We performed a comparison between Fortinet FortiOS and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."Initial setup is easy to configure."
"FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
"Its performance in fulfilling our requirements has been satisfactory."
"It is very flexible to use."
"Whenever I need something, Fortinet improves and updates the software for me."
"Security management tool that's easy to integrate and easy to work with. No issues found with its stability and scalability."
"The most valuable feature of Fortinet FortiGate is URL filtering."
"The solution can scale well."
"The solution is very user friendly."
"The most valuable feature of Fortinet FortiOS network segregation, UTM, and antivirus, freight management protection, such as DDoS. Additionally, the CLI and the GUI are easy to use. The architecture makes sense, and the command in the CLI are organized well. They have quite a lot of features are easy to use, and are user-friendly. Any novice can use Fortinet FortiOS without an issue."
"The initial setup is easy. It's the easiest firewall installation process on the market. I work with three or four other products and this one is the easiest."
"FortiOS's most valuable feature is a next-generation firewall that can be used as the APT solution in advanced threat protection."
"The technical support is very good and the assistance they gave was very good."
"The most valuable features of Fortinet FortiOS are the SD-WAN, SSL inspection, and IDS/IPS functions."
"What I like about this solution, is that it is the only solution that currently offers VPN for clients."
"The classification of the websites is helpful."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"The solution is currently used as a central threat detection and response system."
"It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"There aren't really any negative aspects to discuss."
"It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics."
"We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved."
"Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why."
"Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure."
"FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."
"One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
"MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA."
"Some features I have found to be hidden and cannot be accessed through the graphical user interface, you can only access them through the command-line interface(CLI). All the features should be accessible through the graphical user interface."
"Right now, all the features meet my requirements."
"In terms of what needs improvements, the troubleshooting could use improvement. When we work with other products like Cisco ASA, Palo Alto, and Check Point, we see a big difference in the troubleshooting. It's not easy to find a report."
"In terms of what needs improvement, the pricing could be lower. The price is very steep."
"Their technical support needs improvement."
"There are some features for FortiGate using FortiOS that can only be enabled via a command line. These aren't very advanced features they have been part of FortiOS for quite some time but they still aren't accessible from the graphical user interface. It makes it a little bit harder than it should be for us to manage the solution. That's my main concern with the user interface. Another concern we have is some elements for the user interface, if they're not properly configured, it could lead to hardware and performance degradation."
"I would like to see more statistics in the monitoring part."
"I want to see a better integration or a better integration with the endpoint protection or with EDR with the security life cycle."
"The solution's marketing is not good."
"The rules for threats are not always precise and Vectra AI should improve this."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."
"The false positives and the tuning side of it is something that could use improvement. But that could be from our side."
"We have a lot of system solutions and integrations with system solutions. Vectra is a type of black box. It implements AI-informed detection mechanisms, but we cannot create system detections. I understand that the product is designed this way, but it would be great if we could create our own detections as well."
"For S&D account scans, it would be easier if Vectra AI could triage with users. If a client uses a lot of accounts, then it could indicate that these accounts are benign, for example. That would help a lot."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
Fortinet FortiOS is ranked 15th in Firewalls with 73 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Fortinet FortiOS is rated 8.4, while Vectra AI is rated 8.6. The top reviewer of Fortinet FortiOS writes "Provides effective filtering features, good stability but initial setup is moderately challenging". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Fortinet FortiOS is most compared with Fortinet FortiManager, Fortinet FortiGate-VM, Fortinet FortiWeb, Darktrace and Huawei NGFW, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and SolarWinds NetFlow Traffic Analyzer.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.