Fortinet FortiGate Reviews

Typically, we use Fortinet FortiGate with edge devices for businesses. 

We also use them to integrate with a SIEM product and we use it for detailed analytics.

The most valuable feature of this solution is the analytics.

Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs.

I would like the licensing price to be better. It would be nice if it were less than 25 percent of the hardware costs.

I have been using this solution for fifteen years. We are an MSSP.

The stability is good.

With respect to scalability, it's good.

We have 15 people using this solution in our organization.

We contact technical support almost daily. They have good support.

The initial setup was not straightforward but not too complex. It's a bit of both.

For our organization, the licensing costs are approximately $7,000 per year.

Before choosing the Fortinet FortiGate, I evaluated other solutions.

I would rate Fortinet FortiGate a nine out of ten.

The primary use case of this solution is as a firewall.

The way the rules are created and set up on our firewall is very quick, very simple, and does not take a lot of time. It allows us to spend more time in other areas.

The most valuable features are that it is very simple to configure and to manage.

For me, this solution has nothing to improve and it meets the needs that I have. I don't see any way to improve, at least from my point of view on regular use.

In the next release, maybe the documentation on how to use this solution could be improved.

What I have noticed is that when we have done some configurations directly from the command line, there is not a lot of information regarding splitting.

I have been using this solution for six years.

We are using the latest version.

This is a stable product.

Fortinet FortiGate is very scalable.

We are satisfied with technical support. We have not had any issues.

The initial setup is very straightforward.

We used a reseller to help us with the implementation.

Pricing is very competitive. It's cheap for what it offers and for what it does.

It's very affordable.

I would recommend this solution to others who are interested in using it.

Fortinet FortiGate is simple and effective.

I would rate Fortinet Fortigate a nine out of ten.

We are currently using manual router failover that can be configured on the Fortinet security appliance’s second network interface to provide network edge redundancy if the primary managed router fails. If the edge router fails, traffic can be moved to the security appliance with a simple cable swap.

We are looking for a fully redundant solution with automatic failover between both Fortinet Security appliances. I am currently looking at battle card information between Fortinet and Zscaler. I have to do a competitive analysis.

The low cost of ownership was a benefit with all of the features we wanted.    

Preconfigured images have been developed for quick deployment. However, if we need a custom policy or have to include an existing policy then that can be accommodated as well. 

Virtual Domains (VDOMs) are a feature that we found valuable.

We found the Firewall, VPN, Application Control, IPS, Fortiguard Web filtering, anti-botnet, FortiGuard, Anti Spam Wireless LAN controller, WAN optimization, vulnerability assessment, and endpoint control all to be valuable.

Fortinet certifications include NSS Labs for NGFW, firewall, IPS, SSL, antivirus, and antispam.

Fortinet provides a consolidated security platform for the market place and certifications with NSS labs prove their security assurance.

To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution. Fortinet claims to do everything Zscaler is capable of and I'm looking for a comparison between the supported features.

Fortinet VPN and DDoS capabilities are great, yet we need to provide a solution that enables CASB and integration to the cloud.

We have been using FortiGate for three years.

Fortinet is very easy to service and set up.

Fortinet is the least expensive solution.

We are comparing the features of Zscaler vs. Fortinet. We are trying to determine what features Zscaler has over Fortinet and vice versa.

Fortinet was initially scoped as 25 rules for small, 50 for medium, and 100 for large. We need to incorporate more rules but there would be additional professional services or staging services. We are looking to incorporate the cloud access with the Fortinet UTM solution.

My primary use case for this solution is using it as a key net and as a firewall.

For Fortinet Fortigate,I have to have a Fortigate access point. In my opinion, it should have been a universal access, which supported the universal access point. At this point, our campus is large with some 10 thousand students and staff on board at any given time. Every time I have to use Fortigate, the access point portal has to be a universal type. It would be nice if I did not have to "marry" Fortigate for everything.

The only feature is that I don't have to be worried about categorization of the websites. I am able to put on the policies for the blog because this is an institution.There are several restrictions out there to get onto the websites. It creates a "headache free" environment for us.

A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve.

My only solution would be please don't make it as a closed source. Don't make it as
a closed source. Give some kind of a power to the user so that they can consider it
according to their determine that it should have some flexibility on concurrent
connections not be restricted. I agree that to some concurrent connections the CPU and
the box may be a lower model and it need some higher scale level with this. But, there
should be a provision. There should be a provision to go to at least to 60-70% onto the
threshold to go beyond the designed capacity of something. Like we call it as a design
capacity, and since 70% addition to the 100% of it.

If I compare with the open source, it has really frustrated me for a couple of things. Whenever my students or faculty goals increase, then in Fortinet, I need to change the model for going with the higher model, or better model more better first tier it can deal with it.

It should have been scalable. But, it is not quite so. There are limitations, I need to change the box or I have 1500 D. That means I can make 1000 connections, but some kind of vestibules are going on and the advances are going on. Then, I find it very difficult to give  a connectivity simultaneously and upon current connections. As a result, I have to deprive my faculties, my staff, or my students of certain functions.

Tech support is not very efficient in India.

We have considered the Linux Suite and HP BSM.

As I said, that at least one part I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over.

I have deployed several of the following models for customers: 200D, 60E, 60D. This review focuses on the FortiGate 200D.

The first implementation I performed of a FortiGate 200D was to replace a Juniper SSG-140 in a main corporate office.  This implementation provided improved network administration and network performance.

We also received more timely security updates, and it became easier to connect all of the other offices together (via an IPsec VPN mesh).

As additional FortiOS releases have come out, we have obtained more flexibility in device identification and WAN load-balancing, among other things.

• The CLI is robust and powerful, enabling rapid, consistent changes via SSH. 
  
  The device identification is very flexible, facilitating the creation of rules to regulate all sorts of devices that might spring up on a network, especially via WiFi.
• The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors.
• WAN load-balancing has improved, but needs some refinement.
  
  You can set up a different DDNS config for each WAN link.
  
  It is great to be able largely use the same OS features across the family of devices.

WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead. There are lots of options for routing traffic over a specific path when you have WAN load-balancing enabled, but they are not as clear and consistent as they could be, and most can only be set at the CLI.

Some configuration elements cannot be easily altered once created.  For instance, there is no way to rename an interface (say, for a VPN tunnel), unless you create an entirely new one and perform a little gymnastics to switch from one to the other. Or, you export the config, rename the elements in question, then re-import the entire config.

Creating a meshed VPN connection (Office A with two WAN links connecting to Office B with two WAN links) requires a massive bundle of four IPsec interfaces, with two policies. It would be nice to have a cleaner, simpler config for that functionality, something not very uncommon today.

I have found that if you have a console cable in the device when you reboot it for a disk check, it will boot to the device firmware. This will not happen for a regular reboot.

If you have more than a very basic environment, you quickly have to escalate past the first level of support. The initial level is so-so.  The next level up has been stellar for me, and quick to figure out issues and resolve them.

I've only experienced stability issues a few times.  One was with the v5.4.0 and .1 releases. Also, there was an issue during the v5.2.x series where there was an SSD issue that was fixed with later firmware. Overall, the devices have been very stable.

No. Scalability is good, and performance increases are great as you move to higher products.

Customer support is okay. They are fairly responsive for level three and higher (one and two) issues, but if your issue is a little complex, you will want to ask them to escalate to a second level tech. They don't always read all the info you provide in the first pass, but overall, they are helpful.

I previously favored NetScreen/Juniper SSG solutions, but Juniper stopped supporting the SSG line, and FortiGate provides more value and performance for the dollar.

I've also tested the Sophos solutions, but found them not compelling enough to switch from the FortiGate devices.

The devices are very easy to setup, even if you need to configure VPNs. You could have an HA config up and running within 60-90 minutes, with the latest firmware installed, and a couple of policies and tunnels.

If you do not regularly work with enterprise-class firewalls, you might need to add an hour to the above scenario, but the provided wizards make it pretty easy to address the basic functions.

In-house deployment all the time.

In almost every case, I've experienced (or had customers experience) an ROI within 12 months, based on better performance for the same price or increased functionality for the same (or less) price.

Licensing and setup costs are generally pretty clear with Fortinet. If you go with centralized management or their Log Analyzer tool, these carry some additional pricing that you need to look at.

Check out the price matrix, and go with a value-added reseller that understands how to help you size out the equipment. Remember to always look at the performance with the assumption that you will have many of the unified threat management (UTM) features on, not off.

Yes, I tested and evaluated solutions from pfSense, Sophos, and Palo Alto.

I highly recommend, and often try to deploy Fortinet solutions for my office network and for my customers. They run for a long time, they are supported for many OS updates, and they are pretty solid.

Don't upgrade the OS right away when it is released, if a major new version has come out.  v5.0 was problematic early, but v5.2 was great. v5.4 was a problem child, but v5.6 had only a minor issue. v6.0 was surprisingly smooth and had only a minor issue. I could have avoided most of these problems if I waited an additional month or so before updating, but I updated because I need to advise customers on what they should be doing.

I've had to interact with support a lot, and overall they've been good (with the caveat mentioned earlier).

We use Fortinet FortiGate for basic network security and people accessing through VPN.

Fortinet FortiGate is a reliable and practical solution that assists us in our day-to-day operations.

Fortinet FortiGate's reliability is valuable.

I would like some automated custom reporting.

I have been using Fortinet FortiGate for one year.

Fortinet FortiGate is stable.

The scalability has met our requirements. We have around 40 users.

We previously used DrayTek before switching to Fortinet FortiGate which has more features.

The implementation was completed in-house.

We evaluated Palo Alto Networks, but the cost of the solution and support were higher than Fortinet FortiGate.

I give Fortinet FortiGate an eight out of ten.

The maintenance requires one person.

Fortinet protects us from web attacks. We also use it to connect our remote users. I'm the IT infrastructure lead. 

I think the overall security features and the performance routing is good.

The security features are good but I'd like to see additional security options. 

I've been using this solution for five years. 

It's a stable solution, yes.

The initial setup is simple and took us about half an hour. We have 50 users in the company. We have one person who deals with all our maintenance and deployment issues. 

We have a three-year license.

I recommend this solution and rate it eight out of 10. 

In an upcoming release, Fortinet FortiGate should add an SD-WAN feature.

I have been using Fortinet FortiGate for approximately five years.

The stability of Fortinet FortiGate could improve.

Fortinet FortiGate is a scalable solution.

I am satisfied with the technical support from Fortinet FortiGate.

The initial setup is straightforward.

The price of Fortinet FortiGate is reasonable.

I am satisfied with the solution.

I rate Fortinet FortiGate an eight out of ten.