Typically, we use Fortinet FortiGate with edge devices for businesses.
We also use them to integrate with a SIEM product and we use it for detailed analytics.
Typically, we use Fortinet FortiGate with edge devices for businesses.
We also use them to integrate with a SIEM product and we use it for detailed analytics.
The most valuable feature of this solution is the analytics.
Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs.
I would like the licensing price to be better. It would be nice if it were less than 25 percent of the hardware costs.
I have been using this solution for fifteen years. We are an MSSP.
The stability is good.
With respect to scalability, it's good.
We have 15 people using this solution in our organization.
We contact technical support almost daily. They have good support.
The initial setup was not straightforward but not too complex. It's a bit of both.
For our organization, the licensing costs are approximately $7,000 per year.
Before choosing the Fortinet FortiGate, I evaluated other solutions.
I would rate Fortinet FortiGate a nine out of ten.
We have been using the FortiGate antivirus software for a couple of years, as of mid-July. The hardware solutions for the firewall, we have been using for less than a year.
We are using FortiGate 80E for a medium-sized office. I am pretty satisfied with it. It has performed well. The primary use is to protect the internet traffic for a medium-sized office, up to fifty users, using a local domain with a not so intensive cloud traffic. Generally, it is just to protect the internet access for all the users in the network.
Also, we are using VPN at external locations to the office, which FortiGate supports.
It give us the liberty to let us do our jobs.
At first glance, the interface for the device is very confusing. However, every version is getting better.
I have had no concerns with the stability so far.
We have been in no position to upgrade our number of users. So, I cannot judge this aspect of the product.
They provides local support. I have been using them only for some site blocking. They are pretty efficient in this. They say they will respond in 24 hours, but I have received responses in a maximum of one hour, which is impressive.
We had a server acting as our service-based firewall, so no solution for firewall.
FortiGate is my first actual solution for firewalls.
The initial setup was very straightforward.
It provides mid-sized company pricing.
Most important criteria when selecting a vendor: We have specific procurement rules, then we specify the technical specifications. After that, whoever is cheapest should get the job.
The main use is to protect from outside attack, from any side. Because we work with sensitive data, we have to protect our work. We use it mainly for security, not only for content control.
We have peace of mind. We do work in a very dangerous environment, the internet, and this device gives us alerts. It gives us the opportunity to know what is going on.
The filtering that you can do with the firewall.
I would like to be able to do segmentation, for a specific user, with more priveledges. I would also like to see an easier user interface to implement that.
Sometimes we found that the traffic to the internet froze, I don't know exactly the reason. The only way to get it to work again was to turn it off and then run it again, a hardware reset. Overall it is a very stable platform but sometimes there is this problem.
The scalability is fine. The problem is the licensing. To do more you have to pay for it. In this market, where you can find a lot of devices to do the same things, to charge for them in the license is very difficult. Also, sometimes Fortinet changes their products, they drop devices from the market very quickly.
We have guys who are certified to work with Fortinet, so right now it's fine with them. We never really have serious problems, something to escalate to Fortinet. Only when there is a very difficult issue with the performance or something like that have we had to go to Fortinet, but it has been great.
One of the main reasons we're considering switching from FortiGate is because many companies have a lot of features and you don't have to pay for. If you compare side by side, you find a lot of things that new brands do as well for fewer dollars.
When selecting a vendor the most important factor is the prestige of the vendor. Also the cost, renewing licenses. Our customers are looking for more features for less cost. We have to look at what is going on in the market, who the main players are, who is doing well, and who has a good reputation.
I was not involved in the initial setup of the devices. I only had to check it out and make sure it was working fine. But I saw the guys working with the configuration. Occasionally they had to reference the manual but had to find the answers on Google.
Fortinet and Sophos are the main players for this type of solution.
I would rate FortiGate at seven out of 10 because, although they are doing well, the problem is the licensing, the cost is too high, and how they support their own devices needs improvement. They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost. FortiGate is a great product but they have to look out.
My advice would be, look at the time on the market. FortiGate is doing well, but right now they have many competitors that are doing well.
We use Fortinet FortiGate for the internet, particularly to provide protection against internal and external threats.
What I found most valuable from Fortinet FortiGate is that it gave us better protection against internet-based threats. Aside from giving us good protection, it is also easy to use, and it's fully automated.
An additional feature I'm expecting from Fortinet FortiGate is for it to have an analysis feature, rather than having the analysis done via integration with a different product.
We have been using Fortinet FortiGate for six years.
I found Fortinet FortiGate to be a stable product.
Fortinet FortiGate is a scalable product.
I had issues with Fortinet FortiGate more than three years ago, and I opened a support ticket, and we were able to solve the issues. The support for this product was fast.
The installation process for Fortinet FortiGate was very easy. Installation was done by one technician, e.g. one technician was enough.
This product was implemented by a Fortinet partner.
We've been using this version of Fortinet FortiGate: 300E. I also have experience with Fortinet FortiAnalyzer.
We have one technician in charge of the installation, and one manager in charge of managing this product. We have 500 users of Fortinet FortiGate, and we currently have no plans of increasing the number of users.
My recommendation to people looking into implementing this product is that they should use Fortinet FortiAnalyzer with Fortinet FortiGate to analyze the traffic.
My rating for Fortinet FortiGate is nine out of ten.
We use this solution for mid to large enterprise companies with around 500,000 users. We are resellers of this solution based in Pakistan and we have a partnership with Fortinet.
I like the security that Fortigate offers; it has great URL filtering with a next-generation firewall that can do internet routing, plus give us advanced layer seven application control. It offers good features.
I'd like to see training provided for new features and upgrades, it's not currently available. They really need to work on their support. There's a huge market for enterprise business right now and Pakistan is focusing on network security. Fortinet lacks local premium support.
We've been using this solution for six months.
This is a good, stable solution.
The solution is scalable for enterprise companies.
We have two or three local engineers that help us with deployment.
My one piece of advice would be to spend time planning, rather than just purchasing a product and proceeding to deployment. It's important to research the features, read their community postings regarding bugs because it's something that might hit them in the future.
I rate this solution eight out of 10.
When trying to move from MPLS to SD-WAN they have a very good SD-WAN offering.
The solution integrates well.
It has high-quality security features.
It provides a full end-to-end security suite.
The security of the solution is good.
The solution could have licensing fees reduced in the future.
I have been using the solution for 5 years.
It is not common for the solution to become unstable, but it does happen. The good thing is, they constantly release updates. If the version you are using has a bug, in the next version it definitely will be fixed.
The solution is highly scalable because they have devices that can handle a large amount of traffic. The VM version with the hardware appliances is widely scalable. It can handle small businesses to large scale enterprises. In terms of mode of deployment, you have VM, hardware appliance, and cloud. There is cloud management as well that is scalable. It can suit a number of deployment scenarios.
We currently have 50 employees using the solution, some of our clients that have deployed it has 1000 users and it has not given a problem.
The customer service was very fast to respond to our needs.
The installation is not difficult but there is a learning curve, it becomes easy over time.
The basic installation took approximately two days. A more complicated scenario can take even up to two weeks. Depending on the options that you are looking for, there are many things you can consider. If you are looking at a complex design then you are going to take more time.
I did the deployments myself with one other technician.
The pricing of the solution is very competitive. The license price can vary depending on the product you have and the different types of licenses you need. For example, they have an enterprise and UTM license. It depends on the type of license and the size of the company.
Fortinet has a product that can cater to any area of the security market. For example, application firewall and authentication products.
I would recommend this solution to others.
I rate Fortinet FortiGate a nine out of ten.
It's good for what it is. I could achieve the same results with a pfSense firewall. This one just comes in a nice hardware package.
Better documentation about usage of the CLI. I learned most of what I know in diagnostic functionality through saving SSH sessions with the customer support staff while in WebEx sessions.
I have tried looking up the manuals. They are OK in some respects, but I feel exhaustive documentation about the CLI "with examples" should be there, and I feel it's not.
I'm saying, hey lets consolidate some of the primary real world scenarios like:
Section A: - Troubeshooting B2B VPN peering with a business partner or client when initially setting up the VPN tunnel.
Inevitably, there are always quirks and nuances between the fortigate vendor versus peering with a Palo Alto or an ASA firewall or even a Juniper SSG.
Imagine providing all steps, command line syntax, and GUI (if available) and how to take steps to debug the flow and see what's failing.
Sometimes it's super hard to figure out what's wrong with a fortigate VPN unless you know the commands on the CLI to see the flow and how to interpret it.
If they had all the methods / syntax and the "how's and why's" for a scenario; even possibly an instructional video showing how via the CLI and gui alongside the documentation. It would be like the pearly gates had opened and I had gone to heaven.
I have used it for three years.
I never encountered any stability issues. It is a very stable product.
Scalability's not been an issue for my org. We only utilize it for certain applications.
Technical support is excellent, although it can be a bit difficult to understand the tech. As with most support staff from almost all vendors now, the support comes from somewhere across the pond.
On the site where the FortiGate is stationed, it's never been changed out.
Initial setup was straightforward.
Buy the support package! Upgrades, advice about upgrade paths, and troubleshooting help is paramount. There have been some times where, without it, I'd have been dead in the water.
This was an in-place firewall when I integrated the site to my org.
Figure out what features you want, and what policies you want. Look up how to do it in advance, and create an implementation plan.
Plan for policies, routing, NATting, etc. Create a step-by-step process in advance, possibly create the environment in a DEV sandbox, test it, then implement.
It has a good feature set. However, sometimes you are forced to solicit technical support to get it working.
Also, I find the web interfaces sometimes do not display things properly.
The major function of this solution is traffic shaping for end-users. You can use a specific appendix for the specific manager.
We are using the latest version of the solution: 100D.
The solution is deployed on-premises.
From the firewall perspective, the rules and policies are very sufficient and easy to use.
The solution is very expensive.
It's very stable.
It is scalable.
The support is very good. They respond on time and are professional. From a technical perspective, they're good.
It's easy to set up.
For maintenance, if you want to add a mesh configuration, you can restore your configuration from the backup.
Most people prefer the functions and capabilities in FortiGate, but compared to other solutions, it's expensive.
The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D.
I would rate this solution 10 out of 10.
It's a very unique and efficient product for a security firewall. The only comment I have is that the price is expensive for small companies or startup companies.
Great review. I was going to disagree with you about the CLI documentation, but I found that the examples are really missing for the common use cases, as you stated, so I had to agree.
The cookbook is getting better, but it's not yet comprehensive enough. Very good platform.
I also wish there were elements that you could rename without having to reload an entire config, but I am happy that you can easily search/replace a config and then replace it.
-ASB