Fortinet FortiGate-VM Reviews

We use Fortinet FortiGate-VM for managing inbound and outbound internet traffic through our environment. Sometimes, we also use it for managing the site's internet outbound and routing. We also use it for IPSec on Azure. We also have an on-premises environment, and we're using it for IPSec on that environment. 

All the routing happens through it because we're swinging all the traffic on the Azure side through a firewall which is basically the gateway. It acts as the gateway and manages outbound traffic in that environment. We have also set up the SSL VPN for users. We do have FortiGate on-premise, and we set up the SSL VPN connection for users.

It made the routing of traffic seamless and it helped us with SD-WAN as well as load balancing.

I like the visibility and monitoring features because they're easy to use to monitor traffic. Features like geo-blocking and more have AI, and we're currently using all of it. But for now, we're only using geo-blocking, and we're able to block traffic from different countries. I also like that it's highly responsive. VM04 is also very powerful.

It would be better if it could provide you with options before completely blocking anything through the web filter. If you are doing a deep SSL inspection on the site if it says it's expired, it doesn't give you the option to continue at your own risk. I can't say that it's bad, but SSL internally isn't really a requirement. However, its security features can help. Right now, we have people going out and spending on purchasing the SSL certificates for internal sites. 

I have been using this solution for three years.

Fortinet FortiGate-VM is a stable and very reliable solution.

Fortinet FortiGate-VM is a scalable solution. It's very powerful, and I've never seen that machine running out of resources. It always worked.

Tech support is okay, but we do a lot of management by ourselves. We have a third party that we use when we do implementations, and I haven't contacted Fortinet even though I have access to it. The local support that we use costs much less. 

I still remember using Check Point, and it took a long time to apply a policy. To install the policy, you had to wait for ten to 20 minutes or even 30 minutes. Fortinet FortiGate-VM instantly applies the policy on the FortiGate itself.

The initial setup was difficult because we were all new when it came to the Azure environment. It was a little difficult to create space and understand that you have to have more than one interface. But once you get used to it. It's pretty straightforward.

It's straightforward if you have all that is required when you're clearing your traffic. If you're clearing your traffic already into your internal length to communicate with the firewall range, and you have information and understand it before the implementation, it will be very seamless. It will be stress-free when you understand the environment where you're going to implement it.

Our license is yearly, but we're thinking of going monthly. I think it's somewhere around 100,000 for VM04. Nowadays, everyone wants to be a hacker, so we believe in security. That's why we also have third-party people that we involve to make sure that we're secure. 

I don't think the costs are too bad. You still want to get advice from people who worked in security for many years, so you add a third party. The third party also said they would give their share like 100K, or 200K or something like that, so I don't think it's too expensive for security. I think it just adds more trust. 

We have been using Check Point Firewall so it was easy to identity the difference.

I will recommend the solution. If it's a first-time deployment in Azure, they need to understand a couple of things, like the interfaces we need to create. The good thing about FortiGate is that they don't hide how their devices work. You can go to their website and get every instruction that you need at any time. It's straightforward and even has pictures showing you what you should expect. I've done a few changes for the first time, and I didn't have to stress. But you must know the infrastructure well.

On a scale from one to ten, I would five Fortinet FortiGate-VM a ten.

The solution is primarily used for security. When a company has a hybrid solution and the client is looking for a next-generation firewall with all the bells and whistles inside, we recommend FortiGate.

The intrusion prevention systems are great.  

The anti-spam capabilities are really great.

The solution has a lot of very useful security features. 

The solution is stable.

The scalability potential is there.

The previous version, which was 7.1 or 7.2, was a little bit easier to use. It's kind of a little bit tricky to find the options from the firewall configurations now, in the latest version. Previously, it was easier to deal with. The whole dashboard that you get can be improved. They could organize the whole dashboard a bit more to put stuff under each other in a way that makes sense and makes everything easy to reach.

The costs could be lowered.

I've used the solution for a while. I've used it over the last 12 months.

We have found the stability to be good. There aren't bugs or glitches. It doesn't crash or freeze. It's reliable. 

The product is scalable. It is a little bit expensive on Azure when you use it on the cloud, however. If a company plans to expand it, they need to keep this in mind. However, even those on-premises can be highly scalable. 

The initial setup needs to be handled by a person knowledgeable in Fortinet products. 

We are implementors. We can handle the setup process for our clients.

The product does have the capabilities of providing an ROI to companies. 

The product could be cheaper. When a company scales it, it can get pricey.

The pricing, in fact, is the one aspect that could potentially make clients change their minds. In terms of features, it has almost everything - whatever someone would need. However, the price sometimes is the obstacle. It could force the client to go with a cheaper product. Especially on the cloud, a solution such as this can get costly as you are paying for the cloud stuff on top of the license, and you have to pay per hour.

We are implementors. 

We have both virtual and physical servers.

I would advise new users first to ensure they have strong knowledge before attempting an implementation. It has everything a company might need and it is scalable. However, the person doing the implementation itself needs to be skilled. There might be a lot of things going on during implementation that need to be dealt with properly.

I'd rate the solution at a nine out of ten.

I work with a lot of small business companies in Austria. Small businesses in Austria are from one to 100 employees. The FortiGate 60E is a top product for these Austrian companies for all cases of Internet usage.

There is an interesting possibility of building a tunnel to a firewall from access points. We use this feature for small branch offices with one to two employees with access to central RDP servers.

One top feature is the ability to use the appliance as a WLAN controller for up to 10 access points with the new 5.6 firmware.

Another top feature is the really good web interface and the classic Fortinet features, such as IPS, IDS, AV scanner, and spam filter.

At this time, I can't say anything against the device. It has been doing a great job.

In the first two releases of FortiOS 5.6, we had some trouble with the SSL VPN service. Sometimes it stopped working, and the IPS daemon too. Since 5.6.2, it has been running without any issues.

There are no problems with the scalability.

There are only two times that I had to contact Fortinet support since I have used Fortinet devices (15 years). Here in Austria, the distributor is doing a great job. It is very good to have the ability to contact an NSE 8.

For somebody who does not have experience with Fortinet appliances, the initial setup is very easy, but basic networking knowledge is necessary. The Setup Assistant will guide you through the first steps, and you can config basic settings for basic security.

The basic pricing in Austria is OK, but asking for special offers, e.g., NPOs, NGOs, trade up, and/or trade in, is always useful.

No, I did not evaluate other products.

Look for the latest OS version, read the release notes and the technical documents for comparison.

We primarily use the solution for LAN connections.

The solution has similar attributes to other competitors. 

The encryption detection is good.

In terms of administration, it's perfect.

The encryption detection could be improved. In my opinion, I think Sophos has better encryption detection than this solution.

The security of the solution could be better.

The interface needs to be updated and simplified.

The management could be more in-depth or clear. 

I've been using the solution for close to a year now. I've also been working with Fortigate's firewall solution for about two and a half years.

We haven't faced any issues with stability since I've been with the company. I haven't witnessed any bugs or glitches. Our organization is satisfied with the level of stability it has provided.

About 50% of our network users are currently on the solution. For the two companies that we have on the solution currently, there's probably 100 users in each company that use the solution.

I personally have never been in touch with technical support for Fortigate. I can't speak to any kind of experience. I have heard good reviews from other people, however.

I've used Sophos in the past.

There are some technical issues with Sophos, at least on the older version, but with XG they kind-of did an upgrade. The interface of Sophos is great. It makes it easy to manage. In terms of functionality, both Fortigate and Sophos are very good and have almost the same functionality. It does depend on the license you apply for, however.

If you subscribe to Sandstorm in Sophos, you should expect that you get the functionality of Sandstorm. 

They are both quite equal on the market for the most part.

In terms of the initial setup, a vendor did that for us. We just manage it. The solution was already in place before I started at the company. I don't have details in relation to its initial complexity or how long it took.

Our vendor set up the solution for us.

At this time, I'm unsure of what the costs related to the solution are. It's my understanding that support is part of the OEM fee and you do have to pay that yearly. However, it does depend on the arrangements with the OEM.

We did look at Barracuda, but we decided against them because it gets a bit too technical. Also, unlike Sophos, for example, you can't pick the license you want and instead have to buy a package that may include things you don't need. Barracuda's interface looks like something designed in the 90s as well, which was a turn-off.

We used to be on the cloud, but we phased it out more than a year ago.

I'd recommend the solution. It's one of the best on the market. It's great for financial services institutions. Security is important because of the type of companies that are typically dealing with it.

I'd advise that users use it within a firewall, to create a double layer of protection or something similar.

I'd rate the solution eight out of ten, especially when comparing it to other solutions.

We use the solution for the private cloud.

Fortinet FortiGate-VM has a standard hardware firewall and easy deployment. You download a pre-configured virtual machine and run it on your hypervisor, Hyper-V, or ESXi by VMware. It is an excellent solution for private cloud setups, allowing seamless management using Fortinet without additional hardware purchases. Moreover, it offers flexibility—you can integrate it with physical hardware for redundancy or establish branch office VPNs effortlessly. Fortinet's automation capabilities facilitate smooth connectivity between public and private clouds.

The solution is highly scalable, depending on the type of hardware it runs on. You need knowledge of hypervisors to learn about the virtualized environment.

I have been using Fortinet FortiGate-VM as an integrator for one year.

The product is stable.

We cater the solution to SMBs.

I have used SonicWall. Fortinet has fewer hardware requirements than SonicWall. The basic requirement is the same.

The initial setup is easy and doesn't take more than one hour.

ROI is pretty good because it's simply software as a service. You subscribe to a service, and VM is available from FortiGate to download, install, and run. You get all the features. The scalability depends upon the hardware or VM. It could be serving 1000s or 100s users, depending on the configuration.

The solution is expensive.

It could have some versions limited by several users to reduce the price. Else, they could limit the product features, and create some version for a smaller organization with basic requirements.

Support is additional and comes apart from the subscription.

There's not much maintenance required. One to two people is required. Patches and upgrades are required and happen automatically if you've configured it that way. It is easy to deploy over the cloud. There are ready appliances to run in a public cloud like Amazon, Microsoft, or Google Cloud.

I recommend the solution. It is fantastic, easy to deploy, and very scalable. It saves a lot of time. Some particular hardware is not available in stock. FortiGate-VM is a good alternative. You could download, configure, and apply it. You could buy it online or from a Fortinet partner. It's quick and easy to set up.

Overall, I rate the solution a ten out of ten.

We use the solution as a firewall. 

Fortinet is user-friendly. 

We have lost some information and we do not know how that happened through the solution. That needs improvement. 

I have been using Fortinet FortiGate-VM for minimum five years. 

Once in a while there are stability issues otherwise the solution is stable. 

Presently, six thousand users are using the solution. 

The initial setup of Fortinet is easy. 

Overall, I would rate the solution a nine out of ten. 

I am a network engineer. I deploy firewalls for customers. I also provide firewall installation and configuration services.

I mostly prefer Fortinet firewalls. The graphical user interface is user-friendly and easy to configure. I recommend it to my clients because it is very easy to deploy. 

Performance, scalability, and everything else are top-notch compared to others like Sophos or Cisco. I've used them all, and Fortinet is my go-to.

The main use case is for organizations that can't afford or procure hardware appliances. They can install the VM and license it as a cost-effective alternative.

The combination of SD-WAN and VPN capabilities is the most valuable feature.

If I could add one feature, it would be free security profiles.

I have experience with FortiGate VM. I've used it for practice and deployed it on customer sites.

I have been using it for four years. 

I haven't personally experienced any bugs, and none of my clients have reported any either.

I would rate the scalability a seven out of ten. 

The customer service and support are very knowledgeable and helpful.

I've deployed Cisco firewalls and hold certifications like CCNA and CCNP. But for security-level firewalls, I always go with FortiGate.

The initial configuration is very easy, even for non-technical users.

VMs can be affordable, but for high-demand scenarios, I'd still recommend the hardware. For the cost, it's a ten out of ten.

I would recommend the hardware firewall unless you have specific constraints. If you're installing on a server or desktop, and something happens like a cache issue, you won't have the same backup options as a physical appliance.

With hardware, you can claim a warranty, get a new unit, and easily restore from your existing backup. That wouldn't be as straightforward with a VM.

Over a hundred customers have deployed the physical Fortinet firewall based on my recommendations.

Overall, I would rate the solution a seven out of ten. 

Their support is very good. Fortinet has a good support base here who has been working closely with us. Whenever there is an issue that needs to be addressed to our end clients, we have received very good support. 

The product is quite user-friendly so we didn't have a lot of issues that needed to be addressed. 

The pricing structure is also flexible. 

Customization needs improvement. A lot of people have very unique requirements that they ask for at times. Everybody wants to get more out of the solutions so that they have more with less. I would like a little more customization, especially now that everything is becoming a lot more flexible with cloud-based deployments. A little more flexibility in terms of the offering that we can do or the bundling of products would help acquire markets much faster or much better.

I have been using FortiGate-VM for just under a year. 

It is definitely stable. We have not had a lot of support calls so, so far it is good. We have been pushing our clients to see whether they need additional support.

We want to organize more training and have a lot more awareness-building seminars and workshops. That is something that I think we can or we would be wanting to look at moving ahead. We haven't been able to organize a lot of that yet, but that is something that I think can help in many aspects is awareness, to be able to draw in and attract local talent who would be able to help with support.

Our clients are mostly enterprise businesses. 

We are a value-added reseller. The technical support primarily is coming from Fortinet because we are in the process of building up to provide the right service. Once we are comfortable then we will be again discussing with Fortinet that we are able to assume a greater role in providing the services locally or on-site from here.

We are still getting help from Fortinet for the deployment. We have been able to push this to two clients after we onboarded this. In the next couple of months, we believe that we will be able to take over the implementation and they can take a little more of a backseat. We want to be more independent, locally, with the local support and local team to be able to deploy it. We want to ensure that the service is seamless.

POCs are definitely the way to go because cyber-security is still in many cases new for many clients. Cybersecurity is a very wide arena in today's day and age. There is no one single solution, every day someone else is innovating some specialization in some form or another. Clients would like to see a proof of concept before they go on a large full-scale deployment. 

In the next release, I would like to have the possibility of being able to offer cyber-insurance with this because this is something that I think is completely unavailable at the moment here. This would add a whole new dimension. 

I would rate it a seven out of ten.