We use this solution for our company firewall.
Consultant at WorldNet ICT Solutions Limited
Provides good security features, and generating FortiCloud reports is helpful to us
Pros and Cons
- "The security features are about the best that I've seen anywhere."
- "Technical support for this solution can be improved."
What is our primary use case?
What is most valuable?
This solution has many good features. The security features are about the best that I've seen anywhere.
I really like the fact that I am able to generate FortiCloud reports.
What needs improvement?
FortiWAN was supposed to help in doing intersite linking, but we've realized that most of the ISPs use BGP. FortiWAN supports OSPF but does not support the BGP protocol. This is a problem for us because without BGP they are not doing anything, and we've had to pack them up. I would like to see the BGP protocol supported on FortiWAN.
Technical support for this solution can be improved.
For how long have I used the solution?
We have been using this solution since 2017.
Buyer's Guide
Fortinet FortiGate
December 2024
Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability is very good.
What do I think about the scalability of the solution?
The scalability of this solution is fantastic.
How are customer service and support?
I've been in contact with technical support a few times and it is good. It might be better, but as far as I'm concerned, it's good.
How was the initial setup?
The challenge for the initial setup was at the ISP level. We have the Fortinet firewall running, but between the various sites, we wanted to implement FortiWAN. It didn't work because of the BGP issue.
What's my experience with pricing, setup cost, and licensing?
The pricing for this solution is good.
What other advice do I have?
This is a product that I recommend.
I would rate this solution a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ICT Administrator at a mining and metals company with 11-50 employees
Enables us to bring security into compliance with our policies
Pros and Cons
- "I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
- "Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area."
What is our primary use case?
Our primary use case is for our company firewall. We use it for intrusion prevention and anti-virus.
How has it helped my organization?
The internet filtering feature has really benefited my organization because we have a lot of things that go on illegal sites like auto torrents sites and a lot of streaming and downloads. We've been able to minimize the impact of bandwidth by filtering out media sites. This solution has also benefited us by bringing security into compliance with our policies.
What is most valuable?
I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good.
What needs improvement?
Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area.
There is a feature that Palo Alto has called Traps. It helps to prevent attacks on the system. A feature similar to this would be worth adding.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
It's very much stable.
What do I think about the scalability of the solution?
It is very scalable. We have around 200 users.
How was the initial setup?
The initial setup was not complex.
What about the implementation team?
We have had experience with enterprise firewalls and notably, we had experience with Fortinet, so the deployment was done in-house. We require four people for deployment and maintenance.
What's my experience with pricing, setup cost, and licensing?
Compared to Palo Alto, which we have used in the past, pricing and licensing are okay.
What other advice do I have?
I would advise someone considering this solution to learn the product. You have to get to know the product, don't just look at it from outside. Get to know the product, the ins and outs and see how you can actually use it for your scenario.
I would rate it an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Fortinet FortiGate
December 2024
Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Senior Security Consultant at SEE "Systems Engineering of Egypt"
It has very easy management and an amazing ETM configuration.
Pros and Cons
- "It performs very well."
- "It has very easy management and an amazing ETM configuration."
- "I would like to see more advanced developments of a wireless controller in the future."
What is our primary use case?
My primary use case of this solution is as a data center. It performs very well.
How has it helped my organization?
It has very easy management and an amazing ETM configuration.
What needs improvement?
I would like to see more advanced developments of a wireless controller in the future.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
I think the product is stable. It is amazing.
What do I think about the scalability of the solution?
It is amazing, but sometimes there are issues with Fortinet Integrations. But, I know they are now trying to rectify the problem.
How is customer service and technical support?
We have good technical support from the vendor.
How was the initial setup?
It was very straightforward. An easy installation process.
What other advice do I have?
I think when you look at this product, you must realize that the box hardware and software are vary stable. And, the pricing is perfect.
Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
Tech Manager at Global tec
It is a reasonably priced solution for this type of product. It enables productivity of our organization to go smoothly.
Pros and Cons
- "It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware."
- "I think the only issue that needs improvement is the interface."
What is our primary use case?
We primarily use this for the Security Fabric feature. It works together with other Fortinet products like FortiWeb and FortiMail, as well as with Amazon products. There is a lot of integration.
How has it helped my organization?
It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware.
What needs improvement?
I think the only issue that needs improvement is the interface.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
It is a very stable product.
What do I think about the scalability of the solution?
Sometimes the solution is not scalable.
How is customer service and technical support?
Our experience with technical support has been very positive.
How was the initial setup?
It was very straightforward an easy for us to initially install.
What about the implementation team?
We always consider:
- Price
- Product success
What's my experience with pricing, setup cost, and licensing?
The price, in comparison to other products is very cheap.
Which other solutions did I evaluate?
Other products considered were Sophos and CiscoMaraki.
Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
Works at El loco hugo
It has improved our organization with control data
Pros and Cons
- "It has improved our organization with control data."
- "The reports are very basic."
What is our primary use case?
We use it because it is a good device.
How has it helped my organization?
It has improved our organization with control data.
What is most valuable?
The rules.
What needs improvement?
The reports are very basic.
For how long have I used the solution?
More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Consultant at Unify Square
FortiGate security appliances provide UTM security in a single device with a good administrative interface and performance
Pros and Cons
- "A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside."
- "With FortiGate, the main complaint that I have heard is about the technical support."
We're discussing a family of UTM (Unified
Threat Management) appliances. FortiGate is a term which includes a wide range of products,
starting with small ones dedicated to small offices, and developing into devices which are able to grant security and networking for large companies. The
family includes physical devices and
virtual machines, which grant network security on different layers using a
single point of control. FortiGate is optimized
to avoid bottlenecks or delays while the various controls are performed. High availability is also part of the available
features with various solutions to avoid single points of failure.
In the following short list, I will list some interesting points about the FortiGate solution.
1. Administrative Interface
If you are experienced with network security management, you are aware this activity requires interaction with many different software and hardware solutions from disparate vendors. In the aforementioned scenario, it is normal to have frequent updates to apply on the various products and to watch more than one monitoring tool to keep track of security events. The FortiGate solution includes all the controls you could expect using a patchwork of security products in a single device with a single administrative interface. It is your switch, router, firewall, VPN hub, antivirus, anti-spam, proxy, and endpoint security solution all-in-one.
If you define a network object or group for firewalling purposes, it will be available to define antivirus rules or internet browsing policies. There are two administrative interfaces:
- Web-based manager (a graphical interface usable through a web browser);
- CLI (a command line interface).
A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside.
If you have used appliances or firewalls from other vendors, often you have to use not-so-friendly command lines to obtain the exact result you need. With FortiGate, you will use the CLI seldomly and only for the most “exotic” features.
2. UTM, the Fortinet way
Unified Threat Management may be complex to manage, because you work on different protocols, at different layers and with disparate threats to consider. In FortiGate, you can have three great layers:
- Networking services (switching and routing, both static and dynamic);
- Network security services (firewalling, secure VPN connection, intrusion detection and endpoint security);
- Application security services (spam and virus controls, web filtering, application control and data leak prevention).
As long as you pay (and renew as it expires) the “bundle” license, you have all the aforementioned features available, including the updates for signatures and definitions coming to your appliance directly from Fortinet. You do not have to use all the available controls, but you are able to turn them on and off “On Demand”, so you could start with a simple configuration and add control layers when you feel more comfortable.
3. Virtual Domains
One of the available features include the capability of a FortiGate to support many Virtual Domains (VDOMs). VDOMs enable you to grant access to different companies with different administrators on the same physical unit. Each one will be able to keep their specific configuration with no impact on the others. What you are doing is creating “virtual units”, and keeping on a “root domain” which is used to manage the virtual domains. VDOMs add a lot of flexibility to the solutions that you are able to plan using FortiGate.
4. High Availability and Resiliency
There are four different ways to make a FortiGate unit have high availability. You could use a traditional “cluster” design with two or more units: FortiGate Cluster Protocol (FGCP), a solution with an external load balancer: FortiGate Session Life Support Protocol (FGSP), a Layer 3 resiliency solution like Virtual Router Redundancy Protocol (VRRP), or a Layer 2 solution like Fortinet Redundant UTM Protocol (FRUP). Again, we have a great deal of flexibility to design the best solution for our company’s needs.
5. The Dark Side of the Moon
It would not be fair to review a product omitting the negative points. With FortiGate, the main complaint that I have heard is about the technical support. My personal experience is the same as many people who are not happy with this aspect of the service offered by Fortinet. Often, your problem is diverted to local partners. I have to say that I have had mixed results with them. While some partners are professional, many are not skilled enough and I have had costs that are not equivalent to their quality. This is the same issue with other vendors, but that is not an excuse. As long as Fortinet support sends me to a local reseller or partner, from my point of view, they are taking responsibility for their capabilities.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Consultant
Saved a bundle by not needing past appliances from an NGFW, however it needs better performance on bandwidth demands for smaller devices
Pros and Cons
- "Consolidated our network environment at all locations, but mainly at our datacenter."
- "One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering."
What is our primary use case?
Firewall/Web Filter management. We have over 30 sites, and it is imperative that one person (myself) can plan, implement, and deploy these devices to our sites and manage them when finished.
How has it helped my organization?
Consolidated our network environment at all locations, but mainly at our datacenter.
What is most valuable?
The web filtering was the most valuable, because at a school board, we need to make sure the students are not tying up our bandwidth and also to keep the bad guys out.
What needs improvement?
One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering. Each manufacturer has their own way of filtering and each one needs improvement in categories, URL, and/or application filtering.
For how long have I used the solution?
One to three years.
What was our ROI?
We saved a bundle by not needing all the past appliances from an NGFW.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Consultant Information Technology at a tech company with 51-200 employees
Delivers what it promises when it comes to performance, stability and security functions.
What is most valuable?
The web content filtering and application control allow us to control which websites and online applications our users can access and those they cannot, thus preventing access to pornographic sites, online gaming sites, social media and many others during office hours.
The application control reinforces the blocks, preventing, for example, users from using specific applications to bypass the web content filter blocks. An example is a user running the UltraSurf proxy, attempting to access banned sites. With the application control function, FortiGate is able to prevent the operation of this application.
IPS - Intrusion Prevention System: It is the main component that detects and blocks hackers and malware attacks.
Other valuable features are SSL VPN and WAN link balancing.
How has it helped my organization?
It provides real security for business customers.
What needs improvement?
The reports provided by the equipment could be more detailed, and not so dependent on the FortiAnalyzer.
The FortiGate internal reports are good, but could have more details and options for viewing certain network data. For the client to get the richest reports, they need to buy the FortiAnalyzer appliance or hire FortiCloud service. These two aim to catch all of the FortiGate logs and turn them into friendly reports, many of which are not present in FortiGate itself.
For how long have I used the solution?
I have been installing and configuring this product for at least 10 years with different companies, including other models such as the Fortigate 60D and 80C.
What do I think about the stability of the solution?
The product has always been stable and performed quite well.
What do I think about the scalability of the solution?
I have not encounter any scalability issues.
How are customer service and technical support?
Technical support is very good. Fortinet professionals are well trained.
Which solution did I use previously and why did I switch?
For commercial UTM solutions, I have always worked with Fortinet; I had no reason to trust another third-party solution.
How was the initial setup?
It's simple: Just turn it on, access your Web console via the default IP address and then perform the settings.
What about the implementation team?
I installed and configured the 200D for one of my clients.
What's my experience with pricing, setup cost, and licensing?
The full license is UTM Bundle Full Guard. The license fee varies according to the Fortigate model; prices can be low or too high.
What other advice do I have?
If you need real and effective security for your network, do not hesitate to buy a Fortigate appliance. It is no wonder that it is the best according to Gartner, for several years running. It delivers what it promises and more when it comes to performance, stability and security functions.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Buyer's Guide
Download our free Fortinet FortiGate Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
Netgate pfSense
OPNsense
Cisco Secure Firewall
Sophos XG
Palo Alto Networks NG Firewalls
Azure Firewall
Check Point NGFW
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Untangle NG Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Fortinet FortiOS
Buyer's Guide
Download our free Fortinet FortiGate Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Looking Into Implementing a Web Security Solution.
- Cyberoam or Fortinet?
- Fortinet, Palo Alto or Check Point?
- What Is The Biggest Difference Between Cisco ASA And Fortinet FortiGate?
- Cisco Firepower vs. FortiGate
- We're trying to choose between Fortinet or Checkpoint UTM firewalls. Can you help?
- What Is The Biggest Difference Between Fortinet FortiGate and Meraki MX Firewalls?
- What Is The Biggest Difference Between Fortinet FortiGate and WatchGuard XTM?
I had my data speed compromise confirmed by my paid support subscription.