FortiDB software is a comprehensive database security and compliance platform that helps large enterprises and cloud-based service providers protect their databases and applications from internal and external threats. Its flexible policy framework allows you to quickly and easily implement internal IT control frameworks for database activity monitoring, IT audit and regulatory compliance.
Fortinet FortiDB [EOL] was previously known as FortiDB, FortiGuard Database Security.
Chunghwa Telecom
| Author info | Rating | Review Summary |
|---|---|---|
| CEO & Technical Head Executive at ChellSoft Technologies | 5.0 | I rate this solution 10/10. It provides excellent security and superb technical support for my applications and network. Stable, easy to set up, and scalable, I find it highly effective, with minor use case analysis improvements desired. |
| Sr. Security Network Engineer at Children's Cancer Hospital - Egypt 57357 | 4.5 | I find this a very good, stable solution for vulnerabilities, easy to use with simple setup and helpful support. Reports are great. I appreciate the regular updates, though I desire better APIs and integration. It’s not costly. |
| IT Engineer at BAZ | 4.0 | I use this solution for database security, protecting MySQL/Postgres environments with activity monitoring and file-level protection. It's stable and scalable, but I found setup complex. I'd like a more user-friendly web filter and reduced cost. I rate it 7/10. |
| IT Assistant at a international affairs institute with 10,001+ employees | 3.5 | I use this database security solution, finding its security features excellent and setup easy. Customer support is good, and it's stable. However, I rate it 7/10 due to its high pricing and expensive licensing. |
| Security Network Engineer at Freelance | 4.5 | I find FortiDB excellent for monitoring various databases, appreciating its extreme stability and scalability. It's crucial for database action monitoring. However, I've encountered critical bugs, particularly with SSL encryption, which needed disabling for monitoring. |
| Manager-Information Services at a maritime company with 501-1,000 employees | 4.5 | Fortinet helps bypass ISP restrictions with SD-WAN VPN and strong cloud security tools. I appreciate its cost-effectiveness, stability, and support. However, I desire a desktop admin tool over the web GUI and better low-end device scalability for high-throughput scenarios. |
| Chief of Security Operation Division at a financial services firm with 1,001-5,000 employees | 3.0 | I have used Fortinet FortiDB for three years. While its VA, auditing, and alerting features are valuable for security, I've encountered significant performance and scalability issues, especially with hardware limits and resource management. Initial setup can be complex. |
We are using the solution to secure the applications which are on the cloud. We also use it to secure our traffic and our network at our organization's office.
The solution overall is good. All of the features are useful and working well for us.
The technical support provided is excellent.
The solution is very good at preventing intrusions. You can definitely rely on this solution to cover your security.
The pricing of the solution is fair.
The interface of the solution is quite stable.
Some use case analyses could be improved.
In some cases of port forwarding, the creation of LIPs needs improvement. For every instance you have to create a new iteration. If there was an option by which you could create a LIP on a single console, it would be helpful.
I've been using the solution for about ten years now.
The solution is 100% stable. We haven't experienced any issues or witnessed any bugs or glitches. Overall, it's been great.
When you use the cloud version of the solution, you will find the solution is quite easy to scale. We haven't had any problems expanding the solution so far.
We have close to 80 people on the solution currently.
The solution's technical support is excellent. We've been more than satisfied with the level of assistance they've provided.
The way it works is quite straightforward. You simply raise a ticket with them and they will contact you to assist.
Before using Fortinet, we used Sophos. We weren't happy with Sophos. It just didn't perform well when it came to preventing attacks. It didn't work well for us, so we switched. We find Fortinet much stronger when it comes to preventing proxy traffic.
The initial setup is straightforward.
It took us less than an hour to have everything set up and deployed.
A company only needs one person to handle the deployment.
We handled the implementation ourselves. We didn't need an integrator or reseller to assist us with deployment.
If you're talking about an IT infrastructure, or about hardware, or VMware, yes, there's an ROI. However, when it comes to data security, it's hard to quantify the benefits of the solution.
The pricing has been fine for us overall. We don't find it overly expensive.
It is about two times higher than what Sophos charges. However, when you compare support and the scalability of the solution, it's much better and well worth the extra money.
I'm not aware of any additional costs on top of the licensing costs.
We didn't evaluate other options before choosing Fortinet. We went straight from using Sohos to deploying this solution.
I'm a Fortinet partner and work with all of the Fortinet products.
I'd rate the solution ten out of ten.
I'd let other potential users know that this solution is quite easy to use. As long as users have some basic knowledge of networking, and how to apply a firewall, they won't have any trouble with it.
It's a very good solution. For vulnerabilities, we use it our hospital besides the Nessus server.
I am using the latest version.
I would like better APIs and integration with other products, like Python and SQL.
We need better encryption features for http-ls.
I have worked on Fortinet FortiDB for three years.
It is very stable. We have no problems with the solution.
We did an update last month.
In our hospital, we built a new extension that we needed for scalability. However, we won't scale until the extension is complete.
We use it on laptops, PCs, and iPads. It is on a total of 3,000 to 4,000 devices.
The technical support is very helpful. When we open ticket with them, they call us immediately. Their tickets don't circulate to another team because they solve it. They can follow up with us and provide feedback. This is totally helpful.
There are a lot of implementations in Egypt. They could increase their offices there.
The initial setup is simple. It has very clear text. We used it in our environment immediately after the box came to our hospital. It took one day (7 a.m. to 7 p.m.) to set up.
It is not costly.
Unlike other products, it is easy to connect with an easy interface. We have the ISE product from Cisco, and it's very complicated. We suffer from it.
It is a very good solution. I love it.
Every day the company is updating and developing its devices.
I would the product as a nine (out of 10).
Database security and compliance. I use it to protect databases and applications from internal and external threats. My environment is MySQL and Postgres. I have an ERP running on MySQL and my other application on Postgres. I have several instances.
24 x 7 database activity monitoring captures all forms of database activity to detect erroneous or malicious activity. Database auditing records all database activity for complete and accurate audit trails, with independent storage for additional security.
The most valuable feature is database security. This solution provides file-level protection.
Automatic database discovery finds all databases on the network, including those across subnet and WAN boundaries.
They need to improve the web filter to make it more user-friendly.
The cost needs to be reduced.
In the next release, I would like this solution to include some phishing detection, to detect phishing activity on the network.
I would like a way to keep users away from my domain controller. If somebody wants access to the internet, it would have to be authenticated from the main controller, or if the user wants access for internal use.
If the machine is not from the domain it is not granted access.
So far I take the solution as stable.
Highly scalable
So far so good, I have no issues with customer support, when I have request they are resolved timeously.
No, this was the first solution that we tried
It was a little bit complex, as the team had to read and implement what they were reading.
It was through inhouse team which had no prio experience to implementing it.
The price of this solution could be reduced.
No, this was our first solution to evaluate ourselves, the other products we just read reviews from users.
We do not have a relationship with Fortinet, we are just end-users.
I would rate this solution a seven out of ten.
We use this solution for database security in a private cloud deployment.
The most valuable features of this solution are the security aspects.
The pricing of this solution is a little bit on the high side and can be improved.
I have not had to perform any upgrades after the original installation.
This solution is scalable, but if you increase capacity then you may have to move to a higher device that supports a higher demand. There are perhaps eight different versions of FortiDB.
Customer support for this solution is good. It is at the top. They are responsive when we need support.
This solution is very easy to set up.
In the licensing model, the licenses are a little bit expensive.
For anybody who is implementing this solution, I think the most important part is to get the right technical partner. We rely on our partner to help the client implement the solution. The most important thing is the technical support.
In case there are problems that come up later, you need to have someone on hand who understands the setup from the beginning.
This is a good solution, but there is always room for improvement. For example, for a large order, it is very expensive.
I would rate this solution a seven out of ten.
In most of my organization, I must disable SSL encryption in a database for monitoring by FortiDB. Once I do so, FortiDB can get to work and monitor the solution.
It is critical to monitor the action in a database. This is the most important feature of FortiDB. You can create queries, delete data, block as a firewall and more. You can also reset the station user if you want to do a specific update.
We had some issues trying to fix some critical bugs, such as the SSL encryption.
It is extremely stable, and can expand as per our needs due to its stability.
It is scalable. I actually have deployed it in an industrial company that has about 80 databases.
No.
It is not expensive.
We looked at Oracle, but we realized that there is no general solution to monitor the range of a database in the same way that FortiDB does. It is a good solution for database monitoring.
It’s recommended to secure any database by securing parameters in database setting.
We're trying to get around some restrictions that some ISPs have put in place. For us, it's Telus, for remote locations. We do a lot of remote site work. We do real estate maps. We have wireless towers at different locations and the ISPs are putting things behind proxy so that we can't get remote access. We're using this to get around it with their VPN system.
Fortinet has quite a good SD-WAN VPN setup, so that you can get around things a lot more easily, with more intelligence.
The cost is an advantage. You save a fair bit.
It's great to get out, it's flexible. They have some good ramping up for performance between different devices.
The biggest thing, for us lately, has been their cloud tools. They're like Intercept X from Sophos, where they'll test for ransomware. Fortinet has the same sort of set up with their cloud devices. So your firewall picks up something suspicious, it sends it up to the cloud for analysis. We also have their in-house antivirus. Having different antivirus checkpoints throughout the network is a good thing as well.
WatchGuard has a desktop-based admin tool, instead of doing everything through the web. I'm an old-school guy. I really don't like web GUI interfaces. They're always slow and laggy and their design is restricted, whereas a binary deployment for an admin tool is always faster, easier, more flexible. I would like that kind of functionality from Fortinet. In part, it's bias, because I'm familiar with it. But WatchGuard is a very flexible tool. It's very dated now, it needs to be worked on, but it is quite a good tool in that way.
So far, no problems with stability at all. They have a failover system which we haven't used, we haven't needed to use, everything has been fine. But we've only had it for about a year. We do have some stuff deployed down in Mexico that corrodes pretty quickly, so I'm expecting something to fail down there at some point, but we'll see how that goes.
With the smaller devices, you definitely have to do some planning, especially with throughput. If you have some of the high-fiber, say a 300 megabit fiber coming in, and you want to turn everything on, and you want to have a high encryption rate on the VPN, you're going to have some problems; if you're doing antivirus, web filtering, and you have high encryption on a VPN.
They have some built-in chips that offload the VPN encryption work, but if you go above those chips' capabilities, then it starts to use CPU time and if you have a lot of data coming in that's getting scanned for viruses, or whatever else you're going to be scanning for, you start to notice the impact there and you'll lose throughput.
With the lower-end devices you definitely notice that and you have to plan for it. Higher-end stuff has all that built in.
Technical support is really good. They had some good insights. I had a FortiGate installer come out and do some work with us on one of our sites that I was having problems with, and he had an issue. He called their main tech support line and he got through to the engineers in the background fairly quickly, so it was good.
I had one other problem independent of that and it was answered within about four hours, quite completely. It was more information then I needed.
Our previous solution was WatchGuard. WatchGuard is very easy to manage. It's a very user-friendly product. It's just a little bit pricey for what we are using, for the small deployments. Not everything has 100 people, or 1000 people behind it. Some of them only have five or 10, and you don't want to be spending $4,000 for a few people.
We had some older products. Because we're remote, we don't always have the highest speed connections. At one location in particular, we had five DSL lines bonded into one to make a bigger pipe and finally got fiber out to that location in an industrial park. We were going from approximately 50 down and 13 up to 300/300. We knew the throughput for the older device wouldn't handle it. To use what you pay for, you have to upgrade.
When selecting a vendor cost is definitely a factor, but it's not the factor. It would mostly be ease of use and reliability, meaning the device is going to be there, the company is going to be there, the support is going to be there. You need all that background stuff. The price is important, but if it makes everything run well, and makes my management time minimal, then it's worth spending a little more money on the device. If it doesn't do the job, there's no use buying it.
It's pretty rapid deployment, but to have it deployed correctly it does take some effort. In that way, it's dangerous because you can leave a lot of holes open.
For the most part, the setup was straightforward. What surprised me is that I had to put in the starting route. Usually, it just picks it up and knows what it is based on your interface setup; it knows what the routing is supposed to be. But it required me to do that. That was the only thing I ran into. Other than that, everything else was trivial.
It's logical, it points you in the direction. Once you do firewalls, you know where you need to go to set up your interfaces, and you start figuring out your holes. Then you go check your routes.
It's relatively inexpensive in comparison to everything else that has the same functionality. If you're looking at SonicWall or if you're looking at WatchGuard, their prices are about a third higher with relatively the same functionality.
We had SonicWall for a while, years ago, so we went back to them. We also talked to the Dell guys. We went back to WatchGuard to have a look at their items, and then there was Fortinet. I'm based out of Vancouver and Fortinet has a fairly major operation in Burnaby, which is just outside of Vancouver. I'd heard about them and they got added to the list.
Those were the major candidates that we looked at. We talked about a bunch of others, and a couple of other vendors that we talked to that use different products, but we never really seriously went into them.
Go out and see if you can get demos. That's the best thing, to get the feel of it. Either you sit down and get walked through it, or you log in and start flailing around and see if it works the way your mind works, because everybody is different.
I would rate Fortinet at about nine out of 10, mostly because it's web interface, it looks nice, it works well. Their console is a dominant part of the admin. Just like Windows has gone with their PowerShell with a lot of stuff, I'm not a big fan of it, even though I come from that era. I'm an old COBOL programmer guy.
Command lines are nice, but they don't give you, always, the type of feedback you need in multiple locations, so I like the GUI a little bit more for just simple management and monitoring. The command line is a big part of it. It's not intuitive to me. Building the commands, I understand how it flows, but the actual words in the commands to pull up what you need isn't that great. And personally, I'd like a desktop client to admin tool.
If you're building a VPN, you build it outside it, then you deploy all the devices at once, and the VPN just works, instead of going to each individual device and logging in.
When you implement FortiDB in your environment, you get the benefit of three important features: VA, Auditing and Alerting. You can audit your entire database in depth and review the users activity on your critical databases both in real time and offline. This helps you with both debugging and security.
I have used Fortinet FortiDB for three years.
We had many issues with the performance and the appliance resource management.
We had many issues with the hardware limits in high EPS environments.
I rate technical support 3/5.
We did not have a previous solution. There are no other DAM solutions available like FDB.
We used the official partner to deploy the FDB in our environment. But I need to say from experience that if you want to implement it in-house, you will probably get stuck and it will get complex. But, once you have it implemented for the first time, you will find it simpler than you thought.
You can not start with the minimum requirements. You need to make a very specific and detailed capacity management plan. The appliance has many performance issues, so consider the hardware limits that can easily influence your device functionality. Never run DAM on mixed databases like Oracle and MS SQL Server using a single appliance.
There are no other options to evaluate.
Take the capacity management very seriously.
![Fortinet FortiDB [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,dpr_3.0,f_auto,q_100,w_100/2w272d7zf0t624rmzge9zoruvro8.jpg?_a=BACAGSGT)
![Qualys VMDR vs Fortinet FortiDB [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,dpr_3.0,f_auto,q_100,w_30/XnRxpNyFpLJyXUL8io1P86Fx.jpg?_a=BACAGSGT){kind=small}
![Orca Security vs Fortinet FortiDB [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,dpr_3.0,f_auto,q_100,w_30/94mkkpodc6sw33cphilpuvc8rd8j.jpeg?_a=BACAGSGT){kind=small}
![Imperva Data Security Fabric vs Fortinet FortiDB [EOL] Logo](https://images.peerspot.com/image/upload/c_scale,dpr_3.0,f_auto,q_100,w_30/E51bW9buXBJ114ChE71y3TcN.jpg?_a=BACAGSGT){kind=small}