Our clients' main use case for Fortinet FortiGate is for the firewall on the outside perimeter to the internet. Some of them have started using it for SD-WAN.
Senior Network Architect at Combat Networks
Highly affordable and comprehensive
Pros and Cons
- "It's inexpensive compared to some of the other technology out there."
- "They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI."
What is our primary use case?
What is most valuable?
We are software integrators.
Our clients like the packaging because it's an appliance. It has specific chip sets to accelerate different features in the product.
Additionally, it's inexpensive compared to some of the other technology out there.
What needs improvement?
In terms of what can be improved, they do have certain features that you can only configure through a CLI and there's no GUI interface for it. That's a pain. But it's nice that the user can do everything one way or the other.
They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI.
For how long have I used the solution?
I have been using Fortinet FortiGate for at least the last 12 months.
Buyer's Guide
Fortinet FortiGate
November 2024
Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
Fortinet FortiGate is pretty stable.
It is hard to judge this year because of everybody working from home. Everybody is using up a lot of bandwidth so I'm not sure if that is a cause for some of the instability with the Forti client. The only place we've seen instability would be updating Forti client with their software called EMS.
So pushing out the client with EMS, like a client update to remote users, has proven a pain in the butt. But that could be because the end users' VPNs are maybe a little bit unstable just because of the high bandwidth demands. It is hard to determine. Maybe it is because some of these users are in remote areas, or non-urban or smaller towns, as opposed to being in an urban area where bandwidth is a little better.
We never jump ahead and say, "Oh, yes. 6.5 just came up. Let's jump on that." We'll probably just wait six months and see what goes on first. And I guess that's probably what a lot of people do because it's protecting your intellectual property and everything which that company owns.
I'm not saying that there's no instability. People will generally just wait and not jump out unless they're testing in the lab. They're not going to jump out and put the first revision that comes out on their firewalls.
What do I think about the scalability of the solution?
In terms of scalability, it scales very well.
They have different models for different sizes. Obviously, if you buy too small and you have to upgrade, then it's a box swap. Some other vendors can just add another unit and you cluster them together. In their case it's more of just switching the box out for more performance boxes if you go too low.
How are customer service and support?
Their technical support is very good.
Every time we've had to open up a case or get their help, if we surpass that person's ability, it gets escalated right away. So it's very good. It usually gets resolved within a day or two.
How was the initial setup?
The initial setup is fairly straightforward.
What was our ROI?
In terms of ROI, they're inexpensive. Because they're inexpensive, they're just everywhere, in the Federal Government, schools, everywhere where budgets are fairly tight. And it is a very good product. It's a product that's built that if you need to you can add a different box and remove that feature from your main FortiGate and just run it on a different box.
So if you need to expand, you can always do it that way too.
They have good integration if you have multiple firewalls and it allows you to be able to push out policies to all of them at the same time.
What's my experience with pricing, setup cost, and licensing?
Fortinet FortiGate's pricing is pretty hard to beat.
What other advice do I have?
On a scale of one to ten, I would give Fortinet FortiGate a 10 out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Easy to configure and manage, supports link load balancing, and it has superior throughput
Pros and Cons
- "The most important feature, normally for small business customers, is link load balancing."
- "If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."
What is our primary use case?
We are a system integrator and Fortigate is one of the firewalls that we implement for our clients. I am a solution architect.
Our primary use for this firewall is the IPS.
What is most valuable?
One of the things I like best is the ease of configuration.
Management-wise, it is very good.
The most important feature, normally for small business customers, is link load balancing.
The firewall throughput is very good. Most of the customers in this region use FortiGate for their data center firewalls, and the main reason is because of its high throughput.
What needs improvement?
Fortinet is good in terms of security and threat prevention, but they are not leading. For example, the signature database can be improved.
If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement. Customers that have ISE implemented are able to provide inputs based on malicious traffic, and then ISE will automatically block it.
For how long have I used the solution?
We have been working with Fortinet FortiGate for the past two years.
What do I think about the stability of the solution?
Stability-wise, they are good at the job of a data center firewall. For a perimeter firewall, it is for smaller customers, preferably.
What do I think about the scalability of the solution?
The scalability depends on the design and how it was done. You have to think about the next five years. We get lots of new updates on the older versions and if the product is still in support then the new features will be included.
How are customer service and technical support?
The responsiveness of the support depends on the level of support that you have. If you have premium support then you will get immediate access to them. Otherwise, you have to wait for some time, perhaps an hour, before they get back to you.
On the technical details, there are different levels of access. Once you have engineer access then most of the cases are going to get resolved, or otherwise, they will go to their development team.
Which solution did I use previously and why did I switch?
In addition to FortiGate, we are using Cisco SFR.
How was the initial setup?
The initial setup is straightforward. We have field configuration guides that we follow and you don't need to have much in-depth knowledge to set it up initially. However, performing the fine-tuning requires that you have proper training on the device.
Deploying the firewall for a new customer will be completed within two to three days, or perhaps a week at the most.
What's my experience with pricing, setup cost, and licensing?
Compared to vendors like Cisco and Palo Alto, FortiGate is the cheapest. However, they only have a small segment of the market. Fortinet is trying to appeal to small and medium-sized customers, and I think that their prices should be a little lower for this segment.
On the high-end devices, it is fine. However, the problem is that their subscription price is very high. If you purchase a one-year subscription with the hardware and then you want to renew for the second year, it is very costly. Your whole price ends up being very high.
Which other solutions did I evaluate?
As a system integrator, we sell a lot of similar solutions from a variety of vendors. We have found that the Fortinet firewall has a much better throughput than that of the other vendors.
If a large customer is looking for a perimeter firewall then we suggest another vendor, such as Check Point or Palo Alto.
What other advice do I have?
FortiGate is a product that we recommend and we have migrated many customers from other vendors. FortiGate is a better option, although small customers don't care much about security. They only care about basic security. There are only a very few who are really concerned about it and most of them don't have a proper IT group in their company.
I would rate this solution an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Fortinet FortiGate
November 2024
Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Security Solutions Architect at Verizon Communications
Good VPN and DDoS capabilities with a low total cost of ownership
Pros and Cons
- "Virtual Domains (VDOMs) are a feature that we found valuable."
- "To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution."
What is our primary use case?
We are currently using manual router failover that can be configured on the Fortinet security appliance’s second network interface to provide network edge redundancy if the primary managed router fails. If the edge router fails, traffic can be moved to the security appliance with a simple cable swap.
We are looking for a fully redundant solution with automatic failover between both Fortinet Security appliances. I am currently looking at battle card information between Fortinet and Zscaler. I have to do a competitive analysis.
How has it helped my organization?
The low cost of ownership was a benefit with all of the features we wanted.
Preconfigured images have been developed for quick deployment. However, if we need a custom policy or have to include an existing policy then that can be accommodated as well.
What is most valuable?
Virtual Domains (VDOMs) are a feature that we found valuable.
We found the Firewall, VPN, Application Control, IPS, Fortiguard Web filtering, anti-botnet, FortiGuard, Anti Spam Wireless LAN controller, WAN optimization, vulnerability assessment, and endpoint control all to be valuable.
Fortinet certifications include NSS Labs for NGFW, firewall, IPS, SSL, antivirus, and antispam.
Fortinet provides a consolidated security platform for the market place and certifications with NSS labs prove their security assurance.
What needs improvement?
To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution. Fortinet claims to do everything Zscaler is capable of and I'm looking for a comparison between the supported features.
Fortinet VPN and DDoS capabilities are great, yet we need to provide a solution that enables CASB and integration to the cloud.
For how long have I used the solution?
We have been using FortiGate for three years.
How was the initial setup?
Fortinet is very easy to service and set up.
What's my experience with pricing, setup cost, and licensing?
Fortinet is the least expensive solution.
Which other solutions did I evaluate?
We are comparing the features of Zscaler vs. Fortinet. We are trying to determine what features Zscaler has over Fortinet and vice versa.
What other advice do I have?
Fortinet was initially scoped as 25 rules for small, 50 for medium, and 100 for large. We need to incorporate more rules but there would be additional professional services or staging services. We are looking to incorporate the cloud access with the Fortinet UTM solution.
Disclosure: My company has a business relationship with this vendor other than being a customer: Verizon is a reseller of both Zscaler and Fortinet.
Senior NetOps Engineer at a tech services company with 51-200 employees
Security has been increased but the licensing fees could be lower.
What is most valuable?
- GUI
- Flexibility
- Easy to configure
- UTM
How has it helped my organization?
- Option to control application = increased productivity
- Data leak prevention = increased security
- Anti-virus & IPS = increased security
What needs improvement?
I'm happy with the product, however the licensing fees could be lower.
For how long have I used the solution?
I've used it for six years.
What do I think about the stability of the solution?
No issues encountered.
What do I think about the scalability of the solution?
There is a specific way of deploying a Fortigate product, and the scalability is related to the new unit deployment so there are no problems here. If you need more power/space, you just have to add a new box.
How are customer service and technical support?
Customer Service:
It's very good, I've never had any problems with customer service.
Technical Support:It's very good, I've never had any problems with technical support.
Which solution did I use previously and why did I switch?
I was using Cisco ASA, and I switched due to a lack of features (e.g. poor SSL VPN support).
How was the initial setup?
It's a very simple setup as everything is well documented online and via the Fortigate channel on YouTube. Also, I posses a large amount of knowledge gained during the years that has helped me to deploy all my solutions. Even from the the beginning, it was easy as Fortigate has a great GUI and good online help,
What about the implementation team?
We did an in-house implementation, with no third party involvement.
What was our ROI?
The product is deployed as part of, and an add-on to, the MPLS solution for the majority of my customers. There is no ROI as this is not the major expectation, as the ROI is coming from the whole solution, not just this product.
What's my experience with pricing, setup cost, and licensing?
All the costs are for the annual licenses. The cost of the original deployment fell below £5,000, and licenses are priced at around £3,000.
Which other solutions did I evaluate?
We considered Cisco, however we decided to go with Fortigate as it provides a good set of the features for the price paid,
What other advice do I have?
Enjoy it. The product is easy to implement, easy to manage, and easy to develop and grow.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Manager at SICOM LTD
Good pricing, scalable, and helpful for controlling the traffic
Pros and Cons
- "We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."
- "It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified."
What is our primary use case?
It controls the inflow and outflow of all the communication between different sites and so on.
We are using its latest version.
What is most valuable?
We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs.
What needs improvement?
It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified.
When there is a change in the IP address from the ISP, there is some disruption in the service. So, we try to do it when we have the least number of people working, which means very late at night. So, for the time being, it is working fine.
For how long have I used the solution?
We have been using this solution for nearly a year.
What do I think about the stability of the solution?
Apart from the disruption in the service because of the IP address change, it has been quite stable.
What do I think about the scalability of the solution?
We are implementing it phase by phase. Initially, we had one VLAN, and then we added more. So, it is quite scalable, and we haven't had issues with it so far. It has been recommended by the vendor that the model that we have would meet our requirements for the time being. In two or three years, depending on how we expand and how many more resources are required, we might have to look at another version of the device.
How was the initial setup?
It was the vendor who did the initial setup. It was done within the time range that was allocated for the setup. My guess is that it was straightforward.
We are still in the process of implementing the solution. The commissioning has not yet been done. What we had previously is now changed to a new solution and a new way of doing things, and this is still in the implementation phase. Our implementation is being done phase-wise. We do things and tune it until we are happy with it, and then we go to the next phase. So far, it's working fine.
What about the implementation team?
We have a relationship with the vendor. We discussed what we wanted to do and finally, we selected the product, and after that, it was installed and configured on our premises.
We have a small team of three or four people for deployment and maintenance.
What's my experience with pricing, setup cost, and licensing?
Its pricing is fine. It is on a yearly basis. Other than the licensing fee, there is no extra fee.
What other advice do I have?
I would rate it an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Infrastructure Engineer at a hospitality company with 51-200 employees
Simple to use, has less complications and is very straightforward
Pros and Cons
- "Their interface is very easy to use, it is without bugs."
- "Fortinet Fortigate could benefit by simplifying some of their processes."
What is our primary use case?
Fortinet FortiGate is a firewall that protects your assets and data. We have 15 people using this solution. I am an infrastructure engineer. We require 3 people to maintain the solution.
What is most valuable?
What I like about this solution is that it is simple to use, has less complications and is very straightforward. Their interface is very easy to use, it is without bugs.
What needs improvement?
Fortinet Fortigate could benefit by simplifying some of their processes. For example, if you are using Cisco, and you want to find a source and a destination, you type the IP of the source and then the IP of the destination. Cisco will find any denied packet by highlighting it in yellow. To access it with Cisco, all you need to do is right click. FortiGate is not that simple.
For how long have I used the solution?
I have been using Fortinet FortiGate for approximately 4 months. I am taking a course regarding this solution.
Which solution did I use previously and why did I switch?
We had been using Cisco and Firepower prior to FortiGate. FortiGate is easier to use. We encountered a lot of problems when we integrated Firepower on Cisco devices.
How was the initial setup?
The initial setup of Fortinet FortiGate is very straightforward. I would give it a 5 out 5 on ease of setup.
What's my experience with pricing, setup cost, and licensing?
Currently, we have not added licenses for all the features we want. For example, we do not have intrusion prevention and detection.
What other advice do I have?
I would recommend Fortinet FortiGate, it is a good firewall, especially for beginners because of its ease of use.
I would rate the solution an 8 out 10.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Infrastructure & Service Manageer at Cerba Research
Has a clear pricing policy, and with VDOMs, we can split the rules and policies between two different companies
Pros and Cons
- "It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working."
- "We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine."
What is our primary use case?
It is used as a defense mechanism for securing the internal network from the external network. We also use it to have VPN tunnels between us and our partners and the support organizations we work with.
We are using FortiGate 200F.
What is most valuable?
We are mostly using it as a defense mechanism. It has many more possibilities, but at this moment, it is only used for defense against attacks. It is doing what it should do with the FortiGuard subscription on it, which is an advanced security subscription.
It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working.
What needs improvement?
I don't see any area of improvement at this moment. I'm responsible for the IT infrastructure. I'm not a security specialist. The IT security is being managed by the CSO in our company.
We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine.
For how long have I used the solution?
It has been a little over a year since we have the firewall cluster in place.
What do I think about the stability of the solution?
It is a stable product. We had some issues in the beginning while setting it up, but we received an update of the firmware, and since then, it has been stable.
What do I think about the scalability of the solution?
It is being implemented for everybody. It is our security layer.
How are customer service and support?
Their support is good. We had some issues in the beginning, and they were resolved within a couple of days after we explained what we were trying to do. They confirmed that it is a bug, and they would give us a fix. A couple of days later, we had the fix.
Which solution did I use previously and why did I switch?
We were using SonicWall firewalls. We found FortiGate better, and we switched everything. We decommissioned all SonicWall firewalls. One of the reasons why we changed from SonicWall was that its licensing was user-based and function-based. So, every time we did something, we had to add another license or subscription. The licensing of FortiGate is clear. We know what is the price.
We migrated last year from a typical MPLS network to a complete and only one network between the sites. For firewalls, we now have a few solutions in place in our headquarters. We have Fortinet Firewall Cluster, and on the remote sites, we are using Meraki firewalls that are being used as a router at the same time.
How was the initial setup?
It is easy to use.
What's my experience with pricing, setup cost, and licensing?
Its price is reasonable. They have a clear pricing policy. It is not complicated by the number of VPN users at a time. We know what the price is. The yearly subscription for the security license is rather high, but it is all included for whatever number of users you have and the kind of functions you need.
What other advice do I have?
I would rate it a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Fraud Risk Analyst at a university with 1,001-5,000 employees
Easy to use, stable, and scalable product that provides protection against internal and external threats
Pros and Cons
- "Fortinet FortiGate protects against internet-based threats, both internal and external. It is scalable, stable, easy to use, and easy to install."
- "This product needs to have an analysis feature, rather than having the analysis done through the integration of a different product."
What is our primary use case?
We use Fortinet FortiGate for the internet, particularly to provide protection against internal and external threats.
What is most valuable?
What I found most valuable from Fortinet FortiGate is that it gave us better protection against internet-based threats. Aside from giving us good protection, it is also easy to use, and it's fully automated.
What needs improvement?
An additional feature I'm expecting from Fortinet FortiGate is for it to have an analysis feature, rather than having the analysis done via integration with a different product.
For how long have I used the solution?
We have been using Fortinet FortiGate for six years.
What do I think about the stability of the solution?
I found Fortinet FortiGate to be a stable product.
What do I think about the scalability of the solution?
Fortinet FortiGate is a scalable product.
How are customer service and support?
I had issues with Fortinet FortiGate more than three years ago, and I opened a support ticket, and we were able to solve the issues. The support for this product was fast.
How was the initial setup?
The installation process for Fortinet FortiGate was very easy. Installation was done by one technician, e.g. one technician was enough.
What about the implementation team?
This product was implemented by a Fortinet partner.
What other advice do I have?
We've been using this version of Fortinet FortiGate: 300E. I also have experience with Fortinet FortiAnalyzer.
We have one technician in charge of the installation, and one manager in charge of managing this product. We have 500 users of Fortinet FortiGate, and we currently have no plans of increasing the number of users.
My recommendation to people looking into implementing this product is that they should use Fortinet FortiAnalyzer with Fortinet FortiGate to analyze the traffic.
My rating for Fortinet FortiGate is nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Fortinet FortiGate Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
Netgate pfSense
OPNsense
Cisco Secure Firewall
Sophos XG
Palo Alto Networks NG Firewalls
Azure Firewall
Check Point NGFW
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Untangle NG Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Fortinet FortiOS
Buyer's Guide
Download our free Fortinet FortiGate Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Looking Into Implementing a Web Security Solution.
- Cyberoam or Fortinet?
- Fortinet, Palo Alto or Check Point?
- What Is The Biggest Difference Between Cisco ASA And Fortinet FortiGate?
- Cisco Firepower vs. FortiGate
- We're trying to choose between Fortinet or Checkpoint UTM firewalls. Can you help?
- What Is The Biggest Difference Between Fortinet FortiGate and Meraki MX Firewalls?
- What Is The Biggest Difference Between Fortinet FortiGate and WatchGuard XTM?