We performed a comparison between Fortinet FortiGate and Zscaler Internet Access based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering."
"The IPS is good. It protect my network from attackers."
"The most valuable feature of FortiGate is FortiView which provides proactive monitoring."
"The most valuable features of Fortinet FortiGate are the ease of use and the UI. It has always provided me with what I needed. I have no need for additional costs that other solutions have, such as Sophos."
"It's quite comfortable to handle the FortiGate firewall."
"The SD-WAN is the most valuable feature."
"Initial setup is straightforward. There weren't too many issues with setting it up. It takes one hour or so."
"It has improved our organization with control data."
"The policies are very intuitive and easy to configure, with very little possibility of messing things up."
"The most valuable feature of Zscaler Internet Access is that it is a consolidated solution, it comes with many features, such as DLP."
"Zscaler excels in security protection and the cloud is always up-to-date. It does not matter if you are a small or big organisation, you will receive the same security quality."
"Zscaler Web Security protects our users in remote locations from internet threats - even if they are not connected to our network."
"Overall, we're very happy with our product."
"The best thing about Zscaler Internet Access is the website filtering. In the UAE it's quite an important feature because most of the malware comes through the SQL injection and through downloads from websites. Zscaler helps protect against that."
"The protection is most valuable."
"The initial setup was straightforward. The biggest thing for us was to build our own policies. The deployment itself was only a few hours."
"They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
"The support is the main thing that needs to be improved."
"In some cases, its initial setup could be hard for customers."
"Fortinet Fortigate could benefit by simplifying some of their processes."
"It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."
"Compared to some other products, the DLP is not at par for the moment."
"The solution could have licensing fees reduced in the future."
"It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features."
"They should enhance the audit reporting feature."
"The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments."
"The solution can be improved by advancing some of the newer technologies such as the DLP feature, and adding email security."
"The price of the solution could be improved."
"Zscaler should provide adjacent services, which would be complementary to their current offering that could to be more pragmatic for a customer. For example, if you take Akamai, you get multiple sets of services, all depending on the customer and the strategy and the complexity and the problems. In some areas, they are more varied in terms of coverage."
"One thing that they could improve is the ability to import rules from other platforms."
"In terms of user experience, it could be better."
"Zscaler Internet Access needs to integrate more ISPs. It is good to have more than three ISPs."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 46 reviews. Fortinet FortiGate is rated 8.4, while Zscaler Internet Access is rated 8.2. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Zscaler Internet Access writes "Provides integrated CASB and file sandboxing but could be less expensive ". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and WatchGuard Firebox, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Microsoft Defender for Cloud Apps, Netskope , Prisma Access by Palo Alto Networks and Appgate SDP. See our Fortinet FortiGate vs. Zscaler Internet Access report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Bluecoat and Forcepoint offer credible solutions. Think through where your users are and what they connect to. A mobile workforce may need an agent and a cloud gateway (unless you force them back to base over VPN) but may give problems if connecting to sites that whitelist you by IP. And not all providers have good global breakout points. Be particularly careful if you work in China.
My recommendation is Cisco Meraki MX84 with advanced security license (its have two kind of license Advanced security and Enterprise licenses).
I recommend Fortigate
All FortiGate appliances are powered by the FortiOS™ operating system with the following features and benefits:
Features. Firewall, Virtual Private Networking (VPN), AntiVirus, Intrusion Prevention, Web Filtering, DLP, and anti-spam; AntiVirus /Antispyware
Answer is , it depends... If you do any web based business with Banks or Governments then get a hardware solution like Bluecoat or Fortinet because web based providers can not provide you with a static source IP and you will fail security checks. I've been involved in corporate moves to the "cloud" using Zscaler and both went very wrong, very fast, a year later and they still have monthly outages because of the "cloud" providing random source IP's. If this is for a public internet access outside of your corporate network then you should be fine otherwise I suggest hardware you control.
This is a "how long is a piece of string?" type question. As the other vendors have said it is hard to recommend something fully without knowing all the background. Your background did stipulate that you had multiple sites and you were growing. Having a traditional deployment scenario will mean that you need to have a "box" at each site and add more boxes as you add more sites. Going with a more modern solution like Zscaler will allow more rapid growth opportunities - just add users, no matter where they are - also this allows you to restrict with a single policy in the cloud rather than on each device.
AS others have said, be mindful of the proximity of the Zscaler because of latency, but they do have >100 POPS which you will probably find pretty local.
Overall, there is a lot more research you can do, but I'm leaning towards a cloud offering from the branches. You might consider an SD-WAN device at each branch that also has FW built in. This would give you connectivity resilience at a much lower price, but perhaps this is a debate for another day :-)
Cisco Meraki is an excellent solution in the cloud, has AMP included and can be integrated with Umbrella and Thread Grid.
We use Fortigates for web filtering and security. We are a global company with > 10,000 users.
This protects all users on our internal network. Remote users can use the Fortinet FortiClient for remote AV and web filtering protection.
We used Zscaler several years ago but we were unhappy with latency for complex websites and managing PAC files was difficult.
Since you are going for a web security. Zscalar web security solution will be my recommendation considering its robust features and vast threat intelligence base. It is best you go for the cloud solution since you are working across sites.