Fortinet FortiGate Reviews

It controls the inflow and outflow of all the communication between different sites and so on. 

We are using its latest version.

We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs.

It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified.

When there is a change in the IP address from the ISP, there is some disruption in the service. So, we try to do it when we have the least number of people working, which means very late at night. So, for the time being, it is working fine.

We have been using this solution for nearly a year.

Apart from the disruption in the service because of the IP address change, it has been quite stable.

We are implementing it phase by phase. Initially, we had one VLAN, and then we added more. So, it is quite scalable, and we haven't had issues with it so far. It has been recommended by the vendor that the model that we have would meet our requirements for the time being. In two or three years, depending on how we expand and how many more resources are required, we might have to look at another version of the device.

It was the vendor who did the initial setup. It was done within the time range that was allocated for the setup. My guess is that it was straightforward.

We are still in the process of implementing the solution. The commissioning has not yet been done. What we had previously is now changed to a new solution and a new way of doing things, and this is still in the implementation phase. Our implementation is being done phase-wise. We do things and tune it until we are happy with it, and then we go to the next phase. So far, it's working fine. 

We have a relationship with the vendor. We discussed what we wanted to do and finally, we selected the product, and after that, it was installed and configured on our premises. 

We have a small team of three or four people for deployment and maintenance.

Its pricing is fine. It is on a yearly basis. Other than the licensing fee, there is no extra fee.

I would rate it an eight out of ten.

We primarily use the solution for security purposes. 

Some security features are used for side blocking and antivirus and application control and bandwidth control. These are important for us.

The initial setup is straightforward. 

It's a reliable tool.

The product is scalable. 

There could be more modifications. Some features are enabled, however, compared to Fortinet, some features are not easy. 

Sometimes the dashboard does not open properly. When we add more options, SD-WAN features, and user control features, the opening is very slow. It does not sync properly.

We've used the solution for one or two years. 

The solution is stable and quite reliable. There are no bugs or glitches and it doesn't crash or freeze. 

The solution is scalable. There is no hardware. There are many clients and we have not had any complaints so far in regard to the product.

Technical support is good, however, they do not respond quickly. They respond late. When we log the case, there's no priority with service. You can't get a response, for example, within an hour or two unless you have priority. Cisco, in contrast, divides its services into P1, P2, or P3. That way, if something is recognized as a P1, they get help much faster. 

I also work with Cisco. I'm also aware of Palo Alto as an option. 

The initial setup is straightforward and not complex. It's easy compared to Palo Alto and a few others.

Our deployment of Fortinet FortiGate took two years.

We are resellers. We are able to handle the setup and deployment.

We are resellers. 

The Fortinet 201 and 900 series are very good.

I'd rate the solution nine out of ten.

Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs.

I have been using Fortinet FortiGate for approximately 12 years.

Whenever we install a new release of an OS we should expect lots of bugs on the system that could break the system. Something that is working fine in the previous system, if we upgrade it, it could break it. Fortinet should work a lot on this to remediate it before releasing any OS. This includes any update and upgrade of FortiOS because I have seen issues when I upgraded, such as the memory and CPU jumping to 100 percent, and some or all functions were not operational. These bugs should be fixed in the firmware.

If there is a need for some upgrade or update on an existing system then I will plan ahead, but if it is not stable I will not do it. We have new releases being tested now and once they are rated stable I will upgrade.

I have found the support from Fortinet FortiGate very poor. I do not use them anymore because they are not very good. This is based on the support I have received from South Africa and India. However, the support from France I have heard was excellent. I only open support tickets for bugs.

I would rate the support from Fortinet FortiGate a two out of five.

I have previously used SonicWall, Sophos, Juniper, and Cisco Meraki.

The initial setup of Fortinet FortiGate was straightforward.

The time it takes to implement a firewall a large and small firewall is the same. It does not matter the size of the firewall. The complexity comes from the network and the scope of work that we need to do for the customer on the network.

If it is a large network, it will take us more time to deploy it, because there is more to configure. If it is a small network, it will take less time, but configuration-wise, it's likely the same.

I have deployed Fortinet FortiGate on my own. I have never needed help from any third-party consultant, or integrator. I work as a consultant and integrator for other companies. I provide my service as a consultant.

Fortinet FortiGate doesn't require a lot of maintenance if you deploy the system correctly, it will run well. However, you do need to have some security checks, auditing, and cleanup of the system, every month. It depends on the company policies. 

If you already deployed the solution correctly you should not have an issue. Maintenance is required, we do have some customers that are doing morning checks on memory and CPU, it does not take much time.

The license for Fortinet FortiGate is affordable in my country.

I rate Fortinet FortiGate an eight out of ten.

I am a project manager and I have implemented this product in several different projects. The deployments are for enterprise clients, government agencies, and several universities.

This is a complete security solution that we can offer to our clients.

It provides security EOT (Encryption of Things).

The most valuable features are simplicity, management, and that it's constantly evolving. 

Different modules offer different functionality including the facility for web application control, VPN, and complete security integration.

It is easy to integrate FortiGate with other products.

With the addition of some features, it is possible that FortiGate can be used in all verticals.

I have been working with FortiGate for 10 years.

FortiGate is a very stable product.

I have implemented FortiGate in approximately 200 projects, and it is a scalable solution.

It is primarily used by medium-sized and enterprise companies. Medium-sized companies normally have between 10 and 50 users whereas an enterprise will have more than 5,000.

The technical support from Fortinet is very nice.

I would rate them a five out of five.

I work with several products from Fortinet including FortiGate, FortiManager, FortiAnalyzer, and FortiSIEM. The selection of which products to use depends on the company.

We work with what we refer to as the Fortinet fabric.

We also have experience with products from Check Point and Palo Alto.

Fortinet is competitive price-wise.

One of our clients in space evaluated FortiGate in terms of pricing and integration, and they chose FortiGate.

I would rate this solution a nine out of ten.

Fortinet FortiGate is user-friendly. When it comes to firewall enterprise security and email security, this solution is at the top. It's better and it's affordable. If you compare it with some other email security like Mimecast and similar solutions, those products are better than Fortinet, but here in the Fiji region, Fortinet FortiGate has better service. In some other regions, this solution may not be doing well, but in Fiji, it's working out well. Fortinet has so many customers in Fiji.

What I'd like to be improved in Fortinet FortiGate is for it to have advanced WAF functionality. Even in FortiADC, WAF functionality is not supported for advanced attacks, e.g. mobile bot attacks. Fortinet FortiGate needs to improve its WAF function.

SD-WAN is also good in this product, but it still needs improvement, particularly in security. We saw some attacks last year, so they need to improve on that.

I've been dealing with Fortinet FortiGate for eight years.

There are some issues with the scalability of Fortinet FortiGate. Certain products and models need to be scalable, but they're not. For example, if you go with 400F, they only have two SFP+ ports, while the F5 has four ports.

When you're expanding the number of users for this solution, they'll ask you to replace the model, and this can be a big cost to customers, which could affect scalability.

We are happy with the technical support for this product, because the Fiji region is supported by New Zealand, where support for Fortinet FortiGate is better.

Fortinet FortiGate is an affordable solution, but when expanding the number of users, they'll ask you to replace the model, so that's an added cost.

Pricing for this product is comparatively lower than other products. If you compare it with Forcepoint, Cisco, and other products, Fortinet FortiGate pricing is reasonable, and that includes all the service and support we need. Whenever we need support as a partner, they're able to deliver that support to us, unlike with F5 where there's premium support and standard support, which means you'll have to pay F5 extra.

I evaluated Cisco and Forcepoint solutions.

We are an IT infrastructure company, and we are dealing with one of the banks here. They need a solution which they'll use for application delivery, load balancing, and as their web application firewall.

We are a reseller and partner of Fortinet, but only for their firewall product, e.g. FortiCloud WAF, not FortiADC. We've also been working with Fortinet FortiGate.

The solution we're looking for which will be implemented for our customer, e.g. a bank, is a solution with basic functionality, e.g. FortiGate. It will only be used for two or so web applications. If our customer needs a bigger functionality, then I would propose a different solution: F5. For the government, we always propose F5.

My advice to people who want to implement this solution is simple: It's an affordable product for the SMB customer, but for customers with bigger environments, I would recommend that they go for other products with premium support.

My rating for Fortinet FortiGate is seven out of ten, if you consider the Fiji market.

We saw that Fortinet is working towards the ZTNA model, e.g. SASE, and also working towards zero trust products, which is good. They're also improving slowly in privileged access management, e.g. they don't have one, but they're trying to introduce it by the end of the year.

Most organizations use the Fortinet firewall as perimeter security at the gateway level.

FortiGate has threat protection, antivirus, and even SSL encryption and decryption. So FortiGate is primarily used for security purposes. And a few customers also use this firewall for web filtering and application control. So these are the two features for which people use FortiGate.

FortiGate is primarily a gateway,  but customers also use web filter threat protection and application control. And some people use it as a special VPN for remote access. I recently deployed one virtual firewall where they're only using the FortiGate firewall for VPN. I can't say one feature is the most valuable because it's a bundle solution. So no one uses FortiGate for just one single feature. 

Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

I've been using FortiGate for around five years.

Before version 6.0, FortiGate's firewall performed well enough, but lately, they've introduced so many features. After that, its stability has been somewhat lacking. This is because they're constantly updating their firmware. So it was pretty stable, but nowadays, it's not that stable.

I haven't worked on the scalability side because most of the time, the pre-sales tools are relatively bigger devices. So right now, I haven't faced any issues with scalability. They have some larger devices for the data center. So if we talk about their hardware, I think they're capable of handling around 10,000 to 15,000 people on a single device. But if you go with the virtual environment, I don't think there is a problem. Fortinet has a single OS that we can deploy on whatever hardware capacity we want to configure over there or through virtualization.

Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.

The management console is pretty simple, so anyone who understands networking can initially deploy the solution. But you need some good hands-on experience for advanced configuration. The amount of time required to deploy depends upon the project and also the organization. So it takes around four to five days to deploy a smaller device. And for the largest device, it takes around a maximum of two months. We do the deployment on our own. So we have a sales team, a pre-sales team, and a deployment team. Our sales team gets this and handles the sales end. After that, we come into the picture. So we do the whole migration, as well as the new implementation and everything. It should take no more than two people to deploy. If we want to migrate from one Fortinet device to another, then we use the command line. They have some script in their firmware, and we can migrate the script directly from the older firewall to the new one. So it isn't too complex.

I'm somewhat aware of the pricing, but most of the time, the pre-sales staff only defines their requirements. And we get the licenses at the time of implementation, then register and activate them. But I think Fortinet has multiple packages. They sell licenses for a period of one, three, or five years. They also have special add-on licenses for various things. So, for example, if you want to get a security rating for the firmware configuration and everything, you need to purchase an additional security license. And if you want to do some IoT-related security, you also need to purchase separate licenses. 

I rate FortiGate eight out of 10 based on the performance, stability, performance, management, rights, and features. So most people lack SSL encryption and the certificate part. Those servers are running behind the FortiGate firewall. And most of the people I've seen are not using SSL encryption over there. And even for internet purposes, they're not using deep scanning.  So my suggestion to people thinking about using FortiGate is to prepare a plan before implementation and implement those things in inbound inspection and outbound inspection. This is recommended. And also, if you have multiple band links, then you must use SD-WAN. They have SD-WAN options in the FortiGate firewall. It's a pretty good feature. So you can use that to improve your stability and performance.

We deployed Fortinet FortiGate SD-WAN into one of our customers, and they are satisfied. We utilized Fortinet FortiGate's data center solution; we took in three units: FortiGate ADC 1101 and 2600, and we deployed them into a customer, with no issues so far. The impact of these services on data center protection at scale is still on the launch side; the production will be up maybe this month, but so far, there are no issues.

The best features I have already seen in Fortinet FortiGate are the automatic updates, the easiness of deployment, and the capacity. These three features are the best.

A shorter response time when we have questions could improve Fortinet's first-level support quality. The knowledge base is comprehensive, so that is okay. For additional features that could make Fortinet FortiGate even better in the future, they have the SD-WAN, but I do not know if they have quantum VPN. 

I saw one brand that has a quantum random number generator, so maybe that could enhance security, along with a smaller version of their product to fit into the budgets of smaller departments.

I have been dealing with Fortinet FortiGate since April.

I think Fortinet FortiGate is overall stable.

There are a lot of people using it, maybe more than a thousand.

The technical support by Fortinet is okay; they are very responsive, and they know what they are doing. If you ask them questions, they can easily answer.

I have no experience working with any other firewalls before using Fortinet FortiGate.

I was not a part of the technical team that deployed Fortinet FortiGate for integrating SD-WAN capabilities. I am actually with the research team, and I relate the feedback I get from their experience with Fortinet FortiGate.

The pricing of Fortinet FortiGate is a little pricey from my perspective. It is expensive comparatively to its competitors. The brand has its own price concerning the licensing model of Fortinet FortiGate.

We are dealing with other vendors besides Fortinet; we are constantly searching for brands and comparing their features side by side. Besides Fortinet, we are currently dealing with Palo Alto, Sophos, and my friends also did Check Point and another Korean brand. For Sophos, we are mostly dealing with firewalls. The Sophos products we are dealing with are firewalls. For Palo Alto, we are in the same category with firewalls.

I would recommend Fortinet FortiGate to others, specifically for larger companies but not for smaller companies because of the price-sensitive Philippine market, where you would not find a lot of companies buying premium products. I do not know if I can see room for improvement in Fortinet FortiGate because I am not so techie myself. I would rate Fortinet FortiGate as a product an eight out of 10.

I work with multiple customers. Most are comfortable running IPS within their firewalls rather than deploying it. The standard deployment requires finding a service owner and training them on the platform. However, if I deploy a next-generation firewall with integrated IPS and VPN capabilities, it simplifies things. It's straightforward for someone to manage. Consolidating a VPN server, IPS, and standalone firewall into one appliance can be challenging for many customers. Fortinet's servers are increasingly popular.

Fortinet has serious vulnerabilities. Some of their interfaces are exposed to attacks. Since they are more prevalent, they may attract more attacks and have more vulnerabilities discovered.

If I'm incorporating FortiGate IPS, FortiGate firewall, Forti VPN server, or any other component into an existing Fortinet fabric, I already have a Fortinet analyzer and FortiManager. With this integrated Fortinet ecosystem, stability issues are significantly reduced. Additionally, inserting a standalone Fortinet device is much easier and much more accessible.

Customer support is fine and fairly responsive.

Neutral

We used Cisco products and operated within a Cisco ecosystem. Currently, Cisco is too expensive, but FortiGate IPS does not position itself as premium like Cisco.

The initial setup can be completed within a month with some IT security architecture by replacing IPS.

The product is expensive but comparable to Cisco.

There are limitations to consider, such as the sandbox capacity. Increasing the sandbox limit is essential for better integration with the firewall IPS, facilitating traffic offloading. Since my customers deal with heavy content, we often need to upload content for analysis by the IPS and sandbox. Thus, the system effectively fulfils its intended purpose. However, we do not need to assess features beyond what the customer requires. As long as we meet their specific needs and use case, it's satisfactory.

We're building a network of partners, you know, offering competitive pricing to engage in significant projects. Firewalls are pretty standard. The ecosystem issues may revolve around business support and pricing.

You need more considerable internal resources to manage it. For clients with a robust security solutions team, architects, and skilled developers who handle data and generate similar content, I would recommend Fortinet FortiGate IPS. These individuals should be capable of upgrading their packages and downloading them. If they are comfortable with Docker, they can deploy it as an appliance on a server.

Overall, I rate the solution a six out of ten.