Fortinet FortiGate Reviews

It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall. You don't need to pay some other company for another product to do that for you. The firewall can do that for you. So, it's an easy-to-use product for people to be independent. They don't need to rely on other vendors to do what the firewall can do. They can do everything.

The GUI is good. I'm really happy with the ease of use of the firewall. Fortinet's support is also great.  

I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself.

I've had different models of Fortinet since 2009. They all are physical appliances. I had 300As, and now I'm on 300Ds. I've got a remote site with a different model, which probably is 60F. They are great little firewalls, and for bigger size places, they have 300 models.

I don't have virtual appliances. I don't have a virtual infrastructure. I have an older virtual environment with Hyper-V, and the servers are not up-to-date. It was a money thing. So, it was better to go with the appliance itself.

I'm happy with what they got. It is a great product. Sometimes, you're going to get a lemon—the way it initially happened with FortiAuthenticator 300F—but that doesn't happen very often.

If there is a problem, the next business day, they send it and get the replacement, and they help me configure it.

In terms of its users, everybody uses the firewall because they're going out. That's our egress point. So, there are about 20 users for that. We have a dozen IPsec tunnels with which we connect to different companies. So, security is a big part of it. I also have a remote location with about 10 users who use a different firewall.

We probably won't be increasing its usage. Now that I got Authenticator, it nicely compliments the Fortinet firewall. The size of the company isn't going to grow any more than what it is. So, we're good.

Their support is great, but it also depends on who you get for support. From the support perspective, they can help you do it yourself, which is always more beneficial to both parties. They can stop being so time-sensitive about the call duration and let a user help himself a little bit more.

It takes time to study this stuff, and I don't always have time to do it. So, I'm looking for a quick answer because I get interrupted all the time during work. I don't always have the time to study something and figure it out. So, I have to call them, but I don't always get somebody who really knows what they are doing. They don't know deep enough to help you. They're troubleshooting with you, and that's the difference between Level 1 and Level 2 support.

When I first got here in this job in 2007, they had Cisco ASA Firewall, but it was too cryptic. You had to enter all these CLI commands for a configuration. It also didn't do everything that Fortinet could do. It was very limited, and it wasn't easy to use. I know what I want to do, and I don't have to learn a special language in order to do it. I just want to be able to use some basic programming code that they have put into the firewall and use the GUI interface with it to actually visualize what I am looking at. Some of the Cisco products are not visual enough. That was one of the reasons I stayed away from it. Cisco is also very high-priced. They price themselves out of business a lot of times for equipment, but Fortinet is just great.

I've also used SonicWall before. It was okay, but it is better for bigger places. I was looking for a midrange-size firewall for a couple of hundred users, and I felt Fortinet was the right fit.

Its deployment and maintenance are easy. 

I pretty much used the support from Fortinet to do it. They're good about their support. I did it myself by being a nuisance to Fortinet. I kept calling them to ask questions. They had to remote on to it and see you do something you don't know how to do.

It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive.

Fortinet has got great firewalls. They do everything. They do FortiTokens for two-factor. They do the IPsec VPNs, SSL VPNs. They have a great GUI for you to know, but you still got to know the CLI commands. 

I would rate it a 10 out of 10. It does its job, and it is easy to use. The support is great.

We primarily use the solution for security purposes. We use it as a firewall for protection. 

It helps protect our users, and we are able to initiate our own policies. It also provided good visibility and reporting. 

The management is very easy.

It offers very good security features. 

The reporting and monitoring are very good.

We can integrate the solution very well with other Fortigate solutions. 

It's stable and reliable.

The solution can scale. 

Pricing is reasonable. 

We do not need any other features.

We'd like more management across other integrations. It would be ideal if it could centralize the management, and we could therefore manage all solutions under Fortinet instead of managing everything individually.

In some cases, depending on the module and the age, performance could be better.

I've been using the solution for three years. 

The solution is very scalable and reliable. There are no bugs or glitches. 

We have 800 end users, approximately.

The solution is scalable. 

Technical support has been fine. However, we haven't really dealt with them too much. We haven't had any critical issues. 

We also use other Fortinet products, including the NFGW.

We also work with Cisco devices and solutions. 

We have worked with Palo Alto in the past. It has a pretty good performance. 

In the end, we moved to Fortinet as the cost was very good. 

The solution is very simple. The process is easy to understand. It's not complex at all. 

I helped deploy the solution. We had to integrate it with internal and external firewalls. 

We had the full functionality in place within five days. We had five people managing the deployment process. 

I integrated the solution myself without outside help.

The cost of the solution is reasonable. 

I'm an end-user.

I'd rate the solution nine out of ten.

Our company uses this solution for endpoint network security. 

The ECC management and the GUI that offers single interface management are the most valuable features of Fortinet FortiGate. 

The documentation available for Fortinet FortiGate should be improved. Often, I find documentation of older models and not the latest version of Fortinet FortiGate. I have to often utilize the older documentation and reengineer the information for the latest model of Fortinet FortiGate. 

There are competitor products in the market that can monitor all logs, which are referred to as SOC; Fortinet FortiGate should have such in-built features. The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection. 

I have been using Fortinet FortiGate for more than a year.

I would rate the stability an eight out of ten. 

The solution is used daily in our organization. I would rate the scalability an eight out of ten. 

I would rate the tech support an eight out of ten. Our company needs to contact customer support on certain issues. The support team is usually able to resolve the issues by communication over call a few times. Sometimes, there was quite some back-and-forth through support tickets with the vendor team before the issues got resolved. 

Positive

Our company previously worked with Juniper, NETGEAR, and Cisco. The devices from the aforementioned vendors reached the End of Life, and their support was expiring in our company, so we switched to Fortinet FortiGate to have visibility and manage all devices through a single vendor. 

I would rate the initial setup a nine out of ten. Due to some network complexities, we had to schedule the downtime of our organization's business, so the initial deployment of Fortinet FortiGate took more time than anticipated. But the setup process was seamless and our company didn't face any abrupt down time. 

At our company, first, we prepared a deployment plan and then divided the services into varying areas based on which the deployment was performed in phases. Only two professionals, a system engineer, and an infrastructure manager, are required to deploy Fortinet FortiGate.

Another two individuals are needed to maintain the solution with the same aforementioned professional job designations. In our company, we didn't face any issues while integrating Fortinet FortiGate with our existing infrastructure and even with other tools.

A third-party team deployed the solution for our organization. 

In our company, we haven't realized an ROI yet, as the solution was implemented just a year ago. There are some devices that I need in addition to other area devices of my company, we are in process of renewing all old devices with newer versions.

In the next few months, our company will be able to obtain the actual capex purchase with at least ten switches. Fortinet FortiGate is worth the money, offers multiple solutions under one roof. 

I would rate the pricing a five out of ten. Our company onboarded the solution through a traditional capex purchase of the standard license with three years of customer support. 

Our company has been using Fortinet FortiGate since 2009 at the firewall level, due to familiarity with the RTO and FortiGate environment, complete adoption of Fortinet FortiGate was an easier choice than other solutions for a single clear management. 

Fortinet FortiGate also had all the features that our company was expecting, and in terms of ease of management, opting for the same vendor from firewall to edge device was a comfortable option. 

Previously, in our organization, we didn't have a network monitoring tool. With the adoption of Fortinet FortiGate, we can now check the port level of the switches that can be witnessed at the EP end, where all devices remain connected to the network. The management and monitoring are the major benefits of Fortinet FortiGate. 

I would advise others to consider adopting the solution without hesitation. I read the latest Gartner Magic Quadrant report, and it mentioned that, based on its track record, Fortinet can compete with the best in terms of network and security solutions.

For the last five years I believe Fortinet has dominated the market. I recently attended a Fortinet event where I met all the local and regional support team; I learned that the vendor is continually expanding, and in our region, we can easily avail support and guidance regarding Fortinet solutions whenever required. 

The monitoring subscription that is provided with the Fortinet FortiGate has built-in AI features for the past three years. I believe Fortinet is in the sixth generation of their AI and ML utilizing the native infrastructure. Thus, the AI features have been available for a long time in Fortinet FortiGate, but they are promoting it now due to the market trends. I would overall rate the solution an eight out of ten. 

We use it for managing access to our data center, regulating the communication tools employed among servers, and ensuring overall security.

Its performance in fulfilling our requirements has been satisfactory. The graphical user interface is straightforward to navigate.

There is room for improvement related to the logging and reporting aspect. It was somewhat challenging as I delved into the logs during an incident. Navigating through the logs to trace the specific information we needed, as well as generating the corresponding report, proved to be less intuitive. In comparison, when considering Sophos XG, which we also use, the logging and reporting functionality is notably more efficient.

I have been working with it for two years.

It offers good stability capabilities.

We have approximately two hundred users within our company.

I would rate its customer service and support ten out of ten.

Positive

Its performance justifies the cost, there is a prominent ROI.

The pricing is very reasonable.

I would highly recommend it. Overall, I would rate it eight out of ten due to the reporting and logging issues.

The use case varies depending on the customer, but we use all of FortiGate's features, including policies, web filtering, routing, etc. 

FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all these features on one device because it can cause performance issues. 

We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs. 

I have been working with Fortinet for nearly ten years.

I rate FortiGate an eight out of ten for stability. It is less stable than Palo Alto Networks and Check Point firewalls because there are lots of bugs in the latest firmware. 

FortiGate is scalable. 

I rate Fortinet's support a seven out of ten. We had to open several tickets due to the firmware bugs. We don't have an issue with the support team. It's more of a problem with the testers and developers. 

Neutral

I have also used Palo Alto and Check Point firewalls. Fortinet firewalls are cheaper and easier to manage. Palo Alto is more complex and harder to use, but it's more stable than FortiGate. Palo Alto doesn't didn't have as many models for small and medium-sized enterprises.

FortiGate is easy to deploy. The deployment time varies depending on the customer's network topology. How many policies does the customer require, and what kind of license do they have? FortiGate is easier than Palo Alto Networks and Check Point and takes less time.

We typically start by analyzing the customer's topology and understanding their requirements, including policies, routines, etc. We implement the device once we know what the customer needs. One engineer is usually enough to deploy FortiGate in a small or medium-sized environment. 

An enterprise project requires a more detailed analysis of the network requirements before implementation. That can take two or three days. Once we understand the network, it may take another two or three days to configure the device and one or two days to implement it. 

Fortinet has more device options that are affordable for small businesses than Palo Alto, and its enterprise-level models are also cheaper. Palo Alto also has a separate license for VPN connections and SD-WAN, but FortiGate offers these standard features. 

I rate Fortinet FortiGate a seven and a half out of ten. I deducted a few points because of the device's capacity, stability, support, and routing table issues. I strongly recommend FortiGate if a customer wants to use SD-WAN. Before implementing, you should understand the network's topology to minimize unwanted issues. 

We primarily use the solution for security purposes and for UTM web profile applications.

There are a variety of features on offer. 

It helps protect endpoints. 

The wireless control is helpful.

It is scalable and extends well.

The solution is stable and reliable.

Technical support is helpful and responsive.

The pricing could always be better. It is very expensive. 

We'd like to see Fortgate include WAF services.

The maintenance of the product can be a bit difficult. 

I've been working with the solution for ten years. 

The solution is pretty stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

This is a scalable product. 

Technical support is very good. They are easy to work with. We've been satisfied with the level of support.

Positive

I've also used Sophos and CyberArk. Sophos has a few more services, such as WAF services.

The initial setup is moderate. It depends on the client's requirements.

We typically can deploy the solution within two or three days. We have a security engineer that handles the initial setup.

It does require some maintenance, and that can be a bit difficult. 

We implement the solution for our clients. 

We have witnessed a bit of an ROI, even though it is an expensive solution. 

The solution is quite pricey.

I am an end-user and work in configuration and support for a partner.

I'm working with the latest version of the solution.

Overall, I would rate the solution ten out of ten. I am very satisfied with the product as a whole. I'd recommend the solution to others. It's easy to start working with it. 

We use FortiGate for security. Some clients use the whole Fortinet solution, including FortiSwitch, FortiAP, and FortiExtender, but FortiGate is my bread and butter.

We have a hybrid deployment. A lot of it is onsite, and we have data center collocations. Some customers do collocations with us, but others request connectivity to Azure or another cloud services provider. Fortinet has plugins for Azure, AWS, or Google that make it easy to configure VPNs out of the data center or off-site. 

Typically, we stick with Azure because their support is better, but we do have a handful of customers that choose AWS. We have the solution deployed across Canada. One of our biggest customers is a retail company with many little stores under their umbrella. We cover everything from British Columbia to a couple of sites in Newfoundland. I estimate that we have around 1,200 users.

We need to allow a set of websites or block another set. FortiGate gives us the ability to do it based on URL domain. It's so much easier because you input the domain microsoft.com instead of adding the specific URL. Other firewalls can't do that the way FortiGate does. It helps us with compliance and security.

FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. 

Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features.

My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint.

I've been using Fortinet solutions for about four or five years now.

I think FortiGate is going to be around forever. If I don't see their stock price double in the next two years, I'm going to be surprised. I think it's a very underrated solution. 

Scaling up only requires adding a router. Once you have your network in place and a basic template, you buy another router and add it to the mix. It's incredibly easy to add and configure devices. 

I rate Fortinet support 10 out of 10. The support gets better as you get more certifications. I'm trying to get my certification to see how much better it can be. With an NSE 7 certification, you can contact Tier 3 support directly. I'm already getting my cases resolved in 24 to 48 hours using Tier 1 and 2 support.

We used Juniper firewalls in the past. The two solutions are similar in terms of features, but Fortinet blew it out of the water with regards to pricing and user-friendliness.

The main difference is CLI versus GUI. You have to know what you're doing on a Juniper because it's all command-line based, but Fortinet is 99 percent GUI-based. You log in to Fortinet and check off what you want to allow or block. 

Our biggest Fortinet solution was 500 plus retail sites. This customer chose the whole nine yards, including FortiGate, FortiSwitch, FortiAPs, and the FortiExtender, which is the LTE router. 

I made the templates for the configuration for our bottom tiers because they were the ones rolling them out. I made a standard template config and wrote notes specifying necessary changes for each site. 

The primary difficulty was trying to understand our customer's requirements and concerns because they were with an old provider. The provider had a lot of things on-site that weren't necessary. Deploying the Fortinet solution itself wasn't hard. 

Getting there was hard because we had to sit down with the customer and their tech team to determine what was needed because they had old Cisco routers. That took about three weeks and required a lot of on-site visits, but it wasn't hard to deploy the solution once we got an understanding of the requirements was not hard.

We trained the customers to manage and maintain the solution themselves. The only maintenance we do is emailing them monthly when we get notifications from Fortinet about router upgrades. You can configure it and then forget it. 

We are the integrator/consultant for the solution. We are the one in between the client and the internet service provider.

FortiGate firewalls pay for themselves. We bought our first FortiGate when they came out with the 50Fs and thought we would never see the return on investment. However, they paid for themselves because we rent them out, and customers loved them so much that we just retired our Juniper and Cisco solutions.

Fortinet's pricing is more straightforward than other solutions. If Fortinet doesn't stick out when you're searching for a solution, you are a glutton for punishment. You only need to know two things when purchasing a Fortinet solution: your total bandwidth and bandwidth at the site. You need to estimate the future bandwidth with other solutions if your customer plans to upgrade.

You have to consider whether you'll need to resell your licenses or wait until they expire and get new ones. You need to worry about out-of-pocket costs with other solutions, but you could pay for a higher-tier Fortinet license. You don't need to worry about it for 10 years and still be under budget.

Fortinet encourages people to buy their base product and then add what they need. That mentality goes a lot farther in the game because it affords people security. That's how they got into the market and became so competitive.

We evaluated Meraki, Dell's old SD-WAN, and Cisco's Viptela. Price and flexibility were the main factors. Viptela, Juniper, and others make it so hard to pick a solution. You have to be highly specific about what you want, including the amount of bandwidth and encryption level at every site. You have to pick a different router per site, depending on your functionality and requirements.

I rate FortiGate 10 out of 10. It's a tremendous little firewall. It takes care of all your security concerns.  When people say, "I need to make my organization more secure," the first thing that comes to mind is Fortinet. Everyone is talking about Cisco, Juniper, Palo Alto, and Check Point but overlooking Fortinet, which is a relatively new player in the game. 

Fortinet's next-generation firewall is more affordable and user-friendly. They also have an extensive knowledge base online. Good luck finding that community support on a Palo Alto, Cisco, or Juniper website without paying.

We are a managed services company, and we are also a partner with Fortinet and Cisco Meraki. The firmware that I just started using is 6.4.4. Most of the FortiGates that I sell are 60E and 60F. For some of our larger customers, I have got a handful of FortiGate 80, 100, and 200.

Fundamentally, its primary purpose is security at the edge of the network. I have got some clients who are starting to use the SD-WAN feature for a multi-location setup. I have got other clients who are using a lot of IPSec tunnels. I also have some clients who, with the increase in remote workers, are taking advantage of the FortiClient product that ties in. They are using that for remote VPN connections. 

We are a managed services provider, and I would say that it has improved the way our client's organization functions. I would also hope that it is seamless for them. They don't even know it. The biggest improvement for us is that it allows us to do more with a smaller staff.

One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent.

One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them.

FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works.

Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware.

The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack.

I have been using this solution since 2007.

If you have the firmware version 6.4.3 and are using FortiLink in VLAN, it has trouble with tunneling networks for a wireless network. It won't give it a route to the internet. I found it just last week. There was a version back in 6.2 where it required 12 characters for the password of a wireless network on Web 2.0 as opposed to the traditional eight characters. The problem came when you wanted to edit it. If you upgraded to that firmware from a previous version, it wouldn't let you save any changes without changing the password, making it a requirement. That was kind of problematic for a while, but for the most part, it has been pretty stable and responsive.

It is easy to scale as long as you start with the right firewall. Our clients are of different sizes. We have clients with the home office with two or three employees. One of the clients has about 26 locations in all four time zones and about 400 employees.

I haven't used their official tech support, which is actually a good thing. The reason I haven't used their official tech support is that they have a support mechanism in place. I have direct access to a local sales engineer, and when I have problems, I call him up on the cell phone. Based on that, they definitely support their partners 100%. They are definitely channel driven, and it shows.

I have deployed SonicWall, WatchGuard, Cisco ASA, Rockies, and Palo Alto. The biggest reason I went with Fortinet is that it felt like it has got Palo Alto type of functionality at a much more reasonable price point.

I spent seven years working at the state level education, and budgets were tough. We had SonicWall subscription services. I could replace them with the brand new FortiGate with a three-year subscription for the same cost. That really changed things. The single pane of management that they have was just the frosting on the cake.

It is pretty simple. For example, I just set up a new network with a 100E, and I have got four stackable switches. It will run a network with 23 access points. I set up all the VLANs, routing, rules, and other things. It won't take more than four hours of work. I am getting ready to box up and ship it out. It will be plug and play once it gets to the site.

Take the training. They've got free training that is available online, and there are different levels for technical training. It is crucial. If you sign up as a partner, which doesn't cost you anything, the training is free. If you want to go for the test and get certified, you got to pay for the test, but the actual training materials are available to every partner for free. I would say that definitely take advantage of those. When you have new employees as network engineers, make this training a part of the routine.

I would rate Fortinet FortiGate an eight out of ten. I have been using it for years, and I do try to evaluate it on a regular basis and continue to stick with them. I just don't have a lot of bad things to say about them. Aside from their product, I'm a also fan of their company and how they do business, which makes it easier to do business with them. I don't necessarily appreciate the business practices of some of their competitors. It is nice not to have to worry about that.