Fortinet FortiGate-VM Reviews

We are service providers, and we provide managed services to external customers.

The primary use case of this solution is for firewalling, web applications, and proxying.

We use all of the UTM (Unified Threat Management) features that come with this product.

The most valuable features of this solution are the integration within the environment, with centralized reporting. 

One analyzer and the different devices feeding into that environment. 

The firmware is always up-to-date.

Compatibility and integration with other products or vendors such as Cisco SD-WAN products need improvement.

The multi-tenancy environment for multiple customers, to make it more secure, needs some improvement.

When you buy a bigger box, you should have the ability to slice and dice data. It should also have the ability to give customers either read and write or more privileged access to that environment. Specifically, to the environment that doesn't overflow into the other parts that have been sliced up.

I would like to see a type of portal for on-site deployment, where they can report into a cloud portal and have a high-level view of utilization. Basic indicators on the performance of the environment, including health status, should be displayed.

I have been using this solution for approximately six years.

We are completely satisfied with the stability of this solution.

Because we're sitting on a multi-tenant type of setup the scalability will depend on the customer's ability to upgrade.

Externally we have several customers that range from government to enterprise clients that use the product and we manage the backend. 

The number of users can range from a site that has 100 users to a site that has 2,000 to 3,000 users.

With the multi-tenant environment, we are able to use resources from multiple accounts. 

We run a 24/7 operation with various requirements, and have a team of 15 to 20 to maintain this solution.

We have plans to increase the usage as the requirement increases for more secure environments with more advanced features or other features within the security space. We would go from a standard firewall to maybe a web application firewall, or to authentication with the two-factor type of services.

Technical support is good. We work through a distributor and it's just a matter of a phone call to explain what needs to be done or a feature that we need to enable, and within an hour or two they come back to explain what has to be done.

They also give advice going forward with what to deploy.

The initial setup is fairly straightforward.

The implementation varies from being complex to being straightforward. It can take two to three weeks to implement with some tweaking afterward.

Part of the implementations comes with professional services from Fortinet themselves. In most cases, if it's a new version or a new deployment, we typically get the implementation services from a service provider rather than the vendor.

We have clients with three-year licensing and others with five. 

It's not a cheap solution but it comes with its benefits.

It's all bundled. When we purchase this product, it is bundled with a support license for that period.

With our clients, there is a range of Fortinet FortiGate versions, anything from FortiGate 60E to FortiGate 3700D. 

Management connects to a FortiAnalyzer, and we have application firewalls as well.

We have a centralized data center where we have a combination of customers with on-premises equipment. This includes small devices to secure the customer's environment, and larger devices at the data center, specifically for our customers.

We try to build our services around Fortinet products.

We prefer to work with Fortinet products based on what we have learned from the Gartner Magic Quadrant, and I recommend them.

I would rate this solution a nine out of ten.

We provide Fortinet services to our clients, sometimes on-prem and sometimes on cloud. 
We are a system integrator which makes us a partner of Fortinet. I am an information technology solutions manager.

I like the web filtering and I like the IPS functionality.

Data reporting could be improved and also in terms of performance, some improvement should be made on VM, it should be more optimized. Scalability of the solution could also be improved. 

For an additional feature, Fortinet should add more SD-WAN with caching as a special functionality. It should be integrated with Fortinet. 

I've been using this solution for five years. 

Stability is good enough. It's not that problematic for now.

Scalability is a problem because the solution is VM. As a VM, you cannot have much scalability.

The Fortinet technical support is generally good. There are times when we don't get an immediate response and it requires escalation but that's all. 

The initial setup is straightforward. Deployment time depends on the case but can normally be done anytime from two hours to two days for it to be functional.

FortiGate-VM would be for more like a cloud or on-premise SMB environment. And for anyone wanting to scale-up and get big performance, it should be used as a physical appliance.

I would rate this solution a nine out of 10. 

We can control application filtering and UTM with Fortinet FortiGate-VM. We rely on it for configuring IP address filters, VPN settings, and point-to-site connections. We haven't encountered any issues with its use cases as a firewall.

The tool ensures inbound traffic, specifically on a specific port. We have Fortinet FortiGate-VM as well as F5 for application support.

It gives us an enhanced security solution for any kind of alert that we have configured.

The price and licensing of the solution can be better.

I have been using Fortinet FortiGate-VM for 3 to 4 years. We are using the V7.4 of the solution.

I rate the solution’s stability a six out of ten.

I rate the solution’s scalability an eight out of ten.

We have used Sophos and Palo Alto before. Palo Alto is expensive. Fortinet’s UI is more user-friendly. You can easily understand the source and destination requests.

We have not faced any difficulty. We recently migrated our data center from on-prem to the cloud and then established the firewall.

The solution is more reliable for firewalls.

Overall, I rate the solution an eight out of ten.

We primarily use the solution as a virtual machine for firewalling.

The solution is very user-friendly. 

We have a next-generation firewall and can lock things in on a parameter level very effectively.

It is easy to set up the solution. 

The solution is stable.

I've found the technical support to be helpful and responsive. 

I can't recall any aspects that need improvement.

The pricing could be a bit better.

We'd like to have more customization and easier customization of policies. 

The scaling can be a bit better. 

I've been using the solution for the last two years. 

The solution is okay in terms of stability. We have not had issues. It's not too difficult to work with it. 

I'm the only person working directly with the product.

The scalability is limited. If we have to scale, we need to upgrade licenses after the license is up for renewal. Otherwise, we need to buy replacement licenses on top of the licenses we've already purchased instead of just expanding and adding onto what we have.

I've worked with technical support in the past. They are very good. When we open tickets, they respond quickly. I'm happy with the level of support overall. 

I have worked with other firewalls. Which is best depends on the requirements. It is also dependent on the budget. We need to consider performance and scalability and take onto consideration how much support will be available as well. 

The solution is easy to set up. There is a lot of documentation provided. For 70% to 80% we can do just fine, and for the rest, we just request documentation and can finish the job. 

We do not need much maintenance. We handle that ourselves, and it's not too difficult. 

The solution is set up and configured in-house. 

The pricing is okay. However, it could always be better. When you need to scale, you need to buy bigger, different licenses. 

We are using the latest version of the solution. 

I'd recommend the solution to others, depending on the business requirements. It's a pretty good solution in general. 

I'd rate the product eight out of ten. 

The use case for VMs is if you're going to deploy them like a SaaS edge, to protect your applications or provide deeper visibility into the traffic. Or you could use it in your data centers as well. However, that's not our preference.

We primarily use the solution for network segmentation at our data centers and remote connectivity to our distributed sites.

We were able to take advantage of their management tool, FortiManager, to get a single pane of glass. FortiManager and FortiAnalyzer do not have a single panel glass. Rather, they are two panes of glasses to manage and monitor the firewalls where previously we were using Cisco. I don't want to call them legacy firewalls, however, with Cisco firewalls, we didn't have that management or logging visibility.

The product has pretty good logging and reporting capabilities native to the firewall. Then they also use FortiAnalyzer to aggregate that traffic and provide more detailed and aggregated reporting. That's going to help when you're analyzing network traffic for network segmentation initiatives.

The stability is excellent.

It's very easy to set up, even for more junior developers.

The scalability has improved. 

It's got a clean interface and it's very intuitive. Everything is easy to navigate.

Their offering for MFA isn't the cleanest. They have a product called FortiAuthenticator. It's not a FortiGate but that is one of their MFA offerings. However, other products that I've used, like Duo, are better from a user experience standpoint. They are easier to configure. 

I've been using the solution for ten years. It's been a while. 

Six or seven years ago, they had issues with code versions where they would make changes within the code version and they would have some bugs. That said, over the last six or so years, their releases have been very stable. We've had very few issues with any type of bugs or issues.

Scalability has gotten better with their SD-WAN offering. They're able to utilize inexpensive lines such as 4G, 5G, or DSL. It has allowed us to move away from expensive MPLS lines.

Historically, conventional or Next-Gen firewalls have been utilized at data centers and remote sites. Now, however, a lot of customers are moving towards Zero-Trust access and SASE. I'm currently looking to get a little bit more information on Zero-Trust architecture, as it reduces the overall management and need for physical firewalls in all your locations, which can get expensive.

We also use the Cisco ASA firewalls. I do find that Fortinet is easier to handle than Cisco as you don't need to handle tasks via the command line, which makes it easier especially for junior-level developers.

The initial setup is very straightforward. I started out in the Cisco world with Cisco firewalls and switches. Then we started deploying FortiGate and I found that FortiGate was easier to learn, especially for junior-level engineers. We were able to get junior-level engineers up to speed quicker than if it was a Cisco platform, especially if they haven't used the command line before.

Deployment usually takes a day, depending on the complexity of the firewall. It might be a day to two, depends on if we are using multiple IPSec tunnels if it's at a data center or a remote site. 

In terms of deployment and maintenance, in my experience, by a rough order of magnitude, a company would need one technician per 30 firewalls. For our company, we had a team of three network engineers and we had a fleet of about 120 firewalls.

I handed the implementation myself with my team. We didn't need any integrators or consultants.

For our entire fleet of 120 firewalls, we're paying about $100,000 per year. The licensing fees give you support and the capability to download updated definitions of threat intelligence from Fortinet.

I was previously a customer. now I am a reseller and Fortinet partner.

We primarily use hardware-based appliances, including the 100 D/E series, 100F, 190 D/E's, ADCs, 600 E's. They are similar to VMs.

We're using the most recent code level at this time. We're one version behind the latest version. We tend to use one version behind the most recent for safety reasons so that we can avoid troublesome bugs or glitches.

Anyone looking to deploy Next-Gen firewalls, in general, should really define their use cases to be able to decide on the proper technology to deploy within the environment. If you're looking to deploy Next-Gen firewalls at all your locations and create point-to-point VPN tunnels, they can get cumbersome and difficult to manage policies. It is also difficult to do network segmentation. With some of the Zero-Trust offerings, you're able to actually move your clients outside of your corporate perimeter, and then isolate those applications based on the user per application, instead of requiring them to dial back via traditional VPN to your data centers, which sometimes isn't the best user experience for your end-users.

I'd rate the solution at an eight out of ten.

The primary use case of this product is as a firewall. We are partners of Fortinet and I'm a security engineer. 

In our organization, Fortinet is one of the trusted partners. We have offered the solution for a medium-size entrepreneur 

The dashboards are a good feature and the deployment is simple. 

The technical support could be improved. I'd like to see the security platform upgraded.

I have Started learning and deploying FortiGate for 12 months.

The solution is looking stable as per knowledge

This solution is flexible and scalable. 

They need to improve the technical support. 

I have worked with checkpoint. And that solution is also good. 

It is straightforward for deployment

Fortinet is competitively priced, it's cheaper than Palo Alto and Check Point. 

We are the technologies partner so we have recommended the solution by customer dependence upon their use cases

I recommend this solution and would rate it a seven out of 10. 

We primarily use the solution simply for its firewall functionality. It's the main reason we use it.

For myself, the UI is pretty much perfect. It's much easier to work with than Cisco's FirePOWER, for example. I prefer the way it is designed above everything else, even though Cisco may be better for a different reason. Fortigate is just hands down more intuitive and therefore users need less training. While a non-tech person may need a bit of training in terms of configuration, it's still easier than Cisco.

In terms of general features, I find Fortigate and Cisco very comparable. They technically do the same things. Both can drill down by IP or region, so, application-wise, they're very much the same. 

The stability could be improved. I find Cisco to be more stable than Fortigate, which is I major differentiator between the two.

I haven't really explored the cloud too much, as we deal mostly with an on-premises system. However, now with everyone working from home due to COVID-19, it's something I'm beginning to explore and something I think Fortigate needs to invest in and expand on. If they could do something that integrates the cloud effectively, maybe with a cloud provider like Azure, that would be helpful.

Fortigate could speed up its level of customer service in our region.

I've been using the solution for quite a few years now. It's been perhaps five or six years in total.

While the stability maybe isn't quite to the level of Cisco, it is a very cost-effective solution. It's cheap compared to Cisco. Licensing is very, very easy. It's much, much easier than Cisco where licensing is a pain. The Cisco licensing is very difficult to configure, which makes Fortigate a more attractive alternative even with less stability. 

That said, after working with Fortigate for many years, I haven't really encountered a lot of crashes or glitches. The hardware is very, very good. Once a power adapter failed on us and we just replaced it on the device and it was able to recover. With ASA, I can say so far so good. The hardware's really good. They've improved a lot of the hardware specs.

We haven't had any issues with scalability. If a company needs to build it out or expand, they really shouldn't have any issues.

The customer support for Fortigate is fine. Compared to Cisco, however, I would say Cisco's response might be a bit faster. If a device fails, they'll be onsite to replace it themselves. In my region, in terms of Fortigate's response to a similar event, users would have to go through the distributor and not directly to Fortigate. That's why it takes longer. It could be a bit easier, and if they did it a bit more like Cisco, I think it would be better. However, Fortigate's response isn't bad.

The initial setup was straightforward. A company just needs to get requirements from its customers and then they can just deploy. It's not complex at all.

Deployment takes about two weeks. The setup itself is very fast and you will have limited downtime. However, there will be fine-tuning that will be required and this may take weeks. If a customer gives new requirements at any time, you'll need to make some tweaks.

With Cisco, licensing is quite complex, but with Fortigate, you simply need to buy a bundle and they give you everything you'll require.

Right now, I'm also interested in learning more about Cisco, and how it compares to Fortigate. I know Cisco quite well, but I've never directly compared Cisco and Fortigate together before. Of course, I still believe I know Fortigate better.

We're resellers of both Cisco and Fortigate solutions.

I'd advise other companies or users to give a try. The Virtual Appliance is very easy to set up. In terms of scalability, it's easy enough to expand out, especially if you compare it to the hardware. For the virtual solution, it's easily upgraded. For the physical, you need to do a POC.

It really depends on what kind of distributor a company is working with. Some provide you all the resources. Others don't. I'm not sure how it works with the Cisco Virtual Appliance. For Cisco, I only know about the cloud. 

Normally, I provide my customer with Meraki. I won't provide a Cisco solution, even though Meraki is part of Cisco.

I would rate the solution eight out of ten. There's still room for improvement. There could be a bit better support and not all solution providers offer this kind of Virtual Appliance in my region. Once more people use it, they may begin to improve on it even more.

We are primarily using the solution on the VPN box as a perimeter firewall. We use it to secure internal networks and a few servers. Our network is solely on Fortigate.

The standard features, including the filtering, are quite good. All the basic features are pretty useful for us. 

It's very simple for us to use. 

It's very similar to SonicWall.

There isn't anything in terms of features that we find are lacking. We don't see any places on the solution that don't cater to our requirements.

I would like to see VNX security and WildFire. Those features I would like to see on the solution in the future in order to be able to evaluate it further.

I've been using the solution for two years.

The solution is pretty stable. 

We haven't attempted to scale the solution just yet. If we want to scale this solution we may have to look at other models. With certain requirements, we probably wouldn't be able to scale it so well as it is right now.

We have about 2,000 people using the solution. Most of the people using it are software developers.

The technical support has been very helpful. We've been satisfied with the level of the support we get.

We didn't previously use a different solution.

The initial setup is straightforward. We didn't find it complex at all.

We had partners that assisted with the implementation.

I'm not aware of the specific costs involved in the licensing of the solution. I don't know that prices are competitive enough compared to other vendors.

We did evaluate other options, including Cisco.

We're using the latest version of the solution.

I'd recommend the solution. I'd rate it eight out of ten.