Fortinet FortiGate Reviews

I am using Fortinet FortiGate as a firewall appliance.

The most valuable feature of Fortinet FortiGate is URL filtering.

Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI.

I used Fortinet FortiGate within the last 12 months.

Fortinet FortiGate is a stable solution.

I have found Fortinet FortiGate to be scalable. We have not had any problems.

We have approximately 150 people using Fortinet FortiGate in my organization. Everyone is using it.

I rate the technical support from Fortinet FortiGate a three out of five.

There is room for improvement.

We have used many other solutions, such as Check Point and Cisco Firepower. I have found Fortinet FortiGate is much easier to configure. However, some others solutions have more functionality, such as Check Point and Cisco Firepower.

I rate the initial setup of Fortinet FortiGate a four out of five.

If we properly designed the installation beforehand, the installation would take us 10 to 15 minutes.

We did the implementation in-house.

We are on an annual license to use Fortinet FortiGate.

I rate the price of Fortinet FortiGate a four out of five.

I would recommend this solution to others.

I rate Fortinet FortiGate an eight out of ten.

Any time a firewall is deployed at a customer site, we'll use the intrusion detection, mostly on the input side, on VPN connections, as well as forward connections and established related environments. If you go to a website, you want to be sure it returns the content that it should, for instance. So we'll use IPS both for user traffic originating from behind the firewall, inbound NAT PAT, as well as for VPN connections. We are partners with Fortinet. 

Integrated management would probably be the most valuable feature. I can take a single FortiGate and manage switches and access points from a single login. I think it's on par with a Palo or a Check Point. I also like their sandbox. The solution covers what we need for most environments, whether small, midsize or enterprise. That aside, the user interface is pretty good and the packet capture works fairly well. The CLI is their own flavor of everything, but that's going to be true for just about anybody that's out there. IPS has widespread capabilities.

The biggest problem we have is the way they handle virtual IPs. It's not handled well at all and even pfSense handles that better. There are three different ways to configure it, depending on whether it is an internal or a through process, and it's just unnecessarily complicated. It would be nice if everybody got together and agreed on some language in their CLIs, but that's not going to happen. If you only dealt with one product on a regular basis, then the problem wouldn't be as evident.

I've been using this solution for many years. 

Scalability is relative because a given platform only has so much horsepower. It's not too bad to move from one platform to another, as long as they're on the same software rev. If they're not, then you run into the typical hassles where a backup from an earlier rev doesn't cleanly install on a newer rev. It would be nice if that was a little bit cleaner. 

The customer support is excellent. The first-line tech support is pretty quick about establishing whether they're going to be able to address a given problem. They can often escalate it on the phone, but they're also pretty good and timely if you're going through email. Once you have somebody assigned, it's pretty good.
We also have great local engineering support here in North Carolina. 

The initial setup isn't too complicated for a single WAN. You have to assign your name, your address, set up your aliases and then build rules. I think the VPN configuration could be a little simpler, but it's no harder than setting it up on a SonicWall, for instance. The setup can be done in less than an hour, including running updates and registration. A single person can deploy 10 switches, a pair of FortiGates in HA, and let's say 10 access points. One person will do the programming and then all installation is done by two specialists by code.

Fortigate is as cost-effective as its competitors. As the boxes get big, it gets pretty expensive but that's for large organizations that have a substantial IT budget.

My advice is to go through some basic training before trying to take it out of the box because the language that's used to configure FortiGate is not the language used on the Cisco ASA or on WatchGuard, or Juniper. The language is a little different so what you think you're configuring and what you're able to configure are two different things. The way that the policies are applied is different than it is from other boxes. So just because you have a technician-level cert with Cisco, you will not be able to successfully configure a VPN on a FortiGate. 

I rate this solution eight out of 10. 

We use Fortinet FortiGate for web filtering, IPS reporting, and firewall policy routing.

What we like about Fortinet FortiGate is that it's fast. You can also use it immediately, e.g. you don't have to wait and apply the policy before you can use it. It's robust and offers immediate usage, unlike Check Point, which we noticed was a slow product.

Fortinet FortiGate is also more secure, depending on how you set up the SD-WAN technology.

We also like the zero trust access, arrays, and the EDR features on this product. It's also 100% more user-friendly, e.g. even when I worked with them configuration-wise. The availability of the support hotline and their knowledgebase articles, e.g. the Cookbook, help a lot. Those articles are accessible to everyone, and they're free.

Whenever you implement a solution, you can run through Cookbook, then you can install the Fortinet certificate if you aren't able to, if you're stuck, but most of the time you are likely to get it right. The Cookbook explain everything straight to the point, and this makes it much easier.

Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%.

I've used Fortinet FortiGate for three years, and the last time I used it was last year.

The product is very stable. It's a powerful product.

Fortinet FortiGate is a scalable product.

Installing Fortinet FortiGate is straightforward. The Cookbook tells you where the issue is, then the packs that come with the software, they are quick to advise on what bugs you can expect, and how those bugs can be fixed. I enjoyed installing the product.

The initial setup for Fortinet FortiGate took less than a week. We spent another week migrating the policy, or recreating the policies on the new object, because of the incompatibility with Check Point. We had to recreate the policies, otherwise, the change was quick, and we just had to mount them and connect the HA link and the other internet link. The setup was quick.

The product has different licensing models, depending on what you're going to do. For the IoT service, initially the program was for free, then the IoT service and the mix firmware that we had, we had to pay.

Services are separate in terms of Fortinet FortiGate license models, e.g. you could have IPS, AV scanning on high availability, etc. The license could be on annual renewal.

I evaluated Check Point, but my problem was that it was too slow to install, and you have to wait long while your environment is down. With Fortinet FortiGate, it was instant. Fortinet FortiGate is very easy to install, unlike Check Point. Fortinet FortiGate is a better product.

I have experience with Fortinet FortiGate. I used to manage the product in the past, but in a different company. I transferred to another company into a new position, and Fortinet FortiGate is being used in my current company.

This product can be deployed both on-premises and on cloud. We use version 300E for on-premises, and VM04 on cloud.

They are doing a lot of things to improve Fortinet FortiGate, that I can't think of anything else I'd like added to it. There's zero trust access, the EDR, and the arrays. I can't really say that there's anything that they have not started. They're able to provide what I want.

We started with 100 users of Fortinet FortiGate in the company, then it went up to 270 users, because we also had a child company with end users of this product.

We didn't have to contact technical support for Fortinet FortiGate, because we had a third-party guy who was helping us, and we seldom contact him. If we find an issue, we just email, and he'll write back to us. We also get advise on the old firmware, for example, that there's a higher chance it's static and could be affected by vulnerabilities. Any help was done quickly, and it was nice. Nowadays, we are doing all the work, e.g. not having to contact our third-party guy.

We don't really need a team for deployment and maintenance. There's another engineer we're sharing ideas with, otherwise, deployment and maintenance are both very straightforward. You just need to know what you're doing, e.g. a good path, IPsec channels, etc., and it'll be much easier.

I can recommend Fortinet FortiGate to others, especially because I understand it the most now. We do know everybody won't choose it, because Check Point, Cisco, and other competitors are coming up with robust devices. Everyone wants to win against their competitors, but I'm happy with FortiGate. It's a product I can recommend to others.

I'm rating Fortinet FortiGate a ten out of ten, because it doesn't give me any issues. It's very easy for me to rate it a ten.

We are using it in our data center. It is being used at the perimeter of our data center to protect the applications that we have inside the data center. We are at the beginning of its installation in our data center. We have recently installed a new cluster for IPS functionality, and we have to check if this cluster does the job.

We are using its latest version.

The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful. 

It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features.

It is quite a new product for us. We started using it only about six months ago.

Its stability is okay for us. Since we have put this new cluster, we haven't had any problems or crashes. It's okay for us from this point of view.

We got this firewall just less than a year ago, and we hope to see good performance in three or four years.

There are around 10,000 people in our company, and they are all using FortiGate because they all need to go through this cluster of firewalls.

I have not yet interacted with them. That's because we didn't encounter any important issues. When we have any technical questions, our partner has been able to answer our questions. So, I don't have any experience with Fortinet support.

It is straightforward at the beginning.

We worked with a partner. Usually, when we have a project, we do the initial setup with this partner. After that, we are able to manage the firewall without any outside help. 

Its pricing is competitive with other solutions.

We chose it after comparing different solutions on the market.

I would recommend this product. It is very easy to use. We are happy to use this product.

I would rate it an eight out of 10.

We are using FortiGate as a perimeter firewall.

It is our perimeter firewall. URL filtering, IPS, and antivirus features are most valuable.

It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box.

Their support can be improved in terms of the response time and the quality of support.

There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision.

I have been using this solution for two years.

It has been very stable over the past two years.

I have no problem with scalability. When I need to add any device, I just find and add it to the network. I have no issue with the count of devices. I can buy a license and add whatever devices I need to add. Currently, I have no issue with the scalability of this firewall, but if I reach the maximum limit, I need to exchange the box or just add licenses. We currently have about 1,000 users.

I have contacted them many times. My experience with them was good, but their support can be improved overall. I would rate them a three out of five. 

It was very simple.

There was a partner supporting us. Our experience with them was very good. I would rate its setup experience a four out of five.

For maintenance, we currently have a team of two people, but it may be extended to three or four.

It has been two years. I don't remember the actual price, but it was affordable.

We buy the boxes and then use the license for three years.

I would recommend this product. It is a very good product to be used as a perimeter firewall.

I would rate it an eight out of 10.

We have been using it for our internal infrastructure, but mainly, we are providing it as a service to our customers.

In one of the use cases, a customer is using FortiGate, and they also use FortiAP. To collect the usage and monitor the traffic, they use FortiAnalyzer. So, they have FortiGate, FortiAP, and FortiAnalyzer. It is not a very big deployment. It is a midsized company with less than 50 people.

The UTM feature is quite good. FortiAP is easy to deploy because both Fortigate and FortiAP are under the same brand. Otherwise, you need to do more work on the configuration.

Price, of course, can always be more competitive or better.

If a customer has a requirement for firewall, security, WiFi, and analytics, it is good if we can propose a solution from the same vendor, but we have found that no distributor in Hong Kong has sufficient knowledge to deploy Network Access Control (NAC) solutions. They have a wide range of products, but apart from the popular ones, such as a firewall or an AP,  there is not sufficient support here in Hong Kong for NAC solutions.

I have been using this solution for more than 10 years.

It is reasonably stable.

Our customers are mainly small to medium businesses. I really didn't have a chance to scale it up. We have a customer with two subsidiaries on the same floor. They are changing from traditional features to SD-WAN features. Based on what I heard from my colleagues, migration work is quite smooth, and there are no big issues.

I'm not doing hands-on work for the projects, but from my colleagues, I haven't heard of any delay or incompetency in support.

It is quite easy. The duration depends on the complexity. If you are using a firewall from one brand and WiFi from another brand, then you probably would need more time to do the setup. Overall, the saving is around 25% in terms of labor hours.

Their licensing costs are annual. The UTM feature license along with their support is called FortiCare. We include that as a part of the annual maintenance cost. Palo Alto or Juniper also have an annual subscription charge for UTM.

Price, of course, can always be more competitive, but it is not the most expensive product. The price-performance ratio is quite high for FortiGate.

I would recommend this solution to others as well as to our existing customers who are not using FortiGate. I would rate it an eight out of 10.

I am using Fortinet FortiGate as a perimeter internet firewall.

The most valuable feature is the FortiManager for centralized management.

Fortinet FortiGate could improve if it had a cloud-managed solution.

I have been using Fortinet FortiGate for approximately 10 years.

Fortinet FortiGate is approximately 80 percent stable.

The scalability of Fortinet FortiGate is good.

The technical support from Fortinet FortiGate is terrible. They can improve.

The presales, account management, and post-sales are the three worst things about Fortinet.

I have previously used other solutions such as Cisco, Check Point, and Palo Alto.

The solution I would recommend largely depends upon the environment it is being implemented. We tend to mix and match firewalls, but Check Point tends to be,  easier to manage, but more expensive. Their support is much better than Fortinet's when it comes to pre-sales and post-sales.

The price of Fortinet FortiGate is better than Cisco, Check Point, and Palo Alto. In terms of pricing, it's probably a better-priced firewall solution overall.

I rate Fortinet FortiGate an eight out of ten.

We use Fortinet FortiGate for a UPP solution. For example, DNS filtering, IPS, and VPN access.

The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment.

The management UI is more user-friendly than Cisco's solution.

Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information.

I hope that Fortinet FortiGate provides a software define network(SDN) solution.  and provide the interface for the user. If we have the SDN interface we can develop our system to manage Fortinet devices.

I have been using Fortinet FortiGate for approximately one year.

Fortinet FortiGate is a stable solution.

I have found Fortinet FortiGate to be scalable.

Our company is across many locations. For example, Europe, South America, America, China, Taiwan, and Asia. At this moment all of the sites are using Fortinet FortiGate. There are approximately 10,000 users that are using Fortinet FortiGate.

I have not used technical support.

I previously used Juniper. I did prefer the Juniper OS but not anymore because the Junos firewall seems not to be very stable. Since Juniper had stability issues is why we went with Fortinet FortiGate.

There is a license to use Fortinet FortiGate.

I have evaluated other solutions, such as Cisco.

I would recommend this solution to others.

I rate Fortinet FortiGate a nine out of ten.