Fortinet FortiGate-VM Reviews

We use FortiGate-VM as a firewall. My company has more than 4,000 users, and we plan to increase usage. 

I like FortiGate's IPS, IDS, and URL filtering. 

I think Fortinet should provide us with more reporting from the AI/ML point of view. They could also offer the SaaS application in a single box. The VPN and ZTNA have so many verticals that they work as a standalone solution. They need to be in a single box.

I have worked with FortiGate-VM for the last three years.

I rate FortiGate-VM eight out of 10 for stability. 

From a scalability point of view, we have a physical user license. If we need to upgrade, we can get a box. There is presently sufficient formal organization to scale up.

I have no problems with Fortinet support.

Positive

We have used Check Point and Palo Alto firewalls. 

We deployed FortiGate-VM with the help of a partner and the vendor. The deployment process took three months. We previously used Cisco ASA and had no migration tool, so we had to start from scratch. 

FortiGate-VM is affordable. In terms of operating costs, we contract with the OEM for a three-year contract and then renew. We haven't received any notice from them because all of our infrastructure is under contract. Every three years, if we cannot get a good price from the vendor, we replace the box.

I rate Fortinet FortiGate-VM eight out of 10. It has all the features. The only recommendation is to combine the vertical into a single box. To improve performance, they should build an engine in the box that enables them to scale per the user requirement. 

We use the solution for our private cloud.

We use Fortinet for everything in our organization. Our organization has Fortinet experts. The virtualized network features work fine. The flexibility is fine. It’s easy to integrate the solution with our network infrastructure.

We face some issues with the IPsec connection during replication. It must be improved.

I have been using the solution for six months.

The stability is fine.

I rate the tool’s scalability an eight out of ten. We have many users in our organization.

The initial setup is complex because we use CLI. The solution is cloud-based. We have moved our on-premise VM to a private VM.

I have used Netgate. I prefer Fortinet FortiGate-VM.

Overall, I rate the product a nine out of ten.

We deploy the tool for customers who want a firewall in front of their cloud environment. We can use it for anything they want to protect in their data center or private cloud.

The solution has given us a good revenue stream and a better solution for our customers for network security. The product can take our customer’s basic firewall and take it to the next level and give them much more visibility and control over the traffic.

All the security features that are built into the product are valuable. It includes web filtering, DNS filtering, and intrusion prevention. FortiGate is the best firewall in the market. It pretty much does most things.

Support could be improved a little.

I have been using the solution for four and a half years.

I rate the solution’s stability a ten out of ten.

I rate the tool’s scalability a ten out of ten.

Sometimes, we get really good, knowledgeable engineers. At other times, it feels like we got somebody who started that day. We have to go through the wringer with them.

Neutral

The initial setup was very easy.

I have seen an ROI on the product.

The price is pretty decent compared to other products. The product’s licensing must be a little cheaper.

If you're looking for an enterprise-level next-generation firewall, go with FortiGate. It’s hands down the best value for what you pay. Overall, I rate the solution a ten out of ten.

We have a private cloud environment with two firewalls and a physical host with a total storage capacity of approximately 5 terabytes running on VMware. The private cloud is a payment services gateway processing transactions from 1,500 outlets nationwide. We have around a thousand virtual machines, and all of them use Fortinet. 

We like FortiGate-VM's IPS features and its ability to create multiple virtual firewalls. 

I have used FortiGate-VM for five years. 

Stability is one area where Fortinet stands out. We don't see dropped sessions or downtime. The hardware is extremely stable, and our utilization stays well below the limits. 

You need to upgrade your box to scale, but it's easy to migrate from one to the other. 

Fortinet support needs improvement. The response times are lackluster. Fortunately, the product is stable and we seldom have issues. Also, it takes months for them to deliver hardware when we order it. 

Neutral

It's easy to install and configure FortiGate-VM. One engineer can finish the job in half a day. 

You will recover your investment if you purchase the right size and use it for six or seven years. However, you'll lose money if you need to replace or upgrade the box after three years. It's critical to buy the correct size from the start.

FortiGate-VM is a little expensive compared to Sophos. You pay a fixed license for the box, but there are various options if you need to upgrade. 

I rate Fortinet FortiGate-VM nine out of 10. It's a solid product overall, but Fortinet support has a lot of room for improvement. I wouldn't recommend it for an enterprise use case. It might work, but you should test it first. They have various options, so you should pick one that meets your business requirements and your environment.

I use the solution in my company for the data center's server protection to segregate the data center VLANs and the other VLANs used in the production, testing, and development phases, including the areas consisting of DMZ and VLAN. We are using Fortinet FortiGate-VM as a software-based tool and as a firewall for our data center.

It filters out the unnecessary connectivity that I would probably expect to be connected from the end user site or from external to the data center site. It is also used to filter unauthorized access to sites and to mitigate risks if, in cases, because of the asset policy, the remote desktop connectivity or remote connectivity is not allowed to restrict something. It is used to deal with phishing or something that may not pass through the network. The tool serves as an industrial firewall so that we can use it as a filter more efficiently.

The security offered by the tool has certain shortcomings, making it in area where improvements are required. Security, by nature, is very dynamic, and continuous improvement is required. Every time, the policy and the configuration need to be checked in that aspect now, so in that aspect, it needs some improvement, especially when it comes to some filtering mechanisms, and protocols.

I have been using Fortinet FortiGate-VM for more than three years.

In terms of stability, it is stable. Stability-wise, I rate the solution an eight out of ten.

It is scalable because it is a virtual appliance. You can probably scale it up more.

Fortinet FortiGate-VM is a security solution, so users are not expected to access it. It is actually required to protect the network and the environment, so there is no need for actual user access for the solution.

The product's initial setup phase requires some special expertise. The initial setup phase might not be complex, but it requires experts since it is a security solution.

If there is an expertise that is actually doing the implementation or deployment, then it is a straightforward process.

The solution requires a license. The tool is neither expensive nor cheap, so it is okay.

The product's implementation does affect our compliance with industry regulations, and it is one of the reasons why we prefer using Fortinet FortiGate-VM.

My suggestion to other people related to the tool depends on their requirements because there are other different solutions in terms of cost, efficiency, security, reliability, and security. Depending on the requirements, the tool is recommendable. Fortinet is one of the top security solutions in the market. Anybody can choose from multiple tools in the market, including Palo Alto products and other solutions. Fortinet is usually recommended to others.

I think that Fortinet FortiGate-VM has some solutions that offer AI features. For our use case, we don't actually use the AI functionalities since we want to control everything. In my company, we are the ones who are actually dealing with the product and are just not supported by AI.

I rate the tool a seven out of ten.

We employ Fortinet FortiGate-VM solely for testing purposes, similar to how we employ virtual machines in a virtual lab environment to evaluate solutions. When customers inquire about potential solutions, we typically construct and thoroughly test these solutions in our lab environment before providing confirmation. Once we've successfully conducted a proof of concept, we then extend an offer to the customer.

Both the hardware and virtual versions offer comprehensive capabilities required for perimeter network protection. Positioned at the network perimeter, they provide profiles that can be easily configured, including antivirus, DNS protection, web filtering, IPS, and application awareness for over five thousand applications. This allows for tailored configurations based on specific application usage within our network.

The scalability and flexibility of FortiGate VM have greatly benefited our organization. Its exceptional scalability allows us to adapt and expand according to our evolving needs.

Integrating FortiGate VM with our existing systems was straightforward, as I recall no difficulties during the process. I would rate it a solid ten out of ten for ease of integration.

The performance and availability of FortiGate-VM in our setup vary depending on the specific models chosen. We refer to data sheets and comparison tables to identify devices that meet our specific requirements. This involves considering factors such as performance metrics, encryption and decryption capabilities, and the number of secure connections supported. By comparing different models, we can select the one that best suits our needs.

The GUI of FortiGate is exceptional.

The features of FortiGate VM that we find most effective for network security include its universal operating system, which is the same across both hardware and virtual machine deployments. This consistency ensures that both real boxes and virtual machines run on identical images, accessible via both command line and graphical interfaces for convenience.

SD-WAN could be enhanced to provide a clear division between control and data planes, utilizing controllers to manage tasks within the network.

We have been using it for more than three years.

I am satisfied with its stability. I would rate it ten out of ten.

It provides outstanding scalability capabilities. I would rate it ten out of ten. 
We serve a diverse range of customers, including large government organizations in Ukraine and small businesses. FortiGate is suitable for a variety of customer types, accommodating the needs of both large enterprises and smaller organizations.

We haven't encountered any open trouble tickets in the past three years, so we don't have firsthand experience with how Fortinet handles cases.

The initial setup is straightforward, earning a rating of ten out of ten for ease of use. Compared to other options, it stands out as exceptionally simple, largely due to the extensive documentation provided by Fortinet. Additionally, numerous YouTube tutorials are available online, making it easy to find solutions without necessarily having to consult the documentation.

For deployment, FortiGate can be utilized in both on-premises and cloud environments, offering flexibility in its application. It can serve as a client-side perimeter device within a customer's network or function as a cloud-based service. Our organization predominantly offers cloud-based solutions, leveraging FortiGate installations at our Sentinel node facility. Here, we manage customer traffic by configuring it to pass through FortiGate, allowing us to provide next-generation firewall services to customers who lack their infrastructure. We tailor configurations to suit each customer's specific needs.

Alternatively, if a customer requires an on-premises solution, we may deploy a physical appliance at their site. In such cases, where the customer lacks the expertise to manage the firewall effectively, we offer a managed service option.

Deployment typically takes no more than a few hours, thanks to the straightforward installation process and the clarity of the documentation provided. Especially in simple configurations with uncomplicated topologies, deployment can be completed within minutes.

The price falls somewhere in the middle; it's neither cheap nor expensive. I would rate it five out of ten.

When purchasing an appliance, it's essential to acquire the accompanying subscription. This is crucial because frequent updates to antivirus profiles and other features are necessary, often occurring daily. Operating the device effectively requires a subscription from Fortinet, which we consistently purchase.

Fortinet FortiGate-VM is purpose-built as a next-generation firewall, excelling in its performance of this specific function. Its designated place in the network aligns perfectly with its capabilities, making it an ideal device for its intended purpose. Overall, I would rate it ten out of ten.

All firewalls, including Fortinet FortiGate-VM, provide similar features under the sync capability. The differences between them are minimal, with FortiGate-VM offering simplicity in use. It covers aspects such as intrusion prevention, web filtering, application control, routing, virtual domains, policy-based routing, and SSL.

For our customer, this product holds paramount importance. It is critical for them as we collaborate with government agencies, financial institutions, and oil and gas companies. Inspecting and controlling traffic, especially pertaining to credit cards, is crucial for their operations.

GitDM, like FortiGate VM, provides similar features to FortiGate appliances or cloud solutions. However, FortiGate VM is more suitable for heavy traffic and inspection compared to GitDM. Unfortunately, FortiGate VM lacks a dedicated SPU for inspection, and all features rely on CPU and RAM.

I don't have any specific improvements to suggest, but perhaps the pricing could be enhanced. Regarding updates, more frequent updates would be appreciated. FortiGate-VM is currently focused on providing very good firmware updates, automation, and top-notch features. It stands as a great product for now.

Based on our needs and the vulnerabilities we've encountered due to various downloads, I suggest integrating with Kaspersky Gateway. This integration would involve scanning and inspecting both official emails and spam emails. Our customer has successfully worked with Kaspersky Gateway, and overall, the integration has been effective.

I have been working with Fortinet FortiGate-VM for 3 years.

In conjunction with the switch and based on the sizing, it indicates a suitable box or VM for the customer. If the level of mailbox is low, the stability will be good, and the box will not be in conserve mode. Regarding impressions of scalability, I would rate it eight out of ten.

The support team is excellent, providing assistance and resolving issues effectively.

The setup is straightforward for me, but our customers might find it a bit challenging. Overall, following the provided steps and consulting the official materials or documentation makes the FortiGate-VM setup relatively easy.Firstly, we establish a console connection to the firewall and access its default IP. In the second step, we create rules to enable the firewall to access the internet. Following these two steps, we register a rule with Fortinet Broadcom, download the necessary licenses, and upload them. After uploading the license, we set up an interface rule, check the license, and configure interfaces such as LAN, WAN, and VPN. Subsequently, we create profiles, including web filter, application, antivirus, and IPS profiles. The last steps involve configuring interfaces like LAN, WAN, and VPN, as well as attaching profiles to outbound policies. We also consider additional configurations, like server publishing, destination netting, or integrating with PBM for Alibaba Cloud. The final three configurations are optional and depend on the customer's requirements.

We can tailor the suitable license for the customer, whether they require UTB or enterprise features. The options are flexible based on their needs.

I would recommend Fortinet for large-scale companies and Sophos for medium or small enterprises. I would rate it 8 out of 10.

They could simplify the troubleshooting process. Troubleshooting requires expertise, often necessitating the command-line interface (CLI). It could be more advanced and easier to use than other products.

Additionally, they could enhance support capabilities and a facility to communicate efficiently with the team.

We have been using Fortinet FortiGate-VM for seven years.

The product is stable. However, there are a few areas of improvement. I rate the stability an eight out of ten.

It is best in terms of pricing for small and medium-sized companies, where it stands out as a cost-effective and feature-rich solution. For larger enterprises, we emphasize the potential benefits of complementing FortiGate-VM with additional firewalls, such as Palo Alto, to enhance security and address potential vulnerabilities.

I rate the scalability a nine out of ten.

The initial setup process is easy. It can deployed on the cloud and premises based on the client's requirements.

There are products like Cisco Meraki that are more inexpensive than Fortinet FortiGate-VM. However, it provides better security features. Palo Alto's pricing is similar to that of the FortiGate-VM regarding quality for security features. It is reasonable.

FortiGate VM in a cloud infrastructure provides security benefits. It offers the same robust features and functionality in virtual, on-premise, and traditional data center environments. It protects against external attacks and internal threats through features such as web filtering, secure application filtering, and antivirus capabilities. These functionalities collectively enhance security measures, safeguarding against various potential risks.

It is extensible, as we can add as much functionality as we require. It is simple to add more resources. It has a flexible pay-as-you-go pricing model.

I rate it an eight out of ten.