Fortinet FortiGate-VM Reviews

The use case was a bit more complex than other clients, however, the typical usage was for VPNs for end-users to get into the internal network. For a mid-size company, that's a pretty much typical use. 

The only thing out of the ordinary would be the SIEM for all the network information, all the metadata, that is cloud-based. We had to create a tunnel to it so that the collector, being in the cloud, would be able to access the internal information.

It performs the functions it needs to perform and it's been reliable. It didn't need to be modified and we didn't have problems where things would just crop up. After months configured it's been rock solid, which is good. That's why I haven't touched it in a year and a half.

I liked its general capabilities.

Its cloud management is very good.

I did like the ability to back up the configuration into the cloud, as opposed to having to store the configurations or just downloading them, the backups, to local devices.  When you want to back up the configuration you can download it as a local file and save it to the cloud.   

That flexibility was very useful. 

The product had a fairly good user interface. It was well thought out and the controls seem to be in a logical hierarchy. I was able to find stuff without having to configure things. There was just a logical breakdown of how to find things.

There were a few cases where I had to use the command line interface on it. Now they do have the ability to pop up a command line, which is nice, however, the fact that you can't do everything within the GUI is probably a problem. There's a thing I have for most products that have started out in the command line and have added GUI, and the GUI is always somewhat behind in capability.

If you have a product you should be able to control the entire product through your user interface. You shouldn't have to drop back into backend command line commands in order to tweak something. There's a couple of cases where we had to do that when we were trying to set up one of the tunnels in particular. We were talking to Check Point or some other company. You've got two different manufacturers with a sort of standard for tunneling with all kinds of encryption methods and stuff like that. You have all these options, and, in order to get the right one, we couldn't discern it from the logs that we were viewing with the user interface. We had to drop down to the command line in order to do that. I would have thought that there should be enough information options made visible in what you can just do from the user interface.

I have been dealing with the solution for three years or so. However, the last time I used it was within the last 12 months or so. The company was restructuring their office due to COVID, and so we had to go in and make changes and set up different connections, That's the last time I was actually in it.

The stability is rock solid. It's a very good solution. I haven't had to touch it for a year. The last thing I did was a firmware upgrade. That was a year ago, and they haven't requested any more work on that now. It's still operational and solid. There have been no complaints really on it.

The product was sized for what the client was doing. I can't really say one way, or the other, whether it's more or less scalable than other solutions. I know we could do things to it - that we didn't do - to increase its capability. However, it didn't need to be done and they didn't have the budget for adding anything to it. It's hard to say. I can't really speak to the scalability of it.

Technical support has been great. They really helped us when we had issues with some early problems during setup.

It ties to the device, so it's pretty easy to see whether or not you have support, however, it was not difficult to get in touch with them. You get someone with knowledge right away. You don't have to go through a filter of people asking you "Is it plugged in?"

I'm actually reselling a managed service of SonicWall. It's not completely hands-on. Now all I do is get reports from it and I can look at the dashboard, however, I don't actually have to configure it.

I've also resold Barracuda.

The initial setup was straightforward. It got complex when we started adding in requirements for tunneling et cetera. The implementation involved VPNs and the general configuration of the firewall. Then they added in these other requirements that it needed to connect to AWS. First, it was to their remote hosted environment. Then, subsequently, to the AWS environment as well. It grew over time. Over the course of a year, we spent a lot of time on it.

I'd rate the initial setup experience at a four out of five. Most of the stuff went pretty well. We had one issue and we had to drop down into it. However, their support was very good. We were able to contact support, and they were able to stay online and walk us through that problem, so without any issues. They didn't balk at it. We didn't have to beg them to help us. Some support you get in there and have to say, "I'm sorry, yes I've done all those things. Get me to the next level."

They had good quality support.

In terms of deployment, it was there when I got there. They had purchased it out of the box and they hadn't configured it. For six months it just sat there. We had it up and running within a month of me getting there. Then over time, we added more and more requirements to it. It didn't take very long to figure out what they wanted to do with it and get it set up. The actual configuration was very quick. It was just the planning beforehand that took time.

Besides myself, there were about four other people in the IT department working on the product. However, really, only one person is responsible for the gateways.

The ROI that they were looking for was an improvement in security for the whole company. It was one of those evolving things, that as new security deployments come up some of them get implemented within the firewall and others are implemented structurally or in other ways. It was able to help them meet their security goals. That was probably the biggest value that they were looking for. It also did not impede their normal operating procedure.

The licensing costs are in line with everyone else. It all seems expensive when you're talking about firewalls, however, they're all the same. It's likely in the middle of the pack.

There are costs involved with FortiTokens. Everyone has different ways of controlling VPN access, however, with the FortiTokens you get a certain amount with the device, and then you have to buy more as you add them on. They're not costly.

However, it's something you have to buy in batches, so if you've got 40 people you're going to buy a bunch of FortiTokens, and each token is an encryption key so that you can have your little app that's multifactor. They charge for that. Everyone else, in terms of competition, charges for that too.

I can't speak to if the client evaluated another solution prior to choosing this.

I primarily work as a consultant. 

The solution's deployment was on-premises, however, there were VPNs set up for remote access, VPNs set up for site-to-site, and VPNs set up for cloud-based SIEM.

As with any solution, you need to size it. You need to plan what you're going to do and what your expectations are with it before you choose the pure model. After that, proper planning is needed before you try to deploy it so you don't have to back stuff out.

I'd rate the solution at an eight out of ten.

I use the solution in my company for the data center's server protection to segregate the data center VLANs and the other VLANs used in the production, testing, and development phases, including the areas consisting of DMZ and VLAN. We are using Fortinet FortiGate-VM as a software-based tool and as a firewall for our data center.

It filters out the unnecessary connectivity that I would probably expect to be connected from the end user site or from external to the data center site. It is also used to filter unauthorized access to sites and to mitigate risks if, in cases, because of the asset policy, the remote desktop connectivity or remote connectivity is not allowed to restrict something. It is used to deal with phishing or something that may not pass through the network. The tool serves as an industrial firewall so that we can use it as a filter more efficiently.

The security offered by the tool has certain shortcomings, making it in area where improvements are required. Security, by nature, is very dynamic, and continuous improvement is required. Every time, the policy and the configuration need to be checked in that aspect now, so in that aspect, it needs some improvement, especially when it comes to some filtering mechanisms, and protocols.

I have been using Fortinet FortiGate-VM for more than three years.

In terms of stability, it is stable. Stability-wise, I rate the solution an eight out of ten.

It is scalable because it is a virtual appliance. You can probably scale it up more.

Fortinet FortiGate-VM is a security solution, so users are not expected to access it. It is actually required to protect the network and the environment, so there is no need for actual user access for the solution.

The product's initial setup phase requires some special expertise. The initial setup phase might not be complex, but it requires experts since it is a security solution.

If there is an expertise that is actually doing the implementation or deployment, then it is a straightforward process.

The solution requires a license. The tool is neither expensive nor cheap, so it is okay.

The product's implementation does affect our compliance with industry regulations, and it is one of the reasons why we prefer using Fortinet FortiGate-VM.

My suggestion to other people related to the tool depends on their requirements because there are other different solutions in terms of cost, efficiency, security, reliability, and security. Depending on the requirements, the tool is recommendable. Fortinet is one of the top security solutions in the market. Anybody can choose from multiple tools in the market, including Palo Alto products and other solutions. Fortinet is usually recommended to others.

I think that Fortinet FortiGate-VM has some solutions that offer AI features. For our use case, we don't actually use the AI functionalities since we want to control everything. In my company, we are the ones who are actually dealing with the product and are just not supported by AI.

I rate the tool a seven out of ten.

Fortinet FortiGate-VM is used for the firewall. Some clients would like to go for the solution because of pricing. They feel they can run it on their own hardware, cut down costs, and manage it.

I can vouch for the security aspect of Fortinet FortiGate-VM. It's a value-for-money appliance. Fortinet has always been our number one firewall appliance regarding recommendations to customers. The solution is very secure, and its technical support is on point.

I like Fortinet FortiGate-VM for tutorial purposes. You can set up the solution on your personal computer for apps and teaching.

Fortinet FortiGate-VM should improve its asset identification, wherein the device can identify assets on the network, like computers. We should be able to identify a device and the user account used to log on to that device.

I have been using Fortinet FortiGate-VM for more than five to six years.

Since it is a VM, the solution runs on a client-provided host machine. Most of the time, the host machine gives issues that affect the VM.

I rate the solution a five out of ten for stability.

Around 20 users are using Fortinet FortiGate-VM in our organization.

I rate the solution an eight out of ten for scalability.

The solution's technical support is responsive, but the only issue is you need to be specific with your problem. If you are not specific with your problem, it will take longer to resolve the issue because of time zone differences. All the engineers would like to know exactly the problem before they offer solutions.

Positive

We previously worked with pfSense. We switched to Fortinet FortiGate-VM because pfSense was giving us issues.

Fortinet FortiGate-VM is easy to implement, provided you know your network architecture and the basics.

On a scale from one to ten, where one is complex and ten is easy, I rate the solution's initial setup a nine out of ten.

The solution can be deployed in less than ten minutes.

Fortinet FortiGate-VM is a very expensive solution. It's a value-for-money appliance. You don't have every client going in for the solution unless there are some specific points.

You need to know exactly what you need at the point of purchase. That will guide you in purchasing the required license. If you miss and purchase the wrong license, you can wait and purchase another license during renewal. You can also negotiate with Fortinet to have your license changed to get the feature you want.

On a scale from one to ten, where one is expensive and ten is cheap, I rate the solution's pricing a three out of ten.

We used to troubleshoot for Fortinet FortiGate-VM, but now the new firmware doesn't really give issues. We do maintain the solution by checking on devices and updating the firmware. We have seven engineers in our technical team to deploy and maintain the solution.

I would not recommend Fortinet FortiGate-VM to other users because most users don't have the infrastructure. They will tell you they want to cut down costs. You get them the solution, and at the end of the day, as a technical person, you will be bothered by the solution.

Regarding the upgrade, the only time we've had an issue is when the customer gave the wrong information. The utilization exceeded what they actually needed. Aside from that, Fortinet FortiGate-VM is a good appliance for us.

Overall, I rate the solution an eight out of ten.

It's crucial for protecting my internet network. It works well internally.

Fortinet FortiGate-VM improved security within our virtualized environment.

However, I would rate the ease of management a seven out of ten, with ten being the best. 

The policies are very valuable. They allow me to secure and manage future traffic effectively.

The biggest area for improvement is storage configuration. It could be smoother.

I have been using it for four years. 

When it comes to stability, various factors are involved, including partners, configurations, and third-party integrations. 

However, we do use it, and it seems reliable and secure for most situations.

The company that acquired us already had similar technology in place, so there wasn't a significant change when they integrated FortiGate-VM.

We have around 60 end users in our company using this solution. It is a very scalable solution.

It's a new technology, and we're still learning. Support is crucial.

Neutral

The initial setup is straightforward and quick.  

We moved the equipment to the site, connected it to the internet, and configured it through the console.

I took a consultant's help.  

It improved security a lot.

My recommendation is: If you use FortiGate-VM, make sure your infrastructure is good first and that power generation is very stable. 

We use Fortinet FortiGate-VM for a constrained firewall and comprehensible security solution. Currently, I'm involved in implementing FortiGate and FortiManager for a customer project over the past month, and Fortinet has proven to be quite effective in this regard.

Regarding specific features, I appreciate the option for external selection, where you can choose either to use a default or create a self-description. This simplifies the process compared to other vendors that require creating a test extension profile and then applying it to the installation. With FortiGate, there is a streamlined approach. From the benefits perspective, clients mainly see cost reduction, especially with FortiGate VM Firewall, as it eliminates the need for additional hardware.      

The product is satisfactory. I haven't identified any features to improve, and based on the number of deployments I've handled with FortiGate-VM, there haven't been any complaints from the customer's side.

I have been using Fortinet FortiGate-VM for the past five years. 

Fortinet is a stable and user-friendly solution. The configuration is straightforward, and it provides a secure environment. I recall a challenge where a customer was using VDOM to segment their networks, but faced issues with communication between firewalls. Through online research, I discovered a tool to replace Fortinet, and it resolved the issue. During a critical migration for a large customer with six hardware firewalls, Fortinet proved reliable and prevented the possibility of mistakes. The GUI interface is well-organized, especially the security tab, making it easy to navigate. Fortinet simplifies network and security tasks, making it accessible for those with a basic understanding of networking and security concepts. Overall, as a vendor, Fortinet stands out for its streamlined approach, avoiding the need to navigate between multiple locations for configuration.

I haven't personally tried Fortinet's technical support, but according to my colleague who has used it, the experience was not positive. He mentioned that the support process is not as direct and efficient as Cisco's. In Cisco, when there's an issue, you can call, initiate a case, and the support engineer can join you directly for troubleshooting. However, with Fortinet, it seems the process involves working on the case independently, and the support requests are assigned to different engineers. 

When advising the team for cost reduction, I suggest going with the VM if there's no budget. However, if there is a budget, I recommend purchasing the hardware. For all vendors, technically speaking, hardware is considered better than VM. However, for Fortinet, the difference between VM and hardware is mainly budget-related. If the customer has a budget, it's advisable to purchase the hardware. When recommending from the sales team's perspective, if the customer has a budget, they will suggest going with hardware. If there's no budget, the recommendation is to opt for VM, especially if the customer is working with Azure or AWS. The difference between VM and hardware lies primarily in patches, and overall, everything is satisfactory. One aspect worth noting is that during VM deployment, checking connectivity between the hypervisor, distribution switch, and network firewall is required. In contrast, for hardware, once the configuration is complete, connectivity is straightforward.

As for my overall rating of the FortiGate VM solution on a scale from one to ten, with one being the worst and ten being the best, I would rate it as a ten.

I use the solution in my company mostly as a firewall product.

The strong point of the solution is that Fortinet FortiGate-VM is a good tool to spend money on, as its price is not as high as the ones offered by Palo Alto. Compared to Palo Alto's performance, most people like Fortinet FortiGate-VM. In general, Fortinet FortiGate-VM is a tool that is available for a good price, and its performance is comparable to that of Palo Alto and Check Point.

I believe that Fortinet FortiGate-VM makes improvements on a quarterly or yearly basis.

In Fortinet FortiGate-VM, the area around the configuration, performance monitoring, and GUI are not as easy as in Palo Alto. Fortinet FortiGate-VM's configuration part, performance monitoring, and GUI are areas where improvements are required.

The scalability feature of the solution has certain shortcomings, making it an area where improvements are required.

I have been using Fortinet FortiGate-VM for more than ten years. I work as the solution's system integrator. I use the solution's latest version.

It is a very stable solution. Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a six or seven out of ten.

My company deals with customers with various ranges regarding the number of users who use the solution. Some of the customers I deal with and who use the solution have around 500 users.

My company plans to increase the number of users of the solution in our company.

I am not about the online support services offered by Fortinet FortiGate-VM, but our company deals with local support for the solution, which is very good.

I rate the technical support a ten out of ten.

Positive

As a system integrator, my company not only provides services for Fortinet FortiGate-VM but also for products like Palo Alto and Check Point.

The product's initial setup phase was easy.

The solution is deployed on an on-premises model.

The product's installation phase takes three hours if our company's customers provide us with all the prerequisites required for the deployment.

Cost-wise, I would describe Fortinet FortiGate-VM as a tool that is available for a good price.

Two years ago, the price for the license of the product was affordable, but I think that in the present time, there has been an increase in the price of the product by around 30 percent, making it an expensive tool in the process. I rate the product price a three on a scale of one to ten, where one is a high price, and ten is a low price.

My team consists of around 15 engineers who help me take care of the technical aspects of the product.

I recommend the product to those who plan to use it. I rate the overall tool an eight and a half to nine out of ten.

We deploy the tool for customers who want a firewall in front of their cloud environment. We can use it for anything they want to protect in their data center or private cloud.

The solution has given us a good revenue stream and a better solution for our customers for network security. The product can take our customer’s basic firewall and take it to the next level and give them much more visibility and control over the traffic.

All the security features that are built into the product are valuable. It includes web filtering, DNS filtering, and intrusion prevention. FortiGate is the best firewall in the market. It pretty much does most things.

Support could be improved a little.

I have been using the solution for four and a half years.

I rate the solution’s stability a ten out of ten.

I rate the tool’s scalability a ten out of ten.

Sometimes, we get really good, knowledgeable engineers. At other times, it feels like we got somebody who started that day. We have to go through the wringer with them.

Neutral

The initial setup was very easy.

I have seen an ROI on the product.

The price is pretty decent compared to other products. The product’s licensing must be a little cheaper.

If you're looking for an enterprise-level next-generation firewall, go with FortiGate. It’s hands down the best value for what you pay. Overall, I rate the solution a ten out of ten.

I occasionally implement Fortinet for clients. 

In the most recent instance, we had a cloud implemented and I was driving the infrastructure. The client had separate areas inside it purposely. They needed to implement a FortiGate solution in the same client, with different VMs, for different clients, to make different areas for these clients. 

It's great that we can have separate services for the same client. 

It's a complete solution. You only need to deploy it once. You can have many clients and many services for these clients in the same VM. It's a solution that works very well for companies that may need separated sections.

It makes things less expensive for clients. The pricing is good.

The interface is decent.

Technical support has a lot of knowledge.

The initial setup is simple. 

The solution is stable.

It can scale well.

The solution could use very well-defined support for resellers. There isn't necessarily 24/7 support and resolution.

The interface could be improved. 

The product could have more protocol routing options. 

I'd rate the solution at a seven out of ten.

The stability is good. There are no bugs or glitches. It doesn't crash or freeze. 

If you need to scale, this is a good option.

The technical support is pretty good. We are quite satisfied with the level of service on offer. 

The initial setup process is very easy and straightforward. It's not difficult or complex. 

We only need three people for deployment and maintenance. It's not a solution that requires a big team. You might need one or two field engineers. 

I'm working in a Fortinet partner company. I'm a reseller.

I'm dealing with the latest version of the product.

I like the 100F version, and it may be a good option for most clients, however, it might not be right for every company. It's a good idea to figure out what you need before you decide to avoid purchasing something that's not right for your company's needs.