Fortinet FortiGate Reviews

The primary use case is for security purposes, mainly at the gateway level and for internal security, such as virtual training. We also use it for cybersecurity and internal communication, like having a portal. The main goal of implementing the product is to resolve security problems.

We have seen benefits. Recently, Sophos Firewalls and Palantir have also entered the market. However, FortiGate provides a higher throughput at a lower cost than these features and licensing. Our company acts as an integrator, and we work based on the customer's needs and requirements.

Fortinet FortiGate is easy to use. Anyone can easily maintain the box in small to large organizations. Even if we configure and hand it over to them, they can easily consider and register policies. And it's easy to monitor the end-to-end network through the firewall.

There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes. FortiGate's renewal cost is quite high, and our customer care team also receives complaints about it. The renewal part of the firewall is expensive. If a customer pays for the license in advance, they may lose their privileges.

For example, if the license of a box expires in one or two months, and the customer wants to upgrade, there are three to four months between the operation and the end of the current license. If I purchase a new license, it will only take effect from that date. So, it fails in the backward fetch, and I am currently busy setting it up. But if the customer is not processing the card for six months, they will not benefit from the system.

I have been using Fortinet FortiGate for two to three years.

I would rate stability a nine out of ten. It's a stable product. For the most part, it's very reliable.

It is also a scalable solution. However, as integrators, the scalability depends on us. There are many options available, and we can choose the size of the box based on our requirements.

The customer service and support are very good. Once we create a ticket, we can contact them using the ticket number, and they will provide the support we need. As for the contact names, there is no rate, but there are more challenges.

Neutral

We have used Sophos Firewall, Check Point Power EOL, and others. But none of them were like FortiGate. When we upgrade the license, it shows another one, two or three years from that date.

There are no challenges in the initial setup. The people required to deploy the situation are based on the customer's expertise. We handle various types of configurations, and sometimes there are additional requirements with load balancers on top of the firewalls. We need to integrate these firewalls with that ALG.

Generally, we consider security as a separate thing. These firewalls and the LOBs will take care of some further issues based on the customer's requirements. For smaller organizations, one person can provide or ensure a sort of service. We will need three more administrators or developers if there is more traffic or high-cost tech.

Generally, most of the customers maintain their solution on-premises, not on the cloud. I am a technical guy. I am involved in deploying the solution to our customers. I take care of the HCLM upgrade, inflation rate consideration, automation, and other technical aspects of the solution.

We evaluate the area first and then proceed with the implementation by creating a DMZ zone and policies such as CRM and CAP.

FortiGate is a bit pricey, but its unique features and specifications make it an excellent option for certain customers.

As an integrator, we have observed that the licensing cost and the upgrade process are important considerations. When we purchase a new license for one or three years and upgrade it to the existing box, the expiry date does not change from the original. It can create a gap of three, eight, or even twelve months for the customer. Consequently, they buy another box instead of going through the ticket process to get it fixed.

We definitely explore the options. We always understand the customer's requirements first and then offer solutions accordingly. We ask what the customer needs and what their budget is. If their budget is INR 10,00,000, and we find a product that matches their requirements, we will offer it. If FortiGate provides the same features and throughput but costs INR 11,00,000, we might still offer it to the customer. However, if FortiGate doesn't match the customer's requirements, we won't suggest it.

So the main differences between products are the features and specifications. If a product has the same throughput and features as another product but costs more, we may not suggest it to the customer.

The challenge is licensing. Hardware-wise, it's supportive, and the support is good. But the licensing and renewal costs should be lowered, and renewing the license and data for the new license is tough. So, only for licensing, we face challenges. I would rate it a seven.

We have many boxes, and we have changed all the boxes to other products because of this licensing factor only. Even for FortiGate, such a thing happens. If I have a hundred boxes and I want to renew the license, they suggest taking new boxes with three or four at least. So that is why customers are not liking FortiGate. They could provide the same license card along with the box, which is why customers are unhappy.

Overall, the product is a four out of ten because scalability, box performance, and support are all great. However, once it's commercially used, you can only use this box; no other options are available.

We can recommend it, but FortiGate's ability to capture the market, fix the order, and meet the requirements or opportunities is also important. As an integrator, we don't have any issues with it.

It is used as a defense mechanism for securing the internal network from the external network. We also use it to have VPN tunnels between us and our partners and the support organizations we work with.

We are using FortiGate 200F.

We are mostly using it as a defense mechanism. It has many more possibilities, but at this moment, it is only used for defense against attacks. It is doing what it should do with the FortiGuard subscription on it, which is an advanced security subscription.

It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working.

I don't see any area of improvement at this moment. I'm responsible for the IT infrastructure. I'm not a security specialist. The IT security is being managed by the CSO in our company. 

We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine.

It has been a little over a year since we have the firewall cluster in place.

It is a stable product. We had some issues in the beginning while setting it up, but we received an update of the firmware, and since then, it has been stable.

It is being implemented for everybody. It is our security layer.

Their support is good. We had some issues in the beginning, and they were resolved within a couple of days after we explained what we were trying to do. They confirmed that it is a bug, and they would give us a fix. A couple of days later, we had the fix.

We were using SonicWall firewalls. We found FortiGate better, and we switched everything. We decommissioned all SonicWall firewalls. One of the reasons why we changed from SonicWall was that its licensing was user-based and function-based. So, every time we did something, we had to add another license or subscription. The licensing of FortiGate is clear. We know what is the price.

We migrated last year from a typical MPLS network to a complete and only one network between the sites. For firewalls, we now have a few solutions in place in our headquarters. We have Fortinet Firewall Cluster, and on the remote sites, we are using Meraki firewalls that are being used as a router at the same time. 

It is easy to use.

Its price is reasonable. They have a clear pricing policy. It is not complicated by the number of VPN users at a time. We know what the price is. The yearly subscription for the security license is rather high, but it is all included for whatever number of users you have and the kind of functions you need.

I would rate it a nine out of ten.

We are using FortiGate as a perimeter firewall.

It is our perimeter firewall. URL filtering, IPS, and antivirus features are most valuable.

It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box.

Their support can be improved in terms of the response time and the quality of support.

There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision.

I have been using this solution for two years.

It has been very stable over the past two years.

I have no problem with scalability. When I need to add any device, I just find and add it to the network. I have no issue with the count of devices. I can buy a license and add whatever devices I need to add. Currently, I have no issue with the scalability of this firewall, but if I reach the maximum limit, I need to exchange the box or just add licenses. We currently have about 1,000 users.

I have contacted them many times. My experience with them was good, but their support can be improved overall. I would rate them a three out of five. 

It was very simple.

There was a partner supporting us. Our experience with them was very good. I would rate its setup experience a four out of five.

For maintenance, we currently have a team of two people, but it may be extended to three or four.

It has been two years. I don't remember the actual price, but it was affordable.

We buy the boxes and then use the license for three years.

I would recommend this product. It is a very good product to be used as a perimeter firewall.

I would rate it an eight out of 10.

Fortinet FortiGate is user-friendly. When it comes to firewall enterprise security and email security, this solution is at the top. It's better and it's affordable. If you compare it with some other email security like Mimecast and similar solutions, those products are better than Fortinet, but here in the Fiji region, Fortinet FortiGate has better service. In some other regions, this solution may not be doing well, but in Fiji, it's working out well. Fortinet has so many customers in Fiji.

What I'd like to be improved in Fortinet FortiGate is for it to have advanced WAF functionality. Even in FortiADC, WAF functionality is not supported for advanced attacks, e.g. mobile bot attacks. Fortinet FortiGate needs to improve its WAF function.

SD-WAN is also good in this product, but it still needs improvement, particularly in security. We saw some attacks last year, so they need to improve on that.

I've been dealing with Fortinet FortiGate for eight years.

There are some issues with the scalability of Fortinet FortiGate. Certain products and models need to be scalable, but they're not. For example, if you go with 400F, they only have two SFP+ ports, while the F5 has four ports.

When you're expanding the number of users for this solution, they'll ask you to replace the model, and this can be a big cost to customers, which could affect scalability.

We are happy with the technical support for this product, because the Fiji region is supported by New Zealand, where support for Fortinet FortiGate is better.

Fortinet FortiGate is an affordable solution, but when expanding the number of users, they'll ask you to replace the model, so that's an added cost.

Pricing for this product is comparatively lower than other products. If you compare it with Forcepoint, Cisco, and other products, Fortinet FortiGate pricing is reasonable, and that includes all the service and support we need. Whenever we need support as a partner, they're able to deliver that support to us, unlike with F5 where there's premium support and standard support, which means you'll have to pay F5 extra.

I evaluated Cisco and Forcepoint solutions.

We are an IT infrastructure company, and we are dealing with one of the banks here. They need a solution which they'll use for application delivery, load balancing, and as their web application firewall.

We are a reseller and partner of Fortinet, but only for their firewall product, e.g. FortiCloud WAF, not FortiADC. We've also been working with Fortinet FortiGate.

The solution we're looking for which will be implemented for our customer, e.g. a bank, is a solution with basic functionality, e.g. FortiGate. It will only be used for two or so web applications. If our customer needs a bigger functionality, then I would propose a different solution: F5. For the government, we always propose F5.

My advice to people who want to implement this solution is simple: It's an affordable product for the SMB customer, but for customers with bigger environments, I would recommend that they go for other products with premium support.

My rating for Fortinet FortiGate is seven out of ten, if you consider the Fiji market.

We saw that Fortinet is working towards the ZTNA model, e.g. SASE, and also working towards zero trust products, which is good. They're also improving slowly in privileged access management, e.g. they don't have one, but they're trying to introduce it by the end of the year.

Most organizations use the Fortinet firewall as perimeter security at the gateway level.

FortiGate has threat protection, antivirus, and even SSL encryption and decryption. So FortiGate is primarily used for security purposes. And a few customers also use this firewall for web filtering and application control. So these are the two features for which people use FortiGate.

FortiGate is primarily a gateway,  but customers also use web filter threat protection and application control. And some people use it as a special VPN for remote access. I recently deployed one virtual firewall where they're only using the FortiGate firewall for VPN. I can't say one feature is the most valuable because it's a bundle solution. So no one uses FortiGate for just one single feature. 

Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

I've been using FortiGate for around five years.

Before version 6.0, FortiGate's firewall performed well enough, but lately, they've introduced so many features. After that, its stability has been somewhat lacking. This is because they're constantly updating their firmware. So it was pretty stable, but nowadays, it's not that stable.

I haven't worked on the scalability side because most of the time, the pre-sales tools are relatively bigger devices. So right now, I haven't faced any issues with scalability. They have some larger devices for the data center. So if we talk about their hardware, I think they're capable of handling around 10,000 to 15,000 people on a single device. But if you go with the virtual environment, I don't think there is a problem. Fortinet has a single OS that we can deploy on whatever hardware capacity we want to configure over there or through virtualization.

Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.

The management console is pretty simple, so anyone who understands networking can initially deploy the solution. But you need some good hands-on experience for advanced configuration. The amount of time required to deploy depends upon the project and also the organization. So it takes around four to five days to deploy a smaller device. And for the largest device, it takes around a maximum of two months. We do the deployment on our own. So we have a sales team, a pre-sales team, and a deployment team. Our sales team gets this and handles the sales end. After that, we come into the picture. So we do the whole migration, as well as the new implementation and everything. It should take no more than two people to deploy. If we want to migrate from one Fortinet device to another, then we use the command line. They have some script in their firmware, and we can migrate the script directly from the older firewall to the new one. So it isn't too complex.

I'm somewhat aware of the pricing, but most of the time, the pre-sales staff only defines their requirements. And we get the licenses at the time of implementation, then register and activate them. But I think Fortinet has multiple packages. They sell licenses for a period of one, three, or five years. They also have special add-on licenses for various things. So, for example, if you want to get a security rating for the firmware configuration and everything, you need to purchase an additional security license. And if you want to do some IoT-related security, you also need to purchase separate licenses. 

I rate FortiGate eight out of 10 based on the performance, stability, performance, management, rights, and features. So most people lack SSL encryption and the certificate part. Those servers are running behind the FortiGate firewall. And most of the people I've seen are not using SSL encryption over there. And even for internet purposes, they're not using deep scanning.  So my suggestion to people thinking about using FortiGate is to prepare a plan before implementation and implement those things in inbound inspection and outbound inspection. This is recommended. And also, if you have multiple band links, then you must use SD-WAN. They have SD-WAN options in the FortiGate firewall. It's a pretty good feature. So you can use that to improve your stability and performance.

We primarily use the solution as a hardware firewall. In China, there's a lot of content that would be available in the West that isn't allowed here. We're able to block certain content from getting through filters.

The solution offers a very good package for all kinds of virtual appliances, subscriptions, and so on. It's a reasonable price. It's not too much.

The services on offer are just superb. 

The way it can block certain content is very useful for us. It gives you a good heads up as to what streams are being blocked from the network, which helps with visibility.

The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback.

There seems to be good reporting features. 

The scalability is there. If you need to expand the product, you can.

The menu structure is more logical than, for example, Cisco or SonicWall. I find that the Fortinet is easier to understand in terms of the installation process and setup. 

The only problem that we have here in China is that the whole subscription process on Fortinet is a little bit difficult if you are doing it from China. China has kind of a firewall around the country, and we sometimes have complications due to that aspect.

As a whole, I don't think that the product is actually missing any features.

You do need some IT knowledge in order to effectively work with the solution.

I've been working with the solution since about 2016. It's been a few years at this point.

The solution is very stable. There aren't issues with bugs or glitches. It doesn't crash or freeze. It's very reliable.

The scalability is good. You can expand it as needed and add on extra apps to add in extra functionality if you want to.

We mostly deal with mid-range companies. 

I only talk with people here in China that are the Chinese sellers or distributors from Fortinet. They are Chinese and I don't speak or understand one single character Chinese. So for me, it's very difficult to communicate with technical support. Most of the time, I let them talk with one of the people who I know who is fluent in English and Chinese. That's what I do. 

Most of the time, I can do all the research on the internet to see what kind of device I need and then I get a translator and we figure it out.

We only use Fortinet's FortiGate for our hardware firewall protection.

However, if our clients need extra security, we may add other brands and security layers. We also work with SonicWall, Checkpoint, and Barracuda, for example.

I've also worked with pfSense, which is free, however, it has much more of a do-it-yourself approach. It's also quite different from other solutions. If you have Cisco experience, you'll be able to navigate Fortinet, whereas pfSense requires much more in-depth study. It has its own language, basically. That's one of the reasons you won't find too many of its configurations in China.

The initial setup, for me, at least, is very straightforward. It's just a few clicks and you're set up. It may be a bit more complex for someone else who may not be as familiar with the product.

I have partners that assist with the initial setup and I have network engineers who are doing the job for me. They are working for me as they are my employees. As their boss, of course, I have to know a little bit about how to handle it as well. We handle the implementation process for our clients. We implement it according to ISO and Chinese security standards.

The solution is pretty affordable. It's not overly expensive. It's not like Cisco where you pay an awful lot of money mostly for the name.

There are extra apps you can add to the product, however, those come with an extra price tag as well. That said, it allows you to do more things and expands its capabilities.

I like to use Fortinet due to the fact that with the device you can do so much more, it's not only web filtering. If you decide to use it for something else, you just pay some money to Fortinet for another package and you are good to go. It makes it a little bit easier for small or large companies as it's so flexible in its offering. 

In China, due to business constraints, licensing is quite complicated here.

I'm a service provider in China. Basically, I'm connecting companies, foreign companies or Chinese companies, or even foreign public services to business VPNs or business cross border interconnections.

Whether we use the latest version of the solution or not depends on the client, their needs, and the environment. If a client needs more security, we may even layer in other brands to help with that.

We tend to keep deployments on-premises as you can run into issues with using the cloud in China. We prefer to have it on-premises and then bring lines in to hook everything up. It's simpler and there are fewer issues.

In general, I would rate the solution at a ten out of ten. We've just been pleased with the product and the ease of use.

We primarily use the solution for a firewall plus as an overall UTM. We do not, however, use it as an SD-WAN.

The solution is very, very easy to use.

The user interface is very nice.

The product seems to offer pretty good customization.

The configuration of the product has been very straightforward and simple.

The reporting on offer is quite good.

The initial setup is straightforward as well.

We've found the pricing to be pretty good.

Technical support from the partner has been very helpful.

The integration with third-party tools may be something that they should work on. We haven't actually tried to implement that, however.

I've been working with the solution for close to ten years. It's been at least a decade at this point. It's been a while.

We haven't had any issues with the solution's stability. It's very reliable. It doesn't crash or freeze. I can't recall experiencing bugs or glitches at all over the time I've used it. 

The scalability of the solution seems to be pretty good. We haven't had any issues in that respect.

Currently, our organization has about 125 users on the product.

While I don't have a direct line to Fortigate, I have used our partner support. They have been excellent and we are quite satisfied with the level of service we receive from them. They are knowledgeable and responsive.

The initial setup is not complex at all. I found it to be very straightforward. This was due to the fact that we had this solution procured along back in 2007 or 2008, as a smaller firewall, a FortiGate 60C.

We don't have anyone that handles maintenance full-time. It's an on-call situation. If we have issues or need maintenance, we raise a ticket and it is dealt with.

The pricing of the solution is fair. We don't find it to be overly expensive.

I've never looked at other products and therefore would not be able to really compare this solution to anything.

We are just customers and end-users of the product. We don't have a business relationship with Fortinet.

I'd recommend the solution. It's very simple and easy to use. On top of that, it offers peace of mind.

Overall, I'd rate the solution nine out of ten.

We implemented Fortinet FortiGate SD-WAN for a small company that had two internet service providers. The goal was to configure the two links to operate independently, ensuring that they don't share the load. This way, when one link reaches a certain threshold, we can seamlessly switch to the other without any issues. 

We have FortiManager, which enables us to have a unified view for monitoring and managing our devices centrally, as well as dispatching policies.

The solution enables us to consolidate tools and applications and manage them all through FortiManager. You can configure your SD-WAN from Forti Manager, which gives you management functionality. 

The interoperability of the solutions is good because it allows for compatibility with brands other than Fortinet, and we don't encounter issues with it.

FortiGate SD-WAN facilitated a smooth transition for our customers between their two internet service providers, ensuring uninterrupted connectivity without any downtime.

The solution has helped us remediate threats more quickly by enabling real-time monitoring of both links, providing complete visibility into our end links. You can monitor both links on one platform. It's just one single pane of glass where you watch in real-time what is happening. It's easy to manage that way. It helps you to easily remediate issues. 

As long as our policies are granular we are able to use the solution to reduce our MTTD. 

The solution has helped to reduce our MTTR from what used to be five minutes down to 45 seconds.

The solution has helped to reduce the number of help desk tickets because it is now extremely rare for both links to be down simultaneously.

SD-WAN, regardless of the OEM being used, is a beneficial technology that is increasingly adopted by businesses due to its positive impact on business security. It allows us to maintain uninterrupted operations without concerns about past issues.

Fortinet FortiGate is user-friendly.

The support we receive when we need to upgrade is not satisfactory and has room for improvement.

I have been using Fortinet FortiGate for two years.

The solution is stable and we have not had any issues.

The solution is highly scalable.

The technical support is good, but they take a long time to respond and resolve the issues.

Neutral

I have also used Cisco, whose systems are robust and rarely experience downtime. However, with Fortinet, their licensing is highly competitive in terms of pricing. Cisco is primarily geared towards enterprise-level companies, but the learning curve for Cisco is higher compared to Fortinet.

Fortinet's price is very competitive compared to when you look at other brands of equal functionality. The hardware and licensing are compared to the others. It's also simple to use. 

The initial setup is straightforward. I did the deployment and didn't have any issues with it. It took one day to complete. 

The solution provides value and, therefore, offers a return on investment.

The price is highly competitive when compared to other brands that offer similar functionality. Fortinet FortiGate is more affordable both in terms of hardware and licensing, in comparison to its competitors.

I give Fortinet FortiGate a seven out of ten.

I recommend FortiGate SD-WAN because it is easy to implement and simple to use.