Fortinet FortiGate-VM Reviews

We use Fortinet FortiGate-VM for a constrained firewall and comprehensible security solution. Currently, I'm involved in implementing FortiGate and FortiManager for a customer project over the past month, and Fortinet has proven to be quite effective in this regard.

Regarding specific features, I appreciate the option for external selection, where you can choose either to use a default or create a self-description. This simplifies the process compared to other vendors that require creating a test extension profile and then applying it to the installation. With FortiGate, there is a streamlined approach. From the benefits perspective, clients mainly see cost reduction, especially with FortiGate VM Firewall, as it eliminates the need for additional hardware.      

The product is satisfactory. I haven't identified any features to improve, and based on the number of deployments I've handled with FortiGate-VM, there haven't been any complaints from the customer's side.

I have been using Fortinet FortiGate-VM for the past five years. 

Fortinet is a stable and user-friendly solution. The configuration is straightforward, and it provides a secure environment. I recall a challenge where a customer was using VDOM to segment their networks, but faced issues with communication between firewalls. Through online research, I discovered a tool to replace Fortinet, and it resolved the issue. During a critical migration for a large customer with six hardware firewalls, Fortinet proved reliable and prevented the possibility of mistakes. The GUI interface is well-organized, especially the security tab, making it easy to navigate. Fortinet simplifies network and security tasks, making it accessible for those with a basic understanding of networking and security concepts. Overall, as a vendor, Fortinet stands out for its streamlined approach, avoiding the need to navigate between multiple locations for configuration.

I haven't personally tried Fortinet's technical support, but according to my colleague who has used it, the experience was not positive. He mentioned that the support process is not as direct and efficient as Cisco's. In Cisco, when there's an issue, you can call, initiate a case, and the support engineer can join you directly for troubleshooting. However, with Fortinet, it seems the process involves working on the case independently, and the support requests are assigned to different engineers. 

When advising the team for cost reduction, I suggest going with the VM if there's no budget. However, if there is a budget, I recommend purchasing the hardware. For all vendors, technically speaking, hardware is considered better than VM. However, for Fortinet, the difference between VM and hardware is mainly budget-related. If the customer has a budget, it's advisable to purchase the hardware. When recommending from the sales team's perspective, if the customer has a budget, they will suggest going with hardware. If there's no budget, the recommendation is to opt for VM, especially if the customer is working with Azure or AWS. The difference between VM and hardware lies primarily in patches, and overall, everything is satisfactory. One aspect worth noting is that during VM deployment, checking connectivity between the hypervisor, distribution switch, and network firewall is required. In contrast, for hardware, once the configuration is complete, connectivity is straightforward.

As for my overall rating of the FortiGate VM solution on a scale from one to ten, with one being the worst and ten being the best, I would rate it as a ten.

We employ Fortinet FortiGate-VM solely for testing purposes, similar to how we employ virtual machines in a virtual lab environment to evaluate solutions. When customers inquire about potential solutions, we typically construct and thoroughly test these solutions in our lab environment before providing confirmation. Once we've successfully conducted a proof of concept, we then extend an offer to the customer.

Both the hardware and virtual versions offer comprehensive capabilities required for perimeter network protection. Positioned at the network perimeter, they provide profiles that can be easily configured, including antivirus, DNS protection, web filtering, IPS, and application awareness for over five thousand applications. This allows for tailored configurations based on specific application usage within our network.

The scalability and flexibility of FortiGate VM have greatly benefited our organization. Its exceptional scalability allows us to adapt and expand according to our evolving needs.

Integrating FortiGate VM with our existing systems was straightforward, as I recall no difficulties during the process. I would rate it a solid ten out of ten for ease of integration.

The performance and availability of FortiGate-VM in our setup vary depending on the specific models chosen. We refer to data sheets and comparison tables to identify devices that meet our specific requirements. This involves considering factors such as performance metrics, encryption and decryption capabilities, and the number of secure connections supported. By comparing different models, we can select the one that best suits our needs.

The GUI of FortiGate is exceptional.

The features of FortiGate VM that we find most effective for network security include its universal operating system, which is the same across both hardware and virtual machine deployments. This consistency ensures that both real boxes and virtual machines run on identical images, accessible via both command line and graphical interfaces for convenience.

SD-WAN could be enhanced to provide a clear division between control and data planes, utilizing controllers to manage tasks within the network.

We have been using it for more than three years.

I am satisfied with its stability. I would rate it ten out of ten.

It provides outstanding scalability capabilities. I would rate it ten out of ten. 
We serve a diverse range of customers, including large government organizations in Ukraine and small businesses. FortiGate is suitable for a variety of customer types, accommodating the needs of both large enterprises and smaller organizations.

We haven't encountered any open trouble tickets in the past three years, so we don't have firsthand experience with how Fortinet handles cases.

The initial setup is straightforward, earning a rating of ten out of ten for ease of use. Compared to other options, it stands out as exceptionally simple, largely due to the extensive documentation provided by Fortinet. Additionally, numerous YouTube tutorials are available online, making it easy to find solutions without necessarily having to consult the documentation.

For deployment, FortiGate can be utilized in both on-premises and cloud environments, offering flexibility in its application. It can serve as a client-side perimeter device within a customer's network or function as a cloud-based service. Our organization predominantly offers cloud-based solutions, leveraging FortiGate installations at our Sentinel node facility. Here, we manage customer traffic by configuring it to pass through FortiGate, allowing us to provide next-generation firewall services to customers who lack their infrastructure. We tailor configurations to suit each customer's specific needs.

Alternatively, if a customer requires an on-premises solution, we may deploy a physical appliance at their site. In such cases, where the customer lacks the expertise to manage the firewall effectively, we offer a managed service option.

Deployment typically takes no more than a few hours, thanks to the straightforward installation process and the clarity of the documentation provided. Especially in simple configurations with uncomplicated topologies, deployment can be completed within minutes.

The price falls somewhere in the middle; it's neither cheap nor expensive. I would rate it five out of ten.

When purchasing an appliance, it's essential to acquire the accompanying subscription. This is crucial because frequent updates to antivirus profiles and other features are necessary, often occurring daily. Operating the device effectively requires a subscription from Fortinet, which we consistently purchase.

Fortinet FortiGate-VM is purpose-built as a next-generation firewall, excelling in its performance of this specific function. Its designated place in the network aligns perfectly with its capabilities, making it an ideal device for its intended purpose. Overall, I would rate it ten out of ten.

All firewalls, including Fortinet FortiGate-VM, provide similar features under the sync capability. The differences between them are minimal, with FortiGate-VM offering simplicity in use. It covers aspects such as intrusion prevention, web filtering, application control, routing, virtual domains, policy-based routing, and SSL.

For our customer, this product holds paramount importance. It is critical for them as we collaborate with government agencies, financial institutions, and oil and gas companies. Inspecting and controlling traffic, especially pertaining to credit cards, is crucial for their operations.

GitDM, like FortiGate VM, provides similar features to FortiGate appliances or cloud solutions. However, FortiGate VM is more suitable for heavy traffic and inspection compared to GitDM. Unfortunately, FortiGate VM lacks a dedicated SPU for inspection, and all features rely on CPU and RAM.

I don't have any specific improvements to suggest, but perhaps the pricing could be enhanced. Regarding updates, more frequent updates would be appreciated. FortiGate-VM is currently focused on providing very good firmware updates, automation, and top-notch features. It stands as a great product for now.

Based on our needs and the vulnerabilities we've encountered due to various downloads, I suggest integrating with Kaspersky Gateway. This integration would involve scanning and inspecting both official emails and spam emails. Our customer has successfully worked with Kaspersky Gateway, and overall, the integration has been effective.

I have been working with Fortinet FortiGate-VM for 3 years.

In conjunction with the switch and based on the sizing, it indicates a suitable box or VM for the customer. If the level of mailbox is low, the stability will be good, and the box will not be in conserve mode. Regarding impressions of scalability, I would rate it eight out of ten.

The support team is excellent, providing assistance and resolving issues effectively.

The setup is straightforward for me, but our customers might find it a bit challenging. Overall, following the provided steps and consulting the official materials or documentation makes the FortiGate-VM setup relatively easy.Firstly, we establish a console connection to the firewall and access its default IP. In the second step, we create rules to enable the firewall to access the internet. Following these two steps, we register a rule with Fortinet Broadcom, download the necessary licenses, and upload them. After uploading the license, we set up an interface rule, check the license, and configure interfaces such as LAN, WAN, and VPN. Subsequently, we create profiles, including web filter, application, antivirus, and IPS profiles. The last steps involve configuring interfaces like LAN, WAN, and VPN, as well as attaching profiles to outbound policies. We also consider additional configurations, like server publishing, destination netting, or integrating with PBM for Alibaba Cloud. The final three configurations are optional and depend on the customer's requirements.

We can tailor the suitable license for the customer, whether they require UTB or enterprise features. The options are flexible based on their needs.

I would recommend Fortinet for large-scale companies and Sophos for medium or small enterprises. I would rate it 8 out of 10.

The use case of FortiGate-VM is primarily for securing the perimeter of private clouds in the dedicated environment created for customers. This can be achieved through a virtual appliance or physical hardware solution. Beyond only perimeter security, some customers also require DDoS services, and FortiGate-VM can provide this through its own solutions that can be combined and offered as a bundle to meet the specific needs of the customer.

The solution can be deployed on-premise and on the cloud too.

The most valuable features of Fortinet FortiGate-VM are its flexibility and scalability. This solution is available as a license, which allows us to activate it based on the specific needs of the customer. This gives us and the customer a great deal of versatility and customization options. 

There is always room for improvement in any solutions, including Fortinet's FortiGate-VM. Although the solution claims to have a superior throughput compared to other OEMs, upon closer examination and comparison, there is potential for significant improvement in this area. In today's rapidly evolving technology world, it is important to continuously strive for enhancement and development, and I believe Fortinet can make significant strides in this direction for the FortiGate-VM.

I have been using Fortinet FortiGate-VM for approximately 18 years.

The solution is stable.

I rate the stability of Fortinet FortiGate-VM an eight out of ten.

The solution is scalable, it can be easily and effectively expanded as the customer's requirements grow and change. This makes it an incredibly agile solution that can be tailored to meet even the most demanding demands. There is some room for improvement in this area.

The solution is suitable for small to enterprise-sized companies.

I rate the scalability of Fortinet FortiGate-VM an eight out of ten.

The support from Fortinet FortiGate-VM is excellent, it is one of their strongest points.

I rate the support from Fortinet FortiGate-VM a nine out of ten.

Positive

The initial setup of the solution is simple because everything comes with GUI. The entire infrastructure for the customer is simple to set up with the GUI.

The choice between an on-premise or cloud solution is a decision that ultimately depends on the specific needs and requirements of the customer. Currently, there is a trend towards utilizing cloud-based products as they offer a wider selection and can be easily deployed. On the other hand, some customers may prefer an on-premise setup, which involves deploying physical equipment on the customer's premises or a virtual machine from an OEM. The cloud solution offers greater agility, flexibility, and speed but can also present challenges, especially in the semiconductor industry where delivery times may be longer due to stress in the market. In conclusion, both options have their own advantages and disadvantages, and the decision between them should be based on the specific requirements of the customer.

Taking into consideration the magnitude of the entire implementation, the deployment process could potentially take approximately three weeks, assuming all necessary components are readily available for the physical setup. After this stage, the User Acceptance Testing (UAT) phase commences, which may last for an additional week. Subsequently, before the final implementation into production, the customer would conduct a final UAT to ensure all elements have been successfully deployed and functioning as intended.

I rate the initial setup of Fortinet FortiGate-VM an eight out of ten.

The price of the solution is competitive. Fortinet FortiGate-VM had a lot of advantages when it came to pricing. However, the competition has also geared up to a larger extent and it has become comparable now to the other solutions.

In terms of security, it is crucial to understand that the cost of security measures should not be the sole determining factor. The security of your overall infrastructure and setup must be a top priority, regardless of the price of security appliances or OEMs. However, when considering the entire solution, including the security infrastructure, the cost will play a crucial role in the final decision-making process.

It is imperative to choose the best available options, but the cost of the entire solution should not be exorbitant and prevent it from gaining approval from clients.

I rate the price of Fortinet FortiGate-VM an eight out of ten.

When evaluating the overall solution, it is important to consider both the benefits and drawbacks. Fortinet FortiGate-VM presents a multitude of advantages that make it a fantastic product choice. It offers exceptional stability, a scalable design, and unparalleled support from the manufacturer. It is with great confidence that I wholeheartedly recommend Fortinet as a reliable and valuable solution.

I would recommend this solution to others as long as it's fulfilling the requirements of the customer.

I rate Fortinet FortiGate-VM an eight out of ten.

They could simplify the troubleshooting process. Troubleshooting requires expertise, often necessitating the command-line interface (CLI). It could be more advanced and easier to use than other products.

Additionally, they could enhance support capabilities and a facility to communicate efficiently with the team.

We have been using Fortinet FortiGate-VM for seven years.

The product is stable. However, there are a few areas of improvement. I rate the stability an eight out of ten.

It is best in terms of pricing for small and medium-sized companies, where it stands out as a cost-effective and feature-rich solution. For larger enterprises, we emphasize the potential benefits of complementing FortiGate-VM with additional firewalls, such as Palo Alto, to enhance security and address potential vulnerabilities.

I rate the scalability a nine out of ten.

The initial setup process is easy. It can deployed on the cloud and premises based on the client's requirements.

There are products like Cisco Meraki that are more inexpensive than Fortinet FortiGate-VM. However, it provides better security features. Palo Alto's pricing is similar to that of the FortiGate-VM regarding quality for security features. It is reasonable.

FortiGate VM in a cloud infrastructure provides security benefits. It offers the same robust features and functionality in virtual, on-premise, and traditional data center environments. It protects against external attacks and internal threats through features such as web filtering, secure application filtering, and antivirus capabilities. These functionalities collectively enhance security measures, safeguarding against various potential risks.

It is extensible, as we can add as much functionality as we require. It is simple to add more resources. It has a flexible pay-as-you-go pricing model.

I rate it an eight out of ten.

The product accesses the perimeter firewall and internet proxy at the same time. It allows the creation of a virtual DMZ network. We can have services on the DMZ.

The reporting is good. The signatures are quite good. We have some confidence in the product’s protection capabilities.

The users must buy FortiSIEM to get advanced analytics. The product must provide users with more reports before asking them to buy FortiSIEM.

I have been using the solution for around a couple of years.

There are no stability issues. As long as we provide adequate resources, the solution works.

VM provides scalability options. We could pair the virtual firewalls and have more capacity. We know it's there, but it wasn't necessary, given the organization's size. Around 350 users from a small microfinance company use the solution. The product is extensively used since it also provides internet proxy and VPN. Almost all services that require connectivity are going through the firewall.

We contacted the technical support team regarding a clarification we needed on how to get some services to talk to one another. The team was very handy in that process.

The setup is not that complex. I wouldn't say it's simple, but It's relatively straightforward as long as we follow the guidelines and work with the recommendations.

We deployed the solution with the help of a local partner. We just had one engineer on-site who was supported by Fortinet Professional Services.

There is a good ROI on the product. The solution was quickly deployed, and we were able to have more protection and better visibility of our traffic on the network. We can get a lot of value out of the solution due to the reports.

The pricing is really good. The FortiGate licensing model is workable compared to many other providers who license everything. The local partner was there to guide us in structuring the license to keep the costs minimal. At the moment, there are no additional costs associated with the tool.

We had a competitive evaluation of other products. We chose Fortinet FortiGate-VM because of its affordability. It also had some of the features that were part of our roadmap.

It's a good solution. It’s worth checking out. It is easy to configure and quite easy to use. Some solutions are built by engineers for engineers. The product is a bit relatively easy to use and work with. Overall, I rate the solution an eight or nine out of ten.

I primarily use the solution as a firewall. It's used for security. I use it for the DMZ. It's related to architecture and is strategically positioned in the network. 

Based on its position, it offers good control over the communication between users and the data center. It's a good unified solution, and you can manage everything from the Fortigate portal.

It's a familiar solution to our clients. We don't spend time selling it. The brand is very popular and recognizable. 

The solution integrates well with other Fortinet products.

The pricing is fine. 

It's a good solution for small to medium-sized companies. 

The integration can be a bit easier. You need to maintain the integrations. You shouldn't have to. For example, in Cisco, you don't have to maintain integration that same way.

The support could be a bit better.

There are no missing features or items we would like to see in the future.

This is not a good solution for enterprises. It's better for smaller companies. 

I've used the solution for the last six years. 

The solution is mostly stable. I'd rate it six out of ten. The updates and availability, however, are not so smooth. 

The solution is not so scalable. It's not necessarily difficult to scale. However, it is not easy either. 

I'd rate the scalability seven out of ten overall. 

Typically, my clients are small to medium-sized entities. 

I'd like to see better support. They are okay. They could be better.

Positive

I also have experience with Cisco solutions.

At the perimeter, we also use Palo Alto. 

The initial setup is very easy. It's not complex. I'd rate the ease o setup eight out of ten. 

The deployment might take two to three days. It's pretty fast to get everything up and running. 

I did not handle the deployment in a hands-on way, so I don't have information on the technicalities in terms of what steps were taken.

The pricing is okay. I'd rate it eight out of ten in terms of affordability.

I'm a Fortinet reseller. I'm not sure which version of the solution we're using. We're likely using version seven or six. 

We use cloud and on-premises deployments. 

I'd recommend the solution to other small or medium-sized companies. I would not recommend it to enterprises. 

I would rate the solution eight out of ten. It is unified, and it is easy to integrate into other Fortinet products. 

It is primarily for VPN access and restricting access into the network. One of our clients has a shared system between multiple counties, and it is used to keep the right traffic flowing between counties and blocking the rest.

Each client has a specific version. We're trying to get them all current. Our number one client has the current version.

It provides greater security and flexibility. Instead of just opening it all up, it allows access to only those people who should have access. The network itself is pretty open, and with FortiGate, we can lock down exactly what they have access to.

Primarily, the VPN solution is most valuable. It allows you to have more flexibility in terms of what is there on the end-user device, and what is not there. You can check and make sure that they're current. It has more flexibility than just a straight VPN solution.

It works really well. It has the features that 99% of people need. 

They should keep us up to date about the latest version. That's the biggest thing. Currently, we have to go looking for the latest version. We should get notified about what's going on with the versions.

I would like to see easier dual-factor authentication.

Our clients have been using it for several years, and we've been helping them with that.

It is rock solid.

It is reasonably scalable. It is not as flexible in scalability as Cisco Firepower with their FMC.

Usually, the clients who use it are cost-conscious. They don't want to spend money on a Cisco device, so they go for Fortigate. A large organization usually goes with Cisco. A smaller organization tends to go for Fortigate or some other solution because of the price.

Our clients use it all over the place. It is not just for their internet. It is used for their internal networks and the rest of it.

It was average. I wasn't overly impressed. I was also not disappointed.

There is a little complexity to it but not more than other solutions. I haven't noticed greater complexity.

The deployment duration depends on how detailed you are and what you don't want to get. You can deploy one of these firewalls in half an hour, but if you're going to add a bunch of complexities and things to it, it can take at least a couple of hours to get it all set up the way you want. It ranges from half an hour to four hours.

We help our clients in implementing it. We also manage it. We just have one network support person to take care of things. It is not a job that requires more than one person.

There is no additional cost. Once you get the licensing fee, you're good.

Realize that it is not Cisco, and it doesn't work the same way. You got to pay attention to what you're doing. Those who are super familiar with Cisco got to pay attention to what you're doing because it works differently.

I would rate this solution a nine out of ten. It works well. Except for the dual-factor authentication feature, it has all the next-generation features that you need for a standard user.