Fortinet FortiGate IPS Reviews

I work with multiple customers. Most are comfortable running IPS within their firewalls rather than deploying it. The standard deployment requires finding a service owner and training them on the platform. However, if I deploy a next-generation firewall with integrated IPS and VPN capabilities, it simplifies things. It's straightforward for someone to manage. Consolidating a VPN server, IPS, and standalone firewall into one appliance can be challenging for many customers. Fortinet's servers are increasingly popular.

Fortinet has serious vulnerabilities. Some of their interfaces are exposed to attacks. Since they are more prevalent, they may attract more attacks and have more vulnerabilities discovered.

If I'm incorporating FortiGate IPS, FortiGate firewall, Forti VPN server, or any other component into an existing Fortinet fabric, I already have a Fortinet analyzer and FortiManager. With this integrated Fortinet ecosystem, stability issues are significantly reduced. Additionally, inserting a standalone Fortinet device is much easier and much more accessible.

Customer support is fine and fairly responsive.

Neutral

We used Cisco products and operated within a Cisco ecosystem. Currently, Cisco is too expensive, but FortiGate IPS does not position itself as premium like Cisco.

The initial setup can be completed within a month with some IT security architecture by replacing IPS.

The product is expensive but comparable to Cisco.

There are limitations to consider, such as the sandbox capacity. Increasing the sandbox limit is essential for better integration with the firewall IPS, facilitating traffic offloading. Since my customers deal with heavy content, we often need to upload content for analysis by the IPS and sandbox. Thus, the system effectively fulfils its intended purpose. However, we do not need to assess features beyond what the customer requires. As long as we meet their specific needs and use case, it's satisfactory.

We're building a network of partners, you know, offering competitive pricing to engage in significant projects. Firewalls are pretty standard. The ecosystem issues may revolve around business support and pricing.

You need more considerable internal resources to manage it. For clients with a robust security solutions team, architects, and skilled developers who handle data and generate similar content, I would recommend Fortinet FortiGate IPS. These individuals should be capable of upgrading their packages and downloading them. If they are comfortable with Docker, they can deploy it as an appliance on a server.

Overall, I rate the solution a six out of ten.

We use FortiGate to restrict access from internal, external, and some applications from publishing to the internet. This solution helps us achieve our purpose.

The solution is user-friendly. Fortinet FortiGate IPS has a feature called SPVen. The solution is easy to configure, the activation is perfect, the tech support is good, and the back-end database is good.

Price is a major competitor in the market for solutions. When we compare solutions, it's important to consider the pricing. To stay ahead of the competition Fortinet FortiGate IPS needs to think about how to adjust pricing. Most people prefer to use Apollo setpoint.

I have been using the solution for over eight years.

I give the stability a nine out of ten.

I give the scalability a nine out of ten.

We have around 500 people including IT engineers and developers using the solution.

I have previously used Check Point IPS and switched to Fortinet FortiGate IPS because of the cost and because Check Point IPS requires separate licensing.

The initial setup is straightforward. We can do the basic steps in as little as 30 minutes. If we need to do more detailed work and fine-tuning, it may take longer. But the basics can be done quickly.

We completed the implementation in-house.

I give the pricing of the solution a six out of ten.

I give the solution a nine out of ten.

The solution's maintenance can be completed by one person.

I recommend the solution to other users.

Fortinet FortiGate is used as an inline intrusion prevention tool to detect and scan ongoing connections and data. It will take action, either by blocking or intimating in real-time.

Fortinet FortiGate's most valuable features are the UTM package which provides internet blocking restrictions and load balancing. Additionally, the solution is easy to use and the security reporting is good. The security fabric which they have launched Fortinet FortiGate IPS, it's very good in terms of giving details.

Fortinet FortiGate can improve performance. There was a huge challenge in terms of CPU and memory where the IPS engine would keep triggering. There were random spikes of overutilization in the CPU and memory resources. They have to work on CPU and memory stability considering these IPS engines. A few versions were very unstable.

The current Fortinet FortiGate IPS package has only standard options. If they could work around optimizing those packages for different needs it would be better. There might be a media company, or banking organization, which needs a different set of signatures and different bundles on priority. If they could segregate that in terms of organization and needs, or at least institutional-wise segregation, that could be great. 

I have used Fortinet FortiGate within the past 12 months.

Fortinet FortiGate could improve the stability, we used different versions and they were unstable over time which caused an overall device error.

The scalability of Fortinet FortiGate is a challenge. However, the cloud version is easy.

I have had to use the support a number of times when we had overutilization of resources.

I rate the support from Fortinet FortiGate a six out of ten.

Neutral

The initial setup of Fortinet FortiGate was easy. This is a common feature across Fortinet devices.

There is a license required to use Fortinet FortiGate with all the features. It has to be updated with the threats on an ongoing basis for the signatures to prevent threats and a license is needed to receive those security updates.

The price of the solution is worth it for the features.

My advice to others would be to have Fortinet FortiGate optimized. It is a good tool to be switched on and used in a live production environment. It is important to optimize rather than directly use the pro package, the full IPS package provided by the vendor. 

Fine-tuning the solution according to the organization's needs will help in optimizing the utilization of CPU and memory because the whole bundle has too many features which might not be needed for the organization. Enabling the solutions and running it on the first default mode and then optimizing it using the customized package, would help a lot in stabilizing the device.

I rate Fortinet FortiGate an eight out of ten.

We have to use Fortinet for the data center. We filter all the entries and all the requests towards servers in the data center, so we've set up Fortinet to receive all the requests and check them before sending them to the servers.

The fact that Fortinet FortiGate IPS can prevent and log malicious intrusions, tries, and attempts is great. We can replace them and check the logs to see what happened.

The speed of the detection could be improved. The prevention mechanisms and implementation are not easy and could be better. In addition, filtering and IDS could be added.

We have used this solution at my organization for over ten years. The biggest version we have is the 500E. But we have 60E and a lot of mid-range SMB firewalls, including DC ones using 500E. It is deployed on-premises.

We have no issues with stability.

It is scalable. 

We escalated a lot of technical issues during the deployment. I rate the technical support a seven out of ten.

Neutral

We completed the deployment by ourselves, and it took a lot of time to deal with the main data centres. The deployment took us more than nine months. We have 100 people using Fortinet FortiGate IPS in our organization, and our clients have more than 5000 users. It does not require a lot of maintenance.

We went with Fortinet FortiGate IPS because they're the best according to Gartner.

I rate this solution an eight out of ten. Regarding advice, prepare and ensure that the Fortinet product you choose is suitable for your situation and use case.

We have a Cisco ASA firewall. We have it at the border of the network in front of the internet. With FortiGate, we put it in the middle, then it works behind our server farm to protect our server farm from attacks, from viruses.

It is a strong firewall. 

The product offers many features. 

There has been no attack on our servers after we configured the FortiGate IPS. No more attacks are coming. We are very secure.

The initial setup is very easy.

I have found the solution to be stable. 

It's possible to scale the solution. 

So far, everything has been good for us. We haven't had any issues. 

While the security is good, we'd always prefer if it was even better to ensure protection.

I have three years of experience with the solution. 

It is a very stable product. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.

The solution can scale well. 

We have five engineers using the solution. 

A lot of medium and even small companies use the solution in our country.

I'd rate the solution eight out of ten.

If we run into issues, we can contact support. They are helpful and responsive. 

Positive

We used Cisco ASA IPS as our old IPS. It was old, and we needed a newer product. We also liked the FortiGate support of the UTM feature. It allows for the inspection of Layer 7 in a more effective way than Cisco ASA. It is advanced. FortiGate is very, very advanced.

The initial setup is very simple and straightforward. It is not a complex process. 

The deployment is quick. It only takes a couple of minutes.

We have two people that can handle any maintenance tasks. 

We search for details and watch videos and are able to handle the process by ourselves. It's a solution that's easy to learn.

We bought the solution three years ago, and it came with five days of training from the local company. It cost us around $73,000 for three years. 

It's expensive, however, compared to Cisco, it's not too expensive. 

I'm an end-user.

We are using the latest version of the solution. 

I'd recommend the product to others. 

We use Fortinet FortiGate IPS to filter intrusions from the internet as the Edge firewall and to protect our server farm.

We like signature-based anomaly detection and zero-day protection features. For zero-day protection, we use Cloud Sandboxing, so whenever the zero-day threat occurs, it automatically sends it to its Cloud Sandbox. After getting information from Cloud Sandbox, then the intrusion is defined.

Fortinet can add some Machine Learning and AI to improve its accuracy and give it an edge on IPS detection and protection. They have some machine language learning but can still improve using AI.

We have been using this solution for almost eight years.

It is stable, as it can be verified from Gartner's report and previously on NSS lab test reports. I rate the stability an eight out of ten.

It is scalable, and I rate the scalability a seven out of ten.

For level 1 and 2 support, our technical team can handle these cases in-house. But for higher-priority cases, we use Fortinet technical support. They have a technical assistance center in India and escalate to France for complex or higher-priority problems. I rate the technical support in India a six out of ten.

There is a lot of documentation from the vendor side for the setup, which is good, and we have some hands-on experience with the product. So with help from their technical assistance center and their system engineer, the setup is good.

The setup can be done in-house, but we have partners and colleagues with eight years of experience using the product, so we are comfortable with it.

The setup depends on customer requirements and the scope of the work. We rate the setup as difficult because it depends on the variety of servers. The more platforms there are the more signatures or IPS rules that need to be customized. So based on the requirements, we see the full list of servers and full features they want to protect, calculate the expertise level required and what needs to be deployed on the system to set it up. A mid-level consultant can deploy it, which can be completed within two to three days if the customer is clear on their requirements.

It has a competitive price. I rate the price an eight out of ten compared to other IPS solutions. Fortinet is a bit higher in terms of price.

I rate the solution a seven out of ten. 

At the moment, we are moving things around.

We were using the solution as a firewall, and for VPN access as well. We could do user creation on it and just allow users access.

It's very easy to manage things like the IPs or the URLs we need to whitelist. 

In terms of the user, we need to create one or just provide access. We have separate groups, which is useful.

The UI is also very familiar. It makes the solution easy to access and we find it easy to do the things we need to do thanks to the user interface.

It is easy to set up. 

Whitelisting could be better. We'd like to be able to automate more so we can whitelist in bulk. It would be ideal to have the ability in this tool or to have a tool that could plug in and allow us to do whitelisting in batches. 

I've been using the solution for more than a year. 

The solution is mature. It's been in the market for a long time. There are no bugs or glitches. The performance is good. It doesn't crash or freeze. It's quite reliable. 

I've only used technical support once or twice to deal with a few issues. They were helpful and responsive. Support typically answers very quickly, with results in minutes. 

Positive

We're in the process of moving to Palo Alto.

The solution is very straightforward to set up. The deployment took a maximum of one week. After that, we had everything up and running. 

I'm not aware of the exact cost involved in relation to licensing. 

I'm a customer and end-user. 

I've used the solution across two or three companies. 

Before choosing this solution, I'd advise users to ensure its capabilities match with the company's needs. 

I'd rate the solution eight out of ten. The UI is good, the solution is easy to implement, and it fits in with various environments. It's a good product.

Fortinet FortiGate IPS are used for intrusion prevention and for protecting from intrusion.

Fortinet FortiGate IPS has helped increase the efficiency of our network operations and we are experiencing fewer queries in the network and security domain.

The most valuable feature of Fortinet FortiGate IPS is its efficiency.

I have been using Fortinet FortiGate IPS for approximately one year.

Fortinet FortiGate IPS is highly reliable and stable. We have not had any major issues in network operations due to this firewall and security enhancements.

The scalability of Fortinet FortiGate IPS is good.

We have approximately 1,000 users using the solution. We plan to increase the usage of the solution.

I have contacted the support from Fortinet FortiGate IPS. The service was good but the speed could be better.

The initial setup of Fortinet FortiGate IPS is straightforward. The implementation can be done in two to three days. However, it depends on your network infrastructure and the configurations.

The implementation of Fortinet FortiGate IP can be done in-house if you have a good sizable team. However, in our case, we took the services of a consultant to migrate it.

We have a team of two to three people who can do the deployment and migrations.

I recommend this solution to others. It's a very stable, reliable, and scalable solution.

I rate Fortinet FortiGate IPS an eight out of ten.