Fortinet FortiGate Reviews

It is used as a defense mechanism for securing the internal network from the external network. We also use it to have VPN tunnels between us and our partners and the support organizations we work with.

We are using FortiGate 200F.

We are mostly using it as a defense mechanism. It has many more possibilities, but at this moment, it is only used for defense against attacks. It is doing what it should do with the FortiGuard subscription on it, which is an advanced security subscription.

It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working.

I don't see any area of improvement at this moment. I'm responsible for the IT infrastructure. I'm not a security specialist. The IT security is being managed by the CSO in our company. 

We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine.

It has been a little over a year since we have the firewall cluster in place.

It is a stable product. We had some issues in the beginning while setting it up, but we received an update of the firmware, and since then, it has been stable.

It is being implemented for everybody. It is our security layer.

Their support is good. We had some issues in the beginning, and they were resolved within a couple of days after we explained what we were trying to do. They confirmed that it is a bug, and they would give us a fix. A couple of days later, we had the fix.

We were using SonicWall firewalls. We found FortiGate better, and we switched everything. We decommissioned all SonicWall firewalls. One of the reasons why we changed from SonicWall was that its licensing was user-based and function-based. So, every time we did something, we had to add another license or subscription. The licensing of FortiGate is clear. We know what is the price.

We migrated last year from a typical MPLS network to a complete and only one network between the sites. For firewalls, we now have a few solutions in place in our headquarters. We have Fortinet Firewall Cluster, and on the remote sites, we are using Meraki firewalls that are being used as a router at the same time. 

It is easy to use.

Its price is reasonable. They have a clear pricing policy. It is not complicated by the number of VPN users at a time. We know what the price is. The yearly subscription for the security license is rather high, but it is all included for whatever number of users you have and the kind of functions you need.

I would rate it a nine out of ten.

Most organizations use the Fortinet firewall as perimeter security at the gateway level.

FortiGate has threat protection, antivirus, and even SSL encryption and decryption. So FortiGate is primarily used for security purposes. And a few customers also use this firewall for web filtering and application control. So these are the two features for which people use FortiGate.

FortiGate is primarily a gateway,  but customers also use web filter threat protection and application control. And some people use it as a special VPN for remote access. I recently deployed one virtual firewall where they're only using the FortiGate firewall for VPN. I can't say one feature is the most valuable because it's a bundle solution. So no one uses FortiGate for just one single feature. 

Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

I've been using FortiGate for around five years.

Before version 6.0, FortiGate's firewall performed well enough, but lately, they've introduced so many features. After that, its stability has been somewhat lacking. This is because they're constantly updating their firmware. So it was pretty stable, but nowadays, it's not that stable.

I haven't worked on the scalability side because most of the time, the pre-sales tools are relatively bigger devices. So right now, I haven't faced any issues with scalability. They have some larger devices for the data center. So if we talk about their hardware, I think they're capable of handling around 10,000 to 15,000 people on a single device. But if you go with the virtual environment, I don't think there is a problem. Fortinet has a single OS that we can deploy on whatever hardware capacity we want to configure over there or through virtualization.

Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.

The management console is pretty simple, so anyone who understands networking can initially deploy the solution. But you need some good hands-on experience for advanced configuration. The amount of time required to deploy depends upon the project and also the organization. So it takes around four to five days to deploy a smaller device. And for the largest device, it takes around a maximum of two months. We do the deployment on our own. So we have a sales team, a pre-sales team, and a deployment team. Our sales team gets this and handles the sales end. After that, we come into the picture. So we do the whole migration, as well as the new implementation and everything. It should take no more than two people to deploy. If we want to migrate from one Fortinet device to another, then we use the command line. They have some script in their firmware, and we can migrate the script directly from the older firewall to the new one. So it isn't too complex.

I'm somewhat aware of the pricing, but most of the time, the pre-sales staff only defines their requirements. And we get the licenses at the time of implementation, then register and activate them. But I think Fortinet has multiple packages. They sell licenses for a period of one, three, or five years. They also have special add-on licenses for various things. So, for example, if you want to get a security rating for the firmware configuration and everything, you need to purchase an additional security license. And if you want to do some IoT-related security, you also need to purchase separate licenses. 

I rate FortiGate eight out of 10 based on the performance, stability, performance, management, rights, and features. So most people lack SSL encryption and the certificate part. Those servers are running behind the FortiGate firewall. And most of the people I've seen are not using SSL encryption over there. And even for internet purposes, they're not using deep scanning.  So my suggestion to people thinking about using FortiGate is to prepare a plan before implementation and implement those things in inbound inspection and outbound inspection. This is recommended. And also, if you have multiple band links, then you must use SD-WAN. They have SD-WAN options in the FortiGate firewall. It's a pretty good feature. So you can use that to improve your stability and performance.

We primarily use the solution as a hardware firewall. In China, there's a lot of content that would be available in the West that isn't allowed here. We're able to block certain content from getting through filters.

The solution offers a very good package for all kinds of virtual appliances, subscriptions, and so on. It's a reasonable price. It's not too much.

The services on offer are just superb. 

The way it can block certain content is very useful for us. It gives you a good heads up as to what streams are being blocked from the network, which helps with visibility.

The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback.

There seems to be good reporting features. 

The scalability is there. If you need to expand the product, you can.

The menu structure is more logical than, for example, Cisco or SonicWall. I find that the Fortinet is easier to understand in terms of the installation process and setup. 

The only problem that we have here in China is that the whole subscription process on Fortinet is a little bit difficult if you are doing it from China. China has kind of a firewall around the country, and we sometimes have complications due to that aspect.

As a whole, I don't think that the product is actually missing any features.

You do need some IT knowledge in order to effectively work with the solution.

I've been working with the solution since about 2016. It's been a few years at this point.

The solution is very stable. There aren't issues with bugs or glitches. It doesn't crash or freeze. It's very reliable.

The scalability is good. You can expand it as needed and add on extra apps to add in extra functionality if you want to.

We mostly deal with mid-range companies. 

I only talk with people here in China that are the Chinese sellers or distributors from Fortinet. They are Chinese and I don't speak or understand one single character Chinese. So for me, it's very difficult to communicate with technical support. Most of the time, I let them talk with one of the people who I know who is fluent in English and Chinese. That's what I do. 

Most of the time, I can do all the research on the internet to see what kind of device I need and then I get a translator and we figure it out.

We only use Fortinet's FortiGate for our hardware firewall protection.

However, if our clients need extra security, we may add other brands and security layers. We also work with SonicWall, Checkpoint, and Barracuda, for example.

I've also worked with pfSense, which is free, however, it has much more of a do-it-yourself approach. It's also quite different from other solutions. If you have Cisco experience, you'll be able to navigate Fortinet, whereas pfSense requires much more in-depth study. It has its own language, basically. That's one of the reasons you won't find too many of its configurations in China.

The initial setup, for me, at least, is very straightforward. It's just a few clicks and you're set up. It may be a bit more complex for someone else who may not be as familiar with the product.

I have partners that assist with the initial setup and I have network engineers who are doing the job for me. They are working for me as they are my employees. As their boss, of course, I have to know a little bit about how to handle it as well. We handle the implementation process for our clients. We implement it according to ISO and Chinese security standards.

The solution is pretty affordable. It's not overly expensive. It's not like Cisco where you pay an awful lot of money mostly for the name.

There are extra apps you can add to the product, however, those come with an extra price tag as well. That said, it allows you to do more things and expands its capabilities.

I like to use Fortinet due to the fact that with the device you can do so much more, it's not only web filtering. If you decide to use it for something else, you just pay some money to Fortinet for another package and you are good to go. It makes it a little bit easier for small or large companies as it's so flexible in its offering. 

In China, due to business constraints, licensing is quite complicated here.

I'm a service provider in China. Basically, I'm connecting companies, foreign companies or Chinese companies, or even foreign public services to business VPNs or business cross border interconnections.

Whether we use the latest version of the solution or not depends on the client, their needs, and the environment. If a client needs more security, we may even layer in other brands to help with that.

We tend to keep deployments on-premises as you can run into issues with using the cloud in China. We prefer to have it on-premises and then bring lines in to hook everything up. It's simpler and there are fewer issues.

In general, I would rate the solution at a ten out of ten. We've just been pleased with the product and the ease of use.

We primarily use the solution for a firewall plus as an overall UTM. We do not, however, use it as an SD-WAN.

The solution is very, very easy to use.

The user interface is very nice.

The product seems to offer pretty good customization.

The configuration of the product has been very straightforward and simple.

The reporting on offer is quite good.

The initial setup is straightforward as well.

We've found the pricing to be pretty good.

Technical support from the partner has been very helpful.

The integration with third-party tools may be something that they should work on. We haven't actually tried to implement that, however.

I've been working with the solution for close to ten years. It's been at least a decade at this point. It's been a while.

We haven't had any issues with the solution's stability. It's very reliable. It doesn't crash or freeze. I can't recall experiencing bugs or glitches at all over the time I've used it. 

The scalability of the solution seems to be pretty good. We haven't had any issues in that respect.

Currently, our organization has about 125 users on the product.

While I don't have a direct line to Fortigate, I have used our partner support. They have been excellent and we are quite satisfied with the level of service we receive from them. They are knowledgeable and responsive.

The initial setup is not complex at all. I found it to be very straightforward. This was due to the fact that we had this solution procured along back in 2007 or 2008, as a smaller firewall, a FortiGate 60C.

We don't have anyone that handles maintenance full-time. It's an on-call situation. If we have issues or need maintenance, we raise a ticket and it is dealt with.

The pricing of the solution is fair. We don't find it to be overly expensive.

I've never looked at other products and therefore would not be able to really compare this solution to anything.

We are just customers and end-users of the product. We don't have a business relationship with Fortinet.

I'd recommend the solution. It's very simple and easy to use. On top of that, it offers peace of mind.

Overall, I'd rate the solution nine out of ten.

We implemented Fortinet FortiGate SD-WAN for a small company that had two internet service providers. The goal was to configure the two links to operate independently, ensuring that they don't share the load. This way, when one link reaches a certain threshold, we can seamlessly switch to the other without any issues. 

We have FortiManager, which enables us to have a unified view for monitoring and managing our devices centrally, as well as dispatching policies.

The solution enables us to consolidate tools and applications and manage them all through FortiManager. You can configure your SD-WAN from Forti Manager, which gives you management functionality. 

The interoperability of the solutions is good because it allows for compatibility with brands other than Fortinet, and we don't encounter issues with it.

FortiGate SD-WAN facilitated a smooth transition for our customers between their two internet service providers, ensuring uninterrupted connectivity without any downtime.

The solution has helped us remediate threats more quickly by enabling real-time monitoring of both links, providing complete visibility into our end links. You can monitor both links on one platform. It's just one single pane of glass where you watch in real-time what is happening. It's easy to manage that way. It helps you to easily remediate issues. 

As long as our policies are granular we are able to use the solution to reduce our MTTD. 

The solution has helped to reduce our MTTR from what used to be five minutes down to 45 seconds.

The solution has helped to reduce the number of help desk tickets because it is now extremely rare for both links to be down simultaneously.

SD-WAN, regardless of the OEM being used, is a beneficial technology that is increasingly adopted by businesses due to its positive impact on business security. It allows us to maintain uninterrupted operations without concerns about past issues.

Fortinet FortiGate is user-friendly.

The support we receive when we need to upgrade is not satisfactory and has room for improvement.

I have been using Fortinet FortiGate for two years.

The solution is stable and we have not had any issues.

The solution is highly scalable.

The technical support is good, but they take a long time to respond and resolve the issues.

Neutral

I have also used Cisco, whose systems are robust and rarely experience downtime. However, with Fortinet, their licensing is highly competitive in terms of pricing. Cisco is primarily geared towards enterprise-level companies, but the learning curve for Cisco is higher compared to Fortinet.

Fortinet's price is very competitive compared to when you look at other brands of equal functionality. The hardware and licensing are compared to the others. It's also simple to use. 

The initial setup is straightforward. I did the deployment and didn't have any issues with it. It took one day to complete. 

The solution provides value and, therefore, offers a return on investment.

The price is highly competitive when compared to other brands that offer similar functionality. Fortinet FortiGate is more affordable both in terms of hardware and licensing, in comparison to its competitors.

I give Fortinet FortiGate a seven out of ten.

I recommend FortiGate SD-WAN because it is easy to implement and simple to use.

My company's customers use the solution for VPNs, specifically for SSL VPNs, IPSec VPNs, and other areas like web filters and application filters.

The most valuable feature of the solution revolves around SSL VPN. SSL VPN is good since I stay in a family where we use some other servers with port forwarding features, and so there is a lot of risk with it. Last time, my server got hacked with a ransomware attack. After that, we got a firewall and gave an SSL VPN to my client to connect to their servers, after which, such kind of activities involving ransomware attacks stopped.

Though the tool's GUI is user-friendly, it can be considered as an area with certain shortcomings where improvements are required.

I have been using Fortinet FortiGate for five years. I am a reseller of the solution. I work with Fortinet FortiGate 40F and 60F.

Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution an eight out of ten.

The challenges faced by our company related to the product are associated with the activation part. Whenever my company tries to activate the product, there are some challenges. Previously, my company had given a new product to our customer who had used Fortinet FortiGate in the past. When my company tried registering the product on the portal and activating the trial license, we saw that only 30 days of use remained in the tool. We installed the product's license after all the trial licenses were activated.

I have seven to ten customers running medium-sized businesses using Fortinet FortiGate.

After connecting to Fortinet Firewall, I have not faced any complaints related to large-scale traffic or attacks.

The solution's technical support needs to be fast since whenever my company raises a complaint, it takes almost two to three hours to get a callback from the customer support team. I rate the technical support a seven out of ten.

Neutral

I don't have any experience with SonicWall because it is not very user-friendly. Fortinet FortiGate is more user-friendly than SonicWall, so we are currently working with Fortinet FortiGate and Sophos.

The product's initial setup phase is easy. I rate it as an eight, where one is difficult, and ten is easy. Sometimes, when configuring the SD-WAN policies, I have seen issues with the tool not working properly. After updating the firmware, the tool worked properly, but there was some issue with the SD-WAN part.

For the product's deployment phase, I configured LAN and WAN, followed by the web filter policies. If a customer requires it, you can configure the VPNs.

The solution is deployed on an on-premises model.

The solution can be deployed in half an hour.

It is a bit expensive. On a scale of one being cheap and ten being expensive, I rate the tool's price as an eight. The price is justified for the features and capabilities offered by the product.

I can't describe how Fortinet FortiGate has been most effective for security posture since I haven't configured any security settings. It has a setting like in Outlook's configuration involving SMTP and POP. I didn't configure any security settings in the tool.

The tool's VPN functionality supports our company's customers' remote workforce since we have given an SSL VPN connection to support those working from outside the company. After connecting to the VPN, one needs to connect it to the server directly as it is better for security.

Whenever you upgrade firewall firmware, the user interface doesn't really change. If I upgrade to a new firmware with other tools, the user interface has slightly changed.

On the portal of Fortinet, there are VMs that are available for FortiGate. Our company can give the solution to the customer on a trial basis to check how it is working, so that there are no issues.

I rate the tool a nine out of ten.

We primarily use the solution for security purposes. We use it as a firewall for protection. 

It helps protect our users, and we are able to initiate our own policies. It also provided good visibility and reporting. 

The management is very easy.

It offers very good security features. 

The reporting and monitoring are very good.

We can integrate the solution very well with other Fortigate solutions. 

It's stable and reliable.

The solution can scale. 

Pricing is reasonable. 

We do not need any other features.

We'd like more management across other integrations. It would be ideal if it could centralize the management, and we could therefore manage all solutions under Fortinet instead of managing everything individually.

In some cases, depending on the module and the age, performance could be better.

I've been using the solution for three years. 

The solution is very scalable and reliable. There are no bugs or glitches. 

We have 800 end users, approximately.

The solution is scalable. 

Technical support has been fine. However, we haven't really dealt with them too much. We haven't had any critical issues. 

We also use other Fortinet products, including the NFGW.

We also work with Cisco devices and solutions. 

We have worked with Palo Alto in the past. It has a pretty good performance. 

In the end, we moved to Fortinet as the cost was very good. 

The solution is very simple. The process is easy to understand. It's not complex at all. 

I helped deploy the solution. We had to integrate it with internal and external firewalls. 

We had the full functionality in place within five days. We had five people managing the deployment process. 

I integrated the solution myself without outside help.

The cost of the solution is reasonable. 

I'm an end-user.

I'd rate the solution nine out of ten.

Fortinet FortiGate is used as a network firewall.

Fortinet has been a Perimeter Security which defends our network from Internet attackers, armed with zero-day exploits of common Internet services like HTTP and SMTP. We applied access-control lists to limit classes of VPN users' access to only what they need as a support team or solution deployers. We Shut off unused network services and defended critical resources first. We Build Internet-style perimeters for partner extranets. We also built secured wireless access.

Fortinet FortiGate UTM has many valuable features, such as application control, advanced persistent threat protection, Web and content filtering, IP reputation, integrated WLAN controller, intrusion prevention system, data loss prevention, and antimalware, antivirus, and antispam. It has security features that are in level with the Firewall technologies that are available in the market.

One of the features that I would like to have is endpoint protection, this should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not.

I have been using Fortinet FortiGate for approximately 6 years.

Fortinet FortiGate has high availability, which means that we have deployed two firewalls. In case of any failure of a device, the other one will continue to work. Our university stays online 100% of the time.

Fortinet FortiGate is quite robust. I haven't had any kind of hardware issue. The system has been running very smoothly with all the upgrades as far as I have continued my support with Fortinet. We keep renewing the support every year, which gives us the eligibility for all the updates.

I used the Fortinet FortiGate support a long time ago. There was a small feature that was not functioning as per the documentation. When they released the latest firmware and the issue was resolved. They provide prompt support.

I would rate the support from Fortinet FortiGate a five out of five.

Positive

The initial setup of Fortinet FortiGate is straightforward we had an right person in-house for deploying it. Moreover, If required, Fortinet has its support extended to us. We can approach them anytime and they can assist us with any kind of complicated configuration.

We implemented the Fortinet using an in-house Technical support team.

There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support.

The price of Fortinet FortiGate is reasonable compared to other solutions.

I have evaluated many other solutions, such as Sophos. If you look at Sophos, it has its own endpoint protection. It keeps a record of each client, what are the threats that have happened on each client level, and if there is a ransomware attack. It blocks it and notifies the firewall. I would be able to see a single dashboard view of what kind of threat has happened and how to mitigate them all.

Fortinet FortiGate is a good solution overall. It is very user-friendly and all the policies are very easy to deploy. I would recommend Fortinet FortiGate to any new users who want to have a secure infrastructure.

I rate Fortinet FortiGate an eight out of ten.

There are some better industry-standard solutions out there in the market, and compared to them, Fortinet FortiGate has to be more flexible enough with their solution to be more competitive.