Fortinet FortiGate-VM Reviews

I use the solution in my company mostly as a firewall product.

The strong point of the solution is that Fortinet FortiGate-VM is a good tool to spend money on, as its price is not as high as the ones offered by Palo Alto. Compared to Palo Alto's performance, most people like Fortinet FortiGate-VM. In general, Fortinet FortiGate-VM is a tool that is available for a good price, and its performance is comparable to that of Palo Alto and Check Point.

I believe that Fortinet FortiGate-VM makes improvements on a quarterly or yearly basis.

In Fortinet FortiGate-VM, the area around the configuration, performance monitoring, and GUI are not as easy as in Palo Alto. Fortinet FortiGate-VM's configuration part, performance monitoring, and GUI are areas where improvements are required.

The scalability feature of the solution has certain shortcomings, making it an area where improvements are required.

I have been using Fortinet FortiGate-VM for more than ten years. I work as the solution's system integrator. I use the solution's latest version.

It is a very stable solution. Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a six or seven out of ten.

My company deals with customers with various ranges regarding the number of users who use the solution. Some of the customers I deal with and who use the solution have around 500 users.

My company plans to increase the number of users of the solution in our company.

I am not about the online support services offered by Fortinet FortiGate-VM, but our company deals with local support for the solution, which is very good.

I rate the technical support a ten out of ten.

Positive

As a system integrator, my company not only provides services for Fortinet FortiGate-VM but also for products like Palo Alto and Check Point.

The product's initial setup phase was easy.

The solution is deployed on an on-premises model.

The product's installation phase takes three hours if our company's customers provide us with all the prerequisites required for the deployment.

Cost-wise, I would describe Fortinet FortiGate-VM as a tool that is available for a good price.

Two years ago, the price for the license of the product was affordable, but I think that in the present time, there has been an increase in the price of the product by around 30 percent, making it an expensive tool in the process. I rate the product price a three on a scale of one to ten, where one is a high price, and ten is a low price.

My team consists of around 15 engineers who help me take care of the technical aspects of the product.

I recommend the product to those who plan to use it. I rate the overall tool an eight and a half to nine out of ten.

I primarily use the solution as a firewall. It's used for security. I use it for the DMZ. It's related to architecture and is strategically positioned in the network. 

Based on its position, it offers good control over the communication between users and the data center. It's a good unified solution, and you can manage everything from the Fortigate portal.

It's a familiar solution to our clients. We don't spend time selling it. The brand is very popular and recognizable. 

The solution integrates well with other Fortinet products.

The pricing is fine. 

It's a good solution for small to medium-sized companies. 

The integration can be a bit easier. You need to maintain the integrations. You shouldn't have to. For example, in Cisco, you don't have to maintain integration that same way.

The support could be a bit better.

There are no missing features or items we would like to see in the future.

This is not a good solution for enterprises. It's better for smaller companies. 

I've used the solution for the last six years. 

The solution is mostly stable. I'd rate it six out of ten. The updates and availability, however, are not so smooth. 

The solution is not so scalable. It's not necessarily difficult to scale. However, it is not easy either. 

I'd rate the scalability seven out of ten overall. 

Typically, my clients are small to medium-sized entities. 

I'd like to see better support. They are okay. They could be better.

Positive

I also have experience with Cisco solutions.

At the perimeter, we also use Palo Alto. 

The initial setup is very easy. It's not complex. I'd rate the ease o setup eight out of ten. 

The deployment might take two to three days. It's pretty fast to get everything up and running. 

I did not handle the deployment in a hands-on way, so I don't have information on the technicalities in terms of what steps were taken.

The pricing is okay. I'd rate it eight out of ten in terms of affordability.

I'm a Fortinet reseller. I'm not sure which version of the solution we're using. We're likely using version seven or six. 

We use cloud and on-premises deployments. 

I'd recommend the solution to other small or medium-sized companies. I would not recommend it to enterprises. 

I would rate the solution eight out of ten. It is unified, and it is easy to integrate into other Fortinet products. 

We are using Fortinet FortiGate-VM for network-level security.

There is a cloud and on-premise version of the solution available.

Our company deploys this solution to many companies.

The most valuable features of Fortinet FortiGate-VM are the ease of use, IPS system, application filter, web filtering, and email security. Additionally, there is a migration tool that other vendors do not provide. We only need to upload the configuration file to the tool, and it converts everything, except the passwords, and gives us the new configuration, which we can directly upload on the firewall. This migration process takes a maximum of 15 minutes.

The solution can improve by adding separate interfaces for proxy and flow-based usage.

In the next release, the web application firewall should be integrated into the hardware. There is separate hardware for the web application firewall and for  FortiGate.

I have been using Fortinet FortiGate-VM for approximately seven years.

I rate the stability of Fortinet FortiGate-VM an eight out of ten.

We have approximately 30 users and 30,000 users.

This is a scalable solution.

I rate the scalability of Fortinet FortiGate-VM an eight out of ten.

The support from Fortinet FortiGate-VM exhibits high responsiveness. Whenever I raise a ticket on their portal, they typically respond within 15 to 20 minutes. In urgent cases, we can contact them via a ticket, and an engineer will be promptly assigned to assist.

I rate the support from Fortinet FortiGate-VM an eight out of ten.

Positive

I have used multiple types of firewalls and vendors, such as Cisco Firepower. Palo Alto, and Sophos.

Palo Alto is a great solution but it is expensive. I would choose them over Fortinet FortiGate-VM but they are too expensive. For my use case, Fortinet FortiGate-VM is the best for the environment.

Fortinet FortiGate-VM has discounts for generalized partners.

The initial setup time of Fortinet FortiGate-VM depends on the policies and filters that need to be applied to different users. The time can vary a lot on the environment. Its time ranges from minutes to a month. However, we can do the process remotely and it takes approximately 10 minutes.

We do the implementation of the solution.

The license can be purchased at intervals of one, three, and five years.

The price of the solution is in the middle range compared to the other vendors. However, the vendor is increasing the price gradually.

One person is suitable in a 24-hour period for the maintenance of the solution. A three to five administrator maintenance team would be sufficient to cover all the maintenance shifts per week.

I highly recommend Fortinet FortiGate-VM to others.

I rate Fortinet FortiGate-VM a nine out of ten.

It is primarily for VPN access and restricting access into the network. One of our clients has a shared system between multiple counties, and it is used to keep the right traffic flowing between counties and blocking the rest.

Each client has a specific version. We're trying to get them all current. Our number one client has the current version.

It provides greater security and flexibility. Instead of just opening it all up, it allows access to only those people who should have access. The network itself is pretty open, and with FortiGate, we can lock down exactly what they have access to.

Primarily, the VPN solution is most valuable. It allows you to have more flexibility in terms of what is there on the end-user device, and what is not there. You can check and make sure that they're current. It has more flexibility than just a straight VPN solution.

It works really well. It has the features that 99% of people need. 

They should keep us up to date about the latest version. That's the biggest thing. Currently, we have to go looking for the latest version. We should get notified about what's going on with the versions.

I would like to see easier dual-factor authentication.

Our clients have been using it for several years, and we've been helping them with that.

It is rock solid.

It is reasonably scalable. It is not as flexible in scalability as Cisco Firepower with their FMC.

Usually, the clients who use it are cost-conscious. They don't want to spend money on a Cisco device, so they go for Fortigate. A large organization usually goes with Cisco. A smaller organization tends to go for Fortigate or some other solution because of the price.

Our clients use it all over the place. It is not just for their internet. It is used for their internal networks and the rest of it.

It was average. I wasn't overly impressed. I was also not disappointed.

There is a little complexity to it but not more than other solutions. I haven't noticed greater complexity.

The deployment duration depends on how detailed you are and what you don't want to get. You can deploy one of these firewalls in half an hour, but if you're going to add a bunch of complexities and things to it, it can take at least a couple of hours to get it all set up the way you want. It ranges from half an hour to four hours.

We help our clients in implementing it. We also manage it. We just have one network support person to take care of things. It is not a job that requires more than one person.

There is no additional cost. Once you get the licensing fee, you're good.

Realize that it is not Cisco, and it doesn't work the same way. You got to pay attention to what you're doing. Those who are super familiar with Cisco got to pay attention to what you're doing because it works differently.

I would rate this solution a nine out of ten. It works well. Except for the dual-factor authentication feature, it has all the next-generation features that you need for a standard user.

We are service providers, and we provide managed services to external customers.

The primary use case of this solution is for firewalling, web applications, and proxying.

We use all of the UTM (Unified Threat Management) features that come with this product.

The most valuable features of this solution are the integration within the environment, with centralized reporting. 

One analyzer and the different devices feeding into that environment. 

The firmware is always up-to-date.

Compatibility and integration with other products or vendors such as Cisco SD-WAN products need improvement.

The multi-tenancy environment for multiple customers, to make it more secure, needs some improvement.

When you buy a bigger box, you should have the ability to slice and dice data. It should also have the ability to give customers either read and write or more privileged access to that environment. Specifically, to the environment that doesn't overflow into the other parts that have been sliced up.

I would like to see a type of portal for on-site deployment, where they can report into a cloud portal and have a high-level view of utilization. Basic indicators on the performance of the environment, including health status, should be displayed.

I have been using this solution for approximately six years.

We are completely satisfied with the stability of this solution.

Because we're sitting on a multi-tenant type of setup the scalability will depend on the customer's ability to upgrade.

Externally we have several customers that range from government to enterprise clients that use the product and we manage the backend. 

The number of users can range from a site that has 100 users to a site that has 2,000 to 3,000 users.

With the multi-tenant environment, we are able to use resources from multiple accounts. 

We run a 24/7 operation with various requirements, and have a team of 15 to 20 to maintain this solution.

We have plans to increase the usage as the requirement increases for more secure environments with more advanced features or other features within the security space. We would go from a standard firewall to maybe a web application firewall, or to authentication with the two-factor type of services.

Technical support is good. We work through a distributor and it's just a matter of a phone call to explain what needs to be done or a feature that we need to enable, and within an hour or two they come back to explain what has to be done.

They also give advice going forward with what to deploy.

The initial setup is fairly straightforward.

The implementation varies from being complex to being straightforward. It can take two to three weeks to implement with some tweaking afterward.

Part of the implementations comes with professional services from Fortinet themselves. In most cases, if it's a new version or a new deployment, we typically get the implementation services from a service provider rather than the vendor.

We have clients with three-year licensing and others with five. 

It's not a cheap solution but it comes with its benefits.

It's all bundled. When we purchase this product, it is bundled with a support license for that period.

With our clients, there is a range of Fortinet FortiGate versions, anything from FortiGate 60E to FortiGate 3700D. 

Management connects to a FortiAnalyzer, and we have application firewalls as well.

We have a centralized data center where we have a combination of customers with on-premises equipment. This includes small devices to secure the customer's environment, and larger devices at the data center, specifically for our customers.

We try to build our services around Fortinet products.

We prefer to work with Fortinet products based on what we have learned from the Gartner Magic Quadrant, and I recommend them.

I would rate this solution a nine out of ten.

It's crucial for protecting my internet network. It works well internally.

Fortinet FortiGate-VM improved security within our virtualized environment.

However, I would rate the ease of management a seven out of ten, with ten being the best. 

The policies are very valuable. They allow me to secure and manage future traffic effectively.

The biggest area for improvement is storage configuration. It could be smoother.

I have been using it for four years. 

When it comes to stability, various factors are involved, including partners, configurations, and third-party integrations. 

However, we do use it, and it seems reliable and secure for most situations.

The company that acquired us already had similar technology in place, so there wasn't a significant change when they integrated FortiGate-VM.

We have around 60 end users in our company using this solution. It is a very scalable solution.

It's a new technology, and we're still learning. Support is crucial.

Neutral

The initial setup is straightforward and quick.  

We moved the equipment to the site, connected it to the internet, and configured it through the console.

I took a consultant's help.  

It improved security a lot.

My recommendation is: If you use FortiGate-VM, make sure your infrastructure is good first and that power generation is very stable. 

The use case was a bit more complex than other clients, however, the typical usage was for VPNs for end-users to get into the internal network. For a mid-size company, that's a pretty much typical use. 

The only thing out of the ordinary would be the SIEM for all the network information, all the metadata, that is cloud-based. We had to create a tunnel to it so that the collector, being in the cloud, would be able to access the internal information.

It performs the functions it needs to perform and it's been reliable. It didn't need to be modified and we didn't have problems where things would just crop up. After months configured it's been rock solid, which is good. That's why I haven't touched it in a year and a half.

I liked its general capabilities.

Its cloud management is very good.

I did like the ability to back up the configuration into the cloud, as opposed to having to store the configurations or just downloading them, the backups, to local devices.  When you want to back up the configuration you can download it as a local file and save it to the cloud.   

That flexibility was very useful. 

The product had a fairly good user interface. It was well thought out and the controls seem to be in a logical hierarchy. I was able to find stuff without having to configure things. There was just a logical breakdown of how to find things.

There were a few cases where I had to use the command line interface on it. Now they do have the ability to pop up a command line, which is nice, however, the fact that you can't do everything within the GUI is probably a problem. There's a thing I have for most products that have started out in the command line and have added GUI, and the GUI is always somewhat behind in capability.

If you have a product you should be able to control the entire product through your user interface. You shouldn't have to drop back into backend command line commands in order to tweak something. There's a couple of cases where we had to do that when we were trying to set up one of the tunnels in particular. We were talking to Check Point or some other company. You've got two different manufacturers with a sort of standard for tunneling with all kinds of encryption methods and stuff like that. You have all these options, and, in order to get the right one, we couldn't discern it from the logs that we were viewing with the user interface. We had to drop down to the command line in order to do that. I would have thought that there should be enough information options made visible in what you can just do from the user interface.

I have been dealing with the solution for three years or so. However, the last time I used it was within the last 12 months or so. The company was restructuring their office due to COVID, and so we had to go in and make changes and set up different connections, That's the last time I was actually in it.

The stability is rock solid. It's a very good solution. I haven't had to touch it for a year. The last thing I did was a firmware upgrade. That was a year ago, and they haven't requested any more work on that now. It's still operational and solid. There have been no complaints really on it.

The product was sized for what the client was doing. I can't really say one way, or the other, whether it's more or less scalable than other solutions. I know we could do things to it - that we didn't do - to increase its capability. However, it didn't need to be done and they didn't have the budget for adding anything to it. It's hard to say. I can't really speak to the scalability of it.

Technical support has been great. They really helped us when we had issues with some early problems during setup.

It ties to the device, so it's pretty easy to see whether or not you have support, however, it was not difficult to get in touch with them. You get someone with knowledge right away. You don't have to go through a filter of people asking you "Is it plugged in?"

I'm actually reselling a managed service of SonicWall. It's not completely hands-on. Now all I do is get reports from it and I can look at the dashboard, however, I don't actually have to configure it.

I've also resold Barracuda.

The initial setup was straightforward. It got complex when we started adding in requirements for tunneling et cetera. The implementation involved VPNs and the general configuration of the firewall. Then they added in these other requirements that it needed to connect to AWS. First, it was to their remote hosted environment. Then, subsequently, to the AWS environment as well. It grew over time. Over the course of a year, we spent a lot of time on it.

I'd rate the initial setup experience at a four out of five. Most of the stuff went pretty well. We had one issue and we had to drop down into it. However, their support was very good. We were able to contact support, and they were able to stay online and walk us through that problem, so without any issues. They didn't balk at it. We didn't have to beg them to help us. Some support you get in there and have to say, "I'm sorry, yes I've done all those things. Get me to the next level."

They had good quality support.

In terms of deployment, it was there when I got there. They had purchased it out of the box and they hadn't configured it. For six months it just sat there. We had it up and running within a month of me getting there. Then over time, we added more and more requirements to it. It didn't take very long to figure out what they wanted to do with it and get it set up. The actual configuration was very quick. It was just the planning beforehand that took time.

Besides myself, there were about four other people in the IT department working on the product. However, really, only one person is responsible for the gateways.

The ROI that they were looking for was an improvement in security for the whole company. It was one of those evolving things, that as new security deployments come up some of them get implemented within the firewall and others are implemented structurally or in other ways. It was able to help them meet their security goals. That was probably the biggest value that they were looking for. It also did not impede their normal operating procedure.

The licensing costs are in line with everyone else. It all seems expensive when you're talking about firewalls, however, they're all the same. It's likely in the middle of the pack.

There are costs involved with FortiTokens. Everyone has different ways of controlling VPN access, however, with the FortiTokens you get a certain amount with the device, and then you have to buy more as you add them on. They're not costly.

However, it's something you have to buy in batches, so if you've got 40 people you're going to buy a bunch of FortiTokens, and each token is an encryption key so that you can have your little app that's multifactor. They charge for that. Everyone else, in terms of competition, charges for that too.

I can't speak to if the client evaluated another solution prior to choosing this.

I primarily work as a consultant. 

The solution's deployment was on-premises, however, there were VPNs set up for remote access, VPNs set up for site-to-site, and VPNs set up for cloud-based SIEM.

As with any solution, you need to size it. You need to plan what you're going to do and what your expectations are with it before you choose the pure model. After that, proper planning is needed before you try to deploy it so you don't have to back stuff out.

I'd rate the solution at an eight out of ten.

I occasionally implement Fortinet for clients. 

In the most recent instance, we had a cloud implemented and I was driving the infrastructure. The client had separate areas inside it purposely. They needed to implement a FortiGate solution in the same client, with different VMs, for different clients, to make different areas for these clients. 

It's great that we can have separate services for the same client. 

It's a complete solution. You only need to deploy it once. You can have many clients and many services for these clients in the same VM. It's a solution that works very well for companies that may need separated sections.

It makes things less expensive for clients. The pricing is good.

The interface is decent.

Technical support has a lot of knowledge.

The initial setup is simple. 

The solution is stable.

It can scale well.

The solution could use very well-defined support for resellers. There isn't necessarily 24/7 support and resolution.

The interface could be improved. 

The product could have more protocol routing options. 

I'd rate the solution at a seven out of ten.

The stability is good. There are no bugs or glitches. It doesn't crash or freeze. 

If you need to scale, this is a good option.

The technical support is pretty good. We are quite satisfied with the level of service on offer. 

The initial setup process is very easy and straightforward. It's not difficult or complex. 

We only need three people for deployment and maintenance. It's not a solution that requires a big team. You might need one or two field engineers. 

I'm working in a Fortinet partner company. I'm a reseller.

I'm dealing with the latest version of the product.

I like the 100F version, and it may be a good option for most clients, however, it might not be right for every company. It's a good idea to figure out what you need before you decide to avoid purchasing something that's not right for your company's needs.