Fortinet FortiGate Reviews

I used it as an IT provider, and our main firewall was the Fortinet series FortiGate. Currently, I am just a user on the end user side of the fence.

The Fortinet gear is really easy to use, intuitive, and pretty powerful. It has been great because we haven't had to change it out very much. The operational return on investment has been great as we don't have to keep replacing it.

I really liked the interface because it was extremely user-friendly. Unlike Cisco, where you didn't need to be certified to use the interface effectively. The consistency across all models has also been beneficial as it simplifies learning and usage. They put in a thing called the FortiCookbook, which is very easy to read with real-life scenarios that make networking tasks like joining networks very straightforward.

I just don't like giving products ten out of ten. There's always something new that can be added or fixed.

I have been working with the Fortinet FortiGate overall since 2006, which is quite a few years now.

We haven't had to change it out very much. It has been stable and reliable for us.

I would rate its scalability as a nine out of ten. They scale up really well from smaller models like the FortiGate 40 and 50 to bigger sites with the FortiGate 100 for more throughput - up to enterprise datacenters.

Customer support is quite good. We purchased the 24/7 support, and they usually respond within an hour, even in the middle of the night.

I haven't switched from FortiGate. We still use the Fortinet solution as our firewall.

The initial setup is very straightforward and easy, with wizards helping to configure the device efficiently.

The ROI has been very good because it's operationally efficient, and we haven't needed to replace the equipment frequently.

I would definitely recommend it to other businesses with similar security needs. For smaller businesses with just a couple of computers, the standard ISP-supplied modems are fine.

I'd rate the solution nine out of ten.

Fortinet FortiGate offers a new official solution for SASE. This solution is more cost-effective for my organisation than the hardware. It doesn’t require renewals every year or every three years. With FortiGate, you get a firewall as a cloud service and optimal protection.

Fortinet FortiGate meets all the security demands of my industry. It covers endpoint security, including web interface, DNS security, and ELP. I'm currently using the latest version. The features that have most improved our network security are Web Control, filtering, application control, IDS, IPS policies, and Deep SSL inspection.

The intrusion prevention system (IPS) in FortiGate is highly effective. It detects and prevents intrusions, maintaining security efficiently. It works seamlessly with my environment and Google Analytics, providing robust protection.

The firmware updates are sometimes not stable. The stability issues can vary, sometimes happening once a month or quarterly. New firmware updates can occasionally introduce bugs, causing some policies to fail. We then have to raise a ticket, and Fortinet usually provides a fix within a few days.

I have been using Fortinet FortiGate for the past three to five years.

For overall stability, I'd rate FortiGate an eight. It is stable, but there are sometimes issues with the software, so there's room for improvement.

There are no scalability issues with Fortinet FortiGate. I haven't needed to scale it yet, but I have a relationship with the vendor, and they have a program to scale their hardware if required.

They also offer many solutions free of cost with the hardware, including advanced solutions. We have four branches of our organization, and they use these effectively.

The support team is very effective.

Positive

I previously used Cisco for my environment, specifically Cisco ISE for access control, but I have shifted to Fortinet products due to their cost-effectiveness.

The deployment process of Fortinet FortiGate was very straightforward. The installation took about twenty minutes, and fully configuring it with security features took about an hour. It was pretty fast, so I didn't need to spend days preparing and configuring.

I am involved in the maintenance of FortiGate, and I have five engineers with me. Three are on-site, handling different boxes, and two are remote.

I've noticed benefits in terms of performance and timing with Fortinet FortiGate. Its implementation and deployment are quick, and migration from other vendors to Fortinet is smooth and easy. Typically, we only have about fifteen minutes of downtime during the transition and gradually implement the policies.

For the price, I'd rate it a ten because it's very cost-effective.

I chose Fortinet FortiGate because it is effortless to use compared to other vendors. Their customer support is excellent, with quick responses and qualified attack engineers. They provide relevant documentation and immediate engineer assistance if needed.

Regarding AI capabilities, the product promises threat intelligence based on AI and machine learning, which I plan to explore. FortiGate integrates smoothly with other solutions.

I'd rate FortiGate a nine out of ten.

The use case varies depending on the customer, but we use all of FortiGate's features, including policies, web filtering, routing, etc. 

FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all these features on one device because it can cause performance issues. 

We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs. 

I have been working with Fortinet for nearly ten years.

I rate FortiGate an eight out of ten for stability. It is less stable than Palo Alto Networks and Check Point firewalls because there are lots of bugs in the latest firmware. 

FortiGate is scalable. 

I rate Fortinet's support a seven out of ten. We had to open several tickets due to the firmware bugs. We don't have an issue with the support team. It's more of a problem with the testers and developers. 

Neutral

I have also used Palo Alto and Check Point firewalls. Fortinet firewalls are cheaper and easier to manage. Palo Alto is more complex and harder to use, but it's more stable than FortiGate. Palo Alto doesn't didn't have as many models for small and medium-sized enterprises.

FortiGate is easy to deploy. The deployment time varies depending on the customer's network topology. How many policies does the customer require, and what kind of license do they have? FortiGate is easier than Palo Alto Networks and Check Point and takes less time.

We typically start by analyzing the customer's topology and understanding their requirements, including policies, routines, etc. We implement the device once we know what the customer needs. One engineer is usually enough to deploy FortiGate in a small or medium-sized environment. 

An enterprise project requires a more detailed analysis of the network requirements before implementation. That can take two or three days. Once we understand the network, it may take another two or three days to configure the device and one or two days to implement it. 

Fortinet has more device options that are affordable for small businesses than Palo Alto, and its enterprise-level models are also cheaper. Palo Alto also has a separate license for VPN connections and SD-WAN, but FortiGate offers these standard features. 

I rate Fortinet FortiGate a seven and a half out of ten. I deducted a few points because of the device's capacity, stability, support, and routing table issues. I strongly recommend FortiGate if a customer wants to use SD-WAN. Before implementing, you should understand the network's topology to minimize unwanted issues. 

It is used as a defense mechanism for securing the internal network from the external network. We also use it to have VPN tunnels between us and our partners and the support organizations we work with.

We are using FortiGate 200F.

We are mostly using it as a defense mechanism. It has many more possibilities, but at this moment, it is only used for defense against attacks. It is doing what it should do with the FortiGuard subscription on it, which is an advanced security subscription.

It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working.

I don't see any area of improvement at this moment. I'm responsible for the IT infrastructure. I'm not a security specialist. The IT security is being managed by the CSO in our company. 

We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine.

It has been a little over a year since we have the firewall cluster in place.

It is a stable product. We had some issues in the beginning while setting it up, but we received an update of the firmware, and since then, it has been stable.

It is being implemented for everybody. It is our security layer.

Their support is good. We had some issues in the beginning, and they were resolved within a couple of days after we explained what we were trying to do. They confirmed that it is a bug, and they would give us a fix. A couple of days later, we had the fix.

We were using SonicWall firewalls. We found FortiGate better, and we switched everything. We decommissioned all SonicWall firewalls. One of the reasons why we changed from SonicWall was that its licensing was user-based and function-based. So, every time we did something, we had to add another license or subscription. The licensing of FortiGate is clear. We know what is the price.

We migrated last year from a typical MPLS network to a complete and only one network between the sites. For firewalls, we now have a few solutions in place in our headquarters. We have Fortinet Firewall Cluster, and on the remote sites, we are using Meraki firewalls that are being used as a router at the same time. 

It is easy to use.

Its price is reasonable. They have a clear pricing policy. It is not complicated by the number of VPN users at a time. We know what the price is. The yearly subscription for the security license is rather high, but it is all included for whatever number of users you have and the kind of functions you need.

I would rate it a nine out of ten.

Most organizations use the Fortinet firewall as perimeter security at the gateway level.

FortiGate has threat protection, antivirus, and even SSL encryption and decryption. So FortiGate is primarily used for security purposes. And a few customers also use this firewall for web filtering and application control. So these are the two features for which people use FortiGate.

FortiGate is primarily a gateway,  but customers also use web filter threat protection and application control. And some people use it as a special VPN for remote access. I recently deployed one virtual firewall where they're only using the FortiGate firewall for VPN. I can't say one feature is the most valuable because it's a bundle solution. So no one uses FortiGate for just one single feature. 

Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

I've been using FortiGate for around five years.

Before version 6.0, FortiGate's firewall performed well enough, but lately, they've introduced so many features. After that, its stability has been somewhat lacking. This is because they're constantly updating their firmware. So it was pretty stable, but nowadays, it's not that stable.

I haven't worked on the scalability side because most of the time, the pre-sales tools are relatively bigger devices. So right now, I haven't faced any issues with scalability. They have some larger devices for the data center. So if we talk about their hardware, I think they're capable of handling around 10,000 to 15,000 people on a single device. But if you go with the virtual environment, I don't think there is a problem. Fortinet has a single OS that we can deploy on whatever hardware capacity we want to configure over there or through virtualization.

Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.

The management console is pretty simple, so anyone who understands networking can initially deploy the solution. But you need some good hands-on experience for advanced configuration. The amount of time required to deploy depends upon the project and also the organization. So it takes around four to five days to deploy a smaller device. And for the largest device, it takes around a maximum of two months. We do the deployment on our own. So we have a sales team, a pre-sales team, and a deployment team. Our sales team gets this and handles the sales end. After that, we come into the picture. So we do the whole migration, as well as the new implementation and everything. It should take no more than two people to deploy. If we want to migrate from one Fortinet device to another, then we use the command line. They have some script in their firmware, and we can migrate the script directly from the older firewall to the new one. So it isn't too complex.

I'm somewhat aware of the pricing, but most of the time, the pre-sales staff only defines their requirements. And we get the licenses at the time of implementation, then register and activate them. But I think Fortinet has multiple packages. They sell licenses for a period of one, three, or five years. They also have special add-on licenses for various things. So, for example, if you want to get a security rating for the firmware configuration and everything, you need to purchase an additional security license. And if you want to do some IoT-related security, you also need to purchase separate licenses. 

I rate FortiGate eight out of 10 based on the performance, stability, performance, management, rights, and features. So most people lack SSL encryption and the certificate part. Those servers are running behind the FortiGate firewall. And most of the people I've seen are not using SSL encryption over there. And even for internet purposes, they're not using deep scanning.  So my suggestion to people thinking about using FortiGate is to prepare a plan before implementation and implement those things in inbound inspection and outbound inspection. This is recommended. And also, if you have multiple band links, then you must use SD-WAN. They have SD-WAN options in the FortiGate firewall. It's a pretty good feature. So you can use that to improve your stability and performance.

We primarily use the solution as a hardware firewall. In China, there's a lot of content that would be available in the West that isn't allowed here. We're able to block certain content from getting through filters.

The solution offers a very good package for all kinds of virtual appliances, subscriptions, and so on. It's a reasonable price. It's not too much.

The services on offer are just superb. 

The way it can block certain content is very useful for us. It gives you a good heads up as to what streams are being blocked from the network, which helps with visibility.

The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback.

There seems to be good reporting features. 

The scalability is there. If you need to expand the product, you can.

The menu structure is more logical than, for example, Cisco or SonicWall. I find that the Fortinet is easier to understand in terms of the installation process and setup. 

The only problem that we have here in China is that the whole subscription process on Fortinet is a little bit difficult if you are doing it from China. China has kind of a firewall around the country, and we sometimes have complications due to that aspect.

As a whole, I don't think that the product is actually missing any features.

You do need some IT knowledge in order to effectively work with the solution.

I've been working with the solution since about 2016. It's been a few years at this point.

The solution is very stable. There aren't issues with bugs or glitches. It doesn't crash or freeze. It's very reliable.

The scalability is good. You can expand it as needed and add on extra apps to add in extra functionality if you want to.

We mostly deal with mid-range companies. 

I only talk with people here in China that are the Chinese sellers or distributors from Fortinet. They are Chinese and I don't speak or understand one single character Chinese. So for me, it's very difficult to communicate with technical support. Most of the time, I let them talk with one of the people who I know who is fluent in English and Chinese. That's what I do. 

Most of the time, I can do all the research on the internet to see what kind of device I need and then I get a translator and we figure it out.

We only use Fortinet's FortiGate for our hardware firewall protection.

However, if our clients need extra security, we may add other brands and security layers. We also work with SonicWall, Checkpoint, and Barracuda, for example.

I've also worked with pfSense, which is free, however, it has much more of a do-it-yourself approach. It's also quite different from other solutions. If you have Cisco experience, you'll be able to navigate Fortinet, whereas pfSense requires much more in-depth study. It has its own language, basically. That's one of the reasons you won't find too many of its configurations in China.

The initial setup, for me, at least, is very straightforward. It's just a few clicks and you're set up. It may be a bit more complex for someone else who may not be as familiar with the product.

I have partners that assist with the initial setup and I have network engineers who are doing the job for me. They are working for me as they are my employees. As their boss, of course, I have to know a little bit about how to handle it as well. We handle the implementation process for our clients. We implement it according to ISO and Chinese security standards.

The solution is pretty affordable. It's not overly expensive. It's not like Cisco where you pay an awful lot of money mostly for the name.

There are extra apps you can add to the product, however, those come with an extra price tag as well. That said, it allows you to do more things and expands its capabilities.

I like to use Fortinet due to the fact that with the device you can do so much more, it's not only web filtering. If you decide to use it for something else, you just pay some money to Fortinet for another package and you are good to go. It makes it a little bit easier for small or large companies as it's so flexible in its offering. 

In China, due to business constraints, licensing is quite complicated here.

I'm a service provider in China. Basically, I'm connecting companies, foreign companies or Chinese companies, or even foreign public services to business VPNs or business cross border interconnections.

Whether we use the latest version of the solution or not depends on the client, their needs, and the environment. If a client needs more security, we may even layer in other brands to help with that.

We tend to keep deployments on-premises as you can run into issues with using the cloud in China. We prefer to have it on-premises and then bring lines in to hook everything up. It's simpler and there are fewer issues.

In general, I would rate the solution at a ten out of ten. We've just been pleased with the product and the ease of use.

We primarily use the solution for a firewall plus as an overall UTM. We do not, however, use it as an SD-WAN.

The solution is very, very easy to use.

The user interface is very nice.

The product seems to offer pretty good customization.

The configuration of the product has been very straightforward and simple.

The reporting on offer is quite good.

The initial setup is straightforward as well.

We've found the pricing to be pretty good.

Technical support from the partner has been very helpful.

The integration with third-party tools may be something that they should work on. We haven't actually tried to implement that, however.

I've been working with the solution for close to ten years. It's been at least a decade at this point. It's been a while.

We haven't had any issues with the solution's stability. It's very reliable. It doesn't crash or freeze. I can't recall experiencing bugs or glitches at all over the time I've used it. 

The scalability of the solution seems to be pretty good. We haven't had any issues in that respect.

Currently, our organization has about 125 users on the product.

While I don't have a direct line to Fortigate, I have used our partner support. They have been excellent and we are quite satisfied with the level of service we receive from them. They are knowledgeable and responsive.

The initial setup is not complex at all. I found it to be very straightforward. This was due to the fact that we had this solution procured along back in 2007 or 2008, as a smaller firewall, a FortiGate 60C.

We don't have anyone that handles maintenance full-time. It's an on-call situation. If we have issues or need maintenance, we raise a ticket and it is dealt with.

The pricing of the solution is fair. We don't find it to be overly expensive.

I've never looked at other products and therefore would not be able to really compare this solution to anything.

We are just customers and end-users of the product. We don't have a business relationship with Fortinet.

I'd recommend the solution. It's very simple and easy to use. On top of that, it offers peace of mind.

Overall, I'd rate the solution nine out of ten.

We implemented Fortinet FortiGate SD-WAN for a small company that had two internet service providers. The goal was to configure the two links to operate independently, ensuring that they don't share the load. This way, when one link reaches a certain threshold, we can seamlessly switch to the other without any issues. 

We have FortiManager, which enables us to have a unified view for monitoring and managing our devices centrally, as well as dispatching policies.

The solution enables us to consolidate tools and applications and manage them all through FortiManager. You can configure your SD-WAN from Forti Manager, which gives you management functionality. 

The interoperability of the solutions is good because it allows for compatibility with brands other than Fortinet, and we don't encounter issues with it.

FortiGate SD-WAN facilitated a smooth transition for our customers between their two internet service providers, ensuring uninterrupted connectivity without any downtime.

The solution has helped us remediate threats more quickly by enabling real-time monitoring of both links, providing complete visibility into our end links. You can monitor both links on one platform. It's just one single pane of glass where you watch in real-time what is happening. It's easy to manage that way. It helps you to easily remediate issues. 

As long as our policies are granular we are able to use the solution to reduce our MTTD. 

The solution has helped to reduce our MTTR from what used to be five minutes down to 45 seconds.

The solution has helped to reduce the number of help desk tickets because it is now extremely rare for both links to be down simultaneously.

SD-WAN, regardless of the OEM being used, is a beneficial technology that is increasingly adopted by businesses due to its positive impact on business security. It allows us to maintain uninterrupted operations without concerns about past issues.

Fortinet FortiGate is user-friendly.

The support we receive when we need to upgrade is not satisfactory and has room for improvement.

I have been using Fortinet FortiGate for two years.

The solution is stable and we have not had any issues.

The solution is highly scalable.

The technical support is good, but they take a long time to respond and resolve the issues.

Neutral

I have also used Cisco, whose systems are robust and rarely experience downtime. However, with Fortinet, their licensing is highly competitive in terms of pricing. Cisco is primarily geared towards enterprise-level companies, but the learning curve for Cisco is higher compared to Fortinet.

Fortinet's price is very competitive compared to when you look at other brands of equal functionality. The hardware and licensing are compared to the others. It's also simple to use. 

The initial setup is straightforward. I did the deployment and didn't have any issues with it. It took one day to complete. 

The solution provides value and, therefore, offers a return on investment.

The price is highly competitive when compared to other brands that offer similar functionality. Fortinet FortiGate is more affordable both in terms of hardware and licensing, in comparison to its competitors.

I give Fortinet FortiGate a seven out of ten.

I recommend FortiGate SD-WAN because it is easy to implement and simple to use.