What is our primary use case?
I work as a cybersecurity pre-sales consultant and regularly engage with multiple leading vendors, including Cisco, Palo Alto Networks, Fortinet, and F5. My role requires me to quickly evaluate new solutions, understand their technical and commercial value, and position them effectively in RFP responses and customer presentations.
I have more than 10 years of hands-on experience with Fortinet technologies, particularly FortiGate and FortiGate-VM, extending beyond firewalls to the broader Fortinet Security Fabric. My exposure to Fortinet spans several roles throughout my career—including customer, technical project manager, and pre-sales consultant—which has provided me with both operational and strategic perspectives on the platform.
Over the past six years, I have worked with three different system integrators across Kuwait, Egypt, and Saudi Arabia, all of which maintained the highest partnership tier with Fortinet. This has allowed me to consistently work on enterprise-grade deployments, vendor engagement, and high-value opportunities across multiple markets.
How has it helped my organization?
Having worked with them both as a customer and later as a reseller, the experience has consistently been smooth and positive from both business and technical perspectives.
What is most valuable?
FortiGate VM delivers exceptional performance and security with no degradation of service or protection (same features as the HW option).
As part of the Fortinet Security Fabric, it extends across clouds and distributed locations, mitigating blind spots in virtual infrastructures. FortiGate VM can be rapidly deployed, managed through a centralized platform, and offers a range of purchasing options to suit every need.
Also, FortiGate VM offers versatile deployment options across both public and private clouds, supporting all major public clouds including AWS, Azure, and Google as well as most hypervisors such as VMware, Hyper-V, and KVM. These deployments enable organizations to create scalable, high-performance firewalls that can be tailored to different virtualized environments and hyper-scale public cloud infrastructures. FortiGate VM integrates seamlessly with various infrastructure as code (IaC) tools such as Jenkins and GitLab, supporting security as code practices.
What needs improvement?
Fortinet FortiGate-VM has a suggested room for improvement, like enabling the partners and pushing this as an enablement for partners, along with the sizing tools for the proper selection.
For how long have I used the solution?
I have been working with Fortinet FortiGate for more than 10 years.
What do I think about the stability of the solution?
In one of my previous deployments, I experienced a delay in Fortinet Security Fabric’s real-time threat response. During an attack, the malicious file was not immediately detected by FortiGuard and was able to pass through both the firewall and FortiMail. Fortunately, a second layer of protection—Symantec endpoint security—successfully blocked it on the workstation.
This happened a few years ago, so the platform may have improved since then. In general, forming a solid judgment on real-time threat intelligence requires extensive testing across different scenarios. However, at the time, the delayed FortiGuard update was a notable gap, and without endpoint protection in place, the potential impact could have been significant.
How are customer service and support?
I would rate Fortinet’s technical support as good overall, particularly due to their strong local presence. Unlike many vendors that assign only one sales and one technical resource per country or region, Fortinet typically maintains a large in-country team of technical sales engineers, SEs, and subject matter experts. This extensive on-ground coverage is a significant advantage, as it often allows customers and partners to obtain guidance quickly through direct contact without the need to open formal support tickets.
The technical capability and maturity of Fortinet’s local teams are generally very strong, which contributes positively to customer experience and issue resolution speed. However, within the formal ticketing system, meaningful progress on complex or deep technical issues often requires escalation to Level 3 support. Initial Tier 1 responses tend to focus on standard troubleshooting steps or knowledge base articles, which experienced engineers have typically already reviewed. As a result, resolution of advanced issues can depend on successful escalation to more senior technical resources.
Which solution did I use previously and why did I switch?
Fortinet would benefit from adopting a more structured customer-enablement program focused not only on driving product sales, but on ensuring customers fully utilize the capabilities of the solutions they have already deployed. At present, this type of proactive, value-realization engagement is not consistently visible in the market.
Competitors such as Palo Alto Networks offer formalized assessment programs that analyze firewall logs and generate both executive-level and technical reports, highlighting configuration gaps, policy inefficiencies, and unused security features. These reports provide clear, actionable guidance—often down to the individual policy level—allowing organizations to quickly optimize large and complex rule bases.
While Fortinet offers similar diagnostic and support capabilities, they are not packaged as a structured, partner-driven program, nor are there clear incentives for distributors and system integrators to promote them. Establishing such a program would help customers maximize the value of their investments while improving long-term adoption, customer satisfaction, and platform stickiness.
How was the initial setup?
usually, it's complex due to the nature of the implementation, especially if the site is up and operational.
What about the implementation team?
What was our ROI?
The total cost of hardware goes beyond the initial purchase price. It also includes ongoing considerations such as power consumption, maintenance, RMA handling, high-availability design, and the associated cabling and infrastructure.
These factors can significantly impact the overall cost and operational complexity of the solution.
What's my experience with pricing, setup cost, and licensing?
Fortinet FortiGate-VM's pricing is very good. As long as there is competition, they go with 50% + discounts. Their prices are very competitive. However, if there is no competition, they usually go with the standard discount or standard price, which their price list is already available online. This is equal to any other vendor. Unless there is competition, you will not have a decent price.
Which other solutions did I evaluate?
What other advice do I have?
Fortinet FortiGate-VM can manage multiple devices using CM for central management. Fortinet Security Fabric automation features are used to generate alerts or automate threat response. Once the firewall detects something, it will send it to the EDR or to the endpoint to FortiClient, and it will block it. If there is a malicious IP or domain, it communicates with the mail gateway or FortiMail and the domain is blocked.
If the customer is mature enough or the company that is offering the solution implements the integration properly, the Security Fabric works well. The whole idea of selling or implementing the Security Fabric is that it creates added value through integration. Without the integration, without achieving one plus one equals three, there is no added value from this integration. It requires an engineer or someone who wants to enable the feature. Once you read the features and read the data sheet, everything is fancy and beautiful. Once it is implemented and on site, usually people take it very slowly or are afraid of changes or they worry about interruptions, especially if it is a complex environment like banking or similar environments. They get afraid that something might happen in the background that impacts the services. They usually enable the basic features.
My overall rating for this product is 8 out of 10.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure