Fortinet FortiOS Reviews

It's a security device. We use it to keep the bad guys away.

A firewall is a security appliance. FortiGate also does email filtering and does data loss prevention.

All networks are security-driven, we get throughputs and security. We feel that the people at Fortinet are easy to deal with from a support standpoint. If they need to jump in and help us, they're very willing to do that. Their email filtering, their data loss prevention, their intrusion prevention, type of products in the newest OSs has been outstanding.

I have been using Fortinet FortiOS for ten years. 

The stability is excellent. 

Scalability is wonderful. Affordability is really good.

Everybody's being protected by the firewall. The firewall device is using the operating system. And so, in that sense, you could say everybody is using it. The people that are actually technically working with the Fortinet devices are a handful, six to eight technicians.

We feel that the people at Fortinet are easy to deal with from a support standpoint. If they need to jump in and help us, they're very willing to do that. Their email filtering, their data loss prevention, their intrusion prevention, type of products in the newest OSs has been outstanding.

We've used other solutions in the past. But we've settled into FortiGate for around 10 years. 

The initial setup was straightforward. It's pretty much just plug and play. It takes hours. 

They're very competitive and easy to work with in terms of pricing. I can't say, that's why we chose them, that's why we've stuck with them. It's a very well-respected name in the industry.

Everybody wants to go to Cisco for different things and everybody loves to hate Cisco. Cisco is a great product for large companies. They're low income, they're low-end products and their support for their low-end products leaves a lot to be desired. That's hence why SonicWall, Extreme Networks, and Fortinet are in business. There are these other smaller companies that are getting involved with the smaller companies, taking market shares away from Cisco because Cisco's support for their product is bad.

The support contracts are usually about $100 - $200 a device. The support contract usually includes software upgrades, hardware maintenance, and hardware break-fix. And they very seldom break.

I am looking at replacing some SonicWalls for a customer. I think SonicWall is its competition. SonicWall is got a good product, but I still believe that FortiGate is the best product for the people that we deal with.

My advice to someone implementing this solution is not to take shortcuts. Shortcuts aren't good. Don't hesitate to use FortiGate's technical support.

Always buy support. Always buy FortiCare. You can buy it for one year, two years, or three years with the initial purchase. We always buy it and sell it to our customers for three years. And the product will last more than three years.

Fortinet competes in the big companies as well. We just don't. Our marketplace is the smaller users two or three, maybe four locations, 150 to 300 endpoints. So we're not dealing in the 10,000s of users trying to get into 100 of servers. We're dealing with tens and fifties and a hundred, trying to get into a few servers.

I would rate it a nine out of ten. It could more scalable for the lower end users. 

I used FortiOS, the Fortinet firewall operating system, to connect two additional sites. I set up IPSec VPNs to connect all three sites. I also configured firewall rules to block certain countries and websites, such as gambling and social media sites like Facebook. Additionally, I implemented firewall rules to protect our web servers from XSS and SQL Injection attacks. Initially, I configured the VPN using IPsec, but when I couldn't find a suitable client for our workstations and desktops, I switched to SSL VPN. Fortinet provides dedicated FortiClient VPN software, which I used for this setup.

At the beginning of this month, we experienced DDoS and SQL injection attacks. The attack originated from a botnet and seemed to be associated with BroadNet. It was coming from a Fortinet device. I had to contact Spectrum to inform them about the botnet attack and provide them with the specific IP addresses to block. This action likely prevented us from being hacked and protected our web servers that were exposed to the public. This incident highlighted the usefulness of FortiOS's threat intelligence features.

The firewall options in FortiOS allow us to open up access to our vendors for EDI and all its features.

Fortinet could integrate something like a YubiKey for 2FA with their SSL VPN clients. Additionally, Fortinet could support WireGuard for our small office locations.

These small offices have two clients that log into our VPN from their workstations. Since all our sites use FortiGate, it would be great if I could set up WireGuard on the Fortinet device. Instead of using IPSec, having WireGuard support for site-to-site VPNs would be wonderful.

I have been using Fortinet FortiOS since February this year.

They handle the support because it's their device. We don't own it; we lease it from Spectrum. So, I can't speak to that for now. However, when we used to own the FortiGate, every time I called Fortinet for support, I would rate their response time at eight out of ten and their problem-solving ability at nine out of ten.

Once they respond, because it takes me a while to navigate the bureaucracy, I call the 800 number. They ask for various information, tokens, and other details. After I explain the problem, they call me back again. Usually, they assign the issue to an engineer, which also takes time. The engineer then calls me and solves the problem. So, I have to deal with a lot of bureaucracy. 

Positive

We had a really old FortiGate there, and when we switched to the newer FortiGate, it was cheaper than the old one.

When we purchase a FortiGate, it comes with FortiOS. Overall, the pricing for the device and related components is better than average. In comparison, FortiGate offers more competitive pricing than Palo Alto and Cisco.

If they could log in, it would be possible only if FortiOS is included. With FortiOS, you can manage all your devices. Let's say you have ten devices and need to manage all of them, including patching FortiOS. FortiCloud helps you with that, and it's nice to have FortiCloud as a bundle with FortiOS. Even if you only have one device, I would still recommend it.

I suggest incorporating AI or machine learning to anticipate threats in the future. For instance, if you configure a new site with your FortiGate, AI could detect any misconfigurations. It would be beneficial for FortiOS, FortiGate, or Fortinet to have an AI feature that alerts you to potential misconfigurations in devices, like an edge router, communicating with others. This AI could also analyze your logs to identify patterns, such as frequent false positives, and recommend reconfiguring the device to minimize unnecessary alerts. 

It's good. In my case, I was the only one dealing with the devices at that time. I would get all kinds of false positives and alerts. Sometimes, if there's a new device, the configuration from the old device to the new device doesn't translate. Maybe on the old device, everything defaults to open, and you must close everything. On the new device, everything might be defaulted to closed, and you have to open up the required ports. So, something like that would be nice, where it's easier to configure and find out if you did something wrong.

Overall, I rate the solution an eight-point five to nine out of ten.

We use Fortinet FortiOS to protect our office, and we have another deployment in production. We have the PCI DSS environment on which we have deployed the Fortinet Firewall.

I am satisfied with Fortinet FortiOS. It's a cool product and has a lot of UTM features. It has application control, web filtering, antivirus, IPS/IDS, DNS filtering, and many things in that firewall. It also has a web application firewall WAF feature. On the feature side, it's a good firewall.

It would be better if AWS instances were available. If I want to upgrade from T2.small to T2.medium, it should be available rather than having a big instance and paying a lot of money for that.

The issue is that we had deployed in AWS Cloud, and we were using a very small instance. Recently we wanted to move in-house and deploy it on the big instance because it was struggling with the RAM. If we use T2.small, we cannot upgrade it to the T2.medium. It has predefined instances in the marketplace with a lot of cost differences.

If I can increase the RAM, I have to choose the T3.large instance. If I'm paying $270 for the small instance, I have to pay more than double the cost for T3.large. It is about $850, and this is not good. So, it would be better if it was cheaper.

I think both AWS and Fortinet should think about that. They should provide it on lower instances as well. If I want to upgrade it from T2.small to T2.medium, it should be available, but it's a problem.

I have been using Fortinet FortiOS since 2019, so more than three years.

Fortinet FortiOS is a stable product.

Fortinet FortiOS is scalable. 

Technical support is good. When I create the ticket, they respond to me, engage the engineer, and support is good. No issue at all.

The initial setup is not too complex; it's simple.

It would be better if it were cheaper. We have the firewall in our office, and the license is expiring in 20 to 25 days. We got a quote for almost 80,000 Pakistani Rupees, which is a little costly.

If I compare Fortinet FortiOS with Cisco Adaptive Security Appliance (ASA), it's a cool product. The deployment of ASA is a little bit complex because it's GUI-based, and ASA also has a graphical user interface. But I still think Fortinet is a good firewall compared to ASA because if you want to use the IPS/IDS feature in the ASA, you have to deploy the management center and integrate it with the firewall, which is a little complex.

I recommend this solution to potential users because it has many features, and it's a stable product.

On a scale from one to ten, I would give Fortinet FortiOS an eight. 

We primarily use the solution for banks, whereby they want to secure their edge network, to filter their web application and block forms, etc. We also are able to integrate AWS using secure channels. It's more robust and they have different modes including nap, flow, and proximity.

You can apply patterns to look for. That can be done for applications also. You can ask for a specific feature to become a pattern.  If you were using Office 360 and had 2 ISPs, automatically using SD-WAN will allow you to switch over to the other link based on the criteria you can set yourself. You don't need to go to the device to manually sort and link it, it does it automatically.

Users can go directly to the cloud from the branch instead of routing to the head office and then the cloud. That will reduce the cost of routing, so you just pay for internet service and you have access to the cloud.

The interface is easy to understand, so when there are threats you get alerts. It's quite intuitive, but if you are ever confused they have instructional videos. For example, if you don't understand a graph there's a link to a video that explains what the graph means. It makes it very user-friendly.

The solution is good, but they have poor marketing in Nigeria. They need to market their product better.

They need to work on their support. Cisco has the best technical support. In comparison, Fortinet's support takes too long. If you are paying for SLAs, you should also get value from your SLAs.

Right now, everybody is moving to the cloud. The solution has already worked on that aspect, and they are embedding security to the cloud. However, security can be more enhanced and as long as they continue to offer more protection I'll be happy.

The solution is very stable.

The solution is very scalable. It allows for API integrations so you can actually integrate into other security solutions.

Technical support could be more qualified and offer a quicker turnaround.

The initial setup is very straightforward, especially if that person understands security.

We integrate solutions on the client's request. Most times I push on Fortinet, as it's a robust system.

You can integrate your endpoint with Fortinet. You can integrate the cloud on-premises. Because the solution is so robust and offers excellent the features we tend to enjoy using FortiOS. Cisco is similar, however, and we do work with them too.  

We are using the on-premises deployment model.

We are an integrator, so we do integrations using Fortinet, Cisco, Sophos, and Palo Alto.

If you're an SMB or a small enterprise, I would recommend Fortinet.

I would advise users to make sure they are getting value for what they are paying for. I can say that Fortinet is not as expensive as the others, but it also gives good value. The main thing is not about the cost, but the value and Fortinet delivers on that front.

I would rate the solution nine out of ten.

The most important feature of Fortinet FortiOS is the IPS.

Fortinet FortiOS need to manage its memory and CPU utilization better. It peaks at times, which sometimes can be challenging.

In a feature release, if Fortinet FortiOS could have better cloud functionality would be a benefit.

I have been using Fortinet FortiOS for approximately seven years.

The stability of Fortinet FortiOS is good.

Fortinet FortiOS is scalable.

I rate the support from Fortinet FortiOS a five out of five.

Positive

The initial setup of Fortinet FortiOS is simple.

We evaluated Checkpoint and Cisco before choosing Fortinet FortiOS.

The manageability suit is better in Fortinet in terms of device manageability and  OS upgrades. It has the capability of terminating a leased line, RF, and a USB dongle. When we evaluated Fortinet FortiOS, back in 2015, Cisco and Checkpoint did not have a 4G termination feature. Today if my MPLS goes down, the lease line goes down, I can connect a 4G dongle. In Cisco, you need to have a SIM  embedded in a device and you need to open the device, put it on, and then you need to connect it and extend the cable. It is very complex. In Fortinet it is easy.

I rate Fortinet FortiOS a nine out of ten.

The solution is basically an OS for Fortinet.

Security and authentication are the most valuable aspects of the product. The classification of the websites is helpful.

The solution is stable and reliable.

We have several access points on FortiGate, which were procured long ago. Those are not supporting the present firmware update we make on the UTM. Therefore, we cannot get the latest firmware updated on the UTMs. I was thinking that if we need to get rid of these physical devices, we should move to some cloud-based system.

The only problem that we are facing at the moment is that all the devices of FortiGate, whether it is for FortiGate's access points or authenticator or controllers or UTM, is in the FortiOS. They are interrelated and interdependent. It means if I buy a FortiGate car, I have to run FortiGate OS, I have to fill in FortiGate fuel, and I have to run it on a Fortinet road. I can’t mix and match it with different solutions. There is no flexibility.

The initial setup is a bit complex.

We would like to have NMS built into the solution.

We’ve been using the solution for the last ten years.

The solution is stable. We’ve never had any issues with the product. It’s reliable. There are no bugs or glitches.

If I need to scale it up, then again, I have to change the entire family of it.

The amount of users connected at any given point is something around 6,000, including the students and the people on move.

We never use tech support from Fortinet. We get support from a local supplier.

We are tied to Fortinet and therefore did not use any other product.

Initially, the solution can be a bit complex to set up. It’s not simple. There’s a learning curve. You need to train on it a bit first.

We have ten to 12 people on hand who are specialized in FortiOS and can handle deployment and maintenance tasks. We have a total of 20 people working on maintenance.

The pricing is pretty high. I’d rate it at a two or three out of five in terms of affordability.

Since the pandemic, a lot of things have gotten exponentially higher. Also, for us, the final price is dependent on the dollar conversion rate. You can get a license for one or up to five years.

Since we are tied to Fortinet and could not use anything else, we did not compare it to other solutions.

We are customers and end-users.

I’d rate the solution seven out of ten.

I’d recommend the solution for an enterprise user. However, it may be a bit much for a small or medium-sized organization.

Fortinet FortiOS provides a full UTM experience, including UTM profiles, firewall rules, remote access, VPN connection, IPSec, and SSL connection.

I have found the most valuable feature of Fortinet FortiOS is the low maintenance.

The central management can improve in Fortinet FortiOS. It is sometimes difficult to manage all the devices.

I wrote my opinion about changes to the SSL-VPN authentication directly on the Fortinet forum, and they said that right now they will not change it. Hopefully, in the future, they will change the SSL-VPN authentication for groups and users.

I have been using Fortinet FortiOS for approximately five years.

The stability of Fortinet FortiOS depends on the operation being done. If we are using the basic functions I would rate the stability of Fortinet FortiOS a five out of five. If we are using the advanced functionality I would rate the stability a three out of five. Overall the solution is stable.

The support from Fortinet FortiOS is good. However, there are times they give a five out of five level of support and whereas other times they give a one out of five.

Fortinet FortiOS's installation is easy.

The scalability of Fortinet FortiOS is good. However, central management is intuitive for the end-users. We had a lot of questions about central management, and sometimes they didn't use it and did their firewall management directly on FortiGate instead of using Fortinet FortiOS.

My advice to others is for them to read the instructions on how to use the solution.

I rate Fortinet FortiOS a nine out of ten.

We are using the solution as a firewall. It provides portal access.

Feature-wise, the solution is strong. It has SD-WAN, site-to-site VPN, load balancing, and application-based load balancing. 

It's very user-friendly. 

Compared to other OEMs, due to the SD-WAN and the IPsec VPN, there is no need for the licensing for SD-WAN and the IPsec site-to-site on the remote access VPN.

Chipset wise they're using an ACS chipset dedicated to FortiOS.

The interface and dashboard are good. 

We've been happy with the pricing. 

The initial setup is easy.

There aren't any features missing at this time. 

For monitoring purposes, we don't have any option to monitor the ISP link. If the ISP link goes down, then there is no monitoring tool or in-built monitoring tool. We can use a third-party application, like Zoho or PRTG. However, we would like something in-built. 

They need to improve the solution at the application level. 

I've been using the solution for five years. 

Sometimes it is unstable. However, they'll easily fix the issue. We get upgrades and updates. If there is even any vulnerability or malware, we'll get it fixed immediately. They give good responses to the customers.

While there are bugs, sometimes the development team is on top of it and fixes everything fast. They'll send a patch in the next update.

We work with more than 100 customers. 

Technical support is helpful and responsive. 

Positive

I worked on FortiGate and Palo Alto.

The solution is very simple, very straightforward. It's not complex a all. 

How long it takes to deploy depends on the client's requirements. 

For a mid-level customer, we can deploy within an hour. We can complete everything and have it up and running, and the users get internet access. If they need more rules, they need more things, then it could take time, depending on the configuration.

The cost of the solution has been fine. 

You do have to pay for a license. I'm not sure of the exact cost. I'm more of a technical person.

We're a customer and end-user.

We have the solution deployed on the cloud and on-premises. 

I've deployed the 600F model a couple of times.

New users need to do some homework, and then we proceed with the configuration. Security-wise, they need to make the customized port. 

I'd rate the solution eight out of ten.