Fortinet FortiGate Reviews

It's mainly used to secure our clients' network access because they do not have any servers. The only things we have connected to the FortiGate firewall are access points, CCTVs, and a printer. It's just used for web browsing and internet access.

It definitely helps with intrusion prevention. When managing a firewall, you need to create policies to dictate the traffic flow within your environment. And once you enforce a policy, it has an intrusion prevention assistant that you can activate, so it's not just acting as a firewall.

Like most next-generation firewalls today, it helps control network traffic. I don't have any problem managing the network traffic within our network. It's very easy to access and manage.

FortiGate has also helped reduce the risk of cyberattacks. If such an attack happened, the main consequences for us would be data breaches, where some of our company's most important information might be leaked and used by other people. That would endanger our production and security.

And with the System Events page, I can easily access and see the events that are happening within the device and the network. It's easy to track if something has happened and, based on that, make a decision about the next step that I should take. I can see if it is severe or if it is just something that is not critical but more than a nuisance. Even in that case, I have to think about the steps that I will take to prevent it from happening again.

Mostly, it's about protecting the internet access of our end users in the production area of our company. It protects us during our web browsing and from internet-related activities.

The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup.

It also provides us with visibility because we are able to track the IP addresses, as well as the type of device, OS, vendor name, and the name of the devices.

In addition, Fortinet Security Fabric helps us meet regulations and compliance requirements.

The built-in APIs enable us to integrate with different vendors, such as TP-Link and Luigi. We did not have any problems with the integration. It's very easy to configure and connect. This helps reduce deployment time, but that has more to do with network knowledge than with the product. If you're familiar with basic networking, it would be easy for you to understand the application of a certain device and integrate it with the API of your choice.

I've been working with Fortinet FortiGate for about 10 months.

I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet.

Neutral

I don't know why our company acquired FortiGate because I'm not the account manager. I'm just the technical person who installed the product. But I can assume they just looked at other companies that are securing their networks and decided to secure their internet access like those companies do.

Including the reconfiguration of the network setup, the deployment took at least five days. But the actual deployment of the device only took one day. There were four people involved.

I have no idea what the difference in pricing is if you buy it from a reseller or distributor compared to Fortinet, or even if Fortinet gives that option. The pricing is justified. It's a little pricey, but what you pay for is what you get.

I can't say how much it has reduced MTTR because I have not experienced any issues with FortiGate.

When I first built the FortiGate firewall, it enabled me to learn more about the network security field.

We use Fortinet FortiGate for web filtering, IPS reporting, and firewall policy routing.

What we like about Fortinet FortiGate is that it's fast. You can also use it immediately, e.g. you don't have to wait and apply the policy before you can use it. It's robust and offers immediate usage, unlike Check Point, which we noticed was a slow product.

Fortinet FortiGate is also more secure, depending on how you set up the SD-WAN technology.

We also like the zero trust access, arrays, and the EDR features on this product. It's also 100% more user-friendly, e.g. even when I worked with them configuration-wise. The availability of the support hotline and their knowledgebase articles, e.g. the Cookbook, help a lot. Those articles are accessible to everyone, and they're free.

Whenever you implement a solution, you can run through Cookbook, then you can install the Fortinet certificate if you aren't able to, if you're stuck, but most of the time you are likely to get it right. The Cookbook explain everything straight to the point, and this makes it much easier.

Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%.

I've used Fortinet FortiGate for three years, and the last time I used it was last year.

The product is very stable. It's a powerful product.

Fortinet FortiGate is a scalable product.

Installing Fortinet FortiGate is straightforward. The Cookbook tells you where the issue is, then the packs that come with the software, they are quick to advise on what bugs you can expect, and how those bugs can be fixed. I enjoyed installing the product.

The initial setup for Fortinet FortiGate took less than a week. We spent another week migrating the policy, or recreating the policies on the new object, because of the incompatibility with Check Point. We had to recreate the policies, otherwise, the change was quick, and we just had to mount them and connect the HA link and the other internet link. The setup was quick.

The product has different licensing models, depending on what you're going to do. For the IoT service, initially the program was for free, then the IoT service and the mix firmware that we had, we had to pay.

Services are separate in terms of Fortinet FortiGate license models, e.g. you could have IPS, AV scanning on high availability, etc. The license could be on annual renewal.

I evaluated Check Point, but my problem was that it was too slow to install, and you have to wait long while your environment is down. With Fortinet FortiGate, it was instant. Fortinet FortiGate is very easy to install, unlike Check Point. Fortinet FortiGate is a better product.

I have experience with Fortinet FortiGate. I used to manage the product in the past, but in a different company. I transferred to another company into a new position, and Fortinet FortiGate is being used in my current company.

This product can be deployed both on-premises and on cloud. We use version 300E for on-premises, and VM04 on cloud.

They are doing a lot of things to improve Fortinet FortiGate, that I can't think of anything else I'd like added to it. There's zero trust access, the EDR, and the arrays. I can't really say that there's anything that they have not started. They're able to provide what I want.

We started with 100 users of Fortinet FortiGate in the company, then it went up to 270 users, because we also had a child company with end users of this product.

We didn't have to contact technical support for Fortinet FortiGate, because we had a third-party guy who was helping us, and we seldom contact him. If we find an issue, we just email, and he'll write back to us. We also get advise on the old firmware, for example, that there's a higher chance it's static and could be affected by vulnerabilities. Any help was done quickly, and it was nice. Nowadays, we are doing all the work, e.g. not having to contact our third-party guy.

We don't really need a team for deployment and maintenance. There's another engineer we're sharing ideas with, otherwise, deployment and maintenance are both very straightforward. You just need to know what you're doing, e.g. a good path, IPsec channels, etc., and it'll be much easier.

I can recommend Fortinet FortiGate to others, especially because I understand it the most now. We do know everybody won't choose it, because Check Point, Cisco, and other competitors are coming up with robust devices. Everyone wants to win against their competitors, but I'm happy with FortiGate. It's a product I can recommend to others.

I'm rating Fortinet FortiGate a ten out of ten, because it doesn't give me any issues. It's very easy for me to rate it a ten.

We use Fortinet FortiGate to filter information, to ensure that we secure our network. Additionally, it's for overall security and to ensure that no information is leaking out.

Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure.

Since we have been using Fortinet FortiGate, we've not had anyone breaking into our network. We've used some penetration tests, and the system is very secure. However, the security of the network is dependent on the personnel itself.

For example, if you have a phishing email, you click on it, it takes you to the wrong server, and you put your credentials there, they can use those credentials to attack your system. In terms of somebody trying to break into your network without having the necessary credentials, Fortinet FortiGate is very good.

The solution could improve by being more secure.

I have been using Fortinet FortiGate for approximately six years.

Fortinet FortiGate is stable. It's used across all the countries, this is the way most multinationals run their system.

The solution is scalable.

If the business expands into other geographical zones, we will need to expand the network and secure it. This is when we will expand the use of Fortinet FortiGate. However, because of this pandemic, businesses are slowly getting back to normal. 

I don't think that expansion will come up in the next one or two years. Maybe in the next three years once they start to pick up their business, then there might be such an expansion or increase in hardware needed.

Each of the devices is licensed every year and in case you have a serious critical issue we can contact the support from FortiGate directly. We contact them every once and a while but not often. We have to purchase a license that allows us the support to use them.

The support could be faster to come out with a solution.

We were using Cisco previously.

The Fortinet FortiGate deployment is not difficult. It's not simple, but it's easy for someone to learn. The whole process took approximately three hours. Cisco solutions are more difficult to deploy.

We have experts in-house with experience and we did the deployment in-house. They used the deployment resources internally to deploy it.

The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device.

The support is included in the license.

I rate Fortinet FortiGate a nine out of ten.

We primarily use this solution as a firewall.

It's our main firewall, but we're planning to replace it with a pfSense for reasons I will discuss.

It's super reliable. I don't think I've ever had a reliability issue with it. Within the four years that I've been using it, maybe two or three times, resetting the firewall was what solved the problem. It's been super, super solid. I never have to think twice. If I ever experience a problem, the firewall is the last thing I think about. I never need to check it because it's never the problem. It's just super solid. It's also pretty robust. I know that there are more robust solutions out there, but not by a lot.

In the enterprise proprietary world, Fortinet, in my experience, considering its cost and reliability (maybe they could bring the price down or maybe they could make more plans), I honestly don't think that there is much room for improvement. I think it's a pretty good solution for anyone who is looking for a proprietary solution. I wouldn't look anywhere else.

Cisco, for example, is probably way overpriced. Fortinet on the other hand, one of their strong sides is that they have an all-encompassing solution with a very reasonable price point. Cisco and other brands are a little bit more modular — to get everything you'd have to buy a lot of different packages.

An automated guide feature or templates that you could pick and choose would be a nice addition.

It's definitely not as easy to look at traffic as I would like. Sometimes when I'm trying to see what traffic has been blocked or what traffic has been passed, it's not as easy as I would like to filter it out or to monitor bandwidth.

The monitoring is not as good as it could be. It could be a lot easier to understand. For example, I was trying to figure out, in a given timeframe, how much was downloaded off of a certain interface and I didn't really understand how I could get that information or if it was even available. I was searching the documentation online and I couldn't even figure it out. Monitoring and reporting could be better; It's very good, but there's definitely a lot of ways to improve it.

I have been using Fortinet FortiGate for four years.

Fortinet FortiGate is super stable, one hundred percent. Just works 24/7 without any issues like you would expect from an enterprise product.

I know that it's scalable, but I don't actually have any experience regarding scalability. It's probably not as scalable as pfSense because pfSense is based on open hardware platforms. I definitely know that proprietary platforms usually tend to be less scalable because they're more constrained with licensing. The scalability in my opinion would be decent, satisfactory, but I believe pfSense is probably more scalable. I know that there are a lot of big corporations like Google and others that use pfSense. I don't know the details. I'm just giving my educated guess.

I personally prefer pfSense as it's open-source and you only have to pay a minimal fee for support. But for people who want that platform, I think it's a great solution. If I wasn't using pfSense, I would definitely go with FortiGate.

The two products are completely different. If you're using pfSense, you're basically using the entire open-source world — so you're based on FreeBSD, you're using Snorts, everything is open-source. It's very easy to make modifications and to figure out what's going on. You're not dependent on your single company's documentation, there's a huge user base. It's very easy to modify and extend. You can see what's going on — it's very transparent in that sense. It's probably a little bit more manual. With pfSense, You have to put in a little bit more effort to get things done, but, in the end (aside from the huge cost savings), you get all the features that are available in an enterprise firewall for just the price of support, which is also very minimal.

If you need to make any tweaks, you can do it all yourself. If you need to tweak ciphers for SSL for compliance (for PCI, for security compliance) it's not a difficult thing to do; it's a fairly trivial task.

I didn't set it up initially, but I did set up a lot of things from scratch. I think it could be more simple. When you're looking at a proprietary solution, usually it's aimed for end-users and they just want to do point and click. I believe in certain aspects, pfSense was simpler. I think there's maybe just a bit of a learning curve, but I guess you would experience that with any platform.

I think that the pricing is fair.

On a scale from one to ten, I would give Fortinet FortiGate a rating of nine.

Other than the price and the lack of extensibility and transparency (which is inherent in any proprietary platform); if you're going to compare it to pfSense, then I would not give it a nine. I would give it an eight, and I would give pfSense a 10. pfSense has its drawbacks, but not that many, in my opinion. 

Take the time to learn the platform and you won't run into trouble later. That's my advice.

Other than that, it's super solid, super reliable. It does the job.

Our primary use cases for FortiGate are SD-WAN and the next-gen firewall.

Most clients in the Philippines seek a cost-effective solution that can secure their network, and FortiGate is often their first choice. If your network is secure, there's less downtime and threat exposure, increasing overall efficiency. 

Fortinet's secure SD-WAN helps us remedy threats faster. It's user-friendly, and you can see everything on the FortiGate dashboard through a single pane of glass. Secure SD-WAN has reduced our mean time to detect. We haven't had any significant issues so far. 

SD-WAN has reduced our help desk tickets by making us secure. Many of our clients switched from other brands to Fortinet, and they feel that the FortiGate box and the added security FortiGuard provides have exceeded their expectations. 

FortiGate firewalls are user-friendly, and I like the security profiling features. 
FortiGate has always had good interoperability. Their fabric enables you to integrate a lot of products into one vendor. 

The secure SD-WAN gives you a tool for failproof your connections, especially with a branch-to-branch setup. FortiGate also comes with FortiGuard, which is an excellent threat-detection service. They have their own R&D and threat intelligence for FortiGuard.

While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up. 

We have been using the solution for more than two years.

I rate FortiGate an eight and a half out of ten for stability.

I rate FortiGate a nine out of ten for scalability. 

I rate Fortinet support a nine out of ten. 

Positive

We also use Meraki. FortiGate has advantages in terms of usability. Also, if we don't pay for the Meraki license, it becomes useless. 

Deploying FortiGate is straightforward. It typically takes about three days to deploy and configure the solution. One person is usually enough to deploy it. 

Most of our clients are still using the FortiGate D Series, so they have gotten their money's worth. 

Fortinet is much cheaper compared to the other leading platforms. However, most of our customers are asking for bigger discounts on license renewals. 

I rate Fortinet FortiGate a nine out of ten. 

We use Fortinet as a perimeter firewall. The solution is deployed on-premises.

The best feature is the ease of use. I think it's pretty much a well-rounded product. It has more features than we use, but a lot of products are like that. We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well.

The logging details need to be improved.

We have been working with Fortinet for about 18 months. We are running the current version.

The solution is very stable.

We haven't had a need to scale it, so it provides directly what we need it for.

There are approximately 2,800 users in my organization. The solution doesn't require a lot of staff for maintenance.

Technical support is very good. On a scale of one to five, I would give them a four.

We previously used Check Point. We switched because the devices became in the end of support and then we got pricing on the replacement models, and the pricing was a little bit ridiculous for what we needed so we looked into Fortinet. 

Fortinet said that they could migrate from Check Point for us or help build an easy migration from Check Point to Fortinet. It wasn't that easy at the end of the day, but it all got done. 

The switch was really down to pricing and the functionality that we required, so the decision was made to go with Fortinet because of that and ongoing maintenance costs.

It wasn't complex. It was time-consuming because there were so many rules that had to be set up. We were migrating away from Check Point and going to Fortinet. 

Deployment took six weeks.

Deployment was completed with a consultant.

The license is yearly. 

We pay for the top end. It's called 360. We get signatures for blacklist. We get signatures for a whole host of different bad actors that search the internet.

It covers the hardwares, software, and it covers the subscriptions to the signatures because the box uses three or four different types of signatures for interrogating inbound and outbound traffic.

I would rate this solution 8 out of 10. 

It does everything we need it to do. We're quite happy with it. It's very reliable. We haven't had any problems with it. We had a few teething problems that everybody has when you first use something new. Everything works, and the majority of time we don't even know it's there, which is the best power for an IT appliance that you can buy.

My advice is that if you haven't tried it, you should try it and see if you like it.

We primarily use the solution just for internal segmentation and connection of some ranges using IPSec.

Currently, the solution is saving costs for us and blocks applications effectively using layer seven.

The solution's most valuable aspect is the IPS for potential mitigation from the cloud inside our network. 

The VPN SSL is important for us. 

The web filter is very good. 

The GUI is okay.

The initial setup is straightforward.

The documentation provided is okay, I find that sometimes, with other startups, it's hard to find a good amount of documentation in order to assist you with the product. In this case, the solution offers a good amount of detail.

The solution offers good analyzing capabilities.

I'm not sure if the solution is really lacking anything major. For us, it works okay.

They seem to have made a lot of improvements since the last release.

Technical support could be better. You don't always get the level of help you need right away.

We've been using the solution for about ten years at this point. As it's been about a decade, I'd say we have quite a bit of experience with it.

For the most part, the memory and the CPU are good. It's generally stable. We don't face any issues with this aspect of the solution.

The scalability is fine. If a company needs to expand it, they should be able to do so without any issues.

We only have about 40 users on the product currently. It's not a big company.

For now, the product is good as it is and we don't have plans to increase usage in the future.

By and large, technical support is good. It's okay. It's not bad. It could be better, however, they do answer our questions when we have them. We're mostly satisfied with the level of service they provide. Of course, it could always be a bit better.

Sometimes the first contact is useful, and sometimes you don't get the kind of help you need right away. It would be nice if it was more consistent.

We also use Sophos. We use both solutions at the same time.

We didn't face any complexity when handling the initial implementation. The process is quite straightforward.

The implementation itself can sometimes take less than a week. On average, you should expect it to be about a week in total.

I didn't need the assistance of a reseller or integrator. I handled the implementation myself.

We're charged a licensing fee on a yearly basis. I'm unsure of the exact cost to the company, however. I'm not sure if there are other costs over and above the standard licensing fee.

We also looked at Juniper when we evaluated FortiGate. FortiGate is much easier to use in comparison which is why we chose it. The documentation was also better. That, and there was no integration for SSL in Juniper.

We're just a customer. We don't have a business relationship with the company.

Overall, I would recommend the product. It comes with a very good set of features.

I would rate the solution ten out of ten. We've been quite happy with it.

We use Fortinet FortiGate 100E for a VPN. We also use the solution for word filtering. These are our primary business requirements.

We were not fully operational previously. Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. 

In Egypt, to make this possible, we built connections for everything between the two sides through the internet using the VPN side-to-side with Fortinet. 

We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E.

The main feature that Fortinet FortiGate has that is very useful for me, is that I can connect two sides of the network to each other with Fortinet. 

I can make two VPNs run side-to-side. VPN is very simple and so easy with FortiGate.

Fortinet needs more memory to save the log files (like in the 101E, the old product). We need it to save the logs on the hardware and not in the cloud. 

I know this feature is available in FortiCloud, but if we need to log locally, it is not available. Also, the log only records a little time and needs to be longer.

Fortinet FortiGate offers good stability. I have been using it for around two years.

FortiGate is a very scalable tool. They have an app to manage the access points, switches, and other solutions. 

For our project, now we're over a hundred users at the headquarters. The other branch supports about 20 persons.

Fortinet tech support is very helpful. I have not faced any trouble with their technical support. 

The other product I was previously using was ForgeRock but did not have the experience of integrating it with Fortinet FortiGate.

For the Fortinet installation, our initial setup was for word filtering. It was very easy and did not take a lot of time. The deployment took about three days. 

FortiGate is very easy. The entire solution setup processes took about three days. I can make many of the rules for most users as we need it configured easily.

I am the integrator for Fortinet FortiGate solutions at our company.

The licensing price for the Fortinet products is approximately a thousand of dollars per year for the FortiGate 100E and $200 per year for the FortiGate 50E. 

I don't use additional licensing, just the yearly subscription.

We did not evaluate any other options for this purchase.

If anyone asks me for my experience with Fortinet solutions, I would recommend FortiGate, especially if they need to use it for security. 

I would recommend the FortiGate series for integration with any hardware or software product. I am very satisfied with Fortinet. I would rate it a 9 out of 10 overall.