Fortinet FortiGate Reviews

My primary use case for this solution is using it as a key net and as a firewall.

For Fortinet Fortigate,I have to have a Fortigate access point. In my opinion, it should have been a universal access, which supported the universal access point. At this point, our campus is large with some 10 thousand students and staff on board at any given time. Every time I have to use Fortigate, the access point portal has to be a universal type. It would be nice if I did not have to "marry" Fortigate for everything.

The only feature is that I don't have to be worried about categorization of the websites. I am able to put on the policies for the blog because this is an institution.There are several restrictions out there to get onto the websites. It creates a "headache free" environment for us.

A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve.

My only solution would be please don't make it as a closed source. Don't make it as
a closed source. Give some kind of a power to the user so that they can consider it
according to their determine that it should have some flexibility on concurrent
connections not be restricted. I agree that to some concurrent connections the CPU and
the box may be a lower model and it need some higher scale level with this. But, there
should be a provision. There should be a provision to go to at least to 60-70% onto the
threshold to go beyond the designed capacity of something. Like we call it as a design
capacity, and since 70% addition to the 100% of it.

If I compare with the open source, it has really frustrated me for a couple of things. Whenever my students or faculty goals increase, then in Fortinet, I need to change the model for going with the higher model, or better model more better first tier it can deal with it.

It should have been scalable. But, it is not quite so. There are limitations, I need to change the box or I have 1500 D. That means I can make 1000 connections, but some kind of vestibules are going on and the advances are going on. Then, I find it very difficult to give  a connectivity simultaneously and upon current connections. As a result, I have to deprive my faculties, my staff, or my students of certain functions.

Tech support is not very efficient in India.

We have considered the Linux Suite and HP BSM.

As I said, that at least one part I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over.

There is no need to buy physical firewall hardware when you host multiple customers requiring individual secure access to their FW. You just create virtual domains (VDOMs).

You can create multiple Virtual Domains (VDOMs), which are treated as separate firewall instances. The reporting you receive out of this appliance is excellent. You will not need an external management system.

1. sFlow and NetFlow

I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE.

NetFlow is a network protocol developed by Cisco for collecting IP traffic information and monitoring network traffic. It is not supported on FortiGate for those who have a NetFlow analyzer/collector already setup in their network.

2. Policies

To control traffic in a firewall, you need to create and apply policies to the FW interfaces. By default, policies are sorted by FW interfaces and this makes FW interfaces an integral part of the policies. Zones provide the option to logically group multiple virtual and physical FortiGate firewall interfaces. Then, you apply security policies to those zones (logical groups of interfaces) to control traffic flow on those interfaces.

In a FortiGate unit with a lot of interfaces (including virtual interfaces), there is a high probability of having duplication of policies.

These devices are very stable.

They are easily scalable with multiple built-in interfaces. It supports a minimum of 10 VDOMs. VDOM supports all dynamic routing protocols like RIP, OSPF, BGP, and IS-IS. You do not need to reboot after enabling the VDOMs.

Area for improvement - there is one big configuration file with no separations for the unique VDOMs. Maybe they could separate individual VDOM configuration files with the root VDOM configuration file referencing the individual VDOM config files.

Customer Service:

Customer service is great, an eight out 10.

Technical Support:

I will give technical support an eight out 10.

We previously used different solutions as well. We did not switch, we have different requirements for different customers.

The user interface is relatively easy. The devices are easy to deploy and figure out if you have experience with other security appliances.

It was an in-house installation.

The ROI is great. These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive.

Fortinet licensing is straightforward and less confusing compared to Cisco. Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make.

I already have experience with Cisco ASA, so it was simply a customer preference and well within the budget.

Great appliances, and it is affordable.

We use it for managing access to our data center, regulating the communication tools employed among servers, and ensuring overall security.

Its performance in fulfilling our requirements has been satisfactory. The graphical user interface is straightforward to navigate.

There is room for improvement related to the logging and reporting aspect. It was somewhat challenging as I delved into the logs during an incident. Navigating through the logs to trace the specific information we needed, as well as generating the corresponding report, proved to be less intuitive. In comparison, when considering Sophos XG, which we also use, the logging and reporting functionality is notably more efficient.

I have been working with it for two years.

It offers good stability capabilities.

We have approximately two hundred users within our company.

I would rate its customer service and support ten out of ten.

Positive

Its performance justifies the cost, there is a prominent ROI.

The pricing is very reasonable.

I would highly recommend it. Overall, I would rate it eight out of ten due to the reporting and logging issues.

It's mainly used to secure our clients' network access because they do not have any servers. The only things we have connected to the FortiGate firewall are access points, CCTVs, and a printer. It's just used for web browsing and internet access.

It definitely helps with intrusion prevention. When managing a firewall, you need to create policies to dictate the traffic flow within your environment. And once you enforce a policy, it has an intrusion prevention assistant that you can activate, so it's not just acting as a firewall.

Like most next-generation firewalls today, it helps control network traffic. I don't have any problem managing the network traffic within our network. It's very easy to access and manage.

FortiGate has also helped reduce the risk of cyberattacks. If such an attack happened, the main consequences for us would be data breaches, where some of our company's most important information might be leaked and used by other people. That would endanger our production and security.

And with the System Events page, I can easily access and see the events that are happening within the device and the network. It's easy to track if something has happened and, based on that, make a decision about the next step that I should take. I can see if it is severe or if it is just something that is not critical but more than a nuisance. Even in that case, I have to think about the steps that I will take to prevent it from happening again.

Mostly, it's about protecting the internet access of our end users in the production area of our company. It protects us during our web browsing and from internet-related activities.

The feature I like most is the SD-WAN. It allows you to manage more than one ISP at the same time. And there is a high-availability mode, so if one of your ISPs is down, you still have a backup.

It also provides us with visibility because we are able to track the IP addresses, as well as the type of device, OS, vendor name, and the name of the devices.

In addition, Fortinet Security Fabric helps us meet regulations and compliance requirements.

The built-in APIs enable us to integrate with different vendors, such as TP-Link and Luigi. We did not have any problems with the integration. It's very easy to configure and connect. This helps reduce deployment time, but that has more to do with network knowledge than with the product. If you're familiar with basic networking, it would be easy for you to understand the application of a certain device and integrate it with the API of your choice.

I've been working with Fortinet FortiGate for about 10 months.

I would like to see improvements in the support from Fortinet. Here in the Philippines, whenever we have problems with a Fortinet product, we mostly ask for support from distributors and resellers and not directly from Fortinet.

Neutral

I don't know why our company acquired FortiGate because I'm not the account manager. I'm just the technical person who installed the product. But I can assume they just looked at other companies that are securing their networks and decided to secure their internet access like those companies do.

Including the reconfiguration of the network setup, the deployment took at least five days. But the actual deployment of the device only took one day. There were four people involved.

I have no idea what the difference in pricing is if you buy it from a reseller or distributor compared to Fortinet, or even if Fortinet gives that option. The pricing is justified. It's a little pricey, but what you pay for is what you get.

I can't say how much it has reduced MTTR because I have not experienced any issues with FortiGate.

When I first built the FortiGate firewall, it enabled me to learn more about the network security field.

Fortinet FortiGate is a firewall used for network security.

Fortinet FortiGate has helped our organization because it provides us with all features that are existing in all the other firewalls, they have a great firewall. Fortinet firewall gives you all the controls you need to control and inspect your traffic from malicious attacks.

The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto.

Fortinet FortiGate can be deployed in the cloud, they have a full portfolio for security. You are able to integrate other Fortinet solutions together to take full advantage of their security portfolio.

The Fortinet FortiGate documentation library and full resources can be reached easily. You can search and find a solution to a problem you might have. Additionally, the overall solution is highly user-friendly.

Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility.

When using Fortinet FortiGate you sometimes have to use the CLI to do some configurations which can be sometimes more difficult than using a GUI that other solutions can use, such as Palo Alto.

I have been using Fortinet FortiGate for approximately 40 years.

The stability is very good in Fortinet FortiGate. If there are bugs or problems the issues are fixed quite quickly with updates. Palo Alto has a similar level of stability, they support their appliance from updates to the OS.

Fortinet FortiGate has good scalability. You can deploy it in multiple areas and in multiple deployment modes such as firewall, inter-firewall, or core firewall. Fortinet FortiGate has appliances on multiple series that have different performances. You can choose multiple areas or multiple sites.

I have not used the support from Fortinet FortiGate. I have solved the issues I have had from using my own experience.

I have used Palo Alto previously.

When comparing Fortinet FortiGate and Palo Alto, they are equivalent to each other. However, Palo Alto is the Gartner Magic Quadrant leader and is easy to deploy. It would be difficult to describe the advantages or disadvantages because they are very similar.

Fortinet FortiGate has simple ways some of the features can be configured, such as VPN and routing protocols. You need additional effort to do it using Palo Alto. Palo Alto has a more detailed required configuration and this is why extra effort is needed.

I would rate the implementation of Fortinet FortiGate a five out of five.

The process of implementation is easy.

The price of Fortinet FortiGate can be better than others solutions because Fortinet sometimes helps you with the prices. They help the customers buy the solution by providing them a discounted price for good technology to protect their environment from multiple exploitations and network attacks.

Fortinet FortiGate as a less expensive solution than Palo Alto.

I would rate the price of Fortinet FortiGate a four out of five.

I have evaluated other firewall solutions.

Fortinet firewalls are a great new generation firewall. Since we are in these pandemic times with the increasing number of remote workers, you need one solution to protect against the additional breaches on a day-to-day basis. This means you need a great SD-WAN solution. Fortinet FortiGate helps by preventing these attacks because it is a secure solution and you have full visibility of the scalability of the traffic. The solution takes the appropriate actions paths based on the FLAs

Fortinet FortiGate is an excellent choice for you to implement as an SD-WAN solution.

I rate Fortinet FortiGate a nine out of ten.

I am using Fortinet FortiGate as a perimeter internet firewall.

The most valuable feature is the FortiManager for centralized management.

Fortinet FortiGate could improve if it had a cloud-managed solution.

I have been using Fortinet FortiGate for approximately 10 years.

Fortinet FortiGate is approximately 80 percent stable.

The scalability of Fortinet FortiGate is good.

The technical support from Fortinet FortiGate is terrible. They can improve.

The presales, account management, and post-sales are the three worst things about Fortinet.

I have previously used other solutions such as Cisco, Check Point, and Palo Alto.

The solution I would recommend largely depends upon the environment it is being implemented. We tend to mix and match firewalls, but Check Point tends to be,  easier to manage, but more expensive. Their support is much better than Fortinet's when it comes to pre-sales and post-sales.

The price of Fortinet FortiGate is better than Cisco, Check Point, and Palo Alto. In terms of pricing, it's probably a better-priced firewall solution overall.

I rate Fortinet FortiGate an eight out of ten.

We mainly use the solution as a firewall. 

The solution is very user-friendly.

The collection of the integration of multiple nodes makes everything very easy. The fact that you can push, directly, one element, and you can leverage the distribution of the policy very well has been great. 

Honestly, the console is done very well. It's easy to use.

From a strategic point of view, I've seen, in recent years, a big challenge from Fortinet to recover some kinds of space with respect to the other two biggest players, Check Point and Palo Alto. That has happened much more since the beginning of the next generation file. I found Fortinet recovered much market space in the last year.

I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security. Other vendors have developed some kind of specific product to protection. Containers now are very common, especially in the cloud. It's an area that needs to be addressed.

I've worked with the product for three or four years, more or less. 

The stability has been great. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

We have more than 10,000 people o the solution. The scalability capabilities are enough. We haven't had a problem at all. 

It would be hard to rate technical support due to the fact that, up until now, we've never had to deal with them.

That said, from talking with colleagues, my understanding is that they are good, and they offer standard levels of support in line with other competitors. 

We've also used Palo Alto and Check Point.

The initial setup is straightforward, however, we have knowledgeable teams. We also use Fortinet to check the configurations and make sure everything is supported during implementation. 

It's pretty standard to deploy. We're also familiar with Palo Alto and Check Point and there is not much of a difference between the three.

We managed, with my team, the setup. We also engaged with Fortinet in terms of professional services in order to check the installation and offer some support.

That said, we have many people on our team certified with the biggest firewalls and security infrastructure vendors.

It's very difficult to discuss pricing as we have generally, in terms of pricing, at the end of the day, we have leveraged deals the existing contracts the client had in place. The client uses various technology vendors. I can't say that one is cheaper than the other. It's all in the same ballpark when you are speaking about comparable products.

We are partners with many vendors, including Fortinet.

Likely our engineers would know what version of the solution we are on. I don't follow those details. 

I'd rate the solution at a seven out of ten. It's stable, easy to set up, and easy to use. However, I have yet to see all of the features in play.

We use Fortinet FortiGate to filter information, to ensure that we secure our network. Additionally, it's for overall security and to ensure that no information is leaking out.

Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure.

Since we have been using Fortinet FortiGate, we've not had anyone breaking into our network. We've used some penetration tests, and the system is very secure. However, the security of the network is dependent on the personnel itself.

For example, if you have a phishing email, you click on it, it takes you to the wrong server, and you put your credentials there, they can use those credentials to attack your system. In terms of somebody trying to break into your network without having the necessary credentials, Fortinet FortiGate is very good.

The solution could improve by being more secure.

I have been using Fortinet FortiGate for approximately six years.

Fortinet FortiGate is stable. It's used across all the countries, this is the way most multinationals run their system.

The solution is scalable.

If the business expands into other geographical zones, we will need to expand the network and secure it. This is when we will expand the use of Fortinet FortiGate. However, because of this pandemic, businesses are slowly getting back to normal. 

I don't think that expansion will come up in the next one or two years. Maybe in the next three years once they start to pick up their business, then there might be such an expansion or increase in hardware needed.

Each of the devices is licensed every year and in case you have a serious critical issue we can contact the support from FortiGate directly. We contact them every once and a while but not often. We have to purchase a license that allows us the support to use them.

The support could be faster to come out with a solution.

We were using Cisco previously.

The Fortinet FortiGate deployment is not difficult. It's not simple, but it's easy for someone to learn. The whole process took approximately three hours. Cisco solutions are more difficult to deploy.

We have experts in-house with experience and we did the deployment in-house. They used the deployment resources internally to deploy it.

The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device.

The support is included in the license.

I rate Fortinet FortiGate a nine out of ten.