I use the Fortinet as a perimeter firewall. All of the servers are on this Fortinet firewall. All traffic comes from the perimeters and email accounts and we also use it for this purpose.
Senior Network & Security Engineer at TransIT
Intuitive to use, easy to set up, and simple to set up
Pros and Cons
- "The solution is easy to use."
- "Overall, the integration could be better."
What is our primary use case?
What is most valuable?
The solution is easy to use.
It is a scalable product.
The solution is stable.
Its GUI is very intuitive.
I found the solution very easy to set up.
The IPS's correct application control is perfect.
What needs improvement?
Overall, the integration could be better. The FortiManager is likely not good. I can't use it as it is unstable most of the time. We'd like to have an SD-WAN for a sandbox, for the Fortinet perimeter. We'd like to be able to manage different boxes.
For how long have I used the solution?
I've been using the solution for two years.
Buyer's Guide
Fortinet FortiGate IPS
November 2024
Learn what your peers think about Fortinet FortiGate IPS. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability is great. There are no issues with crashing or freezing. There are no bugs or glitches.
What do I think about the scalability of the solution?
The product is scalable and easy to expand.
We have ten users on the solution. It is mostly the network team that deals with the product for the most part. We have 200 or so end-users as well that indirectly use it regularly.
We do plan to increase usage and would like to upgrade to a Fortinet perimeter firewall (a 501 model), however, on the financial side, it's difficult right now.
How are customer service and support?
Technical support is great. I called them twice in the last month and they were very helpful and responsive.
Which solution did I use previously and why did I switch?
We also have experience with Palo Alto products.
We had ASAs and other legacy firewalls that we used in the past.
How was the initial setup?
The product is very straightforward and simple to set up. It's not a complex process at all.
We have around 10 engineers that handle the operation, maintenance, and follow-up.
What about the implementation team?
We used partners as the integrator to facilitate anything with the vendor. It didn't take long and we were able to have different timelines for different deployment areas.
What was our ROI?
I have not witnessed an ROI.
What's my experience with pricing, setup cost, and licensing?
The cost of the product is reasonable. It's not overly expensive.
We pay a yearly license that renews every three years.
It's been two years since we set up the license. I can't recall how much we agreed to pay.
Which other solutions did I evaluate?
We looked at Fortinet and Palo Alto. Fortinet is well known in the industry, which is why we focused on it. It was reasonably priced and offered good efficiency.
What other advice do I have?
I'd rate the solution an eight out of ten. We're pretty happy with the product in general.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Infrastructure manager at a financial services firm with 1,001-5,000 employees
Excellent protection for websites, servers and more
Pros and Cons
- "The feature that I find most valuable is its protection of the websites."
- "I would like to be able to generate reports about the protections that we have. I would like a report feature."
What is our primary use case?
We have FortiGate with all the licenses - antivirus, IPS, and advanced threat protection. It's a combination of protection in the perimeter. We have configured some rules for IPS protection in the FortiGate perimeter.
We use it as part of a combination of protections because we have the DMT virus, the IPS, and WOFF option. We protect our services like Apache, our website and the internet.
We configure the rules for the Windows server, the Linux server, and Apache and AIS.
What is most valuable?
The feature that I find most valuable is its protection of the websites.
What needs improvement?
I would like to be able to generate reports about the protections that we have. I would like a report feature.
For example, I would like to see that in VPN and FortiGate, that the equipment that connects to the network is evaluated. Right now, FortiGate validates the users in the active directory and the users have the right permissions to connect. I would also add the user and the computers that are allowed in the active directory. It evaluates the actual active directory, and some computers are allowed but not all. Only the computers that are in the active directory. Right now, when you connect to the VPN, FortiGate checks the active directory. They have the check feature but it should be improved.
This solution has records but I would like to see that in IPS you could define your rules - we have almost 10 or 15 rules, and see if these rules provided protections over the month. For example, to track a specific rule across the IPS solution.
For how long have I used the solution?
I have been using Fortinet FortiGate IPS for five years and Cisco for about eight years.
What do I think about the stability of the solution?
Yes, it is stable. The solution protects us from attack. We have heard that other companies are being attacked, but we are not since we installed FortiGate.
The way the configuration was supplied was correct and we don't have any events. But we heard about other, similar companies, that do have events, but we don't.
What do I think about the scalability of the solution?
Fortinet FortiGate IPS is scalable.
In our case, we are a company of 100 employees and we selected a solution for 250, so we didn't have the need to scale because we designed it from the beginning for more people. We are still using it after five years. We have to change the equipment because they don't allow us to migrate to a new version. In the renewable licenses, they offered me a trade-in and I returned the last FortiGate and they gave me the new FortiGate. I have the FortiGate 600D model. After five years we had to change the equipment. With Cisco, for example, you can keep going. I have the same model with Cisco for eight years and I didn't have to change it. But in FortiGate, after five years, I had to trade it in.
How are customer service and support?
The technical support is excellent. I prefer to open a case directly to FortiGate because I can have a session with a technical contact, and we can review the case directly with the support. We also have some protocols, like BGP in the perimeter, and in two cases, I needed the support person to connect me to another person for technical support to help me with our special protocol.
The support is 24 hours.
How was the initial setup?
The initial setup us is easy and friendly.
It took almost a month. In a month, we deployed all the FortiGate with the features and the rules.
What other advice do I have?
My advice to anyone considering Fortinet FortiGate IPS is that it is important to set the right rules and set all the configurations to make them preferred for a partner. The partner makes all the rules that the company needs because if you stay the course, although it's easy and friendly in the beginning, some configurations need a common line and require you to design how it works right around the network. So it is important that you take a partner who has experience with designs and can implement the correct solution for your company.
On a scale of one to ten, I would give Fortinet FortiGate IPS a nine
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Fortinet FortiGate IPS
November 2024
Learn what your peers think about Fortinet FortiGate IPS. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
Sr Technician at a computer software company with 501-1,000 employees
Practically perfect in every way with superior marks for the VPN services
Pros and Cons
- "The initial setup is straightforward."
- "We have not had to reach out to FortiGate support yet and that is a pretty good track record."
- "The VPN used with the product is secure and reliable without lag."
- "Integration with the antivirus companion Webroot is not seamless on Mac computers."
What is our primary use case?
We just use it for intrusion detection and prevention.
What is most valuable?
I think that the VPN software used through FortiGate is what our clients appreciate the most. They get secure reliable connections without lag.
What needs improvement?
I have been pretty satisfied with the application as it is. I am pleased with the layout and how everything is integrated. Sometimes we will have a client who has a firewall that is not FortiGate, and often times we are able to convince them to switch over to using FortiGate as their solution because of our recommendations.
On a little different subject, the software for antivirus that we usually use with FortiGate is called Webroot. I know that some of our Apple / Mac clients experience some issues with the integration of that product. The integration, in that case, is not seamless. That is an issue that could be addressed.
For how long have I used the solution?
We have been using Fortinet FortiGate IPS (Intrusion Prevention Service) since February of 2020. So that is about seven or eight months.
What do I think about the stability of the solution?
The FortiGate product is very stable.
What do I think about the scalability of the solution?
We have not scaled the use of the product much during the time that we have used it. Because we have small business clients and we usually are involved in offering other lower-end firewalls, I am not familiar with scaling FortiGate up because our clients are generally not poised for short-term growth. Our clientele is always 500 or fewer employees and so it is a pretty straightforward implementation and common, smaller user group size.
How are customer service and technical support?
I have not had to reach out to technical support. That is actually one of the reasons why I think we are pretty satisfied with the software and hardware: we have not had to reach out. I am the senior technician here and if I have not had to reach out to FortiGate support yet, that is a pretty good track record.
How was the initial setup?
The initial setup is straightforward. Just click a button and it is there in a short amount of time. Nothing complicated about the setup.
What's my experience with pricing, setup cost, and licensing?
The pricing for FortiGate IPS is competitive with other products in the category.
What other advice do I have?
On a scale from one to ten (where one is the worst and ten is the best), I would rate FortiGate IPS as a ten-out-of-ten. It is just that good.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network administrator at PISystems
Provides efficient features for malware analysis, but its pricing needs improvement
Pros and Cons
- "The product has an inbuilt IPS software. We can configure it to block specific anonymous attacks that are happening."
- "They should provide us with a CSV number for patch updates. It will help us block specific signatures as well."
What is our primary use case?
We use the FortiGate IPS solution to analyze malware. When we receive attacks, we analyze the IPs.
What is most valuable?
The product has an inbuilt IPS software. We can configure it to block specific anonymous attacks that are happening.
What needs improvement?
They should provide us with a CSV number for patch updates. It will help us block specific signatures as well.
For how long have I used the solution?
I have been using Fortinet FortiGate IPS for four years. We are using the latest version.
What do I think about the stability of the solution?
The product is stable, but we need to monitor IPs as new patches are released daily. Attackers will use these new patches to develop new attack methods and signatures. We need to ensure that our FortiGate IPS is up-to-date with the latest patches. We can get the logs and see if anything we have detected is suspicious. It includes programs, applications, files, or anything else. We investigate suspicious activity and act appropriately, such as blocking IP addresses or updating policy analytics.
What do I think about the scalability of the solution?
The product is scalable. I sometimes have enterprise clients, but my client base is mostly small businesses. We have to implement the entire setup for them. In addition to the endpoint solution and firewall, we need to create IP addresses for users and define their services. Then, we can protect these resources from FortiGate by enabling the IPS upgrade.
How are customer service and support?
There is a customer support portal number. We can create a case there and upload our details. They provide support services instantly.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup is easy. The default CSV is already updated so that we can block those threats. We have to update the block list from the policy settings.
What's my experience with pricing, setup cost, and licensing?
The product is expensive. I rate its pricing a six out of ten.
What other advice do I have?
Enterprises use Fortinet FortiGate IPS because it protects government or critical infrastructure networks. For small businesses, IPS may be sufficient. Overall, I rate it a six out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
IT Security Manager at a tech services company with 10,001+ employees
Easy to use, beneficial security reports, and useful blocking
Pros and Cons
- "Fortinet FortiGate's most valuable features are the UTM package which provides internet blocking restrictions and load balancing. Additionally, the solution is easy to use and the security reporting is good. The security fabric which they have launched Fortinet FortiGate IPS, it's very good in terms of giving details."
- "Fortinet FortiGate can improve performance. There was a huge challenge in terms of CPU and memory where the IPS engine would keep triggering. There were random spikes of overutilization in the CPU and memory resources. They have to work on CPU and memory stability considering these IPS engines. A few versions were very unstable."
What is our primary use case?
Fortinet FortiGate is used as an inline intrusion prevention tool to detect and scan ongoing connections and data. It will take action, either by blocking or intimating in real-time.
What is most valuable?
Fortinet FortiGate's most valuable features are the UTM package which provides internet blocking restrictions and load balancing. Additionally, the solution is easy to use and the security reporting is good. The security fabric which they have launched Fortinet FortiGate IPS, it's very good in terms of giving details.
What needs improvement?
Fortinet FortiGate can improve performance. There was a huge challenge in terms of CPU and memory where the IPS engine would keep triggering. There were random spikes of overutilization in the CPU and memory resources. They have to work on CPU and memory stability considering these IPS engines. A few versions were very unstable.
The current Fortinet FortiGate IPS package has only standard options. If they could work around optimizing those packages for different needs it would be better. There might be a media company, or banking organization, which needs a different set of signatures and different bundles on priority. If they could segregate that in terms of organization and needs, or at least institutional-wise segregation, that could be great.
For how long have I used the solution?
I have used Fortinet FortiGate within the past 12 months.
What do I think about the stability of the solution?
Fortinet FortiGate could improve the stability, we used different versions and they were unstable over time which caused an overall device error.
What do I think about the scalability of the solution?
The scalability of Fortinet FortiGate is a challenge. However, the cloud version is easy.
How are customer service and support?
I have had to use the support a number of times when we had overutilization of resources.
I rate the support from Fortinet FortiGate a six out of ten.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup of Fortinet FortiGate was easy. This is a common feature across Fortinet devices.
What's my experience with pricing, setup cost, and licensing?
There is a license required to use Fortinet FortiGate with all the features. It has to be updated with the threats on an ongoing basis for the signatures to prevent threats and a license is needed to receive those security updates.
The price of the solution is worth it for the features.
What other advice do I have?
My advice to others would be to have Fortinet FortiGate optimized. It is a good tool to be switched on and used in a live production environment. It is important to optimize rather than directly use the pro package, the full IPS package provided by the vendor.
Fine-tuning the solution according to the organization's needs will help in optimizing the utilization of CPU and memory because the whole bundle has too many features which might not be needed for the organization. Enabling the solutions and running it on the first default mode and then optimizing it using the customized package, would help a lot in stabilizing the device.
I rate Fortinet FortiGate an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Occupational safety technician at Concremat
Filtering information is easy with this stable and scalable solution
Pros and Cons
- "The solution provides an easy way to filter information and Fortinet lab is a great place to discover new things."
- "The interface and product support could use improvement."
What is our primary use case?
Our company has 500 users of the solution.
What is most valuable?
The solution provides an easy way to filter information and the Fortinet lab is a great place to discover new things.
What needs improvement?
The interface and product support could use improvement.
For how long have I used the solution?
I have used the solution for fifteen years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
Product support could use improvement.
How would you rate customer service and support?
Neutral
What's my experience with pricing, setup cost, and licensing?
The solution is offered as an annual license.
What other advice do I have?
I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network Engineer at Masterfox
A tool with an easy initial setup phase
Pros and Cons
- "My company never had any complaints about the tool in terms of performance or stability."
- "The tool is expensive for small businesses, making it an area where the tool can improve the product by making it available at a cheaper rate."
What is our primary use case?
Our company's technical team handles the reselling part of the tool. I haven't heard of any problems related to the product.
My company's clients use the solution. The tool is not majorly used to monitor the network traffic or intrusion, so it is purely for protecting the network.
What needs improvement?
The tool is expensive for small businesses, making it an area where the tool can improve the product by making it available at a cheaper rate.
For how long have I used the solution?
I have experience with Fortinet FortiGate IPS. My company operates as a reseller. Sometimes, we purchase products to help our company's clients who need to renew the licenses of certain solutions.
What do I think about the stability of the solution?
My company never had any complaints about the tool in terms of performance or stability.
What do I think about the scalability of the solution?
My company's clients are usually small businesses, so they don't spend too much time on security and protection, meaning they use the tool to meet their bare minimum needs.
How are customer service and support?
Though I have never contacted the solution's technical support, I feel that the tool offers good support since I have never heard any complaints about the product's technical team from my company's team members.
I rate the technical support an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I think that my company has been using Fortinet FortiGate IPS for at least four to five years. My company has not been using the rest of the products in the market, so it is not possible for me to compare Fortinet FortiGate IPS with other solutions. So far, my company has been happy with Fortinet FortiGate IPS.
How was the initial setup?
The product's initial setup phase was pretty easy because my company is familiar with the product.
The solution is deployed on an on-premises model.
The solution can be deployed in an hour.
What's my experience with pricing, setup cost, and licensing?
The tool is a bit pricey for small businesses, but it is still bearable in terms of cost.
What other advice do I have?
Fortinet FortiGate IPS is used alone, so there is no need for any integrations.
The tool is not majorly used to monitor traffic or intrusions, so it doesn't provide much visibility in such areas. I am not sure whether Fortinet FortiGate IPS can be used easily for monitoring, considering that our company has many firewall tools over different networks. I am not sure whether it is possible to use the tool to log in or sign in individually.
I rate the overall tool an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Last updated: Feb 8, 2024
Flag as inappropriateIT Coordinator at Plasser do Brasil
Great detection and anomaly hunting with a quick response
Pros and Cons
- "The detection is great."
- "The solution could maybe use more integration with artificial intelligence to be more proactive."
What is our primary use case?
The solution is helping us with the base key match work operations center. They are monitoring our match work 24/7.
What is most valuable?
Overall, it's a great solution.
The detection is great. The possibility to detect any anomaly under our match work is great. We have a quick response.
What needs improvement?
We'd like more integration with the analyzer so we can track down any problem and have a correlation to try to find the root cause.
The solution could maybe use more integration with artificial intelligence to be more proactive.
For how long have I used the solution?
I've used the solution for eight months or so.
What do I think about the scalability of the solution?
We have about 100 users on the solution right now.
Which solution did I use previously and why did I switch?
I'm just using Fortinet right now.
What's my experience with pricing, setup cost, and licensing?
We pay monthly for licensing. You just need to pay standard costs and do not need to pay extra fees.
What other advice do I have?
I'm using the Fortigate 60f.
We're a partner.
I'd rate the solution nine out of ten. We are quite happy with its capabilities.
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
Download our free Fortinet FortiGate IPS Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Intrusion Detection and Prevention Software (IDPS)Popular Comparisons
Darktrace
Vectra AI
KerioControl
Palo Alto Networks Advanced Threat Prevention
Splunk User Behavior Analytics
Trend Micro Deep Discovery
Check Point IPS
Trend Micro TippingPoint Threat Protection System
Palo Alto Networks URL Filtering with PAN-DB
Cisco Secure IPS (NGIPS)
Cisco Sourcefire SNORT
Trellix Intrusion Prevention System
ExtraHop Reveal(x) 360
Buyer's Guide
Download our free Fortinet FortiGate IPS Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- When evaluating Intrusion Detection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- What product do you recommend for a Campus IPS appliance implementation?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which alternative solutions (other than Darktrace) do you recommend for an SMB?
- Which is the best intrusion detection and prevention solution?
- What is the best IDPS security tool and why?
- What is Cognitive Cybersecurity and what is it used for?