Fortinet FortiWLM Reviews

I've been doing pre-sales engineering for most Fortinet products. Wireless is one of our main products, where there's a good market. I have been involved in a few of the implementations including the designing. One was a warehouse and there was another one where we helped design a wireless network for a public youth center. The youth center was a fairly big building. There was the basketball court and they had the library, etc. I designed the network around that.

There was another where we did the design for a retail shop. For them, the requirement was high-performance WiFi because there were going to be a lot of customers in the retail shop. They needed a very strong WiFi without having any network drops.

Nowadays, the biggest problem in modern networks is that you have one vendor for wireless and you have another vendor for your SIEM, another vendor for firewall, and an entirely different vendor doing anti-virus. The problem here is that if somebody were to infiltrate your network, you would have to pull information from all these different products. It goes without saying that these different vendors' products don't talk to each other. That means you would have to manually correlate all this information. With the faster threats that we have today, by the time you correlate anything and then come to a conclusion, the damage is already done.

But with the Security Fabric, all these products - let's say you have Fortinet Wireless and you have FortiGate as your firewall and on the endpoints you run FortiClient - they talk to each other, and you have 100 percent visibility across the entire network. If somebody, for example, from the accounting department brought in a USB that they picked up on the road and plugged into their computer, and it had a virus or a botnet, since you have visibility across the entire network, the IT manager would be able to clearly see this and take action.

But for most people, since their anti-virus is just one of their products, it's not going to inform the firewall or the switch or the WiFi that it has a problem. It's only going to be the anti-virus that will, hopefully, will catch it. If it doesn't catch it, that virus or problem can spread throughout the network without anybody noticing.

The two main points of the Security Fabric are the visibility and knowledge-sharing. Given that we have the Security Fabric properly implemented in the network and we have a FortiSandbox in place, if a Zero-day attack comes into your network, nobody will be the wiser. But your computer's anti-virus detects it as a suspicious file. It will load it up into the sandbox and the sandbox will run that program and give a red light when it realizes that it's a bad program. Since most of the products in the Security Fabric can talk to the sandbox, the sandbox will let every other point in the network know that it was a bad file. So from one of those files being uploaded into the sandbox, the entire network security infrastructure will have a new signature for that Zero-day, which doesn't happen in any other cases.

One valuable feature that comes to mind is the Network-In-Control. Usually, when there's WiFi, it's the WiFi client - your phone - that decides which AP to stick to. Your phone will stick with the closest AP, even though there may be another AP that's a bit farther away that has better bandwidth. Since your phone only decides based on the strongest signal, it would stick to the one with the stronger signal, the one that may not have enough bandwidth.

But with Fortinet, there is a feature called Network-In-Control. It's the AP controller that decides what the clients are going to connect to. In this case, the phone doesn't choose which AP you're connecting to, it's the wireless AP controller. Even though your phone sees, let's say, two APs, since the wireless controller has visibility into and access across all the APs, it knows the best AP for the client to connect to. This way, the controller makes sure that none of the APs is over-crowded, and the spectrum is used properly.

Fortinet Wireless has two appliances. The first thing is the wireless controller which does the AP setup and controlling. But it's the Fortinet Wireless Manager that gives you all the visibility, the logging and monitoring, etc.

If you do have a FortiGate Firewall somewhere in the network, you can connect the wireless controller to that. The Fortinet holistic approach is called the Security Fabric. That is the single-pane management for every Fortinet product in a single network. You get 100 percent visibility from a single point, which is, most of the time, the FortiGate. You can see everything that's connected to the FortiGate, whether it's a switch or a wireless AP or a wireless controller or any other Fortinet product. If you connect them through the Security Fabric you can actually see what's happening from end to end. If you're at the perimeter FortiGate and there's a client that's connecting through it, maybe six floors down the line, you can just go and have a look at the client end point from the perimeter FortiGate. And if that end point is compromised you can take it off the network easily.

There are three methods that Fortinet offers wirelessly. The first is industrial, where you have a wireless controller separately and you don't have a FortiGate in the equation. The second is what we call integrated: You get a FortiAP that connects directly to your FortiGate. The third is cloud AP where you just have the AP and you control it through the cloud. On that, they could improve the management side of it. The management side is a bit lacking in its reporting.

One of the main features that I see as lacking in any of the Fortinet products is the reporting. If you want to have proper, end-to-end reporting, you must purchase the FortiAnalyzer which is the dedicated reporting and analyzing tool. For a small customer who has only a few APs, you can't justify asking them to run the FortiAnalyzer because that will incur some amount of cost. If Fortinet could offer some better, built-in reporting, that would be a point of improvement.

The stability is fine on its own, but we can do high-availability where we have multiple wireless controllers, in case one goes down.

Scalability is pretty high. In a large enterprise, the single largest box we have is the Forti FWC-3000 which can hold up to 30,000 clients. That's just one box. If we need more I'm sure we can scale more.

I haven't had the chance to see the Wireless technical support side of the operation. Fortinet Wireless' tech is pretty knowledgeable about what they're doing so I would assume that their tech support caters pretty well. But I can't give a solid answer because I haven't had any experience with them.

I do come in contact with their tech support pretty often when it comes to dealing with FortiGates, and their help is very good.

If it's an industrial setup, it's a bit complex. You need to know what you're doing. An everyday manager wouldn't be able to set it up properly because you need to know how to secure it properly and set all the settings.

For an industrial deployment, if you get engineers who are knowledgeable, it would be pretty easy for them. They could set it up within a day. The integrated WiFi, where you connect the AP to the FortiGate, will take a couple of minutes. The cloud WiFi is actually a zero-touch deployment. You can just ship it to a branch office, have them connect it to the internet, and it will configure itself automatically.

In terms of an implementation strategy for an industrial deployment, the first step would be to do a proper wireless survey by somebody who understands the field. Something that I have seen, where most people go wrong, is that the network engineers or the network administrator in the company think they how to design the network. In the diagram they place the APs where they think would be the optimal placements. Later on, when they've done the purchase and setting up, they figure out it's not optimal. Either they have wasted money by putting in too many APs, or they have not assigned enough APs to power the entire network. When it comes to wireless LAN networks, step number one should be getting a proper WiFi survey done to suit your requirements. After that it's easy.

The survey requires just one person. For a deployment, I'm not sure how many people will be required to set up the APs, because if it's a big conventional hall, for example, then you are going to need some professional people doing the WiFi mounting, etc. After that, configuration-wise, it is a one-person job.

I don't think that any organization will have somebody who is qualified to do a deployment by themselves. This is a niche product. If a company is going to introduce Fortinet Wireless into their network, the IT administrators would not know how to configure it. They would have to get somebody who knows it. After that, they could get training for maintaining it. The administration will then take just one person.

In terms of cost of ownership, as a WiFi solution on its own, I would say it is pretty similar to every other vendor. But, as a holistic approach to a network, it would definitely lower the cost of ownership. If the client chooses to go with the WiFi as well as security from Fortinet, all from the same company - as I explained earlier, with the Security Fabric you get 100 percent visibility and threat intelligence sharing - that would definitely cut down on the cost of ownership.

Regarding ROI, especially for people in the retail business, they can easily cater to their clients, plus they can get analytic data from the clients and make something of that data.
Let's take an example where you have a big mall and the mall management decides to implement FortiWiFi. There is one feature that these guys really like which is the analytic side of it. We can easily show where their customers have been. We can show them a wireless "heat map" of everybody who walks into the mall. With it, we can tell people who own the shops, "This is where the customers mingle the most. These are the favorite parts around the mall." That really helps clients to do something with the data. That would be a good return on investment.

We're not cheap but we can give you better pricing than the competition if it comes to that. Licensing is pretty straightforward. We don't have any hidden licensing when you purchase an appliance. If you purchase one appliance you get the maximum number of clients and every feature in that appliance unlocked for you. You just pay for the entire thing outright.

In looking at Ruckus vs Fortinet Wireless and some other WiFi providers, the others are just doing the WiFi part. With Fortinet, the plus is that you also get a very secure network which is easily adaptable to the security design provided by Fortinet: the FortiGate, FortiAnalyzer, or any other feature in there. That is one of the deciding factors for organizations but, in certain cases, the fact that we can give it at a much more affordable price also helps.

Get a good wireless plan done, get a good survey done. Also, know what you really want. Every vendor comes with 100 different features but you may not end up using all those features yourself. I'm being vendor agnostic here. If you want to do a WiFi implementation: 

1. Get a proper survey done.
2. Know exactly what you want. 
3. Think about security as well.

If those three steps help you zero-in on one product, that's the way to go.

Fortinet has a very strong industrial presence because they acquired Meru Networks a couple of years ago. The industrial strength WiFi, which Fortinet is offering, is what Meru used to have. They have a couple of more technologies which the other vendors don't have.

We've seen a big jump in the market for Fortinet WiFi. We can actually provide it at a much lower cost than the competition. The plus point of our WiFi is that we don't only provide the WiFi, we also provide security with it. This relates to another problem that I see in the market. Let's take a web developer for example. The web developer is a developer who does web pages but doesn't think much about security. No matter how good a webpage is, if that page can be easily breached then it is of no use to the client. If you apply that same analogy to Fortinet, Fortinet understands security as well as wireless LAN solutions. We can easily integrate the access part of wireless with the security part of wireless. That is appreciated very much by our customers. Since they understand that, they are very happy to go with Fortinet WiFi.

I would rate Fortinet Wireless at nine out of ten because of the ROI and the TCO that we discussed, plus the ease of management. These guys they are really up on the deal. They are in the fastest moving technology industry. Whatever changes come, they implement it and do their testing very well. Overall, it's a very good product. The one feature that I am not happy about is the reporting. There's a bit of a way for them to go with that. Once they iron those things out I'm sure they'll get ten from me.

We use it for a very large K-12 environment servicing 80,000 concurrent users.

Being able to leverage Virtual Cell in our environment has been a major advantage. Creating small cells of APs using Single Channel Architecture has improved roaming of our more mobile clients and provided stable and fast network connections to our stationary clients.

The Fortinet product is intuitive, scalable, stable, and easy to manage. Seamless roaming by leveraging Virtual Cell is a major advantage which reduces roam times and issues related to roaming. Code stability has been excellent and the hardware quality is second to none.

We leverage Fortinet WLM (formerly EzRF) as a single pane of glass to view all controllers and access points. We use WLM to deploy all of our wireless service profiles, collect analytics, deploy upgrades, etc. This is our primary way to manage all of our equipment. This makes it really easy to replace equipment if needed because there is no locally stored configuration (for the most part).

There is very little publicly available information about Virtual Cell and Single Channel Architecture. Promotion of the overall technology is limited as well. Being more vocal about a product that has many advantages would go a long way to eliminating a lot of the confusion and negative perception about Virtual Cell and Single Channel Architecture.

Stability issues are very infrequent. If an issue is encountered, a temporary solution is quickly found while a permanent fix is developed.

With roughly 100 schools and over 6,200 access points servicing 80,000 concurrent users, we have not run into scalability issues. We still primarily use Single Channel Architecture across all of our schools but employ variations of Virtual Cell in special situations.

The technical support is great. I have not had any issues with it. The support staff knows the product well and responds to support requests in a timely manner.

Although I have worked with Fortinet (Meru) for several years, my current employer chose Meru prior to my employment.

The initial setup is straightforward and intuitive. A simple and reliable network can be set up very quickly using Fortinet wireless equipment. Using Fortinet Single Channel Architecture is not a replacement for having solid wireless network fundamentals. Wireless network knowledge is critical for deploying any wireless equipment.

Licensing has become easier. There is no longer a per-AP license needed on the controller.

This is a very viable solution for all verticals. Do not discount the technology based on what was said several years ago. Just like any other wireless solution out there, a wireless network can be set up incorrectly without the proper wireless networking knowledge. Proper wireless network fundamentals are critical for all wireless network solutions. Combining a solid wireless network foundation with Fortinet will provide a very good experience for several years to come.

We use Fortinet FortiWLM in medical offices.

The most valuable features of this solution are its speed, reliability, and integration with the firewall.

Cost is something that could be improved, but you have to pay for what you get.

 I have been dealing with Fortinet FortiWLM for three years.

The series we are using is 431F.

The stability of Fortinet FortiWLM is phenomenal.

The scalability is exceptional. You can integrate into the firewall and have full visibility on a single pane of glass.

Phenomenal. Fortinet's technical support is outstanding.

Previously, we were using Meraki. We are getting better coverage, better throughput, and a more stable connection with Fortinet FortiWLM.

The initial setup is pretty straightforward. It can be deployed in minutes.

I am a single person responsible to maintain, more than 18 offices and 60 APs. I do everything myself. The single pane of glass and the integration of the complete Fortinet product line, are very easy to deploy and maintain.

The prices are high, but you get what you pay for if you can afford it.

Support contracts typically cost approximately $100.00 per year.

In addition to licensing fees, there are no other costs.

We replaced Meraki, and my advice is that we switched from a mandatory maintenance contract to an optional maintenance contract, which costs significantly less per unit.

I would rate Fortinet FortiWLM a nine out of ten.

We use it for wireless at our remote locations.

We're using SD-WAN at all of our locations now, which helps increase and aggregate and lower response time and improve application performance.

Another thing we have seen is increased security awareness.

• UTM (Unified Threat Management)
• Centralized management
• Cost
• Ease of use

Manageability is a key.

The centralized management features could be improved. I think they're good, but I think they could be better.

I can't recall any stability issues.

Scalability is fine.

Their tech support is average. Their response time is average. Their first-level support is okay, but it's not terrific. The few times we've had to open tickets, we've had to escalate to get to an engineer who could help. Usually, when we call, there is something really wrong and the front-liners are not geared toward high-end support.

We switched primarily due to feature functionality and cost. It offered a lot more value.

It was fairly straightforward. With any new product you need training because it's different.  We needed a little bit of training but it wasn't anything that was difficult.

The product's pricing is a good value. 

Licensing is the only area where I think they are below average. They need enterprise licensing, an all-encompassing license to cover all products for a company.

We evaluated a lot of different solutions including Palo Alto, Cisco, SonicWall.

Overall, putting it in place was fairly straightforward. As with anything, I would plan it and test it before implementing. That's for any product, it's not specific to Fortinet.

I give it a nine out of 10. The price performance is unmatched. If they came out with enterprise licensing, I would give it a 10.

We are an internet and telecom service provider, so we are not the final customer. We provide secure wireless LAN solutions to our customers, and for internal services as well.

We show how we can bring many positive results to different businesses.

We merge with the customers' bring-your-own-device solutions. It's easy to manage the WiFi, the customer does not need to buy more equipment, like tablets, for their employees. They can reuse equipment. And employees are definitely comfortable using their own devices and, from the IT and security perspectives, we are bringing security to these employees, with our solution. We innovate the business process. We innovate how employees work in their companies.

Also, in the case of stores, we are bringing new results and new income. We help them to grow their sales. Their customers like to go to their stores because they can access the information they need. They can connect to the wireless LAN, they can compare prices. We are making the business process faster and more secure, and customers like that. They can engage with the retail store.

Using this technology, the stores' loyalty programs are growing because, when customers go into the stores, they can connect with the loyalty programs to receive discounts and special items. This makes their customers more loyal to the stores, who are our customers.

We have some international retail customers, such as H&M, from Sweden, and another one from the U.S. and, in both cases, monthly sales have increased about ten to 15 percent. In these cases, income was one of the benefits that they received in the quarter after we installed the solution. The results were very quick.

In addition, we make the business process, the internal process of distribution and logistics, more efficient and connected. We're reporting, online, how they are distributing all the items to the different stores. And the inventory is connected to the wireless LAN solutions, so they know, online and in a centralized way, what the inventory levels are in the different stores.

Security is the feature we like most from Fortinet. In general, their security architecture is really great, because it involves everything: firewalls, wireless LANs, the user. Everything is really secure. That's a great feature from Fortinet. It's very valuable.

Sometimes we feel that we are buying the top-of-the-line technology and, six months or eight months later, we feel it is already obsolete. New smartphones bring new technology, new ways to connect. Sometimes we have this bad feeling that, even though we are investing tons of money, technology is moving faster than us. So even with this huge amount of investment, one year later we are totally obsolete compared with the new technology.

They need to make it move faster. They need to make it easier to configure, easier to monitor, easier to report.

We have great tech support from Fortinet, here in Mexico. But if we have a big issue, like a big bug, and they need to produce new versions of the software in their R&D departments, this is the slowest part.

It is very stable. In the last 16 to 18 months, there have been no big issues related to the solution.

It is really scalable. That is one of the decisive, key points we consider in all our projects. In the case of Fortinet Wireless, it is really scalable.

We get good response from the tech guys at Fortinet. Our experience with them is absolutely positive.

We used to have some HPE equipment. We switched from those old access points. We use Fortinet as a preferred vendor, but if a customer wants or needs to use equipment from other vendors, we sell equipment from other vendors.

Setting up the solution is really straightforward. The amount of time it takes depends on the customer. If it's a really big customer, the implementation process could take from three months to almost ten months. Once you have all the plans and you start installing, it's really straightforward and it can move fast.

For Mexico, a big customer is the one that has more than 200 retail stores. They are not as big as in the U.S. or in other countries, but for Mexico, a retail store that has 250 stores is a huge company.

The deployment strategy depends on the project manager and his staff. Because we are telecom service providers, we usually start with all the internet connections, and voice and data connection, using fibre. Once we have all that in place, we start building the local area networks.

In terms of deployment and maintenance, on average, I would estimate it's about eight to ten percent of the investment. It depends on the customer and the approach we have with the customer. We usually have two or three engineers, per customer, giving support. But that's not just for the wireless, that's also for the networking. For a huge retail company, we may have between five and ten certified engineers working on daily support for the customer.

ROI depends on the customer but it could be from six months to 12 months, on average. It's a good return on investment. More sales. More savings. It reduces the TCO, but I don't have the numbers. It could be a reduction of, maybe, 15 percent, compared to other solutions.

It's definitely a great solution.

Negotiate with the vendor to activate the licenses at the moment that they install and configure the equipment. If you initially have a big project with a lot of equipment, and you have a six-month plan, licensing will start before you are using all the equipment, and that doesn't make sense.

In terms of how extensively it's being used and whether its usage will grow, it's really organic. People are using the internet and using all kinds of applications on a daily basis. It's growing, more people are connected every day. Usage is changing dramatically, exponentially, really. As more people use the internet and applications on a daily basis, our customers are required to increase services and, obviously, in a secure way.

We provide wireless access to customers as per the business case. The primary preferences of clients are usually to choose Fortinet, Ubiquiti, or Cisco, as these offer free consumer-based options built into the FortiGate firewall. This reduces costs and provides a unified space where we can deploy valid policies and enable first-time monitoring.

Regarding cost and financials, customers do not need to purchase an additional controller and can scale and expand as their business needs dictate. This is one of the major features in terms of cost and financial management. Additionally, we can from a single console, deploy and push firewall policies, monitor everything, lock and give access, and extend and scale easily. Furthermore, stability, adaptability, performance, and low interference of other frequencies are all managed by radio bands. This is why Fortinet is suitable for the customer.

The Fortinet FortiWLM system can be controlled through the cloud controller, which is convenient when the solution is not installed in our environment, as it allows us to manage the entire WiFi or access points and provides more adaptability.

In comparison to the Extreme and UBNT wireless solutions, we find that Fortinet falls short in terms of validity management, practice management, and firmware arrangement.

The initial setup is complex and has room for improvement.

I would like to have some customized modifications to the radio bands so that we can see which is interfering with the wireless IP. If FortiWLM could provide a tool where the user could generate a heat map of the space in which the FortiWLM is operating, this would be a valuable addition to the solution. Most organizations rely on their existing knowledge of wireless before deploying a wireless solution. When we look at the market, we see many more commercial products which provide comprehensive tools. Fortinet has the basic tool, but I don't use it because it is not flexible enough. If Fortinet could provide us with flexible customization of band management, and add a special dashboard where the user can see other devices and settings, as well as a tool to generate a heat map in the next version, this would greatly improve the solution.

I have been using the solution for one year.

The solution is stable.

The scalability is an eight out of ten.

We have used the solution in enterprise-level organizations but it is primarily for SMBs.

The initial setup is complex, especially with regard to the bad software, complex system integration with the existing infrastructure, integration with multi-factor authentication, and integration with industrial equipment. The solution also supports the industry's portables. However, the UC does not have an extensive list of industries for the portables.

Before implementing, we analyze our customer's requirements and discuss their budget, so we consider the financial aspect. Then, we recommend a customized, scalable, and flexible solution that not only meets their current requirements but also has the potential to last for the next five years. This is why we can plan and execute the solution in such a way that the customer can scale it up for the next five years.

In the last few years, due in part to the impact of COVID on the market, Fortinet has increased its prices by 35 percent.

I give the solution a seven out of ten.

Most of our customers prefer Cisco over Fortinet due to their longevity of almost 40 years and superior security protocols. Cisco has developed its own set of protocols, giving them flexible options to integrate and coordinate with many open-source centers, and providing excellent integration.

Fortinet FortiWLM is a good solution and I recommend it.

We are a technical services company and this is one of the solutions that we provide to our clients. My client was interested in adding a guest network to the existing infrastructure. The main requirement was that the new access points needed to be able to integrate properly, but any guests should not be able to connect to his main network.

It was a very old network with no VLAN and there was no interest in implementing one. This solution allowed for the creation of different networks without the need for a VLAN or the installation of layer two switches.

The most valuable feature is the ability to connect and broadcast to different networks without using a VLAN or a layer two switch, which allows you to easily create guest networks. This is a very useful and very different feature compared to other solutions on the market. In every customer meeting, this is the feature that we highlight.

The solution is easy to use and the GUI is user-friendly.

The guest management features need to be improved by adding automation. There is a facility for guest management through a portal, but it should be automatic. As it is now, the IT person has to edit and do things manually. All of the details should be maintained in the FortiCloud.

I would like to see some small access points or signal extenders added to the product line to help with areas that do not have full coverage. 

I have been working with Fortinet wireless for the past seven years, and for fourteen years in total with Fortinet solutions.

In the past seven years that I have been working with this solution, I have not had any issues regarding stability.

This scalability is good.

I have been in contact with technical support a few times, although it was for known product issues that required doing things like installing a new driver. Overall, I would rate them to be good.

We have deployed solutions from D-Link and NETGEAR for certain clients, although they have not needed to have the depth of features that are offered by Fortinet Wireless. These include both security options and the facility for providing a guest network.

The initial setup is easy and user-friendly. The deployment is highly efficient, and it may take 25 minutes to configure if you have a maximum of ten access points. At most, it may take three to four hours.

For indoor access points, there is a one-time cost, upfront, whereas outdoor access points have an annual fee.

Compared to some of the wireless solutions by Cisco, Aruba, and HP, this product is a little bit costly. However, Fortinet has good security and other good features that the customers are interested in.

I would rate this solution an eight out of ten.

I use Fortinet FortiWLM for wireless communication and the internet. 

The solution should improve user capacity. 

I have been working with the solution for three months. 

I rate Fortinet FortiWLM's stability an eight out of ten. 

I rate the tool's scalability a ten out of ten. 

Fortinet FortiWLM's installation was easy. 

The tool offers good returns on business. 

Fortinet FortiWLM's pricing is regular and competitive. 

I rate the product a nine out of ten.