Fortinet FortiGate-VM Reviews

The use case was a bit more complex than other clients, however, the typical usage was for VPNs for end-users to get into the internal network. For a mid-size company, that's a pretty much typical use. 

The only thing out of the ordinary would be the SIEM for all the network information, all the metadata, that is cloud-based. We had to create a tunnel to it so that the collector, being in the cloud, would be able to access the internal information.

It performs the functions it needs to perform and it's been reliable. It didn't need to be modified and we didn't have problems where things would just crop up. After months configured it's been rock solid, which is good. That's why I haven't touched it in a year and a half.

I liked its general capabilities.

Its cloud management is very good.

I did like the ability to back up the configuration into the cloud, as opposed to having to store the configurations or just downloading them, the backups, to local devices.  When you want to back up the configuration you can download it as a local file and save it to the cloud.   

That flexibility was very useful. 

The product had a fairly good user interface. It was well thought out and the controls seem to be in a logical hierarchy. I was able to find stuff without having to configure things. There was just a logical breakdown of how to find things.

There were a few cases where I had to use the command line interface on it. Now they do have the ability to pop up a command line, which is nice, however, the fact that you can't do everything within the GUI is probably a problem. There's a thing I have for most products that have started out in the command line and have added GUI, and the GUI is always somewhat behind in capability.

If you have a product you should be able to control the entire product through your user interface. You shouldn't have to drop back into backend command line commands in order to tweak something. There's a couple of cases where we had to do that when we were trying to set up one of the tunnels in particular. We were talking to Check Point or some other company. You've got two different manufacturers with a sort of standard for tunneling with all kinds of encryption methods and stuff like that. You have all these options, and, in order to get the right one, we couldn't discern it from the logs that we were viewing with the user interface. We had to drop down to the command line in order to do that. I would have thought that there should be enough information options made visible in what you can just do from the user interface.

I have been dealing with the solution for three years or so. However, the last time I used it was within the last 12 months or so. The company was restructuring their office due to COVID, and so we had to go in and make changes and set up different connections, That's the last time I was actually in it.

The stability is rock solid. It's a very good solution. I haven't had to touch it for a year. The last thing I did was a firmware upgrade. That was a year ago, and they haven't requested any more work on that now. It's still operational and solid. There have been no complaints really on it.

The product was sized for what the client was doing. I can't really say one way, or the other, whether it's more or less scalable than other solutions. I know we could do things to it - that we didn't do - to increase its capability. However, it didn't need to be done and they didn't have the budget for adding anything to it. It's hard to say. I can't really speak to the scalability of it.

Technical support has been great. They really helped us when we had issues with some early problems during setup.

It ties to the device, so it's pretty easy to see whether or not you have support, however, it was not difficult to get in touch with them. You get someone with knowledge right away. You don't have to go through a filter of people asking you "Is it plugged in?"

I'm actually reselling a managed service of SonicWall. It's not completely hands-on. Now all I do is get reports from it and I can look at the dashboard, however, I don't actually have to configure it.

I've also resold Barracuda.

The initial setup was straightforward. It got complex when we started adding in requirements for tunneling et cetera. The implementation involved VPNs and the general configuration of the firewall. Then they added in these other requirements that it needed to connect to AWS. First, it was to their remote hosted environment. Then, subsequently, to the AWS environment as well. It grew over time. Over the course of a year, we spent a lot of time on it.

I'd rate the initial setup experience at a four out of five. Most of the stuff went pretty well. We had one issue and we had to drop down into it. However, their support was very good. We were able to contact support, and they were able to stay online and walk us through that problem, so without any issues. They didn't balk at it. We didn't have to beg them to help us. Some support you get in there and have to say, "I'm sorry, yes I've done all those things. Get me to the next level."

They had good quality support.

In terms of deployment, it was there when I got there. They had purchased it out of the box and they hadn't configured it. For six months it just sat there. We had it up and running within a month of me getting there. Then over time, we added more and more requirements to it. It didn't take very long to figure out what they wanted to do with it and get it set up. The actual configuration was very quick. It was just the planning beforehand that took time.

Besides myself, there were about four other people in the IT department working on the product. However, really, only one person is responsible for the gateways.

The ROI that they were looking for was an improvement in security for the whole company. It was one of those evolving things, that as new security deployments come up some of them get implemented within the firewall and others are implemented structurally or in other ways. It was able to help them meet their security goals. That was probably the biggest value that they were looking for. It also did not impede their normal operating procedure.

The licensing costs are in line with everyone else. It all seems expensive when you're talking about firewalls, however, they're all the same. It's likely in the middle of the pack.

There are costs involved with FortiTokens. Everyone has different ways of controlling VPN access, however, with the FortiTokens you get a certain amount with the device, and then you have to buy more as you add them on. They're not costly.

However, it's something you have to buy in batches, so if you've got 40 people you're going to buy a bunch of FortiTokens, and each token is an encryption key so that you can have your little app that's multifactor. They charge for that. Everyone else, in terms of competition, charges for that too.

I can't speak to if the client evaluated another solution prior to choosing this.

I primarily work as a consultant. 

The solution's deployment was on-premises, however, there were VPNs set up for remote access, VPNs set up for site-to-site, and VPNs set up for cloud-based SIEM.

As with any solution, you need to size it. You need to plan what you're going to do and what your expectations are with it before you choose the pure model. After that, proper planning is needed before you try to deploy it so you don't have to back stuff out.

I'd rate the solution at an eight out of ten.

I occasionally implement Fortinet for clients. 

In the most recent instance, we had a cloud implemented and I was driving the infrastructure. The client had separate areas inside it purposely. They needed to implement a FortiGate solution in the same client, with different VMs, for different clients, to make different areas for these clients. 

It's great that we can have separate services for the same client. 

It's a complete solution. You only need to deploy it once. You can have many clients and many services for these clients in the same VM. It's a solution that works very well for companies that may need separated sections.

It makes things less expensive for clients. The pricing is good.

The interface is decent.

Technical support has a lot of knowledge.

The initial setup is simple. 

The solution is stable.

It can scale well.

The solution could use very well-defined support for resellers. There isn't necessarily 24/7 support and resolution.

The interface could be improved. 

The product could have more protocol routing options. 

I'd rate the solution at a seven out of ten.

The stability is good. There are no bugs or glitches. It doesn't crash or freeze. 

If you need to scale, this is a good option.

The technical support is pretty good. We are quite satisfied with the level of service on offer. 

The initial setup process is very easy and straightforward. It's not difficult or complex. 

We only need three people for deployment and maintenance. It's not a solution that requires a big team. You might need one or two field engineers. 

I'm working in a Fortinet partner company. I'm a reseller.

I'm dealing with the latest version of the product.

I like the 100F version, and it may be a good option for most clients, however, it might not be right for every company. It's a good idea to figure out what you need before you decide to avoid purchasing something that's not right for your company's needs.

We use the solution for the private cloud.

Fortinet FortiGate-VM has a standard hardware firewall and easy deployment. You download a pre-configured virtual machine and run it on your hypervisor, Hyper-V, or ESXi by VMware. It is an excellent solution for private cloud setups, allowing seamless management using Fortinet without additional hardware purchases. Moreover, it offers flexibility—you can integrate it with physical hardware for redundancy or establish branch office VPNs effortlessly. Fortinet's automation capabilities facilitate smooth connectivity between public and private clouds.

The solution is highly scalable, depending on the type of hardware it runs on. You need knowledge of hypervisors to learn about the virtualized environment.

I have been using Fortinet FortiGate-VM as an integrator for one year.

The product is stable.

We cater the solution to SMBs.

I have used SonicWall. Fortinet has fewer hardware requirements than SonicWall. The basic requirement is the same.

The initial setup is easy and doesn't take more than one hour.

ROI is pretty good because it's simply software as a service. You subscribe to a service, and VM is available from FortiGate to download, install, and run. You get all the features. The scalability depends upon the hardware or VM. It could be serving 1000s or 100s users, depending on the configuration.

The solution is expensive.

It could have some versions limited by several users to reduce the price. Else, they could limit the product features, and create some version for a smaller organization with basic requirements.

Support is additional and comes apart from the subscription.

There's not much maintenance required. One to two people is required. Patches and upgrades are required and happen automatically if you've configured it that way. It is easy to deploy over the cloud. There are ready appliances to run in a public cloud like Amazon, Microsoft, or Google Cloud.

I recommend the solution. It is fantastic, easy to deploy, and very scalable. It saves a lot of time. Some particular hardware is not available in stock. FortiGate-VM is a good alternative. You could download, configure, and apply it. You could buy it online or from a Fortinet partner. It's quick and easy to set up.

Overall, I rate the solution a ten out of ten.

My company functions as a mobile operator and supports business customers. We use the solution for our infrastructure and firewalls. 

The tool's most valuable feature is its ability to deploy it on live physical hardware. Specifically, when providing firewall services for clients, we can leverage such hardware appliances to support multiple customers on the same hardware.

The product needs to focus on cloud-nativeness and pricing. 

I have been using the product for six to seven years. 

Fortinet FortiGate-VM is a good solution in terms of stability. I rate it a seven out of ten. 

I rate the tool's scalability a ten out of ten. 

The tool's technical support is good. 

We rely on automation for deployment, making it easy for us. We clone the existing infrastructure for additional customers. Our challenging aspect is coordinating with clients to set up the infrastructure. Understanding the existing infrastructure of business customers, especially their premises and specific requirements, is a crucial step.

I rate Fortinet FortiGate-VM's pricing a six out of ten. 

I rate the overall solution a seven out of ten. 

The tool is expensive. 

I have been working with the product for two years. 

I rate the tool's stability a ten out of ten. 

Fortinet FortiGate-VM is scalable. We have 15 users. 

Fortinet FortiGate-VM's deployment is easy. 

I rate Fortinet FortiGate-VM an eight out of ten. 

I am a network engineer. I deploy firewalls for customers. I also provide firewall installation and configuration services.

I mostly prefer Fortinet firewalls. The graphical user interface is user-friendly and easy to configure. I recommend it to my clients because it is very easy to deploy. 

Performance, scalability, and everything else are top-notch compared to others like Sophos or Cisco. I've used them all, and Fortinet is my go-to.

The main use case is for organizations that can't afford or procure hardware appliances. They can install the VM and license it as a cost-effective alternative.

The combination of SD-WAN and VPN capabilities is the most valuable feature.

If I could add one feature, it would be free security profiles.

I have experience with FortiGate VM. I've used it for practice and deployed it on customer sites.

I have been using it for four years. 

I haven't personally experienced any bugs, and none of my clients have reported any either.

I would rate the scalability a seven out of ten. 

The customer service and support are very knowledgeable and helpful.

I've deployed Cisco firewalls and hold certifications like CCNA and CCNP. But for security-level firewalls, I always go with FortiGate.

The initial configuration is very easy, even for non-technical users.

VMs can be affordable, but for high-demand scenarios, I'd still recommend the hardware. For the cost, it's a ten out of ten.

I would recommend the hardware firewall unless you have specific constraints. If you're installing on a server or desktop, and something happens like a cache issue, you won't have the same backup options as a physical appliance.

With hardware, you can claim a warranty, get a new unit, and easily restore from your existing backup. That wouldn't be as straightforward with a VM.

Over a hundred customers have deployed the physical Fortinet firewall based on my recommendations.

Overall, I would rate the solution a seven out of ten. 

The product accesses the perimeter firewall and internet proxy at the same time. It allows the creation of a virtual DMZ network. We can have services on the DMZ.

The reporting is good. The signatures are quite good. We have some confidence in the product’s protection capabilities.

The users must buy FortiSIEM to get advanced analytics. The product must provide users with more reports before asking them to buy FortiSIEM.

I have been using the solution for around a couple of years.

There are no stability issues. As long as we provide adequate resources, the solution works.

VM provides scalability options. We could pair the virtual firewalls and have more capacity. We know it's there, but it wasn't necessary, given the organization's size. Around 350 users from a small microfinance company use the solution. The product is extensively used since it also provides internet proxy and VPN. Almost all services that require connectivity are going through the firewall.

We contacted the technical support team regarding a clarification we needed on how to get some services to talk to one another. The team was very handy in that process.

The setup is not that complex. I wouldn't say it's simple, but It's relatively straightforward as long as we follow the guidelines and work with the recommendations.

We deployed the solution with the help of a local partner. We just had one engineer on-site who was supported by Fortinet Professional Services.

There is a good ROI on the product. The solution was quickly deployed, and we were able to have more protection and better visibility of our traffic on the network. We can get a lot of value out of the solution due to the reports.

The pricing is really good. The FortiGate licensing model is workable compared to many other providers who license everything. The local partner was there to guide us in structuring the license to keep the costs minimal. At the moment, there are no additional costs associated with the tool.

We had a competitive evaluation of other products. We chose Fortinet FortiGate-VM because of its affordability. It also had some of the features that were part of our roadmap.

It's a good solution. It’s worth checking out. It is easy to configure and quite easy to use. Some solutions are built by engineers for engineers. The product is a bit relatively easy to use and work with. Overall, I rate the solution an eight or nine out of ten.