring security into compliance with our policies

    Pros and Cons

    • "I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
    • "Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area."

    What is our primary use case?

    Our primary use case is for our company firewall. We use it for intrusion prevention and anti-virus.

    How has it helped my organization?

    The internet filtering feature has really benefited my organization because we have a lot of things that go on illegal sites like auto torrents sites and a lot of streaming and downloads. We've been able to minimize the impact of bandwidth by filtering out media sites. This solution has also benefited us by bringing security into compliance with our policies.

    What is most valuable?

    I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good. 

    What needs improvement?

    Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area.

    There is a feature that Palo Alto has called Traps. It helps to prevent attacks on the system. A feature similar to this would be worth adding.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It's very much stable.

    What do I think about the scalability of the solution?

    It is very scalable. We have around 200 users. 

    How was the initial setup?

    The initial setup was not complex. 

    What about the implementation team?

    We have had experience with enterprise firewalls and notably, we had experience with Fortinet, so the deployment was done in-house. We require four people for deployment and maintenance. 

    What's my experience with pricing, setup cost, and licensing?

    Compared to Palo Alto, which we have used in the past, pricing and licensing are okay.

    What other advice do I have?

    I would advise someone considering this solution to learn the product. You have to get to know the product, don't just look at it from outside. Get to know the product, the ins and outs and see how you can actually use it for your scenario.

    I would rate it an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    CB
    System Administrator at Udenar
    Real User
    A complete solution, but it is very expensive compared with other solutions

    What is our primary use case?

    We use FortiGate for edge protection by avoiding attacks to the servers of the institution, also, by protecting the LAN network.

    How has it helped my organization?

    Having FortiGate allowed for easy management of the network, protection from threats by having a very intuitive administration console.

    What is most valuable?

    The most important feature for me apart from the administrator is the UTM module because it protects the equipment of the entity in a very efficient way.

    What needs improvement?

    FortiGate is a complete solution, but it is very expensive compared with other solutions. Then actually, we are analyzing other solutions.

    For how long have I used the solution?

    More than five years.

    What is our primary use case?

    We use FortiGate for edge protection by avoiding attacks to the servers of the institution, also, by protecting the LAN network.

    How has it helped my organization?

    Having FortiGate allowed for easy management of the network, protection from threats by having a very intuitive administration console.

    What is most valuable?

    The most important feature for me apart from the administrator is the UTM module because it protects the equipment of the entity in a very efficient way.

    What needs improvement?

    FortiGate is a complete solution, but it is very expensive compared with other solutions. Then actually, we are analyzing other solutions.

    For how long have I used the solution?

    More than five years.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Neal Tipton
    Consultant at MT Pockets Computers
    Consultant
    The reporting that automatically comes off the unit makes it much easier to meet compliance standards

    Pros and Cons

    • "We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
    • "They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."

    What is our primary use case?

    Our primary use case of this solution is for intrusion detection and prevention.

    How has it helped my organization?

    We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best features.

    What is most valuable?

    There's an all-inclusive appliance where all of the logs, registers, and everything is customizable as far as the way reporting comes back.

    What needs improvement?

    They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much so when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to their remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that.

    There's a link off of the reports that you can click and make suggestions, which is pretty awesome because it seems like somebody is reading those and doing something about it. If I could save reports on a format where I could save space and not have to reprint them and move information down from letterheads and that sort of stuff that would be great. Formatting reports is the only thing I would change about that product right now.

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    It's solid. It's a rock solid solution.

    What do I think about the scalability of the solution?

    Scalability is excellent. Across three locations we have 120 users.

    How are customer service and technical support?

    Their technical support is excellent.

    Which solution did I use previously and why did I switch?

    We did use a different solution. We switched primarily because of the audit trails because the user interface, what you saw on the screen and the options you were presented with were difficult to configure and we ended up spending a lot of time trying to get the information that we wanted. 

    How was the initial setup?

    For the product that it is, the initial setup was straight forward but not so simple. The Dell EMC product is simple, this is more complicated than that but it wasn't incredibly difficult. We rolled that out on a test network initially and to try to get our rule sets correct so that we didn't run into issues and did testing for about a week. The initial set up time took around an hour and a half, and it was on a virtual network with a bunch of virtual machines. We just tested it for about a week just to make sure that we weren't going to run into a lot of issues switching from the old IDS to the new one.

    What about the implementation team?

    I installed it. I did the product research and was involved in the purchase decision but I did not purchase the product, I was not a vendor of the product, and I did not make any money on it.

    What's my experience with pricing, setup cost, and licensing?

    As far as the licensing goes for the small product that we have, the pricing was pretty competitive. It wasn't as simple and as cheap as a SonicWall but for the service we would get it was a good price.

    What other advice do I have?

    There's a setup guide on the Fortigate website that is a video that is far better than the written manual that is provided. If you've set up other products before, that may get you through, but the training on their website was far more useful to me than the user manual.

    I would rate this solution a nine out of ten. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user678567
    Solutions Architect at Focus
    Reseller
    It is a good product from a price perspective versus functionality

    Pros and Cons

    • "It is easy to use and performs very well."
    • "There could be more integration between the logging and analytical platforms to make it more seamless and integrated."

    What is our primary use case?

    My primary use is for border protection for connectivity out onto the Internet. This product has performed exceptionally well.

    How has it helped my organization?

    It just runs. We have had very few issues with the solution.

    What is most valuable?

    It is a good product from a price perspective versus functionality. It is easy to use and performs very well.

    What needs improvement?

    There could be more integration between the logging and analytical platforms to make it more seamless and integrated.

    For how long have I used the solution?

    More than five years.

    What do I think about the scalability of the solution?

    It is a very secure, easily managed product. It keeps up-to-date with all the variabilities.

    What's my experience with pricing, setup cost, and licensing?

    Price-wise, it's at a good price point for our market.

    What other advice do I have?

    If someone is considering this solution, they should do their homework to learn about the product. A user should make sure they compare between a short list of products. The choice should be made after considering price, support, ease of access, and evaluation of integration with other products the organization still uses. Due diligence is the key to integrating a solution.

    Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
    JM
    PTL Network Administrator at a non-profit with 1,001-5,000 employees
    Real User
    A cost-efficient product that is very user friendly

    Pros and Cons

    • "It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly."
    • "The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."

    What is our primary use case?

    It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user-friendly.

    What is most valuable?

    It gives priority to certain applications compared to others as well because internally all our applications are web based.  We use FortiGate to prioritize certain applications to be accessed much faster than the others. For end users, it enables access to the applications and web filtering, as well. That's where we block off most of the sites and we can do scheduling, as well as access to certain sites within certain periods of time.

    What needs improvement?

    The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade, should be returned. It was a very valuable feature for us.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    The stability of the product is consistent with our needs.

    What do I think about the scalability of the solution?

    In terms of usage, I have a main branch and then we have smaller branches throughout the country. Connecting to each site through FortiGate is much easier.

    What's my experience with pricing, setup cost, and licensing?

    It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us. The bottom-line is that it all comes down to the pricing of the solution.

    Which other solutions did I evaluate?

    I looked at Cisco, and I think that FortiGate is more reliable, consistent and stable.

    What other advice do I have?

    When choosing a new solution, I suggest seriously researching the pricing and the features. It must be a solution that fits your particular requirements and specifications. 

    I think FortiGate is more reliable, consistent, and easy to learn. It is robust and more secure than other solutions on the market.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    EB
    Engineering Manager with 1-10 employees
    Real User
    Prevents outside attacks to our network

    What is our primary use case?

    Our primary use is for firewall protection. 

    How has it helped my organization?

    It provides security purposes, and it makes our network safe from outside attacks.

    What is most valuable?

    The most valuable feature is the bundled subscription, which is IPS, TV and web filtering. I also like the application control.

    What needs improvement?

    I think they need to improve more in order to be a competitor with the leaders of the field. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It is stable, there is not too much downtime.

    What's my experience with pricing, setup cost, and licensing?

    They need to be competitive with other solutions.

    What is our primary use case?

    Our primary use is for firewall protection. 

    How has it helped my organization?

    It provides security purposes, and it makes our network safe from outside attacks.

    What is most valuable?

    The most valuable feature is the bundled subscription, which is IPS, TV and web filtering. I also like the application control.

    What needs improvement?

    I think they need to improve more in order to be a competitor with the leaders of the field. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It is stable, there is not too much downtime.

    What's my experience with pricing, setup cost, and licensing?

    They need to be competitive with other solutions.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    VictorCastillo
    IT Management with 11-50 employees
    Real User
    An inexpensive answer for firewall protection

    What is our primary use case?

    I primarily use this product as a firewall protection. 

    How has it helped my organization?

    With Fortigate, I find fewer attacks. The console easily alerts me about possible attacks so I can prevent the malware attacks.

    What is most valuable?

    It is easy to use.

    What needs improvement?

    The UTM filtering control could be improved. 

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    I do not have problems with the stability of the solution. It works well.

    How is customer service and technical support?

    We do not use a lot of tech support. It is not readily available in our area.

    What's my experience with pricing, setup cost, and licensing?

    The price of the solution is not…

    What is our primary use case?

    I primarily use this product as a firewall protection. 

    How has it helped my organization?

    With Fortigate, I find fewer attacks. The console easily alerts me about possible attacks so I can prevent the malware attacks.

    What is most valuable?

    It is easy to use.

    What needs improvement?

    The UTM filtering control could be improved. 

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    I do not have problems with the stability of the solution. It works well.

    How is customer service and technical support?

    We do not use a lot of tech support. It is not readily available in our area.

    What's my experience with pricing, setup cost, and licensing?

    The price of the solution is not expensive. It is affordable.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    OC
    CTO at a comms service provider with 501-1,000 employees
    Real User
    Valuable option for security although unstable at times

    How has it helped my organization?

    It has improved our security capabilities. 

    What is most valuable?

    We find the most valuable aspect of this solution is the price. It is affordable and cheaper than other firewalls.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    There were quite a few problems with the stability of the system but now it's working fine. I think it had to do with the complex environment, not because of the product itself.

    What's my experience with pricing, setup cost, and licensing?

    It is an inexpensive solution.

    How has it helped my organization?

    It has improved our security capabilities. 

    What is most valuable?

    We find the most valuable aspect of this solution is the price. It is affordable and cheaper than other firewalls.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    There were quite a few problems with the stability of the system but now it's working fine. I think it had to do with the complex environment, not because of the product itself.

    What's my experience with pricing, setup cost, and licensing?

    It is an inexpensive solution.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Shahab Razak
    Network Architect at Finastra
    Vendor
    The option of using the GUI and CLI interchangeably is invaluable

    What is our primary use case?

    Needed to get off of EOL Cisco ASA platform and we evaluated Checkpoint, Palo Alto, and FortiGate 1500 and 3000D. We chose FortiGate, FortiAnalyzer, and FortiManager as our solution.

    How has it helped my organization?

    Better visibility into traffic patterns Lightening fast troubleshooting and reduced management complexity overall.

    What is most valuable?

    Live traffic viewer Packet capture, and The option of using GUI and CLI interchangeably.   FortiManager and FortiAnalyzer helps us manage multiply firewalls.

    What needs improvement?

    The speed of synchronization between FortiManager and FortiGate could be improved, but that could be because we host them in Azure.

    For how long have I used the solution?

    Still implementing.

    What is our primary use case?

    Needed to get off of EOL Cisco ASA platform and we evaluated Checkpoint, Palo Alto, and FortiGate 1500 and 3000D. We chose FortiGate, FortiAnalyzer, and FortiManager as our solution.

    How has it helped my organization?

    • Better visibility into traffic patterns
    • Lightening fast troubleshooting and reduced management complexity overall.

    What is most valuable?

    • Live traffic viewer
    • Packet capture, and
    • The option of using GUI and CLI interchangeably.  

    FortiManager and FortiAnalyzer helps us manage multiply firewalls.

    What needs improvement?

    The speed of synchronization between FortiManager and FortiGate could be improved, but that could be because we host them in Azure.

    For how long have I used the solution?

    Still implementing.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Sabyasachi Sen
    General Manager with 51-200 employees
    Real User
    I am "headache free" now that I don't have to categorize all the websites and that security has been pre-categorized. The tech support needs improvement.

    Pros and Cons

    • "I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."
    • "A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve."

    What is our primary use case?

    My primary use case for this solution is using it as a key net and as a firewall.

    How has it helped my organization?

    For Fortinet Fortigate,I have to have a Fortigate access point. In my opinion, it should have been a universal access, which supported the universal access point. At this point, our campus is large with some 10 thousand students and staff on board at any given time. Every time I have to use Fortigate, the access point portal has to be a universal type. It would be nice if I did not have to "marry" Fortigate for everything.

    What is most valuable?

    The only feature is that I don't have to be worried about categorization of the websites. I am able to put on the policies for the blog because this is an institution.There are several restrictions out there to get onto the websites. It creates a "headache free" environment for us.

    What needs improvement?

    A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve.

    My only solution would be please don't make it as a closed source. Don't make it as
    a closed source. Give some kind of a power to the user so that they can consider it
    according to their determine that it should have some flexibility on concurrent
    connections not be restricted. I agree that to some concurrent connections the CPU and
    the box may be a lower model and it need some higher scale level with this. But, there
    should be a provision. There should be a provision to go to at least to 60-70% onto the
    threshold to go beyond the designed capacity of something. Like we call it as a design
    capacity, and since 70% addition to the 100% of it.

    What do I think about the stability of the solution?

    If I compare with the open source, it has really frustrated me for a couple of things. Whenever my students or faculty goals increase, then in Fortinet, I need to change the model for going with the higher model, or better model more better first tier it can deal with it.

    What do I think about the scalability of the solution?

    It should have been scalable. But, it is not quite so. There are limitations, I need to change the box or I have 1500 D. That means I can make 1000 connections, but some kind of vestibules are going on and the advances are going on. Then, I find it very difficult to give  a connectivity simultaneously and upon current connections. As a result, I have to deprive my faculties, my staff, or my students of certain functions.

    How is customer service and technical support?

    Tech support is not very efficient in India.

    Which other solutions did I evaluate?

    We have considered the Linux Suite and HP BSM.

    What other advice do I have?

    As I said, that at least one part I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Ahmed Konsowa
    Senior Pre-Sales Engineer (Commercial Sector) at SEE "Systems Engineering of Egypt"
    Reseller
    Top 20
    It has very easy management and an amazing ETM configuration.

    What is our primary use case?

    My primary use case of this solution is as a data center. It performs very well.

    How has it helped my organization?

    It has very easy management and an amazing ETM configuration.

    What needs improvement?

    I would like to see more advanced developments of a wireless controller in the future.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    I think the product is stable. It is amazing.

    What do I think about the scalability of the solution?

    It is amazing, but sometimes there are issues with Fortinet Integrations. But, I know they are now trying to rectify the problem.

    How is customer service and technical support?

    We have good technical support from the vendor.

    How was

    What is our primary use case?

    My primary use case of this solution is as a data center. It performs very well.

    How has it helped my organization?

    It has very easy management and an amazing ETM configuration.

    What needs improvement?

    I would like to see more advanced developments of a wireless controller in the future.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    I think the product is stable. It is amazing.

    What do I think about the scalability of the solution?

    It is amazing, but sometimes there are issues with Fortinet Integrations. But, I know they are now trying to rectify the problem.

    How is customer service and technical support?

    We have good technical support from the vendor.

    How was the initial setup?

    It was very straightforward. An easy installation process.

    What other advice do I have?

    I think when you look at this product, you must realize that the box hardware and software are vary stable. And, the pricing is perfect.

    Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
    Yousef Altaj
    Tech Manager at Global tec
    Reseller
    Top 10
    It is a reasonably priced solution for this type of product. It enables productivity of our organization to go smoothly.

    What is our primary use case?

    We primarily use this for the Security Fabric feature. It works together with other Fortinet products like FortiWeb and FortiMail, as well as with Amazon products. There is a lot of integration. 

    How has it helped my organization?

    It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware.

    What needs improvement?

    I think the only issue that needs improvement is the interface.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    It is a very stable product.

    What do I think about the scalability of the solution?

    Sometimes the solution is not scalable.

    How is customer service and technical support?

    Our experience with…

    What is our primary use case?

    We primarily use this for the Security Fabric feature. It works together with other Fortinet products like FortiWeb and FortiMail, as well as with Amazon products. There is a lot of integration. 

    How has it helped my organization?

    It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware.

    What needs improvement?

    I think the only issue that needs improvement is the interface.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    It is a very stable product.

    What do I think about the scalability of the solution?

    Sometimes the solution is not scalable.

    How is customer service and technical support?

    Our experience with technical support has been very positive. 

    How was the initial setup?

    It was very straightforward an easy for us to initially install.

    What about the implementation team?

    We always consider:

    • Price
    • Product success

    What's my experience with pricing, setup cost, and licensing?

    The price, in comparison to other products is very cheap.

    Which other solutions did I evaluate?

    Other products considered were Sophos and CiscoMaraki.

    Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
    DL
    Network and Security Manager at a consumer goods company with 10,001+ employees
    Real User
    Review about Fortinet FortiGate

    Pros and Cons

    • "The response is very quick and they can visually resolve our problems in a short period."
    • "The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."

    What is our primary use case?

    The primary use case for this solution is as a firewall protection for our company.

    How has it helped my organization?

    It's performed as a firewall to block those unwanted traffics, and it can protect our clients and our users from some threats. I think it is the best solution to protect the network or our users from the APT attacks.

    What is most valuable?

    I like the UTM features, including the web filtering and antivirus.

    What needs improvement?

    The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it would be great.

    For how long have I used the solution?

    One to three years.

    What do I think about the scalability of the solution?

    It keeps improving the features and I am very impressed with the effort.

    How are customer service and technical support?

    The response is very quick and they can visually resolve our problems in a short period.

    Which solution did I use previously and why did I switch?

    In the past, we were using Cisco, the quite old firewall. And did not have the UTM features. So we switched to Fortinet to improve the security of our network.

    How was the initial setup?

    I was involved in the initial setup and it was very easy and the features and interface are very good for us to understand what is going on.

    What about the implementation team?

    When selecting the firewall vendor, we are considering the protection and the security features, it's the most important things we are considering. We need a good option for threat protection.

    What's my experience with pricing, setup cost, and licensing?

    The beauty is the price performance ratio is great with FortiGate. It provides all the features we needed and the price is comparable with others' firewalls. The price is quite competitive with the firewalls with similar features.

    Which other solutions did I evaluate?

    We also looked at Palo Alto, Check Point and Cisco.

    What other advice do I have?

    It's very easy to contact, the conversation is easy and it provides us all the features on point. It is also reliable.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    KS
    Network Engineer at a tech services company with 201-500 employees
    Real User
    The most valuable feature is the policy routing and application control

    What is our primary use case?

    Our primary use case is for our small company. It is basically for users on the LAN-side. So, it is just for browsing mostly.

    What is most valuable?

    The most valuable feature is the policy routing and application control. In addition, the firewall will act as a call-switch. So, the performance within the LAN is good.

    What needs improvement?

    The UI could be improved. 

    For how long have I used the solution?

    More than five years.

    How are customer service and technical support?

    We sometimes wait 30 to 40 minutes to get a tech engineer. But, then they are pretty good. Whenever I call for a problem they will assist me and correct me and they will fix up the call. Only one they are sure we have solved the problem will they disconnect from the call.…

    What is our primary use case?

    Our primary use case is for our small company. It is basically for users on the LAN-side. So, it is just for browsing mostly.

    What is most valuable?

    The most valuable feature is the policy routing and application control. In addition, the firewall will act as a call-switch. So, the performance within the LAN is good.

    What needs improvement?

    The UI could be improved. 

    For how long have I used the solution?

    More than five years.

    How are customer service and technical support?

    We sometimes wait 30 to 40 minutes to get a tech engineer. But, then they are pretty good. Whenever I call for a problem they will assist me and correct me and they will fix up the call. Only one they are sure we have solved the problem will they disconnect from the call. Whenever the issue arises, they're available to help.

    Which solution did I use previously and why did I switch?

    I also have prior experience with SonicWall.

    How was the initial setup?

    The initial implementation was straightforward.

    What's my experience with pricing, setup cost, and licensing?

    I do not have personal experience with the pricing of the solution because my boss has been taking care of that aspect of the relationship with the solution.

    Which other solutions did I evaluate?

    SonicWall has a better UI solution.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user913353
    Gerente de Seguridad Informática at a financial services firm with 1,001-5,000 employees
    Real User
    The main benefit is the grouping of our security monitoring. The technical support is great.

    Pros and Cons

    • "The technical support is great."
    • "The main benefit is the grouping of our security monitoring."
    • "It does not have key authentication for admin access."

    What is our primary use case?

    I use Fortinet Fortigate. First of all, I use them as perimeter firewall. Secondly, I use it for a  data center firewall for internal segmentation.

    How has it helped my organization?

    The main benefit is the grouping of our security monitoring. I have all of my solutions from the same brand, Fortinet. I have only one console, one dashboard, all the security incidents that occurs on the network.

    What is most valuable?

    The Fortinet FortiGate product has original features that we use. 

    These features include:

    • IPS
    • Anti-Malware
    • Web Application Firewall

    What needs improvement?

    I am looking to implement key authentication for admin access for the Fortinet product.

    For how long have I used the solution?

    Three to five years.

    How is customer service and technical support?

    The technical support is great. 

    How was the initial setup?

    I was involved in the initial setup. When we decided to use Fortinet, we were already a customer of Fortinet. So, my previous firewall also was Fortinet and the experience with the brand and with the provider was very good. We have no issues. We like to keep with the same brand.

    What was our ROI?

    Fortinet is a very good solution. It would not be a mistake to choose Fortinet as a solution.

    Which other solutions did I evaluate?

    In the past, we had evaluated Palo Alto and Cisco as possible solutions. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    IY
    Assistant Manager (Infrastructure) at SISTIC
    User
    It has improved the security posture and visibility of our traffic

    Pros and Cons

    • "Easy to use support and licensing portal as well as activation process."
    • "I would like to see improvements made to the dashboard and UI, as well as to the reporting."

    What is our primary use case?

    E-commerce environment, enterprise data center.                                                                                                                                                                                                        

    How has it helped my organization?

    It has improved the security posture and visibility of our traffic. The OS and the firmware updates are very straightforward.                                                                                         

    What is most valuable?

    All the features are very good, straightforward licensing, Fortinet product integration, standardized FortiOS and automatic uninterruptable firmware upgrade. Easy to use support and licensing portal as well as activation process.                                                                 

    What needs improvement?

    I would like to see improvements made to the dashboard and UI, as well as to the reporting. I would also like them to consider offering more predefined security templates.                       

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    No issues.

    What do I think about the scalability of the solution?

    No issues.

    How are customer service and technical support?

    Customer Service:

    An eight and a half out of 10.

    Technical Support:

    They are able to identify an issue and resolve it within a pretty short period of time.

    Which solution did I use previously and why did I switch?

    We previously used Cisco ASA. We switched to Fortinet Fortigate because it was easy to manage, and it uses a Single OS for the whole product. We were also able to learn how to use it very quickly.

    How was the initial setup?

    It is very straightforward.

    What about the implementation team?

    We implemented it ourselves with some assistance from vendor. Because of the limited assistance from the vendor, we do not know what the level of expertise was.

    What was our ROI?

    No

    What's my experience with pricing, setup cost, and licensing?

    They have very competitive solutions across the entire product line.

    They also offer very clear licensing and pricing.

    Which other solutions did I evaluate?

    Checkpoint, Cisco, Palo Alto, Sonicwall, Huawei, and Sophos.

    What other advice do I have?

    I found that the memory usage for the Fortigate firewall are relatively higher than other firewall brand when compared to same traffic volume. It might be the scan engine do their job well or the scan engine not well tuning. If there is a details information about this would be good.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Robert Kaczorowski
    System Administrator at HAMMOND LUMBER COMPANY
    Real User
    Their proxy-based inspection is responsive and secure

    Pros and Cons

    • "The CLI and GUI do a good job of putting a lot at your fingertips."
    • "Their proxy-based inspection is responsive and secure."
    • "It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."

    What is our primary use case?

    We use Fortinet FortiGate as our firewall and Layer 3 switch. Together, they connect all our locations for internal and external access with an MPLS as the primary connection and a backup VPN over a secondary DSL/Cable ISP.

    How has it helped my organization?

    Fortinet FortiGate has improved our routing and made us more secure. Using OSPF tables with an MPLS VPN, along with the combined security of the firewalls, has made a huge difference in our organization.

    What is most valuable?

    • The ability to customize UTM features and add or remove features as we like.
    • Availability of different locations as options.
    • The VPN features are easy to deal with.
    • The CLI and GUI do a good job of putting a lot at your fingertips.

    What needs improvement?

    It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco.

    For how long have I used the solution?

    Three to five years.

    What other advice do I have?

    Their proxy-based inspection is responsive and secure.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Ramon  Henriquez
    Director TICs at a comms service provider with 51-200 employees
    Real User
    We can detect any attack of viruses or malware at the first point of contact

    Pros and Cons

    • "We can detect any attack of viruses or malware at the first point of contact."
    • "There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract."

    What is our primary use case?

    We use it for security. It performs okay.

    How has it helped my organization?

    It controls the traffic in the organization and the navigation of the Internet. It blocks some sites and permits limited access to our information through the web. We can detect any attack of viruses or malware at the first point of contact.

    What is most valuable?

    • The security
    • Monitoring
    • Alarms

    It is a very strong platform.

    What needs improvement?

    There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    Just today, our platform was down seven hours today. We called the technical support and they told us that there was some maintenance in the cloud for the platform.

    What do I think about the scalability of the solution?

    The scalability is good.

    How is customer service and technical support?

    The technical support is good.

    How was the initial setup?

    The initial setup is not difficult, but tricky. It's easy, but it's important that their technical support will help you during the configuration of the platform. Procedures that appear logical are not always so.

    What other advice do I have?

    Most important criteria when selecting a vendor: The security of the platform, because we are very concerned about cybersecurity. Also, the customer service response is important.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    SB
    Security Engineer at a real estate/law firm with 501-1,000 employees
    Consultant
    Their response and resolution times are good

    What is our primary use case?

    It performs well.

    How has it helped my organization?

    We have a lot of bandwidth.

    What is most valuable?

    Box stability Security features, like SSL scanning.  Their service: Whenever we raise a complaint with FortiGate, their response and resolution times are minimal.

    What needs improvement?

    They need faster serviceability and more security features.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It has good stability compared to its competitors.

    What do I think about the scalability of the solution?

    It is scalable. We are making a cost savings on the scalability.

    How are customer service and technical support?

    We have been using technical support. Their response…

    What is our primary use case?

    It performs well.

    How has it helped my organization?

    We have a lot of bandwidth.

    What is most valuable?

    • Box stability
    • Security features, like SSL scanning. 
    • Their service: Whenever we raise a complaint with FortiGate, their response and resolution times are minimal.

    What needs improvement?

    They need faster serviceability and more security features.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It has good stability compared to its competitors.

    What do I think about the scalability of the solution?

    It is scalable. We are making a cost savings on the scalability.

    How are customer service and technical support?

    We have been using technical support. Their response and resolution times are good.

    Which solution did I use previously and why did I switch?

    Our previous solution had performance issues.

    How was the initial setup?

    The initial setup was straightforward and easy.

    Which other solutions did I evaluate?

    We evaluated Cyberoam and Cisco.

    What other advice do I have?

    Most important criteria when selecting a vendor: stability and service.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    EH
    User at El loco hugo
    User
    It has improved our organization with control data

    What is our primary use case?

    We use it because it is a good device.

    How has it helped my organization?

    It has improved our organization with control data.

    What is most valuable?

    The rules.

    What needs improvement?

    The reports are very basic.

    For how long have I used the solution?

    More than five years.

    What is our primary use case?

    We use it because it is a good device.

    How has it helped my organization?

    It has improved our organization with control data.

    What is most valuable?

    The rules.

    What needs improvement?

    The reports are very basic.

    For how long have I used the solution?

    More than five years.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    AM
    Information Security Analyst at a tech vendor with 51-200 employees
    Real User
    Protected us from several Zero-day attacks and includes data leak prevention

    Pros and Cons

    • "Valuable features include the Web Application Firewall, and it even has DLP (data leak prevention)."
    • "The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
    • "I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."

    What is our primary use case?

    It is performing fine, there is no problem from FortiGate. The firewall engine is very good, Very suitable for picking up Zero-day threats. It has protected us from two or three instances, thanks to this engine.

    How has it helped my organization?

    From 2014 when they started using it, I was not associated with the company. I have only been associated with the company for the last year.

    What is most valuable?

    Valuable features include the Web Application Firewall, and it even has DLP (data leak prevention).

    What needs improvement?

    After four years it has started to fail. The firewall engine is not so strong as of now, in my opinion. For that reason, we want to migrate to Check Point. This is one of the concerns that I have right now. 

    My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased.

    I also need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it.

    For how long have I used the solution?

    One to three years.

    What do I think about the scalability of the solution?

    Scalability is fine as of now. Compared to other firewall products, it's a little cheaper in terms of pricing. So scalability is good. 

    But right now, due to a greater focus on security, I think FortiGate needs to improve on the security features, and they need to do so for their small and medium business products, in order to compete.

    How are customer service and technical support?

    Technical support is pretty good. We had to call FortiGate support once, and they really helped us. In one of the configuration files from FortiGate, during an upgrade of the hardware, something was changed. They were very helpful in resolving it for us. There is no problem with support.

    Which solution did I use previously and why did I switch?

    Previously, in 2013, I believe we were using WatchGuard.

    In the process of selecting a vendor, the most important criteria will be to go through threat assessment reports - the NSS testing reports that are published every year. Our decision will depend on that.

    What other advice do I have?

    If price is a constraint for you, you should go with Fortinet. But security is a very big factor right now. If you want to be compliant with GDPR and all the other things that are coming up, you should go with another good vendor. Even though Fortinet is a big competitor, in one to three years, when they include many new features in their products, they will be a good solution.

    I would rate FortiGate at eight out of 10 because the support was very good. Considering the current scenario, I would not give it nine or 10 because they need to include many features in the smaller products, not only in enterprise-level products.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Andrew S. Baker (ASB)
    Cybersecurity & IT Operations Professional (VirtualCxO) at BrainWave Consulting Company, LLC
    Consultant
    Top 10
    The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors

    Pros and Cons

    • "The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
    • "The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
    • "WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
    • "Some configuration elements cannot be easily altered once created."

    What is our primary use case?

    I have deployed several of the following models for customers: 200D, 60E, 60D. This review focuses on the FortiGate 200D.

    How has it helped my organization?

    The first implementation I performed of a FortiGate 200D was to replace a Juniper SSG-140 in a main corporate office.  This implementation provided improved network administration and network performance.

    We also received more timely security updates, and it became easier to connect all of the other offices together (via an IPsec VPN mesh).

    As additional FortiOS releases have come out, we have obtained more flexibility in device identification and WAN load-balancing, among other things.

    What is most valuable?

    • The CLI is robust and powerful, enabling rapid, consistent changes via SSH. 

      The device identification is very flexible, facilitating the creation of rules to regulate all sorts of devices that might spring up on a network, especially via WiFi.
    • The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors.
    • WAN load-balancing has improved, but needs some refinement.

      You can set up a different DDNS config for each WAN link.

      It is great to be able largely use the same OS features across the family of devices.

    What needs improvement?

    WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead. There are lots of options for routing traffic over a specific path when you have WAN load-balancing enabled, but they are not as clear and consistent as they could be, and most can only be set at the CLI.

    Some configuration elements cannot be easily altered once created.  For instance, there is no way to rename an interface (say, for a VPN tunnel), unless you create an entirely new one and perform a little gymnastics to switch from one to the other. Or, you export the config, rename the elements in question, then re-import the entire config.

    Creating a meshed VPN connection (Office A with two WAN links connecting to Office B with two WAN links) requires a massive bundle of four IPsec interfaces, with two policies. It would be nice to have a cleaner, simpler config for that functionality, something not very uncommon today.

    I have found that if you have a console cable in the device when you reboot it for a disk check, it will boot to the device firmware. This will not happen for a regular reboot.

    If you have more than a very basic environment, you quickly have to escalate past the first level of support. The initial level is so-so.  The next level up has been stellar for me, and quick to figure out issues and resolve them.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    I've only experienced stability issues a few times.  One was with the v5.4.0 and .1 releases. Also, there was an issue during the v5.2.x series where there was an SSD issue that was fixed with later firmware. Overall, the devices have been very stable.

    What do I think about the scalability of the solution?

    No. Scalability is good, and performance increases are great as you move to higher products.

    How are customer service and technical support?

    Customer support is okay. They are fairly responsive for level three and higher (one and two) issues, but if your issue is a little complex, you will want to ask them to escalate to a second level tech. They don't always read all the info you provide in the first pass, but overall, they are helpful.

    Which solution did I use previously and why did I switch?

    I previously favored NetScreen/Juniper SSG solutions, but Juniper stopped supporting the SSG line, and FortiGate provides more value and performance for the dollar.

    I've also tested the Sophos solutions, but found them not compelling enough to switch from the FortiGate devices.

    How was the initial setup?

    The devices are very easy to setup, even if you need to configure VPNs. You could have an HA config up and running within 60-90 minutes, with the latest firmware installed, and a couple of policies and tunnels.

    If you do not regularly work with enterprise-class firewalls, you might need to add an hour to the above scenario, but the provided wizards make it pretty easy to address the basic functions.

    What about the implementation team?

    In-house deployment all the time.

    What was our ROI?

    In almost every case, I've experienced (or had customers experience) an ROI within 12 months, based on better performance for the same price or increased functionality for the same (or less) price.

    What's my experience with pricing, setup cost, and licensing?

    Licensing and setup costs are generally pretty clear with Fortinet. If you go with centralized management or their Log Analyzer tool, these carry some additional pricing that you need to look at.

    Check out the price matrix, and go with a value-added reseller that understands how to help you size out the equipment. Remember to always look at the performance with the assumption that you will have many of the unified threat management (UTM) features on, not off.

    Which other solutions did I evaluate?

    Yes, I tested and evaluated solutions from pfSense, Sophos, and Palo Alto.

    What other advice do I have?

    I highly recommend, and often try to deploy Fortinet solutions for my office network and for my customers. They run for a long time, they are supported for many OS updates, and they are pretty solid.

    Don't upgrade the OS right away when it is released, if a major new version has come out.  v5.0 was problematic early, but v5.2 was great. v5.4 was a problem child, but v5.6 had only a minor issue. v6.0 was surprisingly smooth and had only a minor issue. I could have avoided most of these problems if I waited an additional month or so before updating, but I updated because I need to advise customers on what they should be doing.

    I've had to interact with support a lot, and overall they've been good (with the caveat mentioned earlier).

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Diana Nongera
    I.T. Manager at a manufacturing company with 201-500 employees
    Real User
    Our security improved from being able to put in rules and close off unwanted traffic

    Pros and Cons

    • "With FortiClient, you can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong."
    • "Our security improved from being able to put in rules and close off unwanted traffic."
    • "It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."

    What is our primary use case?

    When we looking for a device, we wanted to control incoming and outgoing traffic into our network to protect our organization, like have a barrier before anyone could send something in or anyone could send something out. We also use this for our DHCP.

    How has it helped my organization?

    The greatest improvement was on security. If you put rules that will not allow certain traffic, it won't happen. You can close the traffic that you don't want in your network, because of malware and people fishing and spamming.

    What is most valuable?

    • DHCP functionality: The object tab where we manage our IP addresses and static. The DHCP monitors them.
    • FortiClient: You can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong.

    What needs improvement?

    It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    Stability is excellent. It is so stable that it is the best in the market. I would rate the stability as a 10 out of 10.

    What do I think about the scalability of the solution?

    It has the capacity to change in size. It comes in different sizes. E.g., for a smaller organization, you buy smaller package, then for bigger entities, you buy the bigger one. If you have fewer users in a certain entity, they would get a package of 50 each. If it's a head office, then you'd get something like 201. So, it accommodates for all sizes.

    How are customer service and technical support?

    Technical support has been great. We have used it before because sometimes you get issues that you can't handle, then you have to call it in, send emails, and they assist you. 

    We also work through our partners, which has been good.

    Which solution did I use previously and why did I switch?

    We were previously using Netgear, which was smaller. It didn't have the advanced technology in terms of what we wanted it to do. It was an older version. We thought that if we were going to change the firewall, then we should make a good, future investment. Thus, our partners advised us that FortiGate was one of the best, so we invested in them.

    How was the initial setup?

    The initial setup was not straightforward. You need some training and to learn some of these things through the experience of using it.

    What about the implementation team?

    We were guided by our partner, so we worked on our devices with our partners. They were the ones who helped us and who have been working with us, even for upgrades, and it has not been straightforward.

    Which other solutions did I evaluate?

    We evaluated Cisco, Netgear, and Cyberoam.

    What other advice do I have?

    You don't need to reinvent the wheel, as FortiGate is the best solution.

    Most important criteria when selecting a vendor: 

    • The ability of the brand
    • Best of breed
    • Reliability
    • After hours sales service, because we know technology comes with renewals, upgrades, and support. This is quite critical to our functionality and efficiency.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    VS
    ICT Officer at a non-profit with 5,001-10,000 employees
    Real User
    Top 5
    It is straightforward to implement the device from scratch

    Pros and Cons

    • "There is an easy process for configuring it, and it is straightforward to implement the device from scratch."
    • "At first glance, the interface for the device is very confusing."

    What is our primary use case?

    We have been using the FortiGate antivirus software for a couple of years, as of mid-July. The hardware solutions for the firewall, we have been using for less than a year.

    We are using FortiGate 80E for a medium-sized office. I am pretty satisfied with it. It has performed well. The primary use is to protect the internet traffic for a medium-sized office, up to fifty users, using a local domain with a not so intensive cloud traffic. Generally, it is just to protect the internet access for all the users in the network.

    Also, we are using VPN at external locations to the office, which FortiGate supports.

    How has it helped my organization?

    It give us the liberty to let us do our jobs.

    What is most valuable?

    • There is an easy process for configuring it, and it is straightforward to implement the device from scratch.
    • It has a somewhat diverse device interface, but if you have one day to play with it, you can easily find whatever you need. 
    • All types of policies need to be installed, then all the parameters are configured. It is not very demanding,

    What needs improvement?

    At first glance, the interface for the device is very confusing. However, every version is getting better.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    I have had no concerns with the stability so far.

    What do I think about the scalability of the solution?

    We have been in no position to upgrade our number of users. So, I cannot judge this aspect of the product.

    How are customer service and technical support?

    They provides local support. I have been using them only for some site blocking. They are pretty efficient in this. They say they will respond in 24 hours, but I have received responses in a maximum of one hour, which is impressive.

    Which solution did I use previously and why did I switch?

    We had a server acting as our service-based firewall, so no solution for firewall. 

    FortiGate is my first actual solution for firewalls.

    How was the initial setup?

    The initial setup was very straightforward.

    What's my experience with pricing, setup cost, and licensing?

    It provides mid-sized company pricing.

    What other advice do I have?

    Most important criteria when selecting a vendor: We have specific procurement rules, then we specify the technical specifications. After that, whoever is cheapest should get the job.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    GI
    Mgr. IT Infrastructure and Network Operations at a media company with 11-50 employees
    User
    Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure

    Pros and Cons

    • "Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
    • "Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."

    What is our primary use case?

    • Security
    • Monitoring and controlling
    • VPN
    • Active Directory integration
    • Servers
    • All components related to an enterprise environment.

    How has it helped my organization?

    We replaced Sophos with FortiGate and found it better than the Sophos product. It has better control, insights, and prevention from crypto malware and other threats.

    What is most valuable?

    The most valuable features are centralized monitoring, policy management, and virtualized appliances so we can have control over public and private Infrastructure.

    What needs improvement?

    Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products are future proof and offer much better ROI, upgradability, and manageability.

    IT is continuously evolving, and every few days or months, there is something new. Whoever evolves first will take the lead over the competition. Adopting and evolving is the key to success.

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    These products are solid and stable.

    What do I think about the scalability of the solution?

    We have not had any issues with scalability.

    How are customer service and technical support?

    Our experience with support has been fine. No trouble or hassle.

    Which solution did I use previously and why did I switch?

    Sophos: It was good for small businesses, who are evolving and improving. Though, I found Cisco Meraki to be much better.

    How was the initial setup?

    Part of the setup was straightforward and other parts were complex. They need to work on feature placements and menus.

    What about the implementation team?

    We did the implementation through a vendor, who had good experience.

    What was our ROI?

    Two to three years, depending on usage type, number of users, and organizational size.

    Which other solutions did I evaluate?

    Yes, we did, Palo Alto and other solutions, but we found FortiGate to be the best solution at that point in time.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user867420
    Network Engineer
    Real User
    A solid product with an easy configuration and good support

    Pros and Cons

    • "The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
    • "It needs more available central management."
    • "It could use better throughput on some of the smaller boxes for the branch offices."

    What is our primary use case?

    Primary use would be firewalls for the central office as well as all our branch offices. For some branches, we use the wireless feature.

    How has it helped my organization?

    The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support.

    What is most valuable?

    • Stability
    • Ease of use
    • Configuration
    • The available feature sets

    What needs improvement?

    • It needs more available central management. 
    • It could use better throughput on some of the smaller boxes for the branch offices.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It is very stable.

    What do I think about the scalability of the solution?

    Since we are not virtual, it is a physical box. It scales well if you know what to buy from a physical box standpoint. They seem to offer something for every level.

    How are customer service and technical support?

    The technical support is very responsive and qualified.

    Which solution did I use previously and why did I switch?

    Cost and convenience are probably why we switched from our previous solution to FortiGate.

    How was the initial setup?

    The initial setup is straightforward, once you understand the operating system environment.

    Which other solutions did I evaluate?

    I was not here at the time that they were evaluating other solutions.

    What other advice do I have?

    I highly recommend the Fortinet product because of its implementation. It is a solid product with an easy configuration and good support.

    Most important criteria when selecting a vendor: 

    • Experience
    • Installations of similar types which met our needs
    • Pricing
    • Support
    • Ease of implementation.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user882894
    User at Smartdev LLC
    User
    The graphical interface is complete and easy to use

    What is our primary use case?

    It is a UTM firewall with many features. It has helped me to control users and public multi-servers easily. It also can make the VPN connection free through advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless, simple integration into a large network.

    How has it helped my organization?

    It help me control users, so I could review how users access the Internet or the bandwidth, and what they use per day. 

    What is most valuable?

    A strong point of FortiGate is the graphical interface is complete and easy to use.  The IPS is good. It protect my network from attackers. 

    What needs improvement?

    One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering.

    For how long have I used

    What is our primary use case?

    It is a UTM firewall with many features. It has helped me to control users and public multi-servers easily. It also can make the VPN connection free through advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless, simple integration into a large network.

    How has it helped my organization?

    It help me control users, so I could review how users access the Internet or the bandwidth, and what they use per day. 

    What is most valuable?

    • A strong point of FortiGate is the graphical interface is complete and easy to use. 
    • The IPS is good. It protect my network from attackers. 

    What needs improvement?

    One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering.

    For how long have I used the solution?

    Less than one year.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Ali Asvadi
    President at a tech services company with 1-10 employees
    Real User
    Good performance, protects network perimeters against attacks

    What is our primary use case?

    To protect network perimeters.

    How has it helped my organization?

    Security. The main options feature protection and security against attacks.

    What is most valuable?

    Reliability and performance, those are key factors.

    What needs improvement?

    I have only one request and that is to have Fortinet as a market download in Azure. 

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    So far, so good.

    Which other solutions did I evaluate?

    I'm an integrator, so I use SonicWall, Sophos, and Fortinet.

    What is our primary use case?

    To protect network perimeters.

    How has it helped my organization?

    Security. The main options feature protection and security against attacks.

    What is most valuable?

    Reliability and performance, those are key factors.

    What needs improvement?

    I have only one request and that is to have Fortinet as a market download in Azure. 

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    So far, so good.

    Which other solutions did I evaluate?

    I'm an integrator, so I use SonicWall, Sophos, and Fortinet.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator.
    it_user510852
    Technical Services Manager with 501-1,000 employees
    Real User
    Easy to set up, make policies; the switches automatically get policies from the firewall

    Pros and Cons

    • "It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls."
    • "You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
    • "As far as wanting more scalability or things in the network diagram, it's going to cost you."

    What is our primary use case?

    I am using it as an IPS, intrusion protection system.

    How has it helped my organization?

    The first benefit is the cost. It is very affordable.

    Also, it's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls.

    What is most valuable?

    It's a complete solution. You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. That's a very nice feature because with, for example, Cisco, you need to set the switch, you need to set the firewall, and you need to test it. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it. It's very easy.

    In the last version of the FortiOS - the operating system of the firewall - they put a lot of new features to support communications in a firewall. Whatever the communication that you have, you can put that in the firewall, and that's great.

    What needs improvement?

    For me, at this time, it's very complete.

    What do I think about the stability of the solution?

    Stability is very good. I have no problems right now with any of my customers. I haven't had a call from a customer in about three months, other than to make new policies. That's it. They are not complaining about the Fortinet, that it is damaged or something like that.

    What do I think about the scalability of the solution?

    Scalability is very good. We just did a quote for a university here that has about 25,000 students, and all the solutions that we put in the RFP, they were accepted. The only thing is the cost. As far wanting more scalability or things in the network diagram, it's going to cost you.

    How are customer service and technical support?

    Technical support is very good. If you have any questions, they have a forum and, apart from the forum, depending on the FortiGate that you purchased, they have very good support from second-line engineers. Whatever your problem is, you call and at least you get a callback.

    Which solution did I use previously and why did I switch?

    I was using a SonicWall. The problem with SonicWall is that they were purchased by Dell, and apparently, Dell is not putting any research money into the devices. That is the reason I changed because there are a lot of new things, new generation firewall technologies and they are not using them. Also, apparently, the price is very high right now. If you compare the price with a FortiGate, which has a lot of additional features, it's not worth it.

    When selecting a vendor the most important criteria are support and cost.

    How was the initial setup?

    Setup is very straightforward.

    What's my experience with pricing, setup cost, and licensing?

    Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment.

    Which other solutions did I evaluate?

    We did a total cost of ownership analysis against Sophos and also Palo Alto, but that was out of scope, it was too expensive. Another one was WatchGuard. When you start looking at the cost of the license for all the things that you get, Fortinet is by far the best option. The problem with the other companies is the licensing.

    What other advice do I have?

    I rate FortiGate a 10 because every time I need to use the support, they are there. There were times when I went to a customer to give support, I called Cisco, they pass me to Brazil, and on another call, they passed me to India. After I gave the guy in India all this information for an hour, he asked me, "What's the problem?" So there was a communication issue with them and they don't know the problems very well. With Fortinet, they are in the US, not in India.

    Do a total cost of ownership analysis with all the features you are looking for and, based on that, make the purchase. Also, reviews are very important.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    JC
    Manager and General Attorney with 51-200 employees
    Real User
    Filtering and alerts help protect our data but the cost is becoming too high

    What is our primary use case?

    The main use is to protect from outside attack, from any side. Because we work with sensitive data, we have to protect our work. We use it mainly for security, not only for content control.

    How has it helped my organization?

    We have peace of mind. We do work in a very dangerous environment, the internet, and this device gives us alerts. It gives us the opportunity to know what is going on.

    What is most valuable?

    The filtering that you can do with the firewall.

    What needs improvement?

    I would like to be able to do segmentation, for a specific user, with more priveledges. I would also like to see an easier user interface to implement that.

    What do I think about the stability of the solution?

    Sometimes we found that the traffic to the internet froze, I don't know exactly the reason. The only way to get it to work again was to turn it off and then run it again, a hardware reset. Overall it is a very stable platform but sometimes there is this problem.

    What do I think about the scalability of the solution?

    The scalability is fine. The problem is the licensing. To do more you have to pay for it. In this market, where you can find a lot of devices to do the same things, to charge for them in the license is very difficult. Also, sometimes Fortinet changes their products, they drop devices from the market very quickly.

    How are customer service and technical support?

    We have guys who are certified to work with Fortinet, so right now it's fine with them. We never really have serious problems, something to escalate to Fortinet. Only when there is a very difficult issue with the performance or something like that have we had to go to Fortinet, but it has been great.

    Which solution did I use previously and why did I switch?

    One of the main reasons we're considering switching from FortiGate is because many companies have a lot of features and you don't have to pay for. If you compare side by side, you find a lot of things that new brands do as well for fewer dollars.

    When selecting a vendor the most important factor is the prestige of the vendor. Also the cost, renewing licenses. Our customers are looking for more features for less cost. We have to look at what is going on in the market, who the main players are, who is doing well, and who has a good reputation.

    How was the initial setup?

    I was not involved in the initial setup of the devices. I only had to check it out and make sure it was working fine. But I saw the guys working with the configuration. Occasionally they had to reference the manual but had to find the answers on Google.

    Which other solutions did I evaluate?

    Fortinet and Sophos are the main players for this type of solution.

    What other advice do I have?

    I would rate FortiGate at seven out of 10 because, although they are doing well, the problem is the licensing, the cost is too high, and how they support their own devices needs improvement. They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost. FortiGate is a great product but they have to look out.

    My advice would be, look at the time on the market. FortiGate is doing well, but right now they have many competitors that are doing well.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    ITCS user
    Senior Consultant at Unify Square
    Real User
    FortiGate security appliances provide UTM security in a single device with a good administrative interface and performance
    We're discussing a family of UTM (Unified Threat Management) appliances.  FortiGate is a term which includes a wide range of products, starting with small ones dedicated to small offices, and developing into devices which are able to grant security and networking for large companies. The family includes physical devices and virtual machines, which grant network security on different layers using a single point of control. FortiGate is optimized to avoid bottlenecks or delays while the various controls are performed. High availability is also part of the available features with various solutions to avoid single points of failure.  In the following short list, I will list some interesting points about the FortiGate solution.  1. Administrative Interface If you are experienced…

    We're discussing a family of UTM (Unified Threat Management) appliances.  FortiGate is a term which includes a wide range of products, starting with small ones dedicated to small offices, and developing into devices which are able to grant security and networking for large companies. The family includes physical devices and virtual machines, which grant network security on different layers using a single point of control. FortiGate is optimized to avoid bottlenecks or delays while the various controls are performed. High availability is also part of the available features with various solutions to avoid single points of failure. 

    In the following short list, I will list some interesting points about the FortiGate solution. 

    1. Administrative Interface

    If you are experienced with network security management, you are aware this activity requires interaction with many different software and hardware solutions from disparate vendors. In the aforementioned scenario, it is normal to have frequent updates to apply on the various products and to watch more than one monitoring tool to keep track of security events. The FortiGate solution includes all the controls you could expect using a patchwork of security products in a single device with a single administrative interface. It is your switch, router, firewall, VPN hub, antivirus, anti-spam, proxy, and endpoint security solution all-in-one. 

    If you define a network object or group for firewalling purposes, it will be available to define antivirus rules or internet browsing policies. There are two administrative interfaces:

    • Web-based manager (a graphical interface usable through a web browser);
    • CLI (a command line interface).

    A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside.

    If you have used appliances or firewalls from other vendors, often you have to use not-so-friendly command lines to obtain the exact result you need. With FortiGate, you will use the CLI seldomly and only for the most “exotic” features.

    2. UTM, the Fortinet way

    Unified Threat Management may be complex to manage, because you work on different protocols, at different layers and with disparate threats to consider. In FortiGate, you can have three great layers:

    • Networking services (switching and routing, both static and dynamic);
    • Network security services (firewalling, secure VPN connection, intrusion detection and endpoint security);
    • Application security services (spam and virus controls, web filtering, application control and data leak prevention).

    As long as you pay (and renew as it expires) the “bundle” license, you have all the aforementioned features available, including the updates for signatures and definitions coming to your appliance directly from Fortinet. You do not have to use all the available controls, but you are able to turn them on and off “On Demand”, so you could start with a simple configuration and add control layers when you feel more comfortable.

    3. Virtual Domains

    One of the available features include the capability of a FortiGate to support many Virtual Domains (VDOMs). VDOMs enable you to grant access to different companies with different administrators on the same physical unit. Each one will be able to keep their specific configuration with no impact on the others. What you are doing is creating “virtual units”, and keeping on a “root domain” which is used to manage the virtual domains. VDOMs add a lot of flexibility to the solutions that you are able to plan using FortiGate.

    4. High Availability and Resiliency

    There are four different ways to make a FortiGate unit have high availability. You could use a traditional “cluster” design with two or more units: FortiGate Cluster Protocol (FGCP), a solution with an external load balancer: FortiGate Session Life Support Protocol (FGSP), a Layer 3 resiliency solution like Virtual Router Redundancy Protocol (VRRP), or a Layer 2 solution like Fortinet Redundant UTM Protocol (FRUP). Again, we have a great deal of flexibility to design the best solution for our company’s needs.

    5. The Dark Side of the Moon

    It would not be fair to review a product omitting the negative points. With FortiGate, the main complaint that I have heard is about the technical support. My personal experience is the same as many people who are not happy with this aspect of the service offered by Fortinet. Often, your problem is diverted to local partners. I have to say that I have had mixed results with them. While some partners are professional, many are not skilled enough and I have had costs that are not equivalent to their quality. This is the same issue with other vendors, but that is not an excuse. As long as Fortinet support sends me to a local reseller or partner, from my point of view, they are taking responsibility for their capabilities.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    DD
    Consultant
    User
    Saved a bundle by not needing past appliances from an NGFW, however it needs better performance on bandwidth demands for smaller devices

    What is our primary use case?

    Firewall/Web Filter management. We have over 30 sites, and it is imperative that one person (myself) can plan, implement, and deploy these devices to our sites and manage them when finished.

    How has it helped my organization?

    Consolidated our network environment at all locations, but mainly at our datacenter. 

    What is most valuable?

    The web filtering was the most valuable, because at a school board, we need to make sure the students are not tying up our bandwidth and also to keep the bad guys out.

    What needs improvement?

    One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering. Each manufacturer has their own way of filtering and each one needs improvement in categories, URL, and/or…

    What is our primary use case?

    Firewall/Web Filter management. We have over 30 sites, and it is imperative that one person (myself) can plan, implement, and deploy these devices to our sites and manage them when finished.

    How has it helped my organization?

    Consolidated our network environment at all locations, but mainly at our datacenter. 

    What is most valuable?

    The web filtering was the most valuable, because at a school board, we need to make sure the students are not tying up our bandwidth and also to keep the bad guys out.

    What needs improvement?

    One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering. Each manufacturer has their own way of filtering and each one needs improvement in categories, URL, and/or application filtering.

    For how long have I used the solution?

    One to three years.

    What was our ROI?

    We saved a bundle by not needing all the past appliances from an NGFW.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user795288
    Pre-sales Engineer at a tech services company with 501-1,000 employees
    Real User
    Easy to understand licensing requirements

    What is our primary use case?

    I use this product on AWS. FortiGate's VM GUI is slightly different than the hardware devices.

    How has it helped my organization?

    It is a one box solution, which covers most of the edge device’s requirements.

    What is most valuable?

    I have found FortiGuard Services to be valuable.

    What needs improvement?

    It needs to improve its ISP load balancing.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    No issues.

    What do I think about the scalability of the solution?

    No issues.

    How are customer service and technical support?

    I would rate technical support as a seven out of 10.

    Which solution did I use previously and why did I switch?

    We had a previous solution, but switch…

    What is our primary use case?

    I use this product on AWS. FortiGate's VM GUI is slightly different than the hardware devices.

    How has it helped my organization?

    It is a one box solution, which covers most of the edge device’s requirements.

    What is most valuable?

    I have found FortiGuard Services to be valuable.

    What needs improvement?

    It needs to improve its ISP load balancing.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    No issues.

    What do I think about the scalability of the solution?

    No issues.

    How are customer service and technical support?

    I would rate technical support as a seven out of 10.

    Which solution did I use previously and why did I switch?

    We had a previous solution, but switch because FortiGate is a one box solution.

    How was the initial setup?

    Initial setup was not complex.

    What's my experience with pricing, setup cost, and licensing?

    Easy to understand licensing requirements.

    Which other solutions did I evaluate?

    • Palo Alto Networks
    • Cisco ASA

    What other advice do I have?

    Easy to implement, and it is also reliable.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user805185
    CEO with 11-50 employees
    User
    Controls the user's activities and maximizes my bandwidth use overall

    Pros and Cons

    • "The FortiGate controls the user's activities and maximizes my bandwidth use overall."
    • "Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."

    What is our primary use case?

    The company has integrated the LDAP with the UTM to control user traffic in senses and have a high availability for Active/Passive to assure uptime in case of physical failure. Our company is cloud driven and downtime becomes critical.

    How has it helped my organization?

    The FortiGate controls the user's activities and maximizes my bandwidth use overall. If the employer BYOD, we can accommodate it the need by having an isolated networked exclusively for that equipment which does not comply with the internal policies.

    What is most valuable?

    The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors.

    What needs improvement?

    Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance.

    For how long have I used the solution?

    Three to five years.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user545559
    Owner at a tech services company
    Real User
    I am able to save hours of planning and implementation time because the documentation is so helpful

    Pros and Cons

    • "Their reliability and their policy of pre-shipping replacements when a unit has failed."

      What is most valuable?

      1. The prompt and knowledgeable support behind them. 
      2. Their reliability and their policy of pre-shipping replacements when a unit has failed.
      3. The simplicity and clarity of their user interface and documentation.
      4. Their 'cookbooks' that walk you through the most common installation scenarios.

      How has it helped my organization?

      I am a one-man show, so there is not much that can be done to improve the way that I function. However, these products provide best-in-class security at reasonable prices. 

      One of the most helpful features is their VPN, the client could not be any simpler to set up and use.

      What needs improvement?

      I can't think of too much which they can improve upon. I just have not come across any situation where they have fallen short of expectations.

      For how long have I used the solution?

      I am a consultant who supports these units for my clients who use them. I have had over 10 years of experience with Fortinet products.

      What do I think about the stability of the solution?

      The products are extremely stable. I have only had one instance where a unit did not function as expected, and Fortinet replaced the unit, despite the fact that it was still operational.

      What do I think about the scalability of the solution?

      Scalability is the one area where there is room for some improvement. Currently, customers need to purchase more powerful units as their network traffic and requirements grow. Fortinet will occasionally offer trade-in credits in such situations, but this is not always the case. Their product line allows customers to scale from SoHo through enterprise-level requirements, which is what I like about them so much.

      How are customer service and technical support?

      Their tech support is outstanding.

      Which solution did I use previously and why did I switch?

      I have sold and supported other solutions in the past. Fortinet is not always the least-cost solution available, but from a value standpoint, I find them hard to beat.

      How was the initial setup?

      Initial setup complexity will vary with the complexity of the installation. It is relatively straightforward and simple to set up basic configurations. More complex requirements entail reading through a lot of documentation in order to complete the firewall configuration because of the myriad of features and options that are available in their O/S. The 'cookbooks' are a big help in these instances.

      What's my experience with pricing, setup cost, and licensing?

      Pricing and licensing have to be taken in context with value. Fortinet is usually not the least expensive alternative when considering an upfront investment, but if you take into account the support costs over several years, they are often as cost-effective as the 'cheaper' solutions.

      Which other solutions did I evaluate?

      In this particular instance, Fortinet was evaluated against an equivalent solution sourced from D-Link. I also evaluated a solution from Xirrus (now Riverbed) which promised better signal strength. However, when I ran the various WiFi planning tools from each supplier, the coverage differences did not merit the more expensive Xirrus solution.

      What other advice do I have?

      Anyone evaluating this product should consult the documentation available and plan out their solution before making a decision. From personal experience, I find that I am able to save hours of planning and implementation time because Fortinet's documentation is so helpful.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Alan Chavira
      Engineering Manager at a tech consulting company with 1-10 employees
      Real User
      Great product with too many features at the right price

      How has it helped my organization?

      Simplifies administration and upgrades overall security.

      What is most valuable?

      UTM/NGFW features and FortiCloud for logs and backups are awesome.

      What needs improvement?

      MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA.

      What do I think about the stability of the solution?

      No.

      What do I think about the scalability of the solution?

      No.

      How is customer service and technical support?

      Great support. It's quite good in Mexico.

      How was the initial setup?

      Straightforward.

      What other advice do I have?

      Great product with too many features at the right price.

      How has it helped my organization?

      Simplifies administration and upgrades overall security.

      What is most valuable?

      UTM/NGFW features and FortiCloud for logs and backups are awesome.

      What needs improvement?

      MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA.

      What do I think about the stability of the solution?

      No.

      What do I think about the scalability of the solution?

      No.

      How is customer service and technical support?

      Great support. It's quite good in Mexico.

      How was the initial setup?

      Straightforward.

      What other advice do I have?

      Great product with too many features at the right price.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Matthew Titcombe
      CEO & Sr. Information Security Consultant at a tech services company with 1-10 employees
      Consultant
      Top 20
      The solution improved the security posture and overall management's TCO

      How has it helped my organization?

      The solution improved the security posture and overall management's TCO.

      What is most valuable?

      One of the valuable features is a standardized OS.

      What needs improvement?

      It claims it does DLP, but the degree and level of controls are very basic. We recommend that our clients supplement it with other products.

      What do I think about the stability of the solution?

      There were no issues with stability.

      What do I think about the scalability of the solution?

      There were no issues with scalability.

      How are customer service and technical support?

      Customer Service: Customer service is excellent. Technical Support: Technical support is excellent.

      Which solution did I use previously and why did I switch?

      We did not use a previous…

      How has it helped my organization?

      The solution improved the security posture and overall management's TCO.

      What is most valuable?

      One of the valuable features is a standardized OS.

      What needs improvement?

      It claims it does DLP, but the degree and level of controls are very basic. We recommend that our clients supplement it with other products.

      What do I think about the stability of the solution?

      There were no issues with stability.

      What do I think about the scalability of the solution?

      There were no issues with scalability.

      How are customer service and technical support?

      Customer Service:

      Customer service is excellent.

      Technical Support:

      Technical support is excellent.

      Which solution did I use previously and why did I switch?

      We did not use a previous solution.

      What about the implementation team?

      We implemented in-house.

      What's my experience with pricing, setup cost, and licensing?

      Work through partners for the best pricing.

      Which other solutions did I evaluate?

      We evaluated Palo Alto, Check Point, and Cisco.

      What other advice do I have?

      I highly recommend Fortinet as a leader in integrated suite information security capabilities.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      Alberto E. Luna Rodriguez
      Network Security Coordinator at a energy/utilities company with 1,001-5,000 employees
      Real User
      The VPN capabilities provide a reliable connection to our corporate network over low cost internet services.

      Pros and Cons

      • "LinkGreat firewall capabilities"
      • "Stability and technical support are the two major issues I have found with Fortinet."

      How has it helped my organization?

      These devices allowed my organization to connect a network of gas stations and convenience stores nationwide. The VPN capabilities provide a reliable connection to our corporate network over very low cost internet services (basically, any Internet service locally available can be used for this connections).

      We also leverage the NGFW, UTM and WLAN controller features to provide security for corporate network traffic, and secure, content-filtered guest internet access for customers in the convenience stores. All this at a relative low cost.

      What is most valuable?

      • LinkGreat firewall capabilities
      • Great IPS and web filter for small remote locations, with VPNs for tunneling to the corporate network, makes this device a solid choice for many sites.

      What needs improvement?

      Stability and technical support are the two major issues I have found with Fortinet.

      What do I think about the stability of the solution?

      We’ve had cases of unexplained bugs that go away with a simple device reboot. Software updates usually help with these issues.

      What do I think about the scalability of the solution?

      I have personally found that Fortinet advertising can be misleading. The devices will usually fail way before reaching the capacity advertised in the data sheets, especially when you activate several of the features the device can handle. This is not a dealbreaker for me, especially because of the cost. But I would advise care when dimensioning the devices you’ll need.

      How are customer service and technical support?

      Customer Service:

      Customer service in Fortinet is OK. Lately they've been making efforts in this area. They actually call you when licenses are about to expire which is a nice touch on their part.

      Technical Support:

      I would say technical support is 6/10. I’ve found tech support to vary, sometimes being decent, sometimes painfully inefficient. Much room for improvement here IMHO.

      Which solution did I use previously and why did I switch?

      We still use Cisco for some cases. However, where we need the advanced security and UTM features, Cisco’s prices can be very restrictive. Fortinet is a much more cost-effective choice for those cases.

      How was the initial setup?

      Initial setup was very straightforward. Interface is very friendly and easy to comprehend.

      Which other solutions did I evaluate?

      Before choosing this product, we also evaluated Cisco.

      What other advice do I have?

      Be careful with dimensioning. Don’t expect the device to handle ALL the features. Usually firewall, Web Filter and the WLAN controller work well. But if you need IPS, app control and AV, I would advise over-dimensioning the device a bit (taking Fortinet data sheets as the reference).

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user700113
      Owner
      Vendor
      We use it as an internal firewall for VLAN segmentation.

      Pros and Cons

      • "Layer-3 firewall and routing are the most valuable features."
      • "They should improve high CPU and memory usage that occurs."

      How has it helped my organization?

      We have secured our LAN IP subnets with VLAN segregation.

      What is most valuable?

      Layer-3 firewall and routing are the most valuable features. We use it as an internal firewall for VLAN segmentation.

      What needs improvement?

      When we need to enable Netflow on the firewall, there is a high CPU and memory usage that occurs. They should improve that high CPU and memory usage that occurs.

      What do I think about the stability of the solution?

      There were no stability issues.

      What do I think about the scalability of the solution?

      There were no scalability issues.

      How are customer service and technical support?

      Technical support is good.

      Which solution did I use previously and why did I switch?

      We were previously using the Check Point and Palo Alto software. The price and user-friendly GUI are the reasons that we switched to this solution.

      How was the initial setup?

      It is an easy setup and configuration.

      What other advice do I have?

      It's a user-friendly and stable firewall. You can safely use it for all small and big LAN networks.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user454521
      Deputy Chief Manager at a newspaper with 5,001-10,000 employees
      Vendor
      It has given us improved security over the internet. It is easy to use with a single console and unified threat management features.

      How has it helped my organization?

      It has given us improved security over the internet.

      What is most valuable?

      Ease of use, single console, Unified Threat Management (UTM) features.

      What needs improvement?

      NGN, reporting and controls.

      What do I think about the stability of the solution?

      We had some stability issues but we upgraded.

      What do I think about the scalability of the solution?

      There was a hardware limitation, affecting scalability.

      How are customer service and technical support?

      I would rate the technical support as 8/10.

      Which solution did I use previously and why did I switch?

      We had a different solution in the organization arising from different OEMs and this solution was chosen with consideration of requirements and costs.

      How was the initial setup?

      How has it helped my organization?

      It has given us improved security over the internet.

      What is most valuable?

      Ease of use, single console, Unified Threat Management (UTM) features.

      What needs improvement?

      NGN, reporting and controls.

      What do I think about the stability of the solution?

      We had some stability issues but we upgraded.

      What do I think about the scalability of the solution?

      There was a hardware limitation, affecting scalability.

      How are customer service and technical support?

      I would rate the technical support as 8/10.

      Which solution did I use previously and why did I switch?

      We had a different solution in the organization arising from different OEMs and this solution was chosen with consideration of requirements and costs.

      How was the initial setup?

      The initial setup was simple but the DC was complex.

      What's my experience with pricing, setup cost, and licensing?

      Go for long term pricing negotiated at the time of purchase.

      Which other solutions did I evaluate?

      We evaluated Check Point, Cisco ASA.

      What other advice do I have?

      You should be clear concerning the scope and outcome you are looking for.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user677703
      Superintendent, Process Automation and Safety at a pharma/biotech company with 5,001-10,000 employees
      Vendor
      Allows for firewall rules to be programmed and named in a way that makes it readable.

      Pros and Cons

      • "Allows for firewall rules to be programmed and named in a way that makes it “readable”"
      • "It would be nice if backups could more easily migrate between different models."

      What is most valuable?

      • Flexible enough to handle everything we could want
      • Configuration layout is easily understandable
      • Allows for firewall rules to be programmed and named in a way that makes it “readable”
      • VPN support and some anti-virus protection.

      What needs improvement?

      It would be nice if backups could more easily migrate between different models.

      What do I think about the stability of the solution?

      I did not encounter any issues with stability.

      What do I think about the scalability of the solution?

      No scalability issues, but communications is severely limited in our case by design.

      Which solution did I use previously and why did I switch?

      They were our first firewalls on site.

      How was the initial setup?

      It does require someone knowledgeable in routing, firewall rules, and these firewalls in particular. Once it is set up, they are easy to modify and maintain.

      What's my experience with pricing, setup cost, and licensing?

      It is difficult as an end-user to setup continuing license contracts. It is possible to do between emails and their website, but it is practically impossible to find a phone number to call anyone directly.

      Which other solutions did I evaluate?

      We considered SonicWall .

      What other advice do I have?

      It is an excellent product and works extremely well. If it is set up in a logical way, it is very easy to understand and modify. It is highly recommended to have a service “expert” familiar with these to set it up initially with customer direction.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Senior Security Consultant with 501-1,000 employees
      Vendor
      They added a valuable WAF feature to the latest version.

      What is most valuable?

      • Complete and cost-effective next-generation firewall features with app identification, and IPS and URL filtering with SSL inspection.

      How has it helped my organization?

      • Better manageability
      • Straightforward deployments
      • Streamlined and reliable upgrades

      Customers have more time to focus on security because maintaining the firewalls is completely hassle-free.

      What needs improvement?

      Grouping/tabbing (not only by interface) in the policy table of the web GUI would be a great addition.

      For how long have I used the solution?

      I have used it for two years.

      What was my experience with deployment of the solution?

      We have not encountered any deployment issues.

      What do I think about the stability of the solution?

      We have not encountered any stability issues. Stability has dramatically improved over the previous main version branch of FortiOS; 5.2.x and 5.4.x are stable enough for critical environments.

      What do I think about the scalability of the solution?

      We have not encountered any scalability issues; proven that you properly sized the FortiGate model that fits your environment.

      How are customer service and technical support?

      Customer Service:

      Customer service is sufficient.

      Technical Support:

      The tech support is not excellent; this is where Fortinet saves money compared to others... But plenty of free, clear and public documentation is available and this compensates for the most part the tech support shortcomings.

      Which solution did I use previously and why did I switch?

      We previously used Cisco ASA. We switched because the old ASA has no next-generation features.

      How was the initial setup?

      IMHO It is the most straightforward enterprise-level next generation firewall.

      What about the implementation team?

      All implementations were done in-house.

      What was our ROI?

      ROI is very high, it has hands-down the best price/performance/features ratio in the market...

      What's my experience with pricing, setup cost, and licensing?

      The licensing model is straightforward, easy to understand and purchase; prices are fairly low compared to other vendors.

      Which other solutions did I evaluate?

      Before choosing this product, we also evaluated Check Point and Palo Alto Networks.

      What other advice do I have?

      In version 5.4, they added a WAF feature that is absolutely unique for this kind of product; no other NGFW product can also be a WAF and this is a great added value...

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      IT Infrastructure Engineer at a tech company with 11-50 employees
      Real User
      FortiGate/FortiWiFi; FortiManager; FortiAnalyzer

      What is most valuable?

      FortiGate/FortiWifi:

      • IPS
      • Application control
      • IPsec & SSL VPN
      • Web filtering
      • E-mail security
      • Data leak prevention
      • Wireless security and wireless controller
      • Central antivirus (FortiClient)
      • HW & SW token controller (FortiToken) etc.
      • FortiManager
      • Central management
      • Administrative domains (can group devices according to geographical are, functionality, admins, etc.)
      • FortiGuard management
      • Logging and reporting
      • Configuration version control and tracking
      • Firmware management
      • Scripting

      • FortiAnalyzer
      • Centralized security log analysis and forensics
      • Centralized graphical reports
      • Customized reports
      • Scheduled reports
      • Queries
      • Content archiving/data mining

      How has it helped my organization?

      Routing and security policies, central management and all of the other features help us to improve network performance and implement organization policies.

      What needs improvement?

      They could improve vulnerability scanning.

      For how long have I used the solution?

      I have used it for three years.

      What do I think about the stability of the solution?

      We encountered a few stability issues; maybe one case per year.

      What do I think about the scalability of the solution?

      I did not encounter any scalability issues.

      How are customer service and technical support?

      Technical support is 10/10. They respond and offer solutions very fast.

      Which solution did I use previously and why did I switch?

      We previously used Cisco solutions. They are more expensive, have fewer features, are more difficult to use, and response and help from
      technical support is not quick.

      How was the initial setup?

      For Fortinet solutions, the initial setup is very easy.

      What's my experience with pricing, setup cost, and licensing?

      They are very cheap compared to other vendors.

      What other advice do I have?

      Fortinet solutions are very easy to implement, proven, certified and tested.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      ICT Manager at a aerospace/defense firm
      Real User
      Virtual domains are treated as separate firewall instances

      Pros and Cons

      • "You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances."
      • "The reporting you receive out of this appliance is excellent. You will not need an external management system."
      • "The user interface is relatively easy. The devices are easy to deploy and figure out when you have experience with other security appliances."
      • "I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
      • "There is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files.​"

      How has it helped my organization?

      There is no need to buy physical firewall hardware when you host multiple customers requiring individual secure access to their FW. You just create virtual domains (VDOMs).

      What is most valuable?

      You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances. The reporting you receive out of this appliance is excellent. You will not need an external management system.

      What needs improvement?

      1. sFlow and NetFlow

      I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE.

      NetFlow is a network protocol developed by Cisco for collecting IP traffic information and monitoring network traffic. It is not supported on FortiGate for those who have a NetFlow analyzer/collector already setup in their network.

      2. Policies

      To control traffic in a firewall, you need to create and apply policies to the FW interfaces. By default, policies are sorted by FW interfaces and this makes FW interfaces an integral part of the policies. Zones provide the option to logically group multiple virtual and physical FortiGate firewall interfaces. Then, you apply security policies to those zones (logical groups of interfaces) to control traffic flow on those interfaces.

      In a FortiGate unit with a lot of interfaces (including virtual interfaces), there is a high probability of having duplication of policies.

      For how long have I used the solution?

      Three to five years.

      What do I think about the stability of the solution?

      These devices are very stable.

      What do I think about the scalability of the solution?

      They are easily scalable with multiple built-in interfaces. It supports a minimum of 10 VDOMs. VDOM supports all dynamic routing protocols like RIP, OSPF, BGP, and IS-IS. You do not need to reboot after enabling the VDOMs.

      Area for improvement - there is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files.

      How are customer service and technical support?

      Customer Service:

      Customer service is great, an eight out 10.

      Technical Support:

      I will give technical support an eight out 10.

      Which solution did I use previously and why did I switch?

      We previously used different solutions as well. We did not switch, we have different requirements for different customers.

      How was the initial setup?

      The user interface is relatively easy. The devices are easy to deploy and figure out if you have experience with other security appliances.

      What about the implementation team?

      It was an in-house installation.

      What was our ROI?

      The ROI is great. These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive.

      What's my experience with pricing, setup cost, and licensing?

      Fortinet licensing is straightforward and less confusing compared to Cisco. Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.

      Which other solutions did I evaluate?

      I already have experience with Cisco ASA, so it was simply a customer preference and well within the budget.

      What other advice do I have?

      Great appliances, and it is affordable.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Dëvóps Engineer at a tech company with 51-200 employees
      Real User
      Fortigate is only cheap if you don't value your time or product quality
      I have had the displeasure of having to support SOHO Fortigate offerings (Fortigate/Fortiwifi). in almost any measure, I have found these products inferior to respective solutions from cisco and juniper (two examples i've had experience with). I'll start with the most egregious and disturbing: the product is unstable. the VPN client is crash prone and the VPN daemon is crash prone. if you want to enjoy having to drive to the office when the roads are iced because the VPN daemon just gave up the ghost again, just to reboot a unit, by all means - choose Fortigate. I'll continue with support - pretty much a joke, although being fair here, it is similar in other respective products. by the time a competent engineer reviews your case, you may have to wade through more than a month of back…

      I have had the displeasure of having to support SOHO Fortigate offerings (Fortigate/Fortiwifi). in almost any measure, I have found these products inferior to respective solutions from cisco and juniper (two examples i've had experience with).

      I'll start with the most egregious and disturbing: the product is unstable. the VPN client is crash prone and the VPN daemon is crash prone. if you want to enjoy having to drive to the office when the roads are iced because the VPN daemon just gave up the ghost again, just to reboot a unit, by all means - choose Fortigate.

      I'll continue with support - pretty much a joke, although being fair here, it is similar in other respective products. by the time a competent engineer reviews your case, you may have to wade through more than a month of back and forth with t1/t2 support who offer very little usable assistance.

      And final insult to injury - aggressive and clueless resellers. Fortigate tries to distance themselves from customers via resellers (as if support filtering wasn't enough). getting the wrong product or wrong configuration is very common, especially with unneeded packages.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user375528
      IT NETWORK ENGINEER at a energy/utilities company with 501-1,000 employees
      Vendor
      The most valuable features for us are VPN, WebFilter, and Firewall.

      What is most valuable?

      The most valuable features for us are

      • VPN
      • WebFilter
      • Firewall

      How has it helped my organization?

      It's features are highly customizable. This means that when our different business groups have different needs, the implementations can be customized to meet the demands of those groups and needs.

      What needs improvement?

      I'd like to see an improvement in the Bandwidth Management and Traffic limit control.

      Also, the licenses are expensive, turning off some users.

      For how long have I used the solution?

      We've used all units for five years, except the FortiGate 200D which has been in use for one year. Alongside FortiGate, we also have FortiAnalyzer 1000B and the FortiManager 200D.

      What was my experience with deployment of the solution?

      There have been no issues with the deployment.

      What do I think about the stability of the solution?

      There have been no stability issues.

      What do I think about the scalability of the solution?

      It has not been a problem to scale it.

      How are customer service and technical support?

      Customer Service:

      Customer service is very good.

      Technical Support:

      Technical support is very good.

      Which solution did I use previously and why did I switch?

      I depend on different products from different vendors depending on the required function.

      How was the initial setup?

      The initial setup is simple in the CLI or Web GUI.

      What about the implementation team?

      An in-house network engineer implemented it using the best practice recommendations from the vendor.

      What's my experience with pricing, setup cost, and licensing?

      The appliances and licenses are expensive, and I know some people use other vendors because of this.

      What other advice do I have?

      You should know the customization you want from the beginning, and plan your requirements appropriately.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      NetworkEng896
      Network Engineer at a tech services company with 501-1,000 employees
      Real User
      I could achieve the same results with a software firewall. This one comes in a nice hardware package. Using the CLI should be documented better.

      What is most valuable?

      • Flexibility
      • Flow tracking
      • B2B VPN

      How has it helped my organization?

      It's good for what it is. I could achieve the same results with a pfSense firewall. This one just comes in a nice hardware package.

      What needs improvement?

      Better documentation about usage of the CLI. I learned most of what I know in diagnostic functionality through saving SSH sessions with the customer support staff while in WebEx sessions.

      I have tried looking up the manuals. They are OK in some respects, but I feel exhaustive documentation about the CLI "with examples" should be there, and I feel it's not.

      I'm saying, hey lets consolidate some of the primary real world scenarios like:
      Section A: - Troubeshooting B2B VPN peering with a business partner or client when initially setting up the VPN tunnel.

      Inevitably, there are always quirks and nuances between the fortigate vendor versus peering with a Palo Alto or an ASA firewall or even a Juniper SSG.

      Imagine providing all steps, command line syntax, and GUI (if available) and how to take steps to debug the flow and see what's failing.
      Sometimes it's super hard to figure out what's wrong with a fortigate VPN unless you know the commands on the CLI to see the flow and how to interpret it.

      If they had all the methods / syntax and the "how's and why's" for a scenario; even possibly an instructional video showing how via the CLI and gui alongside the documentation. It would be like the pearly gates had opened and I had gone to heaven.

      For how long have I used the solution?

      I have used it for three years.

      What do I think about the stability of the solution?

      I never encountered any stability issues. It is a very stable product.

      What do I think about the scalability of the solution?

      Scalability's not been an issue for my org. We only utilize it for certain applications.

      How are customer service and technical support?

      Technical support is excellent, although it can be a bit difficult to understand the tech. As with most support staff from almost all vendors now, the support comes from somewhere across the pond.

      Which solution did I use previously and why did I switch?

      On the site where the FortiGate is stationed, it's never been changed out.

      How was the initial setup?

      Initial setup was straightforward.

      What's my experience with pricing, setup cost, and licensing?

      Buy the support package! Upgrades, advice about upgrade paths, and troubleshooting help is paramount. There have been some times where, without it, I'd have been dead in the water.

      Which other solutions did I evaluate?

      This was an in-place firewall when I integrated the site to my org.

      What other advice do I have?

      Figure out what features you want, and what policies you want. Look up how to do it in advance, and create an implementation plan.

      Plan for policies, routing, NATting, etc. Create a step-by-step process in advance, possibly create the environment in a DEV sandbox, test it, then implement.

      It has a good feature set. However, sometimes you are forced to solicit technical support to get it working.

      Also, I find the web interfaces sometimes do not display things properly.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user283398
      Security Analyst at a tech services company with 10,001+ employees
      MSP
      The UTM (application control) features have solved many issues that other firewall providers cannot, such as Google suite blocking and allowing.

      What is most valuable?

      The UTM (application control) features have been very important, because they have solved many issues that other firewall providers have not developed as Fortinet has.

      A clear example of this feature advantages is blocking and allowing the Google suite. For example, without UTM, we would not have been able to execute some customer requirements like this one:

      A customer asked us that some host on their LAN is going to be assigned to be a POS workstation. They needed that workstation to have permissions to some applications and some URLs, and they needed to block users from opening sites like YouTube, Google+, and Google Drive, but they needed to get in to some POS URLs hosted in the Google cloud. We were working with rules allowing some specified URLs, but it didn’t work because the subnetting IP address the customer needed to be allowed, sometimes matched the YouTube service. Google support engineers told us they rotate their IP addressing subnets to be more secure and they do not always attach an IP address to a domain name. So, sometimes the customer’s workstations were able to open YouTube sites too.

      The way we could block YouTube and allow the customer POS URLs sites, was by configuring an application control sensor, where we were able to block some categories like this:

      Another requirement was to allow some specified applications, so we configured the next sensor structure:

      Another customer reported to us they had issues working with Gmail attachment files; they could not do it. Executing some packet captures and with the Fortinet TAC help, we found they were using the latest Chrome versions that use the QUIC Google protocol, which is not supported by Fortinet because it is not a valid protocol. We proceeded to block the QUIC protocol using an application control sensor.

      After this blocking action, the customer was able to work without any issue.

      How has it helped my organization?

      It can block applications in level 7.

      Even though other companies have latest-generation firewalls, FortiGate’s database is bigger.

      What needs improvement?

      They could improve performance with all the UTM features working.

      Sometimes, we have seen that when you enable the antivirus sensor, customers report slow web browsing. We know this is normal, but we would like to know if it is possible to make feel the customer their web browsing is fast with not as much delay. The antivirus sensor analyzes all the protocols and packets we specified, and this is an important performance affectation. In my personal point of view, I don’t think it is a serious issue, but we receive many reports from users who browse the web with antivirus sensors applied to their firewall policies.

      For how long have I used the solution?

      I have been using it for seven years.

      It is working in route mode, with all UTM licences active; it has FSSO configured to give permission to the users. It is configured to provide VPN SSL service.

      What do I think about the stability of the solution?

      I have encountered stability issues only when we enable all the UTM features.

      What do I think about the scalability of the solution?

      I have not encountered any scalability issues.

      How are customer service and technical support?

      Technical support is 9/10.

      Which solution did I use previously and why did I switch?

      We have been using FortiGate solutions for eight years. We have been upgrading when solutions in the family become unsupported.

      How was the initial setup?

      The initial setup is easy; no issues with doing it.

      Which other solutions did I evaluate?

      My company did not evaluate other options. They decided to purchase FortiGate directly.

      What other advice do I have?

      Work a lot with all of the UTM features because they can be very helpful right now with configuring firewall policies. The policies became very whole.

      Disclosure: My company has a business relationship with this vendor other than being a customer: My company is a Fortinet provider for Mexico.
      ITCS user
      IT Manager at a tech vendor with 501-1,000 employees
      Vendor
      We were able to prevent the use of torrent applications. They need to improve the alert and event logs.

      What is most valuable?

      With the application and web filters, we were able to block social network websites and any other websites that could lead staff being less productive. We were able to stop use of VPN applications on the school’s network. We were able to prevent the use of torrent applications.

      How has it helped my organization?

      It was used in a school network, so it kind of helped in preventing staff and students from getting carried away with their browsing.

      What needs improvement?

      I feel they need to work on the alert and event logs. We were not able to get anything much out of it when we were facing issues. Not sure if it was a configuration issue; we were, in fact, not able to see any system-related logs.

      For how long have I used the solution?

      I used it for two years. I had to replace it as the number of staff increased to beyond its limit.

      What do I think about the stability of the solution?

      We did have an issue with it hanging occasionally. But then later, we figured out that it was handling traffic beyond its limit.

      How are customer service and technical support?

      Technical support is average.

      Which solution did I use previously and why did I switch?

      This was the first device we used.

      How was the initial setup?

      It was installed by the IT solution provider while setting up the school.

      What other advice do I have?

      It is a good device for a medium-sized company. But if you have over 150 staff/devices, I wouldn’t advise using this.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      it_user431136
      Consultant Information Technology at a tech company with 51-200 employees
      Real User
      Delivers what it promises when it comes to performance, stability and security functions.

      What is most valuable?

      The web content filtering and application control allow us to control which websites and online applications our users can access and those they cannot, thus preventing access to pornographic sites, online gaming sites, social media and many others during office hours.

      The application control reinforces the blocks, preventing, for example, users from using specific applications to bypass the web content filter blocks. An example is a user running the UltraSurf proxy, attempting to access banned sites. With the application control function, FortiGate is able to prevent the operation of this application.

      IPS - Intrusion Prevention System: It is the main component that detects and blocks hackers and malware attacks.

      Other valuable features are SSL VPN and WAN link balancing.

      How has it helped my organization?

      It provides real security for business customers.

      What needs improvement?

      The reports provided by the equipment could be more detailed, and not so dependent on the FortiAnalyzer.

      The FortiGate internal reports are good, but could have more details and options for viewing certain network data. For the client to get the richest reports, they need to buy the FortiAnalyzer appliance or hire FortiCloud service. These two aim to catch all of the FortiGate logs and turn them into friendly reports, many of which are not present in FortiGate itself.

      For how long have I used the solution?

      I have been installing and configuring this product for at least 10 years with different companies, including other models such as the Fortigate 60D and 80C.

      What do I think about the stability of the solution?

      The product has always been stable and performed quite well.

      What do I think about the scalability of the solution?

      I have not encounter any scalability issues.

      How are customer service and technical support?

      Technical support is very good. Fortinet professionals are well trained.

      Which solution did I use previously and why did I switch?

      For commercial UTM solutions, I have always worked with Fortinet; I had no reason to trust another third-party solution.

      How was the initial setup?

      It's simple: Just turn it on, access your Web console via the default IP address and then perform the settings.

      What about the implementation team?

      I installed and configured the 200D for one of my clients.

      What's my experience with pricing, setup cost, and licensing?

      The full license is UTM Bundle Full Guard. The license fee varies according to the Fortigate model; prices can be low or too high.

      What other advice do I have?

      If you need real and effective security for your network, do not hesitate to buy a Fortigate appliance. It is no wonder that it is the best according to Gartner, for several years running. It delivers what it promises and more when it comes to performance, stability and security functions.

      Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
      ITCS user
      Project Consultant at a tech consulting company
      Consultant
      I can delegate more simple and routine tasks to other administrators and I don’t have to be the “Firewall” guy all the time, but the graphical interface always has room for improvement.

      What is most valuable?

      I enjoy the combination of an intuitive graphical interface and also a traditional shell command line environment for more advanced administration. The option to configure policies in a graphical environment is very easy to understand and also simple to teach someone else unfamiliar with the product.

      How has it helped my organization?

      It’s much easier to share administration tasks with more people. Due to the flexibility and ease of certain features, I can delegate more simple and routine tasks to other administrators and I don’t have to be the “Firewall” guy all the time.

      What needs improvement?

      I think the graphical interface always has room for improvement. I would like to see more attention put towards the logging functions as well.

      For how long have I used the solution?

      I worked with this solution daily for over 12 months.

      What do I think about the stability of the solution?

      I encountered several strange issues in v5.0 (and earlier) OS versions. Strange anomalies like random reloads, VPN instability and unexplained policy changes. However, all of these issues were resolved in v5.2.

      How are customer service and technical support?

      I always had great experiences with Fortinet. I worked with them several times to resolve configuration issues and process RMA’s on failed equipment, which was rare.

      Which solution did I use previously and why did I switch?

      I’ve personally used Cisco ASA and PIX architecture and after using Fortinet, I always prefer FortiGate products in terms of functionality and ease of use. I recommend these to clients looking for a firewall solution.

      How was the initial setup?

      Usually always simple and straight forward. I can get a client up and running with most standard policies and inbound/outbound control in a single day and make adjustments as needed. I can usually preconfigure Fortinet products and send them out for install.

      What about the implementation team?

      I always implemented via in-house. I think the most important advice is to always test new configurations in the lab especially, when upgrading firmware.

      What was our ROI?

      From my experience, FortiGate products are affordable and worth the investment.

      What other advice do I have?

      I think for almost any small to mid-size business this is a great solution. Fortigate should definitely be considered before choosing a more expensive and complicated product.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      ITCS user
      Network Engineer at a tech services company with 501-1,000 employees
      Consultant
      Controlling and tracing with web console works nicely for windows systems, but for Linux, only IP can be obtained.

      Valuable Features:

      • Policy control
      • Web filtering
      • Application filter works smoothly.
      • Controlling and tracing with web console works nicely for windows systems.
      • Better QoS than Checkpoint, I believe.

      Improvements to My Organization:

      Previously, my organization had the Checkpoint firewall solution, which has been replaced by the Fortinet Fortigate solution, which is cost effective and more manageable from a beginner's perspective.

      Fine QoS and Web based filtering solution is a plus.

      Room for Improvement:

      • Maybe Linux system monitoring can be improved by the developers of the product.
      • Although it has policy control and web filtering, these could be better.
      • Application filter needs more control options.
      • IP tracing works only so-so.
      • Controlling and tracing with web console for Linux only obtains IP addresses.
      Disclosure: My company has a business relationship with this vendor other than being a customer: My company provides tech services that include this product.
      ITCS user
      Project Manager at a tech vendor with 1,001-5,000 employees
      Vendor
      For price criteria, Fortinet wins over competitors. That being said, certain areas of the product need improvement

      What is most valuable?

      • Performances
      • VDOM
      • UTM
      • Consolidated Management
      • FortiGuard

        How has it helped my organization?

        • Endpoint control of mobile devices with Security Profiles compliancy checking, captive portal redirection, Antivirus, IPS and Web Filtering enabled on outgoing traffic (coupled to FortiClient solution)
        • Identity-based policies used to authenticated and profile users and guests whatever the media used to access the network (ie. Wired and WiFi)
        • Dynamic BGP routes injections to divert traffic requiring UTM inspection or DDOS mitigation
        • Two-Factor Authentication VPN SSL for itinerant users (coupled to FortiToken solution)
        • Active/Active cluster load-balancing http/https traffic
        • GTP tunnels inspections over GPRS backbones for pure-player telco operators
        • Distributed WiFi infrastructure with UTM enabled and managed from the central console like signatures and firmware updates
        • Classical IP/IPv6 Firewall with consolidated-management

        What needs improvement?

        • Fix all pending bugs present in 5.0.x branch
        • Improve the testing process of newly published firmware like using real and representative configurations submitted to consequent traffic load during a while
        • Support SNMPv3 INFORM requests
        • Uniform the scheduled backup between FortiGate, FortiManager and FortiAnalyzer
        • Integrate graphical troubleshoot tools for policies based on devices or user identities

        For how long have I used the solution?

        4.5 years

        What was my experience with deployment of the solution?

        Some few non-blocking bugs present in the latest release and which are now solved. In the past I encountered serious bug regarding SCTP and GTP supports. Fortinet helped me to qualify the bug, implement a temporary workaround and then published appropriate patches rapidly.

        What do I think about the stability of the solution?

        No. I always used the latest qualified-stable firmware recommended by Fortinet and check by own testing methods the stability of HW and SW before deploying anything into customer premises.

        What do I think about the scalability of the solution?

        With design and dimensioning parts well achieved I never encountered scalability issue. However it happened I had to troubleshoot some slowness and latency issues on existing projects already running live. Most of the time they were due to some design issues and non-optimized configurations like for instance “in” and “out” ports not handled by the same NP, policy rules non-optimized and non-used features enabled.

        How are customer service and technical support?

        Customer Service:

        Very good.

        Technical Support:

        Very good.

        Which solution did I use previously and why did I switch?

        • CISCO ASA: Too expensive, performances issues, non-consolidated management between traditional ASA and inspection ASA CX, not the best security engines
        • Checkpoint: Very expensive but good solutions, not the leader in UTM segment
        • Juniper: Expensive but good solutions, not the leader in UTM segment
        • Cyrberoam: Attractive prices but not yet tested, looks like promising
        • Arkoon/Netasq: Obsoletes (Stormshield not yet tested)

        How was the initial setup?

        It was quite simple if you have at least a minimum of experiment with Firewalls integration. It is now even simpler thanks to the FortiExplorer application.

        What about the implementation team?

        In-house.

        Which other solutions did I evaluate?

        Taking into account the price criteria, nowadays Fortinet always wins offers in front of competitors like CISCO and Checkpoint. Mixing this key-point with other success keys like UTM features and performances.

        What other advice do I have?

        Contact Fortinet or Fortinet’s partner and ask for a POC.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        CEO with 51-200 employees
        Vendor
        I've been using it for 6 years. I like the security profiles and vulnerability assessment.

        Valuable Features

        Load Sharing VDOM Security Profiles Vulnerability Assessment

        Use of Solution

        6 Years

        Deployment Issues

        Yes, bugs.

        Stability Issues

        No.

        Customer Service and Technical Support

        Poor.

        Valuable Features

        • Load Sharing
        • VDOM
        • Security Profiles
        • Vulnerability Assessment

        Use of Solution

        6 Years

        Deployment Issues

        Yes, bugs.

        Stability Issues

        No.

        Customer Service and Technical Support

        Poor.

        Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
        it_user275226
        IT Director with 501-1,000 employees
        Vendor
        I don't need to have a cluster because it's stable, but rules are not intuitive and the admin UI needs improvement.

        What is most valuable?

        It offers a proxy and a firewall.

        How has it helped my organization?

        It has a better processor than CheckPoint.

        What needs improvement?

        It's not intuitive, as the rules will be in the last place you look. You can look for a report for an hour, eventually getting a blank page. User experience for the administrator is basically not good as it needs to be more proficient.

        For how long have I used the solution?

        I've used it for two years.

        What was my experience with deployment of the solution?

        I have five ISPs, and it was hard to connect the LAN to the WAN. It did not go well and I had do to a roll-back.

        What do I think about the stability of the solution?

        The product is so stable I don't need to have a cluster.

        How are customer service and technical support?

        Customer Service:

        I use a service given by the integrator and it's better than Fortigate’s. The integrator gives me a guarantee that they will immediately replace my machine if a problem occurs.

        Technical Support:

        I use a service given by the integrator and it's better than Fortigate’s. The integrator gives me a guarantee that they will immediately replace my machine if a problem occurs.

        Which solution did I use previously and why did I switch?

        I used an open-source product name Squid.

        How was the initial setup?

        It's straightforward, and was transparent for the users.

        What about the implementation team?

        We did it in-house.

        What was our ROI?

        It costs $200,000 and is only a bit better than the open source solution, which was free.

        What's my experience with pricing, setup cost, and licensing?

        You don’t have to buy the Fortigate analyzer, as you can also get the reports using Fortinet.

        What other advice do I have?

        It's fine as a firewall and as a proxy. You need to configure the rules right or else it will be hard to keep up with the logs.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Security Consultant at Webernetz.net - Network Security Consulting
        Consultant
        Cisco ASA vs. Fortinet FortiGate vs. Palo Alto vs. Juniper SSG
        Since IPv6 gets more and more important, I am using it by default on all my test firewalls, which of course support IPv6. However, when comparing the different functions and administration capabilities, they vary significantly. Here comes my short evaluation of the IPv6 functions on the following four firewalls: Cisco ASA, Fortinet FortiGate, Juniper SSG, and Palo Alto. Criteria I was merely interested in the basic IPv6 usage and not in the typical firewall categories: Interface: IPv6 address and link-local address configurable? Router Advertisement and DHCPv6: Whether the firewalls support nothing (–), only RA (-), DHCPv6 relay (ο), stateless DHCPv6 (+), or stateful DHCPv6 (++). The existence of stateless DHCPv6 is vital for delivering the DNS server IPv6 addresses…

        Since IPv6 gets more and more important, I am using it by default on all my test firewalls, which of course support IPv6. However, when comparing the different functions and administration capabilities, they vary significantly.

        Here comes my short evaluation of the IPv6 functions on the following four firewalls: Cisco ASA, Fortinet FortiGate, Juniper SSG, and Palo Alto.

        Criteria

        I was merely interested in the basic IPv6 usage and not in the typical firewall categories:

        • Interface: IPv6 address and link-local address configurable?
        • Router Advertisement and DHCPv6: Whether the firewalls support nothing (–), only RA (-), DHCPv6 relay (ο), stateless DHCPv6 (+), or stateful DHCPv6 (++). The existence of stateless DHCPv6 is vital for delivering the DNS server IPv6 addresses to the clients. (The “IPv6 Router Advertisement Options for DNS Configuration”, RFC 6106, is not supported by any of these devices.)
        • Security Policy: Whether IPv4 and IPv6 addresses can be used in the same policy and whether address groups can have objects from both protocols.
        • Administration: How easy are the IPv6 functions to manage? Only via the CLI (–), fifty-fifty (ο), GUI but complicated (+) , or fully via the GUI (++).

        Results

        These are the results. They range from — via ο to ++.


        Cisco ASA
        Fortinet FortiGate
         Juniper ScreenOS
        Palo Alto
        Version
        9.2(3)
        5.2.2
        6.3.0r18.0
        6.1.3
        Interface
        ++
        +
        ++
        ++
        RA, DHCPv6
        -
        ++
        +
        0
        Security Policy
        ++
        -
        -
        ++
        Administration + - + ++

        Details

        Cisco ASA

        The Cisco ASA has no DHCPv6 instance running. That is: there is no way to run an IPv6-only network because clients won’t get the DNS server. The security policy is capable of both protocols. Everything is configurable via the GUI, which is not the best at all.

        Fortinet FortiGate

        The FortiGate is the only firewall with a stateful DHCPv6 server. Great. However, two distinct security policies must be used and nothing of the IPv6 settings are configurable via the GUI. WHAT???

        Juniper SSG (ScreenOS)

        ScreenOS is dead. However, most of the IPv6 functions are working quite good, except the protocol dependent security policies. Everything is accessible via the GUI, but sometimes on confusing positions.

        Palo Alto

        Palo Alto did a good job on the IPv6 interfaces and security policies. The GUI is quite intuitive and the policy accepts both protocols at the same time. Unluckily, there is no DHCPv6 server which makes it impossible to operate an IPv6-only client network behind a Palo Alto (without further servers).

        Conclusion

        It’s interesting to see the differences between those firewalls. While the Fortinet und Juniper firewalls support the whole SLAAC process incl. DNS servers, they have no single security policy for both protocols and are horrable to configure.

        The Palo Alto is quite good to configure but lacks the DHCPv6 server. Same for the Cisco.

        In summary, all firewalls position in the middle of my scale. From an IPv6-only view, I cannot say which one is the best. It depends….

        Originally published on blog.webernetz.net

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user245154
        Customer Support engineer at a healthcare company with 51-200 employees
        Vendor
        It helps to come up with the requirements of proxy servers, but it does not have that much troubleshooting & network testing features.

        What is most valuable?

        The key features of this product are:

        • Network security
        • UTM Features
        • Configuration and ease of deployment.
        • IP/User/Device Mac ID/Device Type based policy configuration
        • Traffic shaping
        • Load balancing
        • Ease of VPN configurations
        • Explicit proxy
        • Link segregation
        • Application signatures
        • Network object based HTTPS/SSL inspection etc.

        How has it helped my organization?

        In many organizations it helps to come up with the requirements of proxy servers, defining network traffic and the amount of bandwidth for any network object or specified user(s). It has also provided us with security compatibility with other network devices such as IP cameras, the video conferencing system, VOIP phones. It also logs & reports on individual users network activities.

        What needs improvement?

        The FortiGate series does not have that much troubleshooting & network testing features in its GUI, hence we’ll definitely be looking for some add-on features in near future.

        For how long have I used the solution?

        I have been using this solution for the past year.

        What was my experience with deployment of the solution?

        No issues yet.

        What do I think about the stability of the solution?

        No issues yet.

        What do I think about the scalability of the solution?

        For massive logs & reports (over a month) we have to go for a separate logging & reporting device i.e. FortiAnalyzer/FortiCloud, as this is not available in Fortigate itself.

        How are customer service and technical support?

        Customer Service:

        7/10.

        Technical Support:

        8/10.

        Which solution did I use previously and why did I switch?

        We started with FortiGate itself.

        How was the initial setup?

        This product has a setup wizard (FortiExplorer) for the initial configuration, while the physical connectivity is done via a USB cable which is very easy to use.

        What about the implementation team?

        We implemented the solution ourselves.

        What was our ROI?

        It is value for money product as we’ve purchased it with Fortinet's three-year warranty package.

        Which other solutions did I evaluate?

        We have evaluated Dell’s Sonicwall & Cyberoam.

        What other advice do I have?

        Analyze your needs first before implementing this product.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user241746
        Software Test Engineer with 501-1,000 employees
        Vendor
        The product has lived up to its expectations but the web interface needs to be improved.

        What is most valuable?

        Anti-virus NAT VPN

        How has it helped my organization?

        It's the only security product in place that is responsible for guarding the network infrastructure deployed within the premises. The product has lived up to its expectation with no issues whatsoever.

        What needs improvement?

        The web interface could be made better.

        For how long have I used the solution?

        I've used it for eight years.

        What was my experience with deployment of the solution?

        No issues encountered.

        What do I think about the stability of the solution?

        No issues encountered.

        How are customer service and technical support?

        We have managed to maintain the device without getting in touch with technical support. Credit can be given to the documentation provided.

        Which solution

        What is most valuable?

        • Anti-virus
        • NAT
        • VPN

        How has it helped my organization?

        It's the only security product in place that is responsible for guarding the network infrastructure deployed within the premises. The product has lived up to its expectation with no issues whatsoever.

        What needs improvement?

        The web interface could be made better.

        For how long have I used the solution?

        I've used it for eight years.

        What was my experience with deployment of the solution?

        No issues encountered.

        What do I think about the stability of the solution?

        No issues encountered.

        How are customer service and technical support?

        We have managed to maintain the device without getting in touch with technical support. Credit can be given to the documentation provided.

        Which solution did I use previously and why did I switch?

        This was the first security device that was deployed.

        How was the initial setup?

        Setup was straightforward and the documentation was very clear which meant that there were no issues during the initial setup.

        What about the implementation team?

        We had a vendor assist us who had decent knowledge about the product.

        Which other solutions did I evaluate?

        We also looked at pfSense.

        What other advice do I have?

        The product has reached its end of life.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user241101
        Network Administrator at a real estate/law firm with 51-200 employees
        Vendor
        It offers unlimited VPN licensing but it needs a real-time log viewer in the GUI.

        What is most valuable?

        The unlimited VPN licensing. All of our remote locations (1000+) used IPSec VPN and SSL to connect to the cluster.

        How has it helped my organization?

        We went from being terrified about our firewalls screwing up to completely forgetting we had firewalls. I slept better and so did my manager.

        What needs improvement?

        A real-time log viewer in the GUI with the capability to filter traffic displayed. Cisco ASA's have this and it's fantastic.

        For how long have I used the solution?

        I used it for four years. We had two devices that were clustered together in a high availability pair as the front end of an country wide, high visibility solution.

        What was my experience with deployment of the solution?

        No issues encountered.

        What do I think about the stability of the solution?

        No issues encountered.

        What do I think about the scalability of the solution?

        No issues encountered.

        How are customer service and technical support?

        Customer Service:

        Customer service was decent with Fortinet - they were helpful and got the product to our doorstep quickly.

        Technical Support:

        This is where Fortinet stumbles. The support is farmed out overseas to techs that are not very knowledgeable about the Fortinet products. The response time for a critical priority one issue was over four hours and they only responded because we threatened legal action for them violating our support contract.

        Which solution did I use previously and why did I switch?

        They used to have Juniper products, which are terrible. The enterprise class firewalls do not support any sort of packetflow gathering such as netflow, and the devices didn't even support Juniper's proprietary jflow. Their SRX series routers, meant for home office use, had more features and capabilities.

        How was the initial setup?

        It was very straightforward and we encountered very little problems. Fail-over occurred within a second with zero outages or anyone actually taking notice. Firmware updates were easy to apply in a live environment if required, and the GUI was very easy to understand.

        What about the implementation team?

        I deployed it - I'm FCNSA certified.

        What was our ROI?

        If we used a similar solution that required a "per seat" license per VPN, we would have literally spent over 100x what the solution cost us.

        What's my experience with pricing, setup cost, and licensing?

        We implemented the clustered firewalls for around $30,000, and each office had another Fortigate device at a cost of around $1,000.

        Which other solutions did I evaluate?

        Cisco was evaluated but we didn't want to pay for the VPN licensing.

        What other advice do I have?

        It's an absolutely fantastic product. Just get your support contract clarified, and confirm the response times.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user236523
        Senior Information Security Engineer with 501-1,000 employees
        Vendor
        It's excellent and we strongly recommend it, but WAN link load balancing needs improving.

        What is most valuable?

        I am using different features of this product but the most valuable are -

        • SSL VPN
        • Web filter
        • Explicit proxy
        • IPS
        • Application control
        • Routing

        How has it helped my organization?

        I replaced my core router with a Fortigate appliance and it is performing inter-VLAN routing. I removed manual proxies and used transparent proxy using Fortigate security profiles, and implemented traffic shaping, web filter, application control, IPS and anti-virus. All the servers are protected by Fortigate security profiles.

        What needs improvement?

        • WAN link load balancing
        • Reports
        • Anti-virus.

        For how long have I used the solution?

        I have been using this solution since 2013.

        What was my experience with deployment of the solution?

        We faced some technical issues on the Fortinet side.

        What do I think about the stability of the solution?

        No issues encountered.

        What do I think about the scalability of the solution?

        No issues encountered.

        How are customer service and technical support?

        Customer Service:

        6/10.

        Technical Support:

        6/10.

        Which solution did I use previously and why did I switch?

        I didn't use any other solution prior to Fortinet.

        How was the initial setup?

        It was complex because there was a huge network with VLANs configured and routing protocols enabled.

        What about the implementation team?

        We implement this through a vendor. I would rate their level of experience 8/10.

        What was our ROI?

        I would only say that Fortinet provides business and security returns at a cost substantially lower than the benefits derived.

        Which other solutions did I evaluate?

        We evaluated Sophos and Barracuda alongside Fortigate.

        What other advice do I have?

        Our experience of using Fortigate is excellent and we strongly recommend it.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user236517
        Senior NetOps Engineer at a tech services company with 51-200 employees
        Consultant
        Security has been increased but the licensing fees could be lower.

        What is most valuable?

        • GUI
        • Flexibility
        • Easy to configure
        • UTM

        How has it helped my organization?

        • Option to control application = increased productivity
        • Data leak prevention = increased security
        • Anti-virus & IPS = increased security

        What needs improvement?

        I'm happy with the product, however the licensing fees could be lower.

        For how long have I used the solution?

        I've used it for six years.

        What do I think about the stability of the solution?

        No issues encountered.

        What do I think about the scalability of the solution?

        There is a specific way of deploying a Fortigate product, and the scalability is related to the new unit deployment so there are no problems here. If you need more power/space, you just have to add a new box.

        How are customer service and technical support?

        Customer Service:

        It's very good, I've never had any problems with customer service.

        Technical Support:

        It's very good, I've never had any problems with technical support.

        Which solution did I use previously and why did I switch?

        I was using Cisco ASA, and I switched due to a lack of features (e.g. poor SSL VPN support).

        How was the initial setup?

        It's a very simple setup as everything is well documented online and via the Fortigate channel on YouTube. Also, I posses a large amount of knowledge gained during the years that has helped me to deploy all my solutions. Even from the the beginning, it was easy as Fortigate has a great GUI and good online help,

        What about the implementation team?

        We did an in-house implementation, with no third party involvement.

        What was our ROI?

        The product is deployed as part of, and an add-on to, the MPLS solution for the majority of my customers. There is no ROI as this is not the major expectation, as the ROI is coming from the whole solution, not just this product.

        What's my experience with pricing, setup cost, and licensing?

        All the costs are for the annual licenses. The cost of the original deployment fell below £5,000, and licenses are priced at around £3,000.

        Which other solutions did I evaluate?

        We considered Cisco, however we decided to go with Fortigate as it provides a good set of the features for the price paid,

        What other advice do I have?

        Enjoy it. The product is easy to implement, easy to manage, and easy to develop and grow.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user234777
        IP Senior Engineer at a comms service provider with 501-1,000 employees
        Vendor
        It offers stability, scalability and plenty of security features. Enjoy fast and effective troubleshooting as everything is organized in a very understandable way.

        What is most valuable?

        • High Availability clustering
        • SNAT/DNAT
        • Policies section view
        • Virtual Domains
        • Logging and Reporting
        • IPS

        How has it helped my organization?

        It has made our daily operations easier, as well as adding security, and stability to them. Adding or removing security policies is simplified through its web interface, or CLI. Additionally, troubleshooting is fast and effective, as everything is organized in a very understandable way.

        What needs improvement?

        Its web interface needs to be more stable, and more functional, through the variety of browsers. Additionally a nice add-on would be a “diagnostic sniffer” capability in the web interface.

        For how long have I used the solution?

        I've used it for six years.

        What was my experience with deployment of the solution?

        With different browsers, the web interface crashes. On newer versions of Fortios the problem has been minimized.

        What do I think about the stability of the solution?

        Not at all, it is as stable as it should be.

        What do I think about the scalability of the solution?

        I believe that it is a little complex adding new firewalls in an existing cluster.

        How are customer service and technical support?

        Customer Service:

        8/10.

        Technical Support:

        9/10.

        Which solution did I use previously and why did I switch?

        We are using different firewall solutions, in parallel with the Fortigate ones.

        How was the initial setup?

        It was straightforward. Taking control of the device for first time is easy, and the cookbook manual is very helpful.

        What about the implementation team?

        A vendor team offered five day training but the implementation was in-house.

        Which other solutions did I evaluate?

        We evaluated other solutions, but I was not responsible for taking the final decision.

        What other advice do I have?

        Throughout the last six years we have been using Fortigate firewalls, and the experience we gained is only positive. These devices are easy to manage, operate and troubleshoot any issues that might rise. The use of virtual domains has added more security presence by only having one physical device, and it’s easy to create them. Also, by enabling other security features on the VDoms, the physical performance will not be affected.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        IP Core & Security Supervisor at a comms service provider
        Vendor
        Web filtering is good but I can't allow traffic from outside to inside using a NAT pool.

        What is most valuable?

        IPS Web filtering

        How has it helped my organization?

        We are making use of the VDOM feature to segregate the traffic, and apply policy to control that traffic.

        What needs improvement?

        This product can't show the NAT status or NAT logs.

        For how long have I used the solution?

        I've been using ForitGate for over two years alongside FortiManager 300D.

        What was my experience with deployment of the solution?

        I have an issue with NAT only, in that I can't allow traffic from outside to inside using a NAT pool.

        What do I think about the stability of the solution?

        There was a bug related to device stability with HA configuration. We face many attacks on the network which causes the CPU usage to become high and, with the older device, we started losing the…

        What is most valuable?

        • IPS
        • Web filtering

        How has it helped my organization?

        We are making use of the VDOM feature to segregate the traffic, and apply policy to control that traffic.

        What needs improvement?

        This product can't show the NAT status or NAT logs.

        For how long have I used the solution?

        I've been using ForitGate for over two years alongside FortiManager 300D.

        What was my experience with deployment of the solution?

        I have an issue with NAT only, in that I can't allow traffic from outside to inside using a NAT pool.

        What do I think about the stability of the solution?

        There was a bug related to device stability with HA configuration. We face many attacks on the network which causes the CPU usage to become high and, with the older device, we started losing the heartbeat and control messages, causing HA split-brain and lag flapping.This issue has been fixed in the new release.

        What do I think about the scalability of the solution?

        No issues encountered.

        How are customer service and technical support?

        Customer Service:

        They're good.

        Technical Support:

        They're very good.

        Which solution did I use previously and why did I switch?

        No previous solution used.

        How was the initial setup?

        It was complex to setup.

        What about the implementation team?

        We used a vendor, ALU to help implement it.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Network Security Infrastructure - Tech Specialist with 10,001+ employees
        Vendor
        It has given me complete oversight of my network in a centralized fashion but certain features need improving.

        What is most valuable?

        • It's version of throughput is good
        • It has a strong active cluster, as you can have between three and 32 units to a cluster

        How has it helped my organization?

        Finally there is a UTM Fortinet. It has given me complete oversight of my network in a centralized fashion, so I know what is going on at all times. It provides me with a solution that can automatically take control of situations when they arise, with the most intuitive interface. It stops you needing to be on the phone to tech support, or a local vendor, for days on end.

        What needs improvement?

        • Security
        • LAN
        • WAN

        For how long have I used the solution?

        I've used it for three years.

        What was my experience with deployment of the solution?

        No issues encountered.

        What do I think about the stability of the solution?

        No issues encountered.

        What do I think about the scalability of the solution?

        No issues encountered.

        How are customer service and technical support?

        Customer Service:

        8/10.

        Technical Support:

        8/10.

        Which solution did I use previously and why did I switch?

        No previous solution was used.

        How was the initial setup?

        It was easy to set up.

        What other advice do I have?

        The most important factor is that you choose a firewall or UTM solution that fits your organizations security requirements. Begin by determining what business problem you are trying to solve, what technical controls you need to implement (Firewall, IPS, NAC, VPN, endpoint, mobility, web filtering, malware detection, etc.). Then, determine what hardware features you need such as (HA clustering, link aggregation or 10Gb, port sensity), and what kind of throughput, and how many concurrent connections.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Dono at a tech consulting company
        Consultant
        The projects' initial costs were high but right now we can do most things, and the only costs now are the annual license fees.

        What is most valuable?

        • Active Directory integration
        • QOS
        • Balance/Fail-over
        • Web filtering and protection with AV engine
        • WiFi network for visitors isolated from our corporate WiFi network using only one unit

        How has it helped my organization?

        After the implementation we stopped internet disruptions and abuse by users.

        What needs improvement?

        Everything needs to be improved, but they have improvements with each new version.

        For how long have I used the solution?

        We've been using Fortinet products since 2009. Alongside FortiGate. we also use FortiAnalyzer 10C and FortiWiFi 40C & 50B.

        What was my experience with deployment of the solution?

        Yes, a misunderstanding of the environment and misconfiguration of the unit. After reviewing it all, everything has been working fine for years.

        What do I think about the stability of the solution?

        It works as defined and expected.

        What do I think about the scalability of the solution?

        We have the ability to expand our units and there have been no issues so far.

        How are customer service and technical support?

        Customer Service:

        It's the best I have experienced.

        Technical Support:

        It's the best I have experienced.

        Which solution did I use previously and why did I switch?

        Previously, we used Linux distributions, and we changed due to its limitations and our company expansion.

        How was the initial setup?

        It's straightforward. You just need to understand the concept, and how to apply it.

        What about the implementation team?

        We used an external company and they had a good amount of knowledge.

        What was our ROI?

        We have never stopped to calculate it, but we cannot describe how good we feel since we no longer face issues with the internet.

        What's my experience with pricing, setup cost, and licensing?

        The projects' initial costs were high but right now we can do most things, and the only costs now are the annual license fees.

        Which other solutions did I evaluate?

        We also looked at BlueCoat.

        What other advice do I have?

        Feel free to ask me questions about Fortinet.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Technical Consultant at a tech services company with 501-1,000 employees
        Consultant
        Very easy to manage and understand

        What is most valuable?

        SSL VPN, Site to Site VPN, UTM features and web override are nice features.

        What needs improvement?

        They need to improve a bit the SSL VPN to integrate with Sharepoint single sign on, with form base, Windows claim base and SALM base authentication.

        For how long have I used the solution?

        For the last 3 years

        What was my experience with deployment of the solution?

        Yes but that was resolved.

        What do I think about the stability of the solution?

        Yes, sometimes the CPU and memory get to 99% utilization but when this happens no users are working and no updates for windows are configured.

        What do I think about the scalability of the solution?

        Yes, somewhat.

        How are customer service and technical support?

        Customer Service: The level of customer…

        What is most valuable?

        SSL VPN, Site to Site VPN, UTM features and web override are nice features.

        What needs improvement?

        They need to improve a bit the SSL VPN to integrate with Sharepoint single sign on, with form base, Windows claim base and SALM base authentication.

        For how long have I used the solution?

        For the last 3 years

        What was my experience with deployment of the solution?

        Yes but that was resolved.

        What do I think about the stability of the solution?

        Yes, sometimes the CPU and memory get to 99% utilization but when this happens no users are working and no updates for windows are configured.

        What do I think about the scalability of the solution?

        Yes, somewhat.

        How are customer service and technical support?

        Customer Service:

        The level of customer service is bad because support is very pathetic.

        Technical Support:

        Support is very pathetic.

        Which solution did I use previously and why did I switch?

        No

        How was the initial setup?

        Straightforward

        What about the implementation team?

        In house

        Which other solutions did I evaluate?

        Yes

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Network Support Analyst at a non-tech company with 501-1,000 employees
        Vendor
        Cisco's license is more expensive than Fortinet - that was the tipping point for why we changed to Fortinet.

        What is most valuable?

        The two most valuable features are VPN and firewalling.

        How has it helped my organization?

        Fortigate 300c is a very robust product, unlike Cisco ASA Firewall, you have already the web gui interface inside the device. Although they the same concept. Fortigate 300c has one of the easiest gui configuration compared to ASA Firewall, where you can lose your way.

        For how long have I used the solution?

        I have been using the solution for 2 years. It has served as an SSL VPN server.

        What was my experience with deployment of the solution?

        So far, I haven't encountered any issues and that was the first time I implemented it. I just followed some concepts with Cisco ASA firewall and 2 hours later I finished configuring SSL VPN with 3 different capabilities.

        What do I think about the stability of the solution?

        None so far.

        What do I think about the scalability of the solution?

        None so far, well it depends with license of the vpn. You need to purchase it and discuss it with the vendor.

        Which solution did I use previously and why did I switch?

        Before I was to implement ASA for SSL VPN, it was already working. My boss told me that we would be implementing Fortigate instead. He told me that Cisco's license is more expensive than Fortinet so I think that was the tipping point for why we changed to Fortinet.

        How was the initial setup?

        Yes it was, when you plug-in to the Fortigate Manager there is this wizard that will guide you to making it work basically, and that was it.Afterwards you can add your additional features as your company needs. The initial setup took me just 10 or 15 minutes.

        What about the implementation team?

        Through a vendor team. On a scale of 1 to 10, I would rate them 8. The representative from the vendor seems to know the basics of the product but when it comes to troubleshooting he seems to lack information. He had to come back the other day just to provide a solution for a specific issue.

        Which other solutions did I evaluate?

        We only evaluated two, Cisco and Fortinet.
        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user69804
        Engineer at a tech vendor with 51-200 employees
        Vendor
        I've been with Fortinet for 8 years now. Even when not considering anything else, I still consider other vendors
        I'm obviously a fan of the FGTs - I'm aware of the solutions to the "problems" many newcomers experience. I'm comfortable. But maybe too comfortable. Though I've just introduced my new employer to Fortinet, you must always be objective in your search for proper hardware. Do your homework, cross the T's and dot your I's. Even when not considering anything other than a FGT, I still consider other vendors - that doubt, nagging or gnawing at the back of my brain. And even when I force myself to be unbiased, the FGT line always wins. I WANT to move on; it's time - I've been with Fortinet for 8 years now. But they somehow keep winning my loyalty. And it's not with unending bugs. The Hardware is legit; it's tight. It's fast. It's pretty - LOOK! They come in WHITE now! How…

        I'm obviously a fan of the FGTs - I'm aware of the solutions to the "problems" many newcomers experience. I'm comfortable.

        But maybe too comfortable. Though I've just introduced my new employer to Fortinet, you must always be objective in your search for proper hardware. Do your homework, cross the T's and dot your I's.

        Even when not considering anything other than a FGT, I still consider other vendors - that doubt, nagging or gnawing at the back of my brain. And even when I force myself to be unbiased, the FGT line always wins. I WANT to move on; it's time - I've been with Fortinet for 8 years now. But they somehow keep winning my loyalty. And it's not with unending bugs. The Hardware is legit; it's tight. It's fast. It's pretty - LOOK! They come in WHITE now! How Apple. The point is, FGTs are just doing it and doing it and doing it well. I continue to get creative with design and implementation, and they continue to flex and perform. Unique configurations not possible with other Vendors I've worked with. They have their shortcomings in areas; ALL vendors have their shortcomings - aware or not. But which shortcomings mean nothing to you?

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Systems Engineer at a healthcare company with 1,001-5,000 employees
        Vendor
        Fortinet has a strong reputation at the high end, but for midsize shops there are more affordable options
        I pulled our organization off Fortinet a year ago for three reasons - the high cost, the constant bugs in code that either blocked access that should be allowed or general failures during system updates, and the killer - a poor design on their clustering which caused configuration corruption to pass from the primary to the secondary. Oh, let's not forget the static ram exhaustion that began the cluster failure to begin with. I can understand the limitation of static ram, but the decision to solder that in place (making replacement impossible) meant that particular unit has roughly a 4 year lifespan. I am well aware that Fortinet has a strong reputation at the high end, but for midsize shops there are more affordable options that seem to need less hand-holding.

        I pulled our organization off Fortinet a year ago for three reasons - the high cost, the constant bugs in code that either blocked access that should be allowed or general failures during system updates, and the killer - a poor design on their clustering which caused configuration corruption to pass from the primary to the secondary.

        Oh, let's not forget the static ram exhaustion that began the cluster failure to begin with. I can understand the limitation of static ram, but the decision to solder that in place (making replacement impossible) meant that particular unit has roughly a 4 year lifespan.

        I am well aware that Fortinet has a strong reputation at the high end, but for midsize shops there are more affordable options that seem to need less hand-holding.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        ITCS user
        Network Manager at a educational organization with 1,001-5,000 employees
        Vendor
        Fortigate is Hard to Beat for the Money
        Fortinet has been a darling of the stock market ever since its IPO in 2009 as its stock price has accelerated over recent years. Its stock performance has mirrored the adoration that its line of security devices consistently receive. Fortinet is the current UTM market leader, boasting a 20% market share. Fortinet is now expanding out of its core SMB strength and into the large enterprise market where the increasing performance of its solutions are making it attractively priced. In Gartner’s latest Unified Threat Management Magic Quadrant (UTM) Fortinet is listed at the top of the leader quadrant. Says Gartner, “We believe attributes that contributed to the leadership position include Fortinet’s high awareness in the industry, in Gartner client’s short-lists and in…

        Fortinet has been a darling of the stock market ever since its IPO in 2009 as its stock price has accelerated over recent years. Its stock performance has mirrored the adoration that its line of security devices consistently receive. Fortinet is the current UTM market leader, boasting a 20% market share. Fortinet is now expanding out of its core SMB strength and into the large enterprise market where the increasing performance of its solutions are making it attractively priced.

        In Gartner’s latest Unified Threat Management Magic Quadrant (UTM) Fortinet is listed at the top of the leader quadrant. Says Gartner, “We believe attributes that contributed to the leadership position include Fortinet’s high awareness in the industry, in Gartner client’s short-lists and in competitive situations; Fortinet’s aggressive price/performance.”

        A UTM or Unified Threat Management device is a firewall that includes other features as well. The Fortinet UTM package includes gateway firewall, anti-virus, web filter, intrusion protection, application control, VPN, email filtering and WAN optimization. Think of it as the “Everything Box.”

        There line of UTM security appliances is called the Fortigate series. It offers an appliance to meet every type of network, from the home office to large enterprise networks, as well as Managed Security Service providers. Its smallest unit, the Fortigate-20C, also serves as a wireless router and offers four internal switch port in addition to a WAN port. At the top of the food chain is its new 5000 Series chassis based network appliance. It supports two, six, or fourteen FortiGate-5000 series network security blades, and allow you to scale security and customize your unique environment. These large units are ideal for virtual infrastructures as they can control up to 3,000 virtual domains.

        The admin console for the Fortigate is browser based. Sometimes, browser based can have a cheesy rudimentary look but not with the Fortigate. Navigating the Fortigate is simple with its expandable menu. The admin console opens up to a Dashboard which displays a series of widgets that the administrator can populate according to their needs. It also comes with a command line interface which can be accessed through the admin console itself or through Putty.

        Like all UTM appliances, the Fortigate units do some things better than others. Its web filtering is certainly more than suitable for most environments but if you are looking for super high granularity with a complicated array of user based filtering and exceptions, you probably would be better suited with a dedicated filtering appliance. The same probably holds true for its email filtering as well.

        With this in mind though, what IT professionals are looking for first and foremost in a UTM device is security, and this is what Fortinet does best. Configuring the firewall of the Fortigate is a breeze. Simply create your firewall objects, consolidate them into groups if possible, and then create your policy rules. You can right click on any of your policies to view a separate context menu that will allow you to do things such as delete, move or edit the policies.

        Integrating the other core components with your firewall policies is a snap. Simply apply the various UTM services you desire to the designated policies. For example, you would enable email filtering only to the rule configured for email traffic. You would then configure web filtering for the rule regarding your HTTP and HTTPS traffic while you would apply anti-virus to both rules.

        Backing up and restoring your Fortigate configurations is as simple as clicking a single link and can be completed in less than a minute. Fortinet is continually releasing new builds and updates for all of its models. Simply download these firmware upgrades to any local device and click the update link and browse to the downloaded updates. You can revert back to an older firmware release at any time. Some of the more robust Fortigate models can be clustered into active-active or active-passive configuration.

        Fortinet recently released version 5 which among other things includes Mobility Management. This feature does not include an additional license and is ideal for those organizations who allow BYOD devices.

        If you browse some of the UTM discussion boards out there, you will find the phrase, “can’t beat it for the price” when discussing the Fortigate. The combination of its strong UTM features with a very affordable price point should certainly put Fortinet on the short list for any organization shopping for a new UTM appliance.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        it_user69351
        Network Engineer at a construction company with 1,001-5,000 employees
        Vendor
        Fortinet vs. Palo Alto
        I work with both Fortinet and Palo Alto.
 For me, the advantage of Palo is visibility, reporting and user authentication. Fortinet is easier and faster to configure.
 A commit on a Palo Alto is very long when we are used to have a direct modification of Fortinet.
 Virtual wire on Palo Alto is much more easier than transparent mode of Fortinet, it's really useful to prepare an integration or a demo in real situation and the tap mode is cool for that too.

        I work with both Fortinet and Palo Alto.
 For me, the advantage of Palo is visibility, reporting and user authentication. Fortinet is easier and faster to configure.
 A commit on a Palo Alto is very long when we are used to have a direct modification of Fortinet.
 Virtual wire on Palo Alto is much more easier than transparent mode of Fortinet, it's really useful to prepare an integration or a demo in real situation and the tap mode is cool for that too.

        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        Buyer's Guide
        Download our free Fortinet FortiGate Report and get advice and tips from experienced pros sharing their opinions.