Fortinet FortiGate Reviews

We use Fortinet FortiGate for any of our customers or clients that need to have more security features built-in, whether licensed or not. 

For instance, if it's a medical firm doing VPN to ensure no traffic leaks, that would be a use case. We use Fortinet FortiGate for anything that needs specific features, such as SD-WAN or other security features, including malware checking and blocking. We also use it for Zero Trust.

It differs for everyone with Fortinet FortiGate, but one benefit was checking for malware on incoming traffic or security issues, compared to a users using a residential router off the shelf. 

The second benefit was properly dividing up the network, which helps us significantly.

Users benefit from a recognizable brand and good security features. 

Ease of use is one feature of Fortinet FortiGate, and the Cloud Controller and Cloud Connector are the second one; these are the two main features that are quite useful. For example, with the Cloud Connector in Fortinet FortiGate, if a user has an issue, we can see it directly without having to build a VPN tunnel or something of that nature.

From time of deployment, users tend to see benefits once there's a major event that stops. From my end, I see benefits right away.

For Fortinet FortiGate, their code development would definitely be something they need to improve on to reduce vulnerabilities that need to be patched. 

Additionally, if I were to suggest another improvement, it would be their competitive pricing.

I have had experience with Fortinet FortiGate for six years.

With Fortinet FortiGate, scalability is good; it's very easy to scale with them. 

The only downside is sometimes you can't just cut over, so if you go from a bigger model. Or if you need to upgrade the model, you would have to reprogram it, compared to just importing and exporting, which can be time-consuming. 

The scalability is easy with switches and access points that are basically plug-and-play for the most part.

I've never had a problem with Fortinet FortiGate support, so I'd rate it ten out of ten. However, if you don't have a support contract, it's not easy to get support.

I've dealt with many firewalls, such as SonicWalls, UniFi, pfSense, and Cisco. We found SonicWall very confusing for the average network engineer or network administrator. I don't recommend SonicWall due to its hard-to-find auditing process for exploits. Although they have fewer exploits, when they do occur, they're significant.

With Fortinet FortiGate, you can access the whole firewall, with no hidden spots. pfSense is great, however, it requires a lot of manual work and has no Cloud Connect or easy management from an MSP's perspective. 

Palo Alto is another option that's great, but their price point isn't for everyone, especially for medium and small businesses; a $10,000 investment doesn't necessarily fit into most budgets.

UniFi is another product we've started to use more alongside Fortinet FortiGate, as they have almost all features without a license, with advanced rules that are relatively inexpensive compared to Fortinet FortiGate's $1,500 a year. 

Fortinet FortiGate and UniFi are the two firewalls we primarily deal with. My opinion is that UniFi has better integration and oversight of the environments compared to Fortinet FortiGate.

From an average user's perspective, setting up Fortinet FortiGate is quite complex; most people don't understand the terminology, so I'd rate that complexity at a high nine out of ten. From an MSP's perspective, it's probably about a five or six out of ten in terms of difficulty; it's easy for us as an MSP. For the end-user, it would be really complicated. 

For Fortinet FortiGate, deployment takes approximately two to three hours.

From our side, as an MSP, we require one person for Fortinet FortiGate. That job role is network administration.

For Fortinet FortiGate, calculating the return on investment is complex. 

The ROI is seen almost immediately in terms of security and protection against malicious attacks. While you never really get your money back in terms of direct investment, you get the security and protection benefits immediately. 

Fortinet FortiGate provides cost savings since you wouldn't need extra security features; you don't have to have four other programs for all the other parts of the environment, as it takes care of most of that.

I'd rate the pricing eight out of ten. 

The Fortinet FortiGate security features cost approximately $1,500 a year. The firewall itself doesn't have a recurring cost. It's the security features on top of that that you pay for.

I recommend Fortinet FortiGate. 

It's always updating the security package and security features. 

I have not looked into the solution's AI features.

Overall, on a scale of one to ten, I would rate Fortinet FortiGate a nine. I'd recommend the solution to others. It's always updating its security features. 

Our primary deployment of FortiGate 3401E (v7.2.11-17.40) is as the perimeter and east-west firewall for four geographically distributed data centers, each secured with an HA-paired cluster. We handle over 500 Gbps of mixed Layer 3 to Layer 7 traffic across our data centers, where FortiGate 3401E appliances perform deep-packet inspection, SSL/TLS termination, and real-time application control to secure critical services.FortiGate enforces blacklists for unwanted apps and CVE-based signatures, isolates services via VDOMs (enterprise, core, billing, WAF), and automatically blocks zero-day threats using FortiGuard IPS feeds

Since deploying FortiGate 3401E clusters, we have observed:

Dramatic Reduction in Risk Exposure. Blocked peer-to-peer and unauthorized applications (e.g., BitTorrent) at the perimeter and east-west segments, eliminating a major source of malware and bandwidth abuse. Proactive IPS signature updates from FortiGuard closed zero-day and known-CVE gaps faster than our previous Huawei solution. Enhanced Visibility & Forensics. Full-packet captures and rich metadata logging in FortiAnalyzer enable sub-minute root-cause analysis of security events. Custom dashboards surface top-talkers and rule-hit counts, letting us fine-tune policies and prove compliance to auditors. Operational Efficiency. VDOM-based segmentation simplifies multi-tenant and multi-service management within a single chassis and no additional hardware required.

Analytics with FortiAnalyzer. Being able to pull in logs not just from our FortiGates but from all our other firewalls and then get them in one view has been a game changer. Whether I’m building an executive dashboard or doing a deep dive forensics session, I get everything I need without navigating consoles.Straightforward Application Control. FortiGate spots and blocks unwanted apps (eq. like BitTorrent or streaming services) with accuracy. Segmentation with VDOMs. We’ve carved our data center into four logical ‘mini-firewalls’ enterprise, core, billing, and WAF—all on one box. Each has its own rules and logs, and any traffic between them still gets inspected. It’s like having multiple appliances without the extra hardware. Always-Up-to-Date Threat Feeds. Daily signature updates and AI-driven threat sensing mean we’re blocking the latest vulnerabilities almost as soon as they’re announced.

The CPU spikes sometimes go up to 40 percent occur during background IPS updates, but there’s no visibility into which subsystem is responsible. Current Gap: Despite scheduling daily signature downloads, updates sometimes run outside the configured window triggering unplanned performance hits.

I have been working with Fortinet FortiGate for almost six to seven years.

six to seven years in production with only two brief downtimes
both incidents stemmed from firmware upgrade bugs and were promptly identified
infosec alerts and FortiGuard advisories guide our version choices
support response and resolution averaged four to five hours per ticket
instituted rollback validation and staging procedures to avoid repeats
outside of upgrade windows the HA clusters have delivered near-100 percent uptime

It is scalable.

For Fortinet FortiGate, I would rate their technical support a nine out of ten. Compared to other products, Fortinet FortiGate provides timely updates, even coordinating with engineers for coverage. I've worked with other products, so I recognize their strengths in terms of support.

Positive

our core perimeter and east–west inspection point was a Huawei Eudemon firewall cluster. While it handled basic stateful filtering it lacked Deep Packet Inspection Eudemon could not parse or enforce Layer-7 application contexts, leaving blind spots for evasive or nonstandard-port traffic. it also did Granular threat Intelligence, and it was limited, and updates were infrequent, delaying remediation of newly disclosed CVEs. Unified Logging and Forensics erm the Eudemon’s logging interface offered only summary-level records, forcing manual packet captures for any detailed analysis

implementation used FortiGate 3401E running firmware 7.2.11 build 17.40

partner provided detailed timelines and low-level designs that we followed step by step

grace period and dedicated engineer ensured any questions were answered immediately

cut-over executed without major issues or unplanned downtime

post-deployment support window allowed smooth transition to steady-state operations

overall process was seamless and delivered on schedule

There was involvement from a partner, although I can’t recall their name off the top of my head. I believe they were based in Nigeria. They were indeed helpful. They were great. Whenever we had an issue, we could call them at any time, and they would assist us promptly. They were genuinely helpful, no doubt about that.

I believe we purchased it through the third-party vendor they provided us with. So, the third party handled the purchase, interfacing with FortiGate, while we communicated with the vendor directly, if I remember correctly.

onboarded three times more customers without adding firewall hardware
cut network expansion capital expenses by roughly 40 percent through VDOM consolidation
reduced vulnerability remediation costs by about 60 percent thanks to automated FortiGuard updates
shortened policy-deployment time by over 50 percent, freeing up 10 plus hours of engineering effort weekly
achieved payback on the initial FortiGate investment within 9 months via increased tenancy revenue and lower OPEX

Check Point Infinity

Strengths- mature threat prevention suite, granular policy controls, strong management console

Weaknesses – high total cost of ownership, steep learning curve and management overhead at scale

Cisco Firepower

Strengths – tight integration with existing Cisco switching and routing fabric, robust SSL decryption

Weaknesses – underwhelming layer 7 DPI performance in our live 5G billing environment; fragmented logging requiring multiple consoles; protracted support cycles

Palo Alto Networks excluded from this evaluation to diversify our vendor mix and avoid single-vendor lock-in

FortiGate emerged as the best balance of performance, visibility and TCO after six months of PoC across four data centers

I like how the role-based access control with granular admin profiles reduces risk of misconfiguration in multi-team environments

automatic configuration backups and revision history simplify audit compliance and rollback in case of errors

built-in high availability health checks and session-sync ensure seamless failover during maintenance or hardware faults

Fortinet FortiGate is used on three separate sites: one in Tehachapi, one in Simi Valley, California, and one in Memphis, Tennessee. I work in distribution with Fortinet FortiGate. 

The primary feature I appreciate about Fortinet FortiGate is the ease of setup. It's more affordable than Cisco and very configurable. When discussing configurability regarding Fortinet FortiGate, I don't have to download modules to have features such as IPSec VPN or SSL VPN - it's already there. Most of the popular features are pre-installed and I only need to configure them, unlike with MikroTik where I have to download components that may not work, and with Netgate, I can't install everything I want without uninstalling other packages.

Fortinet FortiGate is very competitive compared to Palo Alto Networks and Cisco; they are better priced than both competitors. On average, Cisco would be 10% to 20% higher than Fortinet FortiGate, and the same applies to Palo Alto.

The AI with Fortinet FortiGate is not very well integrated on their devices, and their cloud infrastructure is not as good as Cisco's. 

The support is inadequate. The support staff I have dealt with lately are very rude. Some support staff are not up-to-speed with the technology. They basically read a script. If they don't know how to fix an issue, they send me to another engineer. 

I have used Fortinet FortiGate since 2012.

The support is inadequate. The Fortinet FortiGate support staff I have dealt with lately are very rude and some of them are not up-to-speed with the technology; they basically read a script. If they don't know how to fix an issue, they send me to another engineer. The last representative I had to deal with was very rude to me. 

Neutral

I wasn't involved in the decision of picking Fortinet FortiGate, however, before we switched over, we were using SonicWall firewall appliance.

I was part of the initial setup of Fortinet FortiGate. When it was originally set up, on a scale between one to ten, with ten being really easy to set up, I would rate it about an eight or nine.

When we first deployed Fortinet FortiGate, it was just me, and one person could actually deploy it in three sites, so it's relatively easy.

Once we deployed the last time, we actually moved our whole management of it to a third party. They manage our Fortinet for us now. It's supposed to be easy, however, during the last deployment, when they upgraded us, there was some project management snafu. That said, that's not a Fortinet issue. When I was deploying it, it was relatively easy. 

Currently, we are paying about $1,500 a month for three sites. We have a company that leases the equipment from Fortinet FortiGate, configures it, and I tell them what features I want on and off and how to secure it. We paid about $1,500 on the last contract, and it's probably going to go up this year.

I've also evaluated other options. Other than price, Cisco has a better cloud management infrastructure, while Palo Alto has better security features such as deep packet inspection algorithms and AI integration on their devices.

I would recommend Fortinet FortiGate if you have a small to medium business, which we have. For a large business with multiple campuses, Fortinet FortiGate is probably not going to work for you. 

On a scale of one to ten, I give this solution a rating of seven.

We are using it for perimeter security. By implementing Fortinet FortiGate, we wanted to have secure internet access to our network and prevent cyber risks.

The content filtering and URL filtering capabilities, along with packet content filtering, are very good. It helps us restrict internet traffic during working hours to legitimate work-related traffic. Workers are only able to access social media, YouTube, and similar sites after work hours.

It helps in protecting the edge significantly because we are able to determine what must be accepted and what must not be accepted. We also have FortiAnalyzer, which is the log analyzer for Fortinet FortiGate. Being AI-driven, it helps us see what is happening and new emerging threats quickly. We are able to make the necessary interventions to protect the network.

We are using QRadar as a SIEM, and Fortinet FortiGate integrates with it seamlessly. FortiAnalyzer picks all logs from Fortinet FortiGate, integrates with QRadar, and allows us to see everything. It also integrates beautifully with our EDR from WithSecure.

It also helps reduce power consumption. Fortinet FortiGate is a greener listing in terms of power consumption.

Stateful packet inspection is valuable. It also does SSL packet inspection. It is able to provide a VPN for remote users with secure connectivity. Being a next-generation firewall, it helps. 

It has been able to host internet feeds from two different ISPs, with one as a backup. We've two internet services on Fortinet FortiGate. We have been able to deploy it in a high-availability mode. We have redundancy. When there is a problem with one, the other picks up quickly, ensuring business continuity. 

I wish that they could integrate zero-trust technology into Fortinet FortiGate. I am not sure whether it has been done already, but if they could implement that, it would help significantly.

I have been using it for about ten years now.

Their support is good. 

Positive

I didn't use any similar solution previously.

I wasn't involved in the recent deployment. 

It was quite quick. The last deployment was more of a migration, where we migrated from an old platform to a new platform. It was a matter of hours because the configs had been backed up. In eight hours, we were done completely.

We had two people from my side and two from Fortinet's side.

If we look at the average revenue loss due to downtime, even if I conservatively put it at $10,000 an hour, we have paid back the investment within six months.

Compared to a sister company that did not take security seriously and lost significant money through ransomware attacks and outages, we have not experienced a single successful ransomware attack. In one instance, we were able to thwart an attack by detecting the initial steps quickly through EDR and FortiAnalyzer. We saw the footprints and stopped it before it reached the encryption phase of the ransomware attack.

The analysis being AI-based helped us quickly pick up unusual activity. Once alerted, we were able to quickly identify the affected nodes, isolate them, and stop the attack.

It has reduced the total cost of ownership by 10%.

For the performance that we get, the price is reasonable. There are cheaper options, but they may not deliver the same kind of performance that we want. For the performance they provide, the price is acceptable.

Currently, there is a project we are doing to converge OT and IT using Fortinet FortiGate, because of the cluster we have. Fortinet FortiGate is going to broker the convergence between IT and OT. We want to make the convergence one-way, with only read-only data coming from OT into IT.

They keep bringing new versions and firmware updates, making sure that their products are always relevant. They are always providing what the industry needs.

We have implemented FortiAnalyzer. We are also looking seriously at FortiIdentity to help us with enterprise single sign-on and multi-factor authentication. Because we already have Fortinet FortiGate in the system, we are seriously considering other Fortinet solutions.

I would rate this solution a nine out of ten.

The key use case that we and our clients work with Fortinet FortiGate is mainly the firewall part, the management part, and monitoring. These are the three aspects on which we are using Fortinet FortiGate.

We are using SD-WAN with Fortinet FortiGate, and it works pretty well. Multiple branches are connected to the head office.

We utilize Fortinet FortiGate data center solutions in most of the data center. Most of our clients are using data centers, so we use Fortinet FortiGate in the data centers.

On a regular basis, we help our clients to deploy the security fabric because compliance governance and audit come into the picture, and responsibility has to be decided.

In my opinion, the unique or most useful functions of Fortinet FortiGate are that it has a pretty simple deployment. It does not have any complex plugins or anything. It is very straightforward for configuration purposes. All of the configuration parameters are there in a single dashboard. Depending on your licenses, you can just configure them and then they are ready to go. The testing part is pretty easy. It is not more difficult than other firewalls.

My impression of the effectiveness of Fortinet Unified SASE is that it is pretty good, and all the products of Fortinet FortiGate are available in a single dashboard. There is less complexity for that.

I have experience with the Unified Agent in Fortinet Unified SASE. Most of the time, it is used with Unified Forti. We have multiple devices which we can connect through that. Most of the time when we deploy this, we have to deploy the agent. The agent has less overhead on the systems. Performance does not degrade for the end users. That is beneficial.

In my opinion, a potential area of improvement for Fortinet FortiGate is that while it has a pretty good dashboard, which is not an issue as such, when we talk about hardware parameters, sometimes the hardware gets pretty heated up. Given the amount of traffic going through it, that is fine. However, the heat of the hardware has to be looked into. Fortinet FortiGate firewall is good, but other products like the switching part and all that fabric, in handling very audio-video traffic, sometimes it struggles on the switching part, but on the routing part, it is fine. On the firewall part, it is good; there is no issue as such up till now.

Additionally, I suggest that Fortinet can add software which is in a controlled way, particularly regarding AI and ML. It should not happen that the AI/ML takes certain decisions which are not beneficial for the organization. The control should remain with the team members who are responsible for configuring this firewall.

I have been working with Fortinet FortiGate for more than 10 years, probably around 13 years.

For Fortinet FortiGate stability, I can say nine. It is pretty stable.

Positive

Regarding scalability, the ability to expand, I also rate it as nine. It is easily scalable.

Positive

Regarding technical support from Fortinet vendor support, I would place it at nine.

Positive

I have been with Fortinet for a pretty long time and with Sophos, as I mentioned previously. If I compare Sophos and Fortinet, I would consider Fortinet FortiGate for critical segments and Sophos for small and medium segments.

The initial setup for Fortinet FortiGate is pretty simple.

We are partners with Fortinet, and I can confirm that we are not just integrators, but we are also resellers for Fortinet.

We sell the product directly for the vendor, not through some marketplaces; we sell directly to our end users.

In my opinion, the main benefits that end users receive from Fortinet FortiGate are that the return on investment is good. Whatever money we invest in Fortinet FortiGate product, we get it back in two years' time. It is pretty secure, having very robust hardware and software. Updates are pretty good, and in the event of an issue, updates are pretty quick. It is a pretty solid product, with the amount of money we are paying out there.

The dynamic segmentation feature in Fortinet FortiGate is working fine. We have used it, and it is pretty good. The configuration timelines have reduced because of this particular product.

In terms of pricing, I would say it is pretty good, so we can say ten for that.

I confirm that it is reasonable money for that solution.

Regarding the integration of SD-WAN with Fortinet SASE on application performance for remote users, right now we are not using SASE from Fortinet FortiGate.

We will recommend Fortinet FortiGate to other users. It is totally up to the client requirements. I rate this review overall as nine.

I mainly use Fortinet FortiGate to implement it as a perimetral firewall solution because Fortinet FortiGate are next-generation firewalls. I use it to protect internal network customers and configure remote access, firewall policies, internal access websites, web filtering solutions, IPS, and IDS configurations.

I implemented it approximately one year ago in an Italian manufacturer producer. My perspective on the effectiveness of the unified SASE in providing consistent security policies across multiple locations is that it is very similar to Fortinet FortiGate, so if you know how to manage Fortinet FortiGate firewalls, it is easier and very easy to implement and configure FortiSASE.

For Fortinet FortiGate, it is very easy because it is very near to zero-touch provisioning. You need to install the box and if we speak about hardware appliances, you just need to install the boxes on the infrastructure and connect the cables to connect Fortinet FortiGate firewalls to the internet routers or MPLS routers, and configure basically the main IP address to have the connectivity. Next, you configure policy firewalls and it is very easy and very fast.

You can implement Fortinet FortiGate for small, medium, and large enterprise because it is very suitable for small and medium enterprise. For one to five or six firewalls on different branches or different sites, you can manage it manually and independently. But if you need to scale or have a large enterprise deployment, you can manage all Fortinet FortiGates directly in one panel with the FortiManager solution. There is a dedicated orchestrator delivered by Fortinet in hardware or VM solution, and with FortiManager you can manage all Fortinet FortiGates in one platform. For example, two years ago, I used to manage around 500 Fortinet FortiGates with FortiManager. It is very scalable with the correct solution and the other things you need to manage large deployments.

What I appreciate the most about Fortinet FortiGate is that it has a very large integration using Fabric, which they call Fabric Connectors. With Fortinet FortiGate firewalls, you can manage not only the perimetral firewalls but also all the internal infrastructure. For example, you can connect access points of Fortinet for wireless and Wi-Fi and manage them directly on Fortinet FortiGate. The same applies for switches and other Fortinet appliances that can be managed directly from one single dashboard.

Fortinet has developed the firmware for Fortinet FortiGate extensively. They change the operating system continuously and very often. Sometimes they introduce many features or new features or change the commands or the method you need to use to implement something or some configuration. The fact is if you develop always or very often the firmware, you need to study every release to see if there is a new feature or something changed. Sometimes it is difficult to remain aligned with the new firmware and the features.

You need to maintain alignment with Fortinet FortiGate. For example, in Europe, we have many policies and regulations, so you need to check, tune, and configure your firewall in the correct manner and maintain alignment with the policy of the European Union. You need to always check, improve, and maintain the firmware of Fortinet FortiGate up to date.

I have been using Fortinet FortiGate for seven to eight years.

Sometimes I experience stability issues, but sometimes they are related to hardware not functioning properly or related to a software bug. Sometimes I have encountered this type of situation using Fortinet FortiGate. But in those specific cases, I opened a ticket and worked directly with Fortinet to resolve the issue for the customer.

I have worked with the technical assistance of Fortinet for my seven to eight years of career with Fortinet, and I have opened tickets with different departments of the TAC. For example, the FortiSASE team is very effective. If you open a ticket, you have very good engineers to interact with, and they help in a correct manner. The flow is very clear to understand and resolve the issue. The only problem I have encountered in the last years with Fortinet is that if you open a support ticket for the main solution of Fortinet, for example, Fortinet FortiGate, FortiManager, or FortiAnalyzer, the support is not delivered directly from Fortinet but from partners of Fortinet. If you need to speak directly with the main core solution of Fortinet and you open a ticket, initially you are followed by a partner of Fortinet. But if you escalate to a more specific support, next you can go through a real Fortinet engineer. But sometimes this step extends the duration of the ticket and the analysis. I would give a score of 7.5 to 8 for the support of Fortinet FortiGate.

Positive

The first time that I deployed Fortinet FortiGate depends on the size of the customer. For a small to medium customer, I think three days for the initial setup and to configure some firewall rules is appropriate.

If you are a junior network engineer, you need to be followed by a middle or senior engineer in the backend that helps the junior to implement and test the solution. But for a middle or senior engineer, one person is adequate for deploying Fortinet FortiGate.

I do not follow the finance perspective directly, but what I know about Fortinet FortiGate pricing is that it is very affordable compared to, for example, Palo Alto Networks. I have observed that some people see and speak about the price of the Fortinet solution as very convenient.

I am a system integrator in Italy. Previously, until three months ago, I worked for one of the main partners in Italy called Maticmind SPA. Now I work for another system integrator, and we are a lower partnership, but we manage and install Fortinet FortiGate appliances for our customers. My overall review rating for this product is 8 out of 10.

We primarily use Fortinet FortiGate as endpoint firewalls for our campuses. Nothing too extravagant, just providing access out and limiting access to certain applications and restricting unauthorized access from external sources. I have recently been using it also as the controller for the wireless access points.

It is pretty straightforward to manage and has robust capabilities. I appreciate that Fortinet FortiGate can be a central controller for other Fortinet products, such as switches and access points. I have used its VPN abilities a little bit, but not a great deal. I appreciate that it has some SD-WAN capabilities, though I've only used that to a limited degree. It is a solid, usable, reliable solution. 

It's one of the more expensive brands.

FortiManager has not been my favorite. I don't use it and cannot say I really care for FortiManager for managing the firewalls. I primarily just access and manage the firewalls individually. Nothing else particularly comes to mind, as it has been a pretty good experience.

I have about four and a half years of experience with Fortinet FortiGate.

The stability has been very good. I have had very few issues. I had one unit that required some reboots and eventually needed a factory reset. But outside of one issue, I've never had stability issues or problems with them going down or disconnecting or having other issues. They have been very stable and reliable.

I have experienced no scalability problems thus far. We expand out with other campuses as needed. If there are any scalability problems, I think that would probably be with making FortiManager a little bit better. Otherwise, scalability is fine. 

We are a medium-sized business with 17 campuses. We plan to increase its usage. We'll probably continue with FortiGate for any other campuses that we extend out to, as well as keeping them when we do our hardware refresh.

Fortinet FortiGate has very good support. I've been able to contact them on a couple of things for FortiGate and other products, and I've never had an issue. They've always been polite and helpful and worked to get me to solutions. I've had a good experience with Fortinet support.

Positive

We've always had Fortinet FortiGate in place, so I don't have a previous firewall here to compare it to, but it has basically done its job. It's manageable, and it has not created a lot of problems. Only once, I had to call their support to apply a patch update across a couple of them. One of the best features is that it does not require a lot of extra attention for me to fix problems. It's not a problem generator, so that's probably the best quality.

I've set up several Fortinet FortiGate firewalls, and it's a pretty straightforward setup. I haven't ever really had any particular issue with getting them in place.

It's deployed physically at the locations for our campuses. To deploy one, it takes approximately an hour to program and then another hour or so to install. It can get deployed within three hours.

Just one person can manage Fortinet FortiGate; I'm able to manage everything by myself.

The implementation was done by me, one person. Sometimes I need to walk through someone else to physically install it because it might be at a site remote from me. If I'm not physically there, it requires a second person. However, if that was not the case, I could do it as a single person.

It's one of the more expensive brands.

The 100 series costs around $4,000. They are similar in pricing to what you might get from Cisco solutions and probably other similar ones. They're not more expensive than other similar solutions, but they're certainly not cheaper either.

The advice is to go ahead and try it out and see how it works. The product speaks for itself. 

I would rate Fortinet FortiGate a nine out of ten, as I always prefer to leave a little bit of room for improvement.

Fortinet FortiGate is strong in SMB and mid-market, approaching SD-WAN from a security perspective. Customers have requirements for internet as many are moving away from private connectivity and migrating to Teams, making security a top priority. They've chosen Fortinet FortiGate as it offers both a comprehensive security portfolio, including intrusion detection, deep packet inspection, and VPNs. It provides robust SD-WAN capability, eliminating the need for two vendors. Additionally, they offer a SASE solution for smaller sites where a virtual Fortinet FortiGate can be used instead of a physical one, saving space for retail locations.

These features resonate with small to medium-sized organizations, attracting more people to the Fortinet FortiGate solution since it's security-first while also providing SD-WAN capability. Unlike competitors such as Meraki that limit connections to two, Fortinet FortiGate allows up to 100 connections as their focus is on security rather than SD-WAN.

Fortinet FortiGate SD-WAN capabilities typically require redundancy depending on the carrier. There are two types of redundancy: network redundancy with different carriers, such as Bell and Telus, or Verizon and AT&T, both connecting to the same Fortinet FortiGate box. In traditional setups, when there were two connections, one would be active and the second passive, activating only during failover. This wasn't cost-effective as customers paid for both connections while one remained passive.

In the SD-WAN environment, both connections become active, allowing application-specific routing. For instance, voice traffic can be directed to one connection while data traffic uses the other. Rules can be created specifying alternative routes if the primary connection is unavailable.

The impact on service availability and overall network performance is significant. It provides customers with assurance against single points of failure. However, capacity management remains crucial. If both networks operate at 80% capacity and one fails, the secondary connection would face a 160% load, causing blockages. Ideally, connections should operate at 50-60% capacity to handle full load during failures.

Fortinet FortiGate has been successful and ranks high on the Magic Quadrant since they're innovators with appropriate pricing. They offer a best-in-breed solution for their target market. While they're not focused on large enterprises they excel in the mid-market SMB segment, offering comprehensive solutions from endpoint protection to VPNs and deep packet inspection.

Fortinet FortiGate has started implementing AI, however, it hasn't reached full maturity. Their AI solution doesn't compare to solutions such as Microsoft Copilot and SharePoint, primarily since AI relies on data, and Fortinet FortiGate focuses on perimeter defense and security rather than internal network data.

One notable limitation is the absence of honeypot capabilities, which competitors such as Palo Alto offer. These capabilities entice and trap attackers, allowing analysis of attack vectors. Fortinet FortiGate focuses purely on defense mechanisms without actively gathering intelligence about potential threats. This approach aligns with their mid-market focus, where such advanced threat intelligence features might be less critical than in enterprise environments.

I have architected Fortinet FortiGate over the last 12 months.

Fortinet FortiGate performs at 100% effectiveness when customers have the right skill sets and policies in place, making it a very reliable solution.

Scaling-wise, there have been no problems with Fortinet FortiGate. In the mid-market, which typically handles up to 50 to 100 sites and campus environments, there haven't been any scaling issues.

From an implementation and partner support perspective, Fortinet FortiGate's support deserves a rating of seven out of ten.

Neutral

The setup requires understanding of security and is not plug-and-play, but it isn't complex when implemented by certified Fortinet engineers.

We provide professional services to install Fortinet FortiGate through our Fortinet-certified engineers, who handle installation services for companies.

The return on investment is 100% guaranteed. Similar to car insurance, security investment proves valuable when incidents occur. For small businesses, average losses can reach $300,000 per week, while mid-market companies face potential losses of $500,000 to a million. This makes the annual security investment of approximately $100,000 worthwhile. Furthermore, cyber insurance requirements often necessitate solutions such as Fortinet FortiGate rather than simpler alternatives.

Fortinet FortiGate pricing varies based on hardware specifications, size, and quantity purchased. Many companies access these solutions through managed service providers, who add their management fees to the hardware and license costs. Due to security being a specialized skill set and the various types of attacks (phishing, DDoS, hacks), having Fortinet FortiGate represents just one component of the total security investment.

There's always room for improvement with Fortinet FortiGate, as no vendor achieves perfection. In their market segment, considering their offering and price point, they merit an eight out of ten rating.