2019-06-26T05:25:00Z

What needs improvement with Fortinet FortiOS?


Please share with the community what you think needs improvement with Fortinet FortiOS.

What are its weaknesses? What would you like to see changed in a future version?

Guest
2121 Answers

author avatar
Top 5Real User

Many things are missing from the interface that necessitates using the CLI, so it needs to be improved. When I migrated to FortiGate, there many things that I wanted to do, but couldn't. With FortiOS, you can use the router in two modes. The first mode is the profile mode, which is the starter mode that most use, but you have another mode that is a policy mode and is required before creating your firewall rule. The problem is that when you switch from one mode to the other, all of your firewall rules will be gone. This means that you have to decide if you want to use the policy mode firewall or a profile mode firewall. With policy mode, you can have granular control on the application on the firewall rule because the firewall rule works with the source destination protocol. With the application, you have multiple rules, one by one. As an example, you can have one for Skype or one for OneDrive, etc. On the source, you can add a group, and add people to the group, and they can have access to Skype and OneDrive along with others added. You can granularly control applications on the firewall rule with the policy mode, but you don't have access to the proxy mode rules. There are also issues with the antivirus, IPS, and you are forced to switch back to the profile mode where you have less granular control on the application. I have problems with the IPS stability and the antivirus in Policy Based Mode. If the file is bigger, then the antivirus doesn't check it. In policy Based Mode, There are many issues. (Firmware =< 6.4)

2021-04-16T22:15:42Z
author avatar
Top 10Real User

It would be great if they can push the Microsoft updates through Fortinet OS and provide a centralized patch management system. They should also include the data loss prevention (DLP) and data leakage prevention features. They could also add network monitoring more effectively.

2020-08-12T07:01:00Z
author avatar
Top 5LeaderboardReal User

The product really has everything that we need as far as features for this type of solution and our use case. It works fine for us. One thing that can be improved is the pricing model. It is currently subscription-based and I think they should probably try to change that.

2020-08-11T06:17:33Z
author avatar
Top 10Real User

Fortinet needs to make this solution even more robust. Sometimes when we get a DDoS attack, the cannot withstand it. We can run out of sessions very easily. That said, I suppose if you want more a robust system, then you could purchase higher-end solutions, which are more expensive. Still, I would like to see more protection from even in the low-end version. The pricing needs to be improved. It's quite pricey. In terms of the CLI, if they could make it more intuitive, and more user friendly, it would make the solution better. I like to work on CLI instead of through the GUI. If you are used to it then you wouldn't mind the way it works right now. However, for those that don't, there's just a sizeable learning curve.

2020-08-05T06:59:29Z
author avatar
Top 5Reseller

The solution's switches are lacking. They need more features added to them to build them out a bit. The switches are very simple if you compare them with other companies like Cisco or Aruba. Those organizations offer their clients much more. Technical support could be better. Some competitors have much more responsive support teams. I know the last version had NAC, network access control, added inside the firewall. It's a process, however. There's still work to do. The next version will be better. Right now, you can't authenticate other devices. You only can authenticate Forti devices and not devices from other companies. This could be the next addition to the solution that will make its performance even better.

2020-06-30T08:17:34Z
author avatar
Top 10Real User

Right now, it's very trendy to integrate everything into the cloud. This solution would be more effective if they did more integration in that regard.

2020-06-18T05:17:49Z
author avatar
Real User

The solution needs to adjust its pricing model. With the way they are structured, everything is very disparate and sold separately, and, depending on the solution, it can get quite pricey. The solution could be more intuitive. Especially when customers have access to it, it's not as simple and straightforward as some of the other devices I've taken a look at.

2019-08-29T08:53:00Z
author avatar
Top 5LeaderboardReal User

One thing that should be improved in future versions is an issue we have observed and had problems with a few times. When we try to reinstall a backup for FortiOS, you need to do a factory reset manually or you lose access to a device. I have experienced this situation a few times and it seems like something that should not be required and they should resolve.

2019-08-29T08:53:00Z
author avatar
Real User

Docker Container to have a good integration with kubernetes and more throughput as Cisco FP

2019-08-28T09:52:00Z
author avatar
Reseller

Their technical support needs improvement. All products have pluses and minuses. It will depend on a client's use case.

2019-08-28T09:52:00Z
author avatar
Top 10Reseller

In terms of what needs improvement, the pricing could be lower. The price is very steep. I would like to see in the next release that any client, even small ones from a home office, can run on any access point, not just the one that can be used with Fortinet. It should have an appliance that can be used to support and manage other access points. All the products should be uniform and easy to find.

2019-08-28T09:52:00Z
author avatar
Top 20Real User

I would like to see a drop in the license fees because it is a rather expensive program.

2019-08-26T06:42:00Z
author avatar
Top 5Real User

The policies and the way that they are applied can be improved. It could be more direct, as it is an issue for some people. Generally, policy management could be made better and simpler to deploy. The GUI could be improved to make it more usable, easier to administer, and easier to configure.

2019-08-26T06:42:00Z
author avatar
Consultant

For me, it is important to be able to block VPN applications, like Facebook, so I would like to see that included in the next release. With this version, if you want to block or allow a site, you now have to drag all the domains related to this site.

2019-08-25T05:17:00Z
author avatar
Top 5LeaderboardReal User

In terms of what needs improvements, the troubleshooting could use improvement. When we work with other products like Cisco ASA, Palo Alto, and Check Point, we see a big difference in the troubleshooting. It's not easy to find a report. In order to overcome the problem, you have to install FortiAnalyzer to help you find the troubleshooting problem. FortiOS has its limitations.

2019-08-25T05:17:00Z
author avatar
Top 10Reseller

While the product is good and does provide services we need for authenticating and establishing VPN connections, some time ago we had issues with logins. The login event and the performance for this feature were very poor but have improved.

2019-08-25T05:17:00Z
author avatar
Real User

The signature discs, compared to Palo Alto, aren't as good. It takes more time to get the signature updates. The solution should be on the cloud a bit more. There should be a cookie eater.

2019-08-19T05:47:00Z
author avatar
Real User

The solution is good, but they have poor marketing in Nigeria. They need to market their product better. They need to work on their support. Cisco has the best technical support. In comparison, Fortinet's support takes too long. If you are paying for SLAs, you should also get value from your SLAs. Right now, everybody is moving to the cloud. The solution has already worked on that aspect, and they are embedding security to the cloud. However, security can be more enhanced and as long as they continue to offer more protection I'll be happy.

2019-08-18T07:52:00Z
author avatar
Top 10Real User

The internet service is not as reliable in East Africa as in other parts of the world, and as such, the bandwidth that is required for updating the Fortinet OS should be reduced. I would like to see smaller and more frequent updates.

2019-07-28T07:34:00Z
author avatar
Real User

Reporting, having only recently migrated to 6.04 there will be some time to see what improvements have been made, with some of the menu changes and inclusions through the versions.

2019-06-27T06:06:00Z
author avatar
Real User

The complexity of the VPNs should be improved. Certain versions of the operating system don't function with our current Fortinet unit. For instance, we've got a 60D FortiGate at our branch offices and the 60D FortiGate doesn't support the latest version of the 40 OS. Because of this, certain Wi-Fi access points that depend on those operating systems don't function so well. So that has room for improvement. I'd like to see that happen.

2019-06-26T05:25:00Z
Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,820 professionals have used our research since 2012.