Fortinet FortiGate Reviews

We utilize the Fortinet FortiGate firewall to safeguard our network and provide secure VPN access from external locations.

We implemented FortiGate because we needed a firewall to protect our data.

FortiGate helped us meet our ISO requirements.

In the time we have been using FortiGate, we have not had any security breaches. 

FortiGate has reduced the risk of cyberattacks that can disrupt our production. Since implementing FortiGate we have not dealt with any such attacks.

I'm unsure whether centralized FortiGate management enhances efficiency, but our experience with it has been exceptional. We haven't encountered any issues, and the operational aspects have been seamless. Additionally, there was no downtime, which is crucial for our operations.

Our Fortinet security fabric has enhanced security across our industrial control system. By safeguarding our production environment and ensuring the security of VPN access granted to individuals, we have achieved comprehensive data protection. We have not experienced any incidents that would have occurred if our firewall was inadequate.

FortiGate does a lot of research, and the product is regularly updated, especially in the ransomware area. I know of a couple of other companies around us that had some ransomware incidents, but we never have. From that perspective, FortiGate has helped mature our approach to cybersecurity a lot.

The email protection and VPN features are the most valuable.

The process of configuring firewall rules appears excessively complex. While FortiGate offers greater functionality than other firewall solutions, its user interface could benefit from simplification.

I would like the log viewing process to be improved to provide a clearer understanding of the logs.

I have been using Fortinet FortiGate for five years.

I would rate the stability of FortiGate ten out of ten. We have never had any issues.

We used the limit of our FotiGate firewall which was around 150 users and we never noticed any performance issues. 

I would rate the scalability of FortiGate eight out of ten.

The technical support is good.

Positive

Our decision to switch from FortiGate to Sophos was solely driven by the seamless integration with our existing Sophos antivirus system. Had this integration not been an advantage, we would have maintained our FortiGate system.

The initial deployment was straightforward due to our understanding of the product and its operation. It was completed in one day by a team of two.

The price of FortiGate is comparable to that of most other firewall solutions and is more affordable than Cisco.

I would rate Fortinet FortiGate eight out of ten.

Except for the firmware updates we have to do now and then, there is no other maintenance required for FortiGate.

We had FortiGate deployed in one location in a big server room. We have 150 users.

I would recommend FortiGate to anyone. FortiGate is an out-of-the-box firewall with good pricing and excellent features.      

We are using it in our data center. It is being used at the perimeter of our data center to protect the applications that we have inside the data center. We are at the beginning of its installation in our data center. We have recently installed a new cluster for IPS functionality, and we have to check if this cluster does the job.

We are using its latest version.

The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful. 

It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features.

It is quite a new product for us. We started using it only about six months ago.

Its stability is okay for us. Since we have put this new cluster, we haven't had any problems or crashes. It's okay for us from this point of view.

We got this firewall just less than a year ago, and we hope to see good performance in three or four years.

There are around 10,000 people in our company, and they are all using FortiGate because they all need to go through this cluster of firewalls.

I have not yet interacted with them. That's because we didn't encounter any important issues. When we have any technical questions, our partner has been able to answer our questions. So, I don't have any experience with Fortinet support.

It is straightforward at the beginning.

We worked with a partner. Usually, when we have a project, we do the initial setup with this partner. After that, we are able to manage the firewall without any outside help. 

Its pricing is competitive with other solutions.

We chose it after comparing different solutions on the market.

I would recommend this product. It is very easy to use. We are happy to use this product.

I would rate it an eight out of 10.

We use Fortinet FortiGate for a UPP solution. For example, DNS filtering, IPS, and VPN access.

The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment.

The management UI is more user-friendly than Cisco's solution.

Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information.

I hope that Fortinet FortiGate provides a software define network(SDN) solution.  and provide the interface for the user. If we have the SDN interface we can develop our system to manage Fortinet devices.

I have been using Fortinet FortiGate for approximately one year.

Fortinet FortiGate is a stable solution.

I have found Fortinet FortiGate to be scalable.

Our company is across many locations. For example, Europe, South America, America, China, Taiwan, and Asia. At this moment all of the sites are using Fortinet FortiGate. There are approximately 10,000 users that are using Fortinet FortiGate.

I have not used technical support.

I previously used Juniper. I did prefer the Juniper OS but not anymore because the Junos firewall seems not to be very stable. Since Juniper had stability issues is why we went with Fortinet FortiGate.

There is a license to use Fortinet FortiGate.

I have evaluated other solutions, such as Cisco.

I would recommend this solution to others.

I rate Fortinet FortiGate a nine out of ten.

My primary use case for this solution is using it as a key net and as a firewall.

For Fortinet Fortigate,I have to have a Fortigate access point. In my opinion, it should have been a universal access, which supported the universal access point. At this point, our campus is large with some 10 thousand students and staff on board at any given time. Every time I have to use Fortigate, the access point portal has to be a universal type. It would be nice if I did not have to "marry" Fortigate for everything.

The only feature is that I don't have to be worried about categorization of the websites. I am able to put on the policies for the blog because this is an institution.There are several restrictions out there to get onto the websites. It creates a "headache free" environment for us.

A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve.

My only solution would be please don't make it as a closed source. Don't make it as
a closed source. Give some kind of a power to the user so that they can consider it
according to their determine that it should have some flexibility on concurrent
connections not be restricted. I agree that to some concurrent connections the CPU and
the box may be a lower model and it need some higher scale level with this. But, there
should be a provision. There should be a provision to go to at least to 60-70% onto the
threshold to go beyond the designed capacity of something. Like we call it as a design
capacity, and since 70% addition to the 100% of it.

If I compare with the open source, it has really frustrated me for a couple of things. Whenever my students or faculty goals increase, then in Fortinet, I need to change the model for going with the higher model, or better model more better first tier it can deal with it.

It should have been scalable. But, it is not quite so. There are limitations, I need to change the box or I have 1500 D. That means I can make 1000 connections, but some kind of vestibules are going on and the advances are going on. Then, I find it very difficult to give  a connectivity simultaneously and upon current connections. As a result, I have to deprive my faculties, my staff, or my students of certain functions.

Tech support is not very efficient in India.

We have considered the Linux Suite and HP BSM.

As I said, that at least one part I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over.

There is no need to buy physical firewall hardware when you host multiple customers requiring individual secure access to their FW. You just create virtual domains (VDOMs).

You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances. The reporting you receive out of this appliance is excellent. You will not need an external management system.

1. sFlow and NetFlow

I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE.

NetFlow is a network protocol developed by Cisco for collecting IP traffic information and monitoring network traffic. It is not supported on FortiGate for those who have a NetFlow analyzer/collector already setup in their network.

2. Policies

To control traffic in a firewall, you need to create and apply policies to the FW interfaces. By default, policies are sorted by FW interfaces and this makes FW interfaces an integral part of the policies. Zones provide the option to logically group multiple virtual and physical FortiGate firewall interfaces. Then, you apply security policies to those zones (logical groups of interfaces) to control traffic flow on those interfaces.

In a FortiGate unit with a lot of interfaces (including virtual interfaces), there is a high probability of having duplication of policies.

These devices are very stable.

They are easily scalable with multiple built-in interfaces. It supports a minimum of 10 VDOMs. VDOM supports all dynamic routing protocols like RIP, OSPF, BGP, and IS-IS. You do not need to reboot after enabling the VDOMs.

Area for improvement - there is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files.

Customer Service:

Customer service is great, an eight out 10.

Technical Support:

I will give technical support an eight out 10.

We previously used different solutions as well. We did not switch, we have different requirements for different customers.

The user interface is relatively easy. The devices are easy to deploy and figure out if you have experience with other security appliances.

It was an in-house installation.

The ROI is great. These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive.

Fortinet licensing is straightforward and less confusing compared to Cisco. Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.

I already have experience with Cisco ASA, so it was simply a customer preference and well within the budget.

Great appliances, and it is affordable.

We use it for managing access to our data center, regulating the communication tools employed among servers, and ensuring overall security.

Its performance in fulfilling our requirements has been satisfactory. The graphical user interface is straightforward to navigate.

There is room for improvement related to the logging and reporting aspect. It was somewhat challenging as I delved into the logs during an incident. Navigating through the logs to trace the specific information we needed, as well as generating the corresponding report, proved to be less intuitive. In comparison, when considering Sophos XG, which we also use, the logging and reporting functionality is notably more efficient.

I have been working with it for two years.

It offers good stability capabilities.

We have approximately two hundred users within our company.

I would rate its customer service and support ten out of ten.

Positive

Its performance justifies the cost, there is a prominent ROI.

The pricing is very reasonable.

I would highly recommend it. Overall, I would rate it eight out of ten due to the reporting and logging issues.

It's mainly used to secure our clients' network access because they do not have any servers. The only things we have connected to the FortiGate firewall are access points, CCTVs, and a printer. It's just used for web browsing and internet access.

It definitely helps with intrusion prevention. When managing a firewall, you need to create policies to dictate the traffic flow within your environment. And once you enforce a policy, it has an intrusion prevention assistant that you can activate, so it's not just acting as a firewall.

Like most next-generation firewalls today, it helps control network traffic. I don't have any problem managing the network traffic within our network. It's very easy to access and manage.

FortiGate has also helped reduce the risk of cyberattacks. If such an attack happened, the main consequences for us would be data breaches, where some of our company's most important information might be leaked and used by other people. That would endanger our production and security.

And with the System Events page, I can easily access and see the events that are happening within the device and the network. It's easy to track if something has happened and, based on that, make a decision about the next step that I should take. I can see if it is severe or if it is just something that is not critical but more than a nuisance. Even in that case, I have to think about the steps that I will take to prevent it from happening again.

Mostly, it's about protecting the internet access of our end users in the production area of our company. It protects us during our web browsing and from internet-related activities.

The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup.

It also provides us with visibility because we are able to track the IP addresses, as well as the type of device, OS, vendor name, and the name of the devices.

In addition, Fortinet Security Fabric helps us meet regulations and compliance requirements.

The built-in APIs enable us to integrate with different vendors, such as TP-Link and Luigi. We did not have any problems with the integration. It's very easy to configure and connect. This helps reduce deployment time, but that has more to do with network knowledge than with the product. If you're familiar with basic networking, it would be easy for you to understand the application of a certain device and integrate it with the API of your choice.

I've been working with Fortinet FortiGate for about 10 months.

I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet.

Neutral

I don't know why our company acquired FortiGate because I'm not the account manager. I'm just the technical person who installed the product. But I can assume they just looked at other companies that are securing their networks and decided to secure their internet access like those companies do.

Including the reconfiguration of the network setup, the deployment took at least five days. But the actual deployment of the device only took one day. There were four people involved.

I have no idea what the difference in pricing is if you buy it from a reseller or distributor compared to Fortinet, or even if Fortinet gives that option. The pricing is justified. It's a little pricey, but what you pay for is what you get.

I can't say how much it has reduced MTTR because I have not experienced any issues with FortiGate.

When I first built the FortiGate firewall, it enabled me to learn more about the network security field.

Fortinet FortiGate is a firewall used for network security.

Fortinet FortiGate has helped our organization because it provides us with all features that are existing in all the other firewalls, they have a great firewall. Fortinet firewall gives you all the controls you need to control and inspect your traffic from malicious attacks.

The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto.

Fortinet FortiGate can be deployed in the cloud, they have a full portfolio for security. You are able to integrate other Fortinet solutions together to take full advantage of their security portfolio.

The Fortinet FortiGate documentation library and full resources can be reached easily. You can search and find a solution to a problem you might have. Additionally, the overall solution is highly user-friendly.

Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility.

When using Fortinet FortiGate you sometimes have to use the CLI to do some configurations which can be sometimes more difficult than using a GUI that other solutions can use, such as Palo Alto.

I have been using Fortinet FortiGate for approximately 40 years.

The stability is very good in Fortinet FortiGate. If there are bugs or problems the issues are fixed quite quickly with updates. Palo Alto has a similar level of stability, they support their appliance from updates to the OS.

Fortinet FortiGate has good scalability. You can deploy it in multiple areas and in multiple deployment modes such as firewall, inter-firewall, or core firewall. Fortinet FortiGate has appliances on multiple series that have different performances. You can choose multiple areas or multiple sites.

I have not used the support from Fortinet FortiGate. I have solved the issues I have had from using my own experience.

I have used Palo Alto previously.

When comparing Fortinet FortiGate and Palo Alto, they are equivalent to each other. However, Palo Alto is the Gartner Magic Quadrant leader and is easy to deploy. It would be difficult to describe the advantages or disadvantages because they are very similar.

Fortinet FortiGate has simple ways some of the features can be configured, such as VPN and routing protocols. You need additional effort to do it using Palo Alto. Palo Alto has a more detailed required configuration and this is why extra effort is needed.

I would rate the implementation of Fortinet FortiGate a five out of five.

The process of implementation is easy.

The price of Fortinet FortiGate can be better than others solutions because Fortinet sometimes helps you with the prices. They help the customers buy the solution by providing them a discounted price for good technology to protect their environment from multiple exploitations and network attacks.

Fortinet FortiGate as a less expensive solution than Palo Alto.

I would rate the price of Fortinet FortiGate a four out of five.

I have evaluated other firewall solutions.

Fortinet firewalls are a great new generation firewall. Since we are in these pandemic times with the increasing number of remote workers, you need one solution to protect against the additional breaches on a day-to-day basis. This means you need a great SD-WAN solution. Fortinet FortiGate helps by preventing these attacks because it is a secure solution and you have full visibility of the scalability of the traffic. The solution takes the appropriate actions paths based on the FLAs

Fortinet FortiGate is an excellent choice for you to implement as an SD-WAN solution.

I rate Fortinet FortiGate a nine out of ten.