We primarily use Fortinet FortiOS for site-to-site VPNs, reporting features, and wireless capabilities. It is well integrated within the Fortinet ecosystem.
Manager IT SOLUTIONS DELIVERY at Al Hiba IT Service
Useful for site-to-site VPNs, reporting features, and wireless capabilities
Pros and Cons
- "We primarily use Fortinet FortiOS for site-to-site VPNs, reporting features, and wireless capabilities. It is well integrated within the Fortinet ecosystem."
- "The main challenge with Fortinet FortiOS is integration with third-party solutions. I don't see any other areas for improvement. Nowadays, all products work well for 50-60 percent of needs. We must only fulfill 60-70 percent of client requirements because they don't use 100 percent of product features. Banks and financial sectors might need more security features. I don't work much in banking, but they often use multiple products for different security layers, not just firewalls. They might use various products or APIs for different purposes. In the end, clients use the products that suit their needs."
What is our primary use case?
What needs improvement?
The main challenge with Fortinet FortiOS is integration with third-party solutions. I don't see any other areas for improvement. Nowadays, all products work well for 50-60 percent of needs. We must only fulfill 60-70 percent of client requirements because they don't use 100 percent of product features. Banks and financial sectors might need more security features. I don't work much in banking, but they often use multiple products for different security layers, not just firewalls. They might use various products or APIs for different purposes. In the end, clients use the products that suit their needs.
At the moment, I don't see any additional features that need to improve, as it's already performing well, even for small businesses. However, one area that could be improved is the consistency in pricing across different regions. Sometimes, the pricing varies depending on the distributor or region, which can confuse. For instance, online prices may not match what we get from distributors, particularly for subscriptions.
For how long have I used the solution?
I have been using the product for ten years.
What's my experience with pricing, setup cost, and licensing?
Pricing for the tool can vary. Sometimes, aggressive pricing is offered at the start, but later, as subscriptions and expansions are needed, the costs can increase, and customers may have to pay whatever is required.
Buyer's Guide
Fortinet FortiOS
December 2024
Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
What other advice do I have?
I recommend Fortinet FortiOS for SMBs. In my opinion, whether Fortinet FortiOS or Sophos is better depends on the specific features and requirements of the client. For example, Sophos offers strong centralized management and mobile monitoring, which might be advantageous in certain scenarios. The decision isn't solely based on features; budget and how the client plans to use the product are also important factors. Some products excel in certain areas but may not be as strong in others. Therefore, we typically suggest a product that meets about eighty to ninety percent of the client's needs. Sometimes, depending on the situation, we might even recommend alternative solutions, including Chinese products, if they fit the client's requirements and budget better.
The tool's impact on operational costs also depends on the scale of the customer's operations. FortiOS delivers great performance and value for money for multi-office, multi-organization, or multi-branch setups. However, for single-office setups, a smaller device might be more than enough, as many services like email are now cloud-based, reducing the need for extensive on-premise protection. Rather than investing in hardware, we sometimes use software-based solutions installed in data centers or hypervisors, depending on the customer's situation, requirements, and budget.
Our budget presents different challenges, and we have various types of customers and consumers. I want to know your exact expectations from us so I can clarify things easily. You've implemented matrices, and most products support them. However, compatibility with other products is very important. Sometimes, our VLANs or switches aren't compatible with the tool, so we must be careful. Many switches aren't compatible with it, so we might choose a different solution.
Sometimes, we choose to implement FortiOS across many sites and devices based on the budget. Fortinet often gives us good prices, but not always. It depends on which distributor offers the best price. These days, the market isn't just about features, as most products support all areas. We must make things easy, stay within budget, and meet customer requirements. That's how we decide which products to use.
I rate the overall solution an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Sep 1, 2024
Flag as inappropriateUser-friendly with a good interface and dashboard
Pros and Cons
- "We've been happy with the pricing."
- "For monitoring purposes, we don't have any option to monitor the ISP link."
What is our primary use case?
We are using the solution as a firewall. It provides portal access.
What is most valuable?
Feature-wise, the solution is strong. It has SD-WAN, site-to-site VPN, load balancing, and application-based load balancing.
It's very user-friendly.
Compared to other OEMs, due to the SD-WAN and the IPsec VPN, there is no need for the licensing for SD-WAN and the IPsec site-to-site on the remote access VPN.
Chipset wise they're using an ACS chipset dedicated to FortiOS.
The interface and dashboard are good.
We've been happy with the pricing.
The initial setup is easy.
What needs improvement?
There aren't any features missing at this time.
For monitoring purposes, we don't have any option to monitor the ISP link. If the ISP link goes down, then there is no monitoring tool or in-built monitoring tool. We can use a third-party application, like Zoho or PRTG. However, we would like something in-built.
They need to improve the solution at the application level.
For how long have I used the solution?
I've been using the solution for five years.
What do I think about the stability of the solution?
Sometimes it is unstable. However, they'll easily fix the issue. We get upgrades and updates. If there is even any vulnerability or malware, we'll get it fixed immediately. They give good responses to the customers.
While there are bugs, sometimes the development team is on top of it and fixes everything fast. They'll send a patch in the next update.
What do I think about the scalability of the solution?
We work with more than 100 customers.
How are customer service and support?
Technical support is helpful and responsive.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I worked on FortiGate and Palo Alto.
How was the initial setup?
The solution is very simple, very straightforward. It's not complex a all.
How long it takes to deploy depends on the client's requirements.
For a mid-level customer, we can deploy within an hour. We can complete everything and have it up and running, and the users get internet access. If they need more rules, they need more things, then it could take time, depending on the configuration.
What's my experience with pricing, setup cost, and licensing?
The cost of the solution has been fine.
You do have to pay for a license. I'm not sure of the exact cost. I'm more of a technical person.
What other advice do I have?
We're a customer and end-user.
We have the solution deployed on the cloud and on-premises.
I've deployed the 600F model a couple of times.
New users need to do some homework, and then we proceed with the configuration. Security-wise, they need to make the customized port.
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Fortinet FortiOS
December 2024
Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Data Analyst at a wholesaler/distributor with 51-200 employees
Protects our web servers from XSS and SQL Injection attacks at competitive pricing
Pros and Cons
- "The firewall options in FortiOS allow us to open up access to our vendors for EDI and all its features."
- "Fortinet could integrate something like a YubiKey for 2FA with their SSL VPN clients."
What is our primary use case?
I used FortiOS, the Fortinet firewall operating system, to connect two additional sites. I set up IPSec VPNs to connect all three sites. I also configured firewall rules to block certain countries and websites, such as gambling and social media sites like Facebook. Additionally, I implemented firewall rules to protect our web servers from XSS and SQL Injection attacks. Initially, I configured the VPN using IPsec, but when I couldn't find a suitable client for our workstations and desktops, I switched to SSL VPN. Fortinet provides dedicated FortiClient VPN software, which I used for this setup.
How has it helped my organization?
At the beginning of this month, we experienced DDoS and SQL injection attacks. The attack originated from a botnet and seemed to be associated with BroadNet. It was coming from a Fortinet device. I had to contact Spectrum to inform them about the botnet attack and provide them with the specific IP addresses to block. This action likely prevented us from being hacked and protected our web servers that were exposed to the public. This incident highlighted the usefulness of FortiOS's threat intelligence features.
What is most valuable?
The firewall options in FortiOS allow us to open up access to our vendors for EDI and all its features.
What needs improvement?
Fortinet could integrate something like a YubiKey for 2FA with their SSL VPN clients. Additionally, Fortinet could support WireGuard for our small office locations.
These small offices have two clients that log into our VPN from their workstations. Since all our sites use FortiGate, it would be great if I could set up WireGuard on the Fortinet device. Instead of using IPSec, having WireGuard support for site-to-site VPNs would be wonderful.
For how long have I used the solution?
I have been using Fortinet FortiOS since February this year.
How are customer service and support?
They handle the support because it's their device. We don't own it; we lease it from Spectrum. So, I can't speak to that for now. However, when we used to own the FortiGate, every time I called Fortinet for support, I would rate their response time at eight out of ten and their problem-solving ability at nine out of ten.
Once they respond, because it takes me a while to navigate the bureaucracy, I call the 800 number. They ask for various information, tokens, and other details. After I explain the problem, they call me back again. Usually, they assign the issue to an engineer, which also takes time. The engineer then calls me and solves the problem. So, I have to deal with a lot of bureaucracy.
How would you rate customer service and support?
Positive
What was our ROI?
We had a really old FortiGate there, and when we switched to the newer FortiGate, it was cheaper than the old one.
What's my experience with pricing, setup cost, and licensing?
When we purchase a FortiGate, it comes with FortiOS. Overall, the pricing for the device and related components is better than average. In comparison, FortiGate offers more competitive pricing than Palo Alto and Cisco.
What other advice do I have?
If they could log in, it would be possible only if FortiOS is included. With FortiOS, you can manage all your devices. Let's say you have ten devices and need to manage all of them, including patching FortiOS. FortiCloud helps you with that, and it's nice to have FortiCloud as a bundle with FortiOS. Even if you only have one device, I would still recommend it.
I suggest incorporating AI or machine learning to anticipate threats in the future. For instance, if you configure a new site with your FortiGate, AI could detect any misconfigurations. It would be beneficial for FortiOS, FortiGate, or Fortinet to have an AI feature that alerts you to potential misconfigurations in devices, like an edge router, communicating with others. This AI could also analyze your logs to identify patterns, such as frequent false positives, and recommend reconfiguring the device to minimize unnecessary alerts.
It's good. In my case, I was the only one dealing with the devices at that time. I would get all kinds of false positives and alerts. Sometimes, if there's a new device, the configuration from the old device to the new device doesn't translate. Maybe on the old device, everything defaults to open, and you must close everything. On the new device, everything might be defaulted to closed, and you have to open up the required ports. So, something like that would be nice, where it's easier to configure and find out if you did something wrong.
Overall, I rate the solution an eight-point five to nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Jul 30, 2024
Flag as inappropriateConsultant at Orange
Reliable, low maintenance, and installation simple
Pros and Cons
- "I have found the most valuable feature of Fortinet FortiOS is the low maintenance."
- "The central management can improve in Fortinet FortiOS. It is sometimes difficult to manage all the devices."
What is our primary use case?
Fortinet FortiOS provides a full UTM experience, including UTM profiles, firewall rules, remote access, VPN connection, IPSec, and SSL connection.
What is most valuable?
I have found the most valuable feature of Fortinet FortiOS is the low maintenance.
What needs improvement?
The central management can improve in Fortinet FortiOS. It is sometimes difficult to manage all the devices.
I wrote my opinion about changes to the SSL-VPN authentication directly on the Fortinet forum, and they said that right now they will not change it. Hopefully, in the future, they will change the SSL-VPN authentication for groups and users.
For how long have I used the solution?
I have been using Fortinet FortiOS for approximately five years.
What do I think about the stability of the solution?
The stability of Fortinet FortiOS depends on the operation being done. If we are using the basic functions I would rate the stability of Fortinet FortiOS a five out of five. If we are using the advanced functionality I would rate the stability a three out of five. Overall the solution is stable.
How are customer service and support?
The support from Fortinet FortiOS is good. However, there are times they give a five out of five level of support and whereas other times they give a one out of five.
How was the initial setup?
Fortinet FortiOS's installation is easy.
What's my experience with pricing, setup cost, and licensing?
The scalability of Fortinet FortiOS is good. However, central management is intuitive for the end-users. We had a lot of questions about central management, and sometimes they didn't use it and did their firewall management directly on FortiGate instead of using Fortinet FortiOS.
What other advice do I have?
My advice to others is for them to read the instructions on how to use the solution.
I rate Fortinet FortiOS a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of Infrastructure Network at innovectives
Excellent integration with an open API and a very easy to use interface
Pros and Cons
- "The interface is easy to understand, so when there are threats you get alerts. It's quite intuitive, but if you are ever confused they have instructional videos. For example, if you don't understand a graph there's a link to a video that explains what the graph means. It makes it very user-friendly."
- "The solution is good, but they have poor marketing in Nigeria. They need to market their product better."
What is our primary use case?
We primarily use the solution for banks, whereby they want to secure their edge network, to filter their web application and block forms, etc. We also are able to integrate AWS using secure channels. It's more robust and they have different modes including nap, flow, and proximity.
What is most valuable?
You can apply patterns to look for. That can be done for applications also. You can ask for a specific feature to become a pattern. If you were using Office 360 and had 2 ISPs, automatically using SD-WAN will allow you to switch over to the other link based on the criteria you can set yourself. You don't need to go to the device to manually sort and link it, it does it automatically.
Users can go directly to the cloud from the branch instead of routing to the head office and then the cloud. That will reduce the cost of routing, so you just pay for internet service and you have access to the cloud.
The interface is easy to understand, so when there are threats you get alerts. It's quite intuitive, but if you are ever confused they have instructional videos. For example, if you don't understand a graph there's a link to a video that explains what the graph means. It makes it very user-friendly.
What needs improvement?
The solution is good, but they have poor marketing in Nigeria. They need to market their product better.
They need to work on their support. Cisco has the best technical support. In comparison, Fortinet's support takes too long. If you are paying for SLAs, you should also get value from your SLAs.
Right now, everybody is moving to the cloud. The solution has already worked on that aspect, and they are embedding security to the cloud. However, security can be more enhanced and as long as they continue to offer more protection I'll be happy.
For how long have I used the solution?
I've been using the solution for five years.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
The solution is very scalable. It allows for API integrations so you can actually integrate into other security solutions.
How are customer service and technical support?
Technical support could be more qualified and offer a quicker turnaround.
How was the initial setup?
The initial setup is very straightforward, especially if that person understands security.
Which other solutions did I evaluate?
We integrate solutions on the client's request. Most times I push on Fortinet, as it's a robust system.
You can integrate your endpoint with Fortinet. You can integrate the cloud on-premises. Because the solution is so robust and offers excellent the features we tend to enjoy using FortiOS. Cisco is similar, however, and we do work with them too.
What other advice do I have?
We are using the on-premises deployment model.
We are an integrator, so we do integrations using Fortinet, Cisco, Sophos, and Palo Alto.
If you're an SMB or a small enterprise, I would recommend Fortinet.
I would advise users to make sure they are getting value for what they are paying for. I can say that Fortinet is not as expensive as the others, but it also gives good value. The main thing is not about the cost, but the value and Fortinet delivers on that front.
I would rate the solution nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Has intuitive policy creation and deployment and precise parameter settings to determine thresholds
Pros and Cons
- "Fortinet FortiOS's valuable features include intuitive policy creation and deployment, precise parameter settings to determine thresholds, and security profiles such as web filtering and remote application filtering, among others."
- "Fortinet FortiOS's integration could be improved."
What is our primary use case?
We use the solution for automated solutions.
What is most valuable?
Fortinet FortiOS's valuable features include intuitive policy creation and deployment, precise parameter settings to determine thresholds, and security profiles such as web filtering and remote application filtering, among others. These features greatly enhance the platform. It includes every available application in terms of features. For example, in RDP, we must control the application. It’s already there whenever we want to apply their role or policy to that application.
What needs improvement?
Fortinet FortiOS's integration could be improved. It has extensive integration features, such as collectors for other services and third-party intelligence feeds.
For how long have I used the solution?
I have been using Fortinet FortiOS for six months. We are using the latest version of the solution.
What do I think about the stability of the solution?
The product is stable.
What do I think about the scalability of the solution?
The solution is scalable. We have around 300 users using this solution.
How are customer service and support?
We initiated support from our servers because the other part of the company was not working. They helped us adjust the tuning, and it is working now.
How was the initial setup?
The initial setup is not complex. It will take around two or three days to deploy. Product cleaning, readjustment, and screening are continuous tasks, as the nature of the work requires tuning and adjustments. To connect the PC to the console, we assign the networking settings, including data capabilities, and then reconfigure them on the web interface (UI). Some settings are also presented in a web-based format in the CLI because they are easier to navigate.
What other advice do I have?
The reserve utilization is very low. Based on my learning, my expectation is for every product to have a good intelligence system and frequently updated threat intelligence. Overall, I rate the solution a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Pre-sales Engineer at a wholesaler/distributor with 51-200 employees
Easy to configure with an easy initial setup and good scalability
Pros and Cons
- "FortiGate as a product is very easy to configure."
- "Technical support could be better. Some competitors have much more responsive support teams."
What is most valuable?
FortiGate as a product is very easy to configure. There is a lot of data now with switching IDS and IPS. It's a truly complete solution for our customers.
It's a good idea to have the firewall connected to the switches. That way, the firewall is the controller of the switches. We like how the solution is designed with that in mind.
What needs improvement?
The solution's switches are lacking. They need more features added to them to build them out a bit. The switches are very simple if you compare them with other companies like Cisco or Aruba. Those organizations offer their clients much more.
Technical support could be better. Some competitors have much more responsive support teams.
I know the last version had NAC, network access control, added inside the firewall. It's a process, however. There's still work to do. The next version will be better. Right now, you can't authenticate other devices. You only can authenticate Forti devices and not devices from other companies. This could be the next addition to the solution that will make its performance even better.
For how long have I used the solution?
I've been dealing with the solution for ten years now. It's been a decade.
What do I think about the stability of the solution?
The solution is stable. We have no issues in that regard. There aren't bugs and glitches. It doesn't crash. It's reliable.
What do I think about the scalability of the solution?
The solution is very scalable. We have a solution from the most basic office setup to a very complex data center. It works well in either scenario. If a company requires scale, this solution can provide it.
How are customer service and technical support?
I have used technical support in the past. It's good for the most part. However, other companies, from my experience, have better technical support. They might be able to improve this aspect of the solution a little bit.
While it's easy to access them, finding a solution to whatever problems you are dealing with takes a long time. They need to get better at turning around queries faster so clients aren't kept waiting for so long.
How was the initial setup?
The initial setup is very straightforward. I wouldn't describe the process as complex.
Deployment takes one to two hours. Everything happens pretty fast.
What's my experience with pricing, setup cost, and licensing?
The pricing is good. They are especially fair when compared with other companies, like Palo Alto, for example, which can get quite expensive.
What other advice do I have?
We work with a lot of manufacturers of firewalls. It's normally Fortinet, however, we also work with Cisco, Palo Alto, and Sophos. My company works with Barracuda as well. To be honest, I am not a specialist with Barracuda. I normally don't work with that.
That said, typically, when we work with clients, one of the first solutions we will suggest will be Fortinet. We do normally also recommend Cisco first, as well, due to the fact we are Cisco partners. We're also partners with Fortinet.
We have a deal with Palo Alto and our security center recommends Barracuda because of their other security solutions like WAF or solutions in the cloud (not their firewall).
Normally, we use the on-premise deployment model. At this moment, we are working with a public cloud deployment model as well.
I'd rate the solution eight out of ten overall.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Manager, Information Technology at a consumer goods company with 11-50 employees
A seamless endpoint gateway solution with constant updates and a zero choice engine
Pros and Cons
- "The most valuable features of Fortinet FortiOS are its constant updates and definitions."
- "I want to see a better integration or a better integration with the endpoint protection or with EDR with the security life cycle."
What is our primary use case?
We use it for end-point gateway protection and also use the FortiOS for external user connection and server VPN. We love that clear synchronization as it's almost invisible with the fabric for the guests, externally to connect. The zero-choice engine that they use is pretty good. It is perfect for setting up one-to-one channels for different services that have to pass through the firewall. So it does that seamlessly.
What is most valuable?
The most valuable features of Fortinet FortiOS are its constant updates and definitions. The new definitions and the content information coming out to the threat labs keeps you updated on your signatures so that you know what's happening out there. And also doing well, for my system, we have, like, what is called, active scans.
It's constantly accessing Sophos into your gateway, even Sophos that you authorized.
What needs improvement?
I want to see a better integration or a better integration with the endpoint protection or with EDR with the security life cycle. I want to see if that enhances a bit more so I have granular datasets and the user level through to the gateway because that's where most of our threats come from. It's from user activities on the Internet and passes into your files over that gateway. That's where most of our threats would appear and where our exposure to vulnerabilities lies.
So if we can tighten that up, we can harden our infrastructure much better.
For how long have I used the solution?
I have been using the solution for quite some time.
How are customer service and support?
The customer support team is good and responsive.
How was the initial setup?
We did the initial setup ourselves, so it was easy. The learning curve was that great once you have any experience with any firewall or any experience with any security appliance, you can pull around it. We did get some help from our providers. But that was basic.
What about the implementation team?
The EMS setup was all in-house. Our service provider assisted with the firewall setup. The implementations were very smooth. And the transition of our current from our current security device to that when we did it a couple of years ago, it's seamless.
What's my experience with pricing, setup cost, and licensing?
The pricing is competitive for the medium and high markets but for the small markets it can be expensive.
What other advice do I have?
You have to see what works best for your environment. Each environment is different depending on the applications and different services you are running in that environment. Suppose it's a full Windows environment versus a mixture if you have a hybrid environment. It all depends on the type of environment you're running and finding the right tools that meet your domain.
But for the regular Windows environment, it's perfect.
I rate it eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Fortinet FortiOS Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
FirewallsPopular Comparisons
Fortinet FortiGate
Netgate pfSense
OPNsense
Cisco Secure Firewall
Azure Firewall
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Fortinet FortiGate-VM
Sangfor NGAF
Huawei NGFW
Cisco IOS Security
Buyer's Guide
Download our free Fortinet FortiOS Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Features comparison between Palo Alto and Fortinet firewalls
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Which is the best network firewall for a small retailer?
- When evaluating Firewalls, what aspect do you think is the most important to look for?
- Cyberoam or Fortinet?
- Fortinet, Palo Alto or Check Point?
- If you could go back, would you change your decision to buy that firewall and why?
- Sophos XG vs Fortigate UTM