Fortinet FortiGate IPS Reviews

We use the solution for a large government customer. We helped them migrate from Check Point to Fortinet FortiGate. The customer had a lot of applications that are accessed by HTTPS. It was necessary to put some protection in place to prevent certain internet access. They have a reverse proxy published behind FortiGate. The reverse proxy balances the servers.

FortiGate uses IPS profiles for the reverse proxy. The operation system is Linux, and the server is Apache with HTTPS of medium, high, and critical severity. FortiGate is used to inspect the connections between the servers and the customers. It is used to protect the environment.

We use .NET services to block IPs. We use the tool’s features to prevent access to classified IP addresses. We use ISDB to prevent network access to malware, botnet, BitTorrent networks, and mining for cryptocurrencies.

We prevent access to certain classified addresses to stop attackers from understanding our environment. Attackers try to study the environment to explore its vulnerabilities and attack us. The solution protects the environment from internal and external threats.

Our customers have a specific application for two-way inspection. Two-way inspections are not possible in FortiGate. It is usually available in load-balancing solutions like F5. It would be a good improvement if the product provides two-way inspection features in the next release.

I have been using the solution for five years.

The support is good. We need to raise specific tickets for specific problems. If we have any issues, the team helps us solve them.

Positive

It is easy to deploy the solution. The configuration of the firewall is simple.

The protection of the customers’ networks is our return on investment. The integration with FortiAnalyzer allows us to see the traffic and perform troubleshooting. Creating a profile with IPS does not require many steps. The level of protection provided by the tool is better than other vendors.

Fortinet FortiGate is better compared to Check Point.

Overall, I rate the product a nine out of ten.

We're a healthcare company and use the solution in many ways. It builds a tunnel between the customer and our office. We use it for directing applications. It clears application problems based on latency and packet loss. People working from home can connect to the VPN in a secure way as well. 

We like the accessibility it provides.

Every process we do is underwritten under Fortigate. 

When we have to access the tunnels, we can use a VPN to access applications from the customer. 

We can dig into the security and enforce security policies. Everything is controllable from the server. 

It is easy to set up. 

The solution is stable.

It's reliable.

Technical support is helpful and responsive. 

Fortigate is always innovating. I'm not sure if any improvements are needed.

We'd like to have multi-factor authentication via fiber.

I've used the solution for six to seven years. 

The solution is stable. I'd rate it eight out of ten. There are no bugs or glitches, and it doesn't crash or freeze. 

The solution scales very well if it is the cloud. If there are hare hardware pieces involved, and more users are added, we have to swap out the hardware box. 

Most SMBs are on this solution. We have 20 to 50 customers on the product.

Technical support is very good. 

Positive

We have a mixed environment. We have Cisco and Fortigate. Whatever is needed is what we will use. 

The initial setup is easy. I'd rate the ease of setup nine out of ten. The deployment depends on how long it depends on the design and implementation needs. It might take about a month. Most of the infrastructure is static. 

Right now, we have three people who are able to handle deployment and maintenance. It does depend on what kind of network it is. 

We handled the implementation ourselves. We are certified in Fortigate. We only depend on a vendor for the hardware part and any related warranties. We can do the configuration and building of the firewall. 

I'm not sure of the exact pricing. My understanding is it is pretty pricey. I'd rate it seven out of ten. 

We are a customer and end-user.

Fortigate is a one-stop solution for all network needs. There are many features that are embedded into the firewall. The more you use it, the more options will be revealed. It's very strong on the market.

I'd rate the solution nine out of ten overall. 

I'm a reseller with clients in industries ranging from healthcare to banking and manufacturing. My customers use FortiGate IPS for network protection and segmentation. 

I like FortiGate's zero-trust capabilities and protection against zero-day threats. Zero-day threat protection is critical because we're seeing constant changes in the threat landscape. The sandboxing and web access controls are also robust. 

FortiGate IPS is somewhat pricey compared to other solutions. There is also room for improvement in terms of the radio signals. The FortiGate WiFi has a relatively short range. I've found there is a lag in its zero-day malware response that could be better, and FortiGate could integrate better with other brands of equipment or identity management solutions.

I have used FortiGate IPS for more than five years.

I rate FortiGate IPS nine out of 10 for stability. When we've had problems with the platform, they were mostly configuration issues, not the fault of the product itself. 

I rate FortiGate IPS eight out of 10 for scalability, but we haven't scaled it up that much. We would have a better idea of its scalability if we used it on a bigger project. We can say with certainty that FortiGate is scalable enough for the needs of small and medium-sized enterprises. 

Most of our clients are small and medium-sized companies, but we do some smaller projects on the enterprise side, like consultation and subcontracting. 

I rate Fortinet support eight out of 10. They're generally quite good, but sometimes the response is slower than I would like. When you're paying for support, you usually expect a response in a day or so, but it took Fortinet two or three days to address an issue once. That was the only time I got a slow response. They are usually much quicker. 

Positive

I rate FortiGate IPS eight out of 10 for ease of setup. We do on-prem and cloud deployments. It's a hybrid cloud setup where we install FortiGate on virtual machines from AWS. We can typically deploy FortiGate in a day. It might take two days if our client needs a lot of configuration work. 

I rate FortiGate IPS two out of 10 for affordability. It's more expensive than competing solutions. It ranges between $1,000 to $7,000 depending on the model. They offer one-year or three-year licenses. 

I rate Fortinet FortiGate IPS eight out of 10. If you're already using Fortinet, I recommend staying with it. However, if you want to reduce your costs, you can consider other solutions like SonicWall, Sophos, or Palo Alto. Fortinet is an excellent cybersecurity solution, but it's expensive.

We have FortiGate with all the licenses - antivirus, IPS, and advanced threat protection. It's a combination of protection in the perimeter. We have configured some rules for IPS protection in the FortiGate perimeter.

We use it as part of a combination of protections because we have the DMT virus, the IPS, and WOFF option. We protect our services like Apache, our website and the internet.

We configure the rules for the Windows server, the Linux server, and Apache and AIS.

The feature that I find most valuable is its protection of the websites.

I would like to be able to generate reports about the protections that we have. I would like a report feature.

For example, I would like to see that in VPN and FortiGate, that the equipment that connects to the network is evaluated. Right now, FortiGate validates the users in the active directory and the users have the right permissions to connect. I would also add the user and the computers that are allowed in the active directory. It evaluates the actual active directory, and some computers are allowed but not all. Only the computers that are in the active directory. Right now, when you connect to the VPN, FortiGate checks the active directory. They have the check feature but it should be improved.

This solution has records but I would like to see that in IPS you could define your rules - we have almost 10 or 15 rules, and see if these rules provided protections over the month. For example, to track a specific rule across the IPS solution.

I have been using Fortinet FortiGate IPS for five years and Cisco for about eight years.

Yes, it is stable. The solution protects us from attack. We have heard that other companies are being attacked, but we are not since we installed FortiGate.

The way the configuration was supplied was correct and we don't have any events. But we heard about other, similar companies, that do have events, but we don't.

Fortinet FortiGate IPS is scalable.

In our case, we are a company of 100 employees and we selected a solution for 250, so we didn't have the need to scale because we designed it from the beginning for more people. We are still using it after five years. We have to change the equipment because they don't allow us to migrate to a new version. In the renewable licenses, they offered me a trade-in and I returned the last FortiGate and they gave me the new FortiGate. I have the FortiGate 600D model. After five years we had to change the equipment. With Cisco, for example, you can keep going. I have the same model with Cisco for eight years and I didn't have to change it. But in FortiGate, after five years, I had to trade it in.

The technical support is excellent. I prefer to open a case directly to FortiGate because I can have a session with a technical contact, and we can review the case directly with the support. We also have some protocols, like BGP in the perimeter, and in two cases, I needed the support person to connect me to another person for technical support to help me with our special protocol.

The support is 24 hours.

The initial setup us is easy and friendly.

It took almost a month. In a month, we deployed all the FortiGate with the features and the rules.

My advice to anyone considering Fortinet FortiGate IPS is that it is important to set the right rules and set all the configurations to make them preferred for a partner. The partner makes all the rules that the company needs because if you stay the course, although it's easy and friendly in the beginning, some configurations need a common line and require you to design how it works right around the network. So it is important that you take a partner who has experience with designs and can implement the correct solution for your company.

On a scale of one to ten, I would give Fortinet FortiGate IPS a nine

Fortinet FortiGate IPS utilizes the main firewalls.

Fortinet FortiGate IPS is a very good firewall. We don't have any complaints, it is doing its job correctly.

The functionality is good.

It's simple to operate and use.

There are various firewalls on the market, but we found Fortinet to be the most appropriate for the structures we have in place for our company. It is simple to comprehend, run, and maintain. The logging method is effective; it provides us with a clear picture of how threats are deflected or avoided.

When everything is taken into account, the migration is quite painless. I believe that improvements will continue to come from the fact that as threat vectors get more complex around the world, advanced threat protection and deep packet inspection will become increasingly vital. That is where technology needs to advance much more quickly.

The most important feature to have is zero trust, which is lacking in Fortinet FortiGate IPS.

Zero trust is something that has to be embedded and I would still like to see how Fortinet approaches it.

I have been working with Fortinet FortiGate IPS for a couple of years.

This solution is updated on a regular basis.

The Fortinet FortiGate IPS is an extremely stable product.

I can't speak to scalability because we are getting started with virtual machine-based firewalls. We are transitioning to FortiGate VM.

In our organization, we have 3,000 users.

The technical support is good. They are made up of experienced professionals.

The initial setup is very straightforward.

This solution is maintained by one person. We are using AMC services, which includes multiple people, but we have only chosen one.

During the deployment phase, we always utilize the assistance of an integrator. Working with them was a good experience for us.

The licensing costs are very competitive.

There are no fees in addition to the licensing costs.

When evaluating the solution, we wanted to make sure that it was simple to use, operate, and simple to maintain.

We have done a lot of research because we're bringing in the cloud version. We considered other vendors, but because we already had an on-premises Fortinet with a robust backend monitoring system, we decided that extending Fortinet into the Cloud was the best solution.

Gaining a good understanding of the simplicity of cloud migration will take about two months. It's not so much the implementation as it is the services that support it.

Before proposing a solution, it was critical that they have a progressive awareness of what we have and that they comprehend our requirements.

Because Fortinet was involved, we were reassured that they were acting in our best interests.

We also utilize the VPN with Fortinet, but we intend to go to zero trust in the future, eliminating the need for this dependency.

We are expanding our Fortinet for our cloud security. The VM will be implemented in our public cloud, which is where we operate.

I wouldn't say it's specific to FortiGate; it applies to all firewalls. You should consider the simplicity of the task at hand, as well as the convenience of deployment, maintenance, and, most crucially, the availability of qualified personnel to carry it out. These are the reasons we chose Fortinet.

I would rate Fortinet FortiGate IPS an eight out of ten.

Our company uses the solution to prevent traffic that is not supposed to be traveling through our firewalls. When we find log issues, we easily fine tune the IPS to block that traffic so it cannot penetrate our environment. 

We have 300 users in a hospital-to-hospital environment where traffic is transmitted through the firewall and intercepted by the IPS for monitoring. 

The solution effectively blocks unwanted traffic. 

It would be helpful to have a better tool for migrating all policy rules using an automatic script. The current tool does not place entire configurations in their desired locations. It takes time to manually configure for compatibility across different platforms or vendors. 

I have been using the solution for five years. 

The solution is very stable. 

I have not needed technical support. 

We migrated from Cisco to the solution. 

The setup is simple and straightforward. Knowledge-based documents are available and useful for setups. 

We implemented the solution in-house. We migrated from Cisco to the solution so it was more of a deployment situation. 

We had some deployment challenges but managed to overcome them. It took an entire day to get the environment running because we could not use the scripting tool for naturals so had to do them manually. 

There is no ongoing maintenance because the solution is not a device, but rather  a software blade provided as a checkpoint within FortiGate. 

The pricing is based on a licensing model for each IPS in your environment. The solution is included as part of the IPS license and automatically updates to the latest version when firewalls are updated. We are currently on a three-year licensing model. 

The solution is a good tool to have in place. Most vendors provide a software blade with their firewalls but it is disabled because it uses too much CP or memory. It is important to enable the tool every time to prevent environments from being intruded by attackers or threats. 

I rate the solution an eight out of ten.  

Our infrastructure includes both FortiGate (81E series) and Cisco Meraki appliances, and we have fully integrated FortiGate IPS with these devices. Essentially, whenever I secure the WAN and LAN and enhance them with security profiles, I will use the IPS's Web Filtering and Application Control features.

The most useful feature of FortiGate IPS for me is Application Control.

FortGate's IPS reporting could be made better by giving more details regarding the source and destination of network traffic when it comes to the overview section. This would allow me to more easily follow the flow of traffic based on IP addresses, without having to integrate the IPS with other products that perform more sophisticated traffic analysis.

Another improvement, that may only tangentially relate to the IPS, would be to include more functionality and details regarding SD-WAN (such as the ISDB), in order to make it more secure.

I've been using Fortinet FortiGate IPS for about seven years. 

The stability is fine, but it would be even better if we were to deploy another appliance for higher availability of access, such that there is no downtime at all.

The scalability of the IPS fits my current needs well. If we were to take on more users, however, we would likely have to change both our appliance and the license.

The support is good because, although the response time for tickets may occasionally take some time, at the end of the day they have always solved the issue at hand. What is also nice is that they can connect with you remotely and help support you at any point.

Positive

The setup was easy for me because I deploy appliances off all kinds and sizes, large and small. I would give the setup a 4/5 in terms of ease.

I pay €1,200 per year for the license along with Fortinet's 81E firewall appliance. I would rate this pricing as 3/5 stars, and I believe the price is reasonably similar to its competitors in the market, being somewhere in the middle.

Given my experience and the fact that FortiGate are a leader in the market, I would rate FortiGate IPS a nine out of ten.

We use the FortiGate IPS solution to analyze malware. When we receive attacks, we analyze the IPs.

The product has an inbuilt IPS software. We can configure it to block specific anonymous attacks that are happening.

They should provide us with a CSV number for patch updates. It will help us block specific signatures as well.

I have been using Fortinet FortiGate IPS for four years. We are using the latest version.

The product is stable, but we need to monitor IPs as new patches are released daily. Attackers will use these new patches to develop new attack methods and signatures. We need to ensure that our FortiGate IPS is up-to-date with the latest patches. We can get the logs and see if anything we have detected is suspicious. It includes programs, applications, files, or anything else. We investigate suspicious activity and act appropriately, such as blocking IP addresses or updating policy analytics.

The product is scalable. I sometimes have enterprise clients, but my client base is mostly small businesses. We have to implement the entire setup for them. In addition to the endpoint solution and firewall, we need to create IP addresses for users and define their services. Then, we can protect these resources from FortiGate by enabling the IPS upgrade.

There is a customer support portal number. We can create a case there and upload our details. They provide support services instantly.

Neutral

The initial setup is easy. The default CSV is already updated so that we can block those threats. We have to update the block list from the policy settings.

The product is expensive. I rate its pricing a six out of ten.

Enterprises use Fortinet FortiGate IPS because it protects government or critical infrastructure networks. For small businesses, IPS may be sufficient. Overall, I rate it a six out of ten.