I am the network administrator at THK Rhythm Automotive.
Fortinet FortiGate-VM delivers robust security services and advanced network management suitable for cloud environments, providing solutions like firewall and SD-WAN, with seamless integration across Fortinet devices.


| Product | Mindshare (%) |
|---|---|
| Fortinet FortiGate-VM | 2.2% |
| Fortinet FortiGate | 14.5% |
| OPNsense | 8.2% |
| Other | 75.1% |
| Type | Title | Date | |
|---|---|---|---|
| Category | Firewalls | Jul 7, 2026 | Download |
| Product | Reviews, tips, and advice from real users | Jul 7, 2026 | Download |
| Comparison | Fortinet FortiGate-VM vs Fortinet FortiGate | Jul 7, 2026 | Download |
| Comparison | Fortinet FortiGate-VM vs Netgate pfSense | Jul 7, 2026 | Download |
| Comparison | Fortinet FortiGate-VM vs Cisco Secure Firewall | Jul 7, 2026 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Fortinet FortiGate | 4.2 | 14.5% | 92% | 592 interviewsAdd to research |
| Netgate pfSense | 4.3 | 7.7% | 94% | 221 interviewsAdd to research |
| Company Size | Count |
|---|---|
| Small Business | 65 |
| Midsize Enterprise | 29 |
| Large Enterprise | 37 |
| Company Size | Count |
|---|---|
| Small Business | 339 |
| Midsize Enterprise | 166 |
| Large Enterprise | 288 |
FortiGate-VM is designed for enterprise security, offering comprehensive features like intrusion prevention and application filtering. It's known for its scalability and flexibility, supporting cloud platforms such as Azure and AWS. It enhances threat response and network management efficiency, thanks to real-time threat response, intuitive integration with existing systems, and cost-effectiveness.
What are the key features of Fortinet FortiGate-VM?Fortinet FortiGate-VM is predominantly employed in industries requiring stringent data center security, enabling network segmentation and VPN services. It's particularly favored by organizations using virtual and cloud networks due to its Unified Threat Management capabilities, making it an efficient solution for protecting virtual environments from threats.
Fortinet FortiGate-VM was previously known as FortiGate Virtual Appliance, FortiGate-VM.
Security7 Networks, COOPENAE
| Author info | Rating | Review Summary |
|---|---|---|
| Network Administrator at THK Co Ltd | 4.0 | As a network administrator, I value Fortinet FortiGate-VM's IPS, web, and DNS filters, using it for over 10 years. Setup was challenging without prior experience, and my current device is underpowered, requiring replacement. I chose it for its price. |
| Security Support Engineer at IBM | 4.0 | I find Fortinet FortiGate-VM easy to use for branch connectivity, with stable releases, built-in SD-WAN, and strong security. It offers good value, though UI improvements and direct S1 customer service are needed. |
| Network Engineer at Evotec | 5.0 | I find Fortinet FortiGate-VM a highly reliable, easily manageable virtual firewall for clients. Its intuitive GUI, superior troubleshooting, and detailed log access surpass Meraki, saving significant time. It's a stable, recommended solution. |
| CISO at Orient Technologies Pvt. Ltd. | 4.5 | I find Fortinet FortiGate-VM a stable, scalable cloud firewall, offering rapid deployment, real-time threat response, and improved security. Its ease of integration and value surpass competitors, earning a 9/10 despite minor VM availability concerns. |
| Senior Network Engineer at a consultancy with 11-50 employees | 4.5 | I use Fortinet FortiGate-VM for secure VM access, IP NAT, and SD-WAN, finding its GUI user-friendly with consolidated features. It offers easy troubleshooting and good stability, saving time and money compared to Palo Alto. I rate it highly. |
| Founder at a tech services company with 11-50 employees | 3.5 | I see Fortinet FortiGate-VM as a cost-effective, feature-rich solution, comparable to competitors. However, I stress careful sizing as enabling all security features significantly degrades throughput, potentially needing a higher-grade model. |
| Technical Consultant Network and Cybersecurity at Redington | 4.5 | I highly recommend Fortinet FortiGate-VM for virtual data center security, citing its easy deployment, excellent threat detection, and stability. However, I believe its limited FortiWAF features need enhancement and pricing could be more flexible. |
| Head Of Security Management at Ipko Telecommunications | 4.0 | We find Fortinet FortiGate-VM excellent for security, network visibility, and internet gateway functionality, using it for IDS/IPS, WAF, and VPN. Implementation was straightforward with our team. While very good, we feel the licensing cost could potentially be lower. |
| EMEA Enterprise Solutions Architect at a tech vendor with 1,001-5,000 employees | 4.0 | I use Fortinet FortiGate-VM for customer VPN and SSL VPN connections in hybrid cloud disaster recovery. It's user-friendly and cost-effective for SMBs, though high-level security visibility needs improvement. I rate it 8/10. |
| System Engineer at A-Networks | 4.0 | I find Fortinet FortiGate-VM excellent for cloud security, offering real-time threat response, accurate signatures, and good visibility. Its Security Fabric and IPS are strong, and setup is easy. While affordable and flexible, firmware upgrades occasionally introduce bugs, which is an area for improvement. |
I am the network administrator at THK Rhythm Automotive.
The features and capabilities of Fortinet FortiGate-VM that I have found most valuable are not only specific to Fortinet FortiGate-VM, but generally for most sites: a valuable web filter and DNS filter work together. For some sites, application filtering is important. The most important feature is IPS, which is the main reason for using Fortinet FortiGate firewalls. The current solution is only on the border of our network, between the company network and the internet.
I spent much time finding exact firmware on Aruba which was working with these guns, but it is not optimal because it is not the latest version, so there could be potential security problems. We decided to replace those access points with another one. I personally have trouble because I don't know the exact life cycle of Fortinet FortiGate-VM boxes. I don't know if the life of boxes is five years or something else; we moved from our previous company, which sold us to other companies.
Before 10 years, we had a special department that took care of core networks, including firewalls. After that, this responsibility fell to me and my colleague. It is not easy to set up these Fortinet FortiGate-VM boxes properly because we didn't have previous experience with this kind of solution. At first, we set up only a few rules that were not secure enough, and over a couple of years, we improved the settings and security of these Fortinet FortiGate-VM boxes.
Currently, I have one Fortinet FortiGate-VM that needs to be replaced next year, and this box is not so powerful, so I need to redirect some traffic to another Fortinet FortiGate-VM. It is stable, but because the CPU processor of this box is not powerful, I need to redirect some traffic to another box. In the future, I need to choose a higher-level box to prevent potential troubles with the power of this box.
We have been using this solution for more than 10 years. We are currently running version 7.2.
Currently each company needs a firewall. All types of firewalls such as Fortinet FortiGate-VM, Cisco, and others have different capabilities, but regarding our financial situation, when we compare the price of Fortinet FortiGate-VM firewalls against other firewalls from other companies, we choose Fortinet FortiGate-VM because of price. Other firewalls have better capabilities, but we have a limited amount of money for that.
I expect that many threats are blocked by the IPS system because dynamic temporary rules are created. It works adequately, but I am not a security expert to compare this kind of firewall against another.
The customer service experience has been rated 5 out of 5.
Positive
Ten years ago we started with Fortinet FortiGate-VM. I don't have experience with other firewalls.
General settings are very easy and could work in about half an hour. But after the initial setup, it is necessary to create security rules according to the company's needs. I am glad that the default settings block all traffic, and only directly set up traffic is allowed.
After 10 years, we had a special department that took care of core networks, including firewalls. After that, this responsibility fell to me and my colleague.
There are only initial costs and after that yearly maintenance for the exact level of hardware support and hardware and security support. I am from Czech Republic, and I have experience that prices for our area are a little bit lower than in other areas for some goods. I don't have this experience with Fortinet FortiGate-VM because my colleagues in Germany are reaching better prices than me.
In the past, we were using that technology, but we had a problem with some wireless guns and found a solution with Aruba Networks. We are using Microsoft 365 with some version E5 license. Regarding the network, we are mainly using Cisco systems. My colleague is working on the SIEM and SOC system with some external companies that support us after the ransomware attack. I am referring to hardware boxes and also virtual machines.
I expect that generally logs can improve our security because currently we don't have someone who works through these firewall logs, so we don't have information about potential security problems. We are expecting that it will be better after these logs will be connected to the SIEM system.
These firewalls are very easy to set up or manage. It is easy to set up each box individually, but currently, I don't have experience or training for central management of these Fortinet FortiGate-VM firewalls. I have been working as an IT specialist for about 30 years. I use it only for the backup of the firewall configuration. It is helpful because I have a backup of each firewall configuration every day, and I can return back several days. However, it is another difficulty because if the configuration of Fortinet FortiGate-VM changes, many other items will change. Generally, all passwords are regenerated, so it is not easy to find changes when comparing two configurations of one firewall. I can see this feature, but it is not so important because everything is working adequately. I start to focus on the logs only when I have problems or if I need to set up new applications or allow new traffic. I only look at how much percentage of connections are used, and if it is below some limits, it is acceptable. This solution has received a rating of 31 out of 100.

My main use case for Fortinet FortiGate-VM involves several customers in our IBM Cloud, where we have more than 300 premium accounts. They will use it for their infrastructure and enterprise management, placing these FortiGates at their branch locations and a few at the perimeter edge. Essentially, the use case is for connecting one branch to another branch, where they build IPsec tunnels between two Fortinet FortiGate-VM instances. Security policies and UTM features play a crucial role here, mainly for connectivity between different branches and securing the enterprise environments.
When managing those branch-to-branch connections with Fortinet FortiGate-VM, I find it good and easy to use, similar to Palo Alto. I haven't faced any difficulties because Fortinet FortiGate-VM has a clean UI and CLI. For every firewall, the CLI is good, but if you compare UIs in the market, Fortinet FortiGate-VM and Palo Alto have better UIs compared to Check Point or Juniper. Overall, I find it easy to use.
Fortinet FortiGate-VM offers several standout features, with one being its next-generation firewall capabilities that include UTM features. The security processing unit is good in Fortinet FortiGate-VM, and its IPS and VPN SSL inspection help a lot. When comparing price with performance, it has an edge because other vendors such as Palo Alto charge somewhat higher.
Fortinet FortiGate-VM also has a built-in SD-WAN feature, while other devices often require a separate license for this feature. High availability and threat intelligence are common across firewalls, but I find it convenient that you can open a console session directly from Fortinet FortiGate-VM UI, allowing simultaneous access to the CLI. The console feature saves time because you don't need to log in to PuTTY and create another session; you can access the console directly from the GUI. This is particularly valuable in busy environments.
The SD-WAN feature is also crucial as it automatically selects the best performance link out of multiple ISPs based on latency and packet loss, eliminating the need for manual BGP failover. Many customers, including those at NTT and MicroLand, use Fortinet FortiGate-VM SD-WAN, which I have observed. In terms of features, one great aspect is that in security policies, you can also add NAT.
While many elements are common across firewalls, the ease of use of Fortinet FortiGate-VM is significant. A vendor's ability to create an easy-to-navigate device can set them apart. Among the vendors I've seen, only Fortinet and Palo Alto maintain a clean UI, making navigation and creation straightforward. Fortinet FortiGate-VM has positively impacted my organization because the number of bugs reported is less compared to other vendors. For instance, in other vendors such as Palo Alto or Juniper, numerous bugs require fixing in upcoming releases.
However, Fortinet FortiGate-VM releases are stable, so I don't need to frequently upgrade unless a critical vulnerability is identified. I usually upgrade once or twice a year, and the minimal number of bugs is positive, as this reduces work pressure involving critical integrations with other devices.
The UI of Fortinet FortiGate-VM could improve further. While I find the UI good, it has potential for enhancement. The CLI is very effective, along with VDOM configurations and root access. On the feature front, I don't see a need for new features in the VM because every device has different rules and limitations. However, they can definitely focus on improving the UI.
While none of the customers I've interacted with have provided feedback on the UI, I believe Fortinet should take such feedback directly from their customers. From my perspective, having worked with Palo Alto, Juniper, and Fortinet FortiGate-VM, I find Palo Alto's UI cleaner, thus suggesting Fortinet could benefit from UI improvements.
I have been using Fortinet FortiGate-VM for the past two years, starting from June 2024.
Fortinet FortiGate-VM has positively impacted my organization because the number of bugs reported is less compared to other vendors. For instance, in other vendors such as Palo Alto or Juniper, numerous bugs require fixing in upcoming releases. However, Fortinet FortiGate-VM releases are stable, so I don't need to frequently upgrade unless a critical vulnerability is identified. I usually upgrade once or twice a year, and the minimal number of bugs is positive, as this reduces work pressure involving critical integrations with other devices.
With fewer bugs and more stable releases in Fortinet FortiGate-VM, I observe that many people are transitioning from different devices such as Palo Alto and Check Point to Fortinet FortiGate-VM. I've seen many recent migrations among my customers, resulting in a lower number of cases reported. For the Fortinet FortiGate-VM environment specifically, the stability is notable, with few issues unless they involve configuration or external connectivity problems, leading to generally stable usage.
The scalability of Fortinet FortiGate-VM is good; it handles over a hundred policies and can manage a large amount of traffic effectively.
Customer support for Fortinet FortiGate-VM is overall good, but there is room for improvement, particularly since you can't directly raise a Severity 1 ticket. Usually, you must initiate a chat to request raising it to Severity 1, which they could improve, along with prioritization during case handling. Nevertheless, case management is generally effective.
My experience with pricing, setup cost, and licensing for Fortinet FortiGate-VM is good overall.
My advice for others looking to use Fortinet FortiGate-VM is to migrate slowly. They can start with a small branch location that has an existing firewall and test Fortinet FortiGate-VM for a month. Monitoring how the device handles traffic will help them make an informed decision regarding migrating other locations.
I don't have any additional thoughts about Fortinet FortiGate-VM before we wrap up, as it offers a wide range of products and performs well, although competition is high and requires ongoing focus on every aspect to maintain its position as a leader. My overall review rating for Fortinet FortiGate-VM is 8.5 out of 10.

My main use case for Fortinet FortiGate-VM is using them as standard firewalls for our clients or as a virtual firewall. For one of our clients, we have an Azure environment, and for the firewall, we just have Fortinet FortiGate-VM installed virtually, and we have a site-to-site tunnel to their main campus. Fortinet FortiGate-VM is deployed in our organization both in the public cloud and on-premises.
The best features Fortinet FortiGate-VM offers are how easily manageable it is and overall, it just provides a better firewall experience than what I have used in the past. It offers threat protection, web filtering, and all the standard security features that you would expect a firewall to have, but it puts them into the web GUI, making it much better than I have seen in other circumstances. Additionally, troubleshooting is much easier than with Cisco Meraki, which I dislike a lot; Fortinet FortiGate-VM just seems to be much easier to troubleshoot complex issues.
Compared to Meraki, Fortinet FortiGate-VM lets me get into logs a bit easier; whereas Meraki does not provide the whole picture, and sometimes I actually have to create a troubleshooting ticket with Meraki for them to be able to see into the back end of my system, whereas Fortinet FortiGate-VM shows me everything, absolutely everything.
Fortinet FortiGate-VM has impacted my organization positively by providing us with the reliability that we need in firewalls. Basically, clients are relying on these firewalls for their internet 24/7, and Fortinet FortiGate-VM has supplied that to us, giving us a sense of relief knowing that Fortinet FortiGate-VM is just going to work.
A specific example where Fortinet FortiGate-VM's reliability made a difference for our team or clients is that we are constantly having power issues at these clients because their infrastructure is not really set up super reliably, but Fortinet FortiGate-VM has failed over quite well. Whether it is high availability or failing over to the secondary WAN, it just works.
I can definitely attest to time saved; engineers have spent significantly less time on setting up and troubleshooting and dealing with issues on Fortinet FortiGate-VM compared to other firewalls.
I think Fortinet FortiGate-VM can be improved. There is not anything about the interface, updates, documentation, or support that I wish was different; support has been good, and documentation has been good. I cannot really think of anything off the top of my head.
One small thing I wish would improve is when I am going through event logs, it defaults to my cloud environment, and I have to switch it over to look at the local disk. That is a small thing, but every time I am looking at event logs, I have to switch it over, so it becomes annoying sometimes.
I have been using Fortinet FortiGate-VM for about four years now.
Fortinet FortiGate-VM is indeed stable.
I have tested the scalability of Fortinet FortiGate-VM, and it seems to work fairly well. We have not necessarily used it in practice yet because we do not have to, since a lot of our clients are smaller and only have one office. However, we use the management portal to get a good overview of all the clients, so in that respect, it works fairly well.
The customer support for Fortinet FortiGate-VM is good; it has been pretty standard, and they are fairly quick to address tickets and respond. I have not really had a bad experience yet.
We have switched from Meraki to Fortinet FortiGate-VM just because, as I mentioned earlier, we prefer Fortinet FortiGate-VM much better for troubleshooting logs and setting up firewall policies. It is just a much better experience and provides much more granular detail that is significantly better than Meraki.
My experience with pricing, setup cost, and licensing is fairly typical. We go through a third-party vendor that gives us a quote and prices it out for us, along with a little bit of a discount, but it seems to be fairly standard.
Before choosing Fortinet FortiGate-VM, we did evaluate other options, including some Palo Altos, but we just did not prefer the GUI layout, and Fortinet FortiGate-VM just looked a lot simpler and easier to manage.
Compared to Meraki, Fortinet FortiGate-VM lets me get into logs a bit easier; whereas Meraki does not provide the whole picture, and sometimes I actually have to create a troubleshooting ticket with Meraki for them to be able to see into the back end of my system, whereas Fortinet FortiGate-VM shows me everything, absolutely everything. I do not have anything else to add about the features; that is about it.
I would rate Fortinet FortiGate-VM a 10 on a scale of 1 to 10. I give it a 10 because it is just a perfect combination of web GUI, troubleshooting capabilities, and reliability. It just makes it that perfect 10 compared to other firewalls that I have used.
My advice to others looking into using Fortinet FortiGate-VM is to ensure they understand how to troubleshoot, set up their policies, and configure the firewall correctly. There is a small learning curve on the individual specific details of Fortinet FortiGate-VM, but once you figure that out, it is fairly simple. Fortinet offers extended knowledge training sessions, so people can watch their trainings on Fortinet FortiGate-VM, which are fairly good. My overall rating for this product is 10 out of 10.

I am still working with all these vendors today: Scion, Kaseya, and SolarWinds, as I use these products for usage as well as I support these products because we sell the solutions also. We sell Fortinet FortiGate-VM, we sell Palo Alto, and we sell most of them. I have been selling it probably in the last five years.
When you say VM, Fortinet FortiGate-VM is essentially a firewall in a cloud, which is Fortinet on a cloud, eliminating the need for a physical apparatus or physical appliance to run this solution. In the old days, you required a physical box in your environment to install physically in your data center and configure that box and communicate with wherever you wanted to do. Now with Fortinet FortiGate-VM kind of a system, the physical appliance is no longer required. All you require is a cloud-based or a software firewall that you can utilize anywhere, anyhow. The advantage here is you can start the implementation within no time; as soon as the order is received and the tenant is ready to start implementation, you do not require a mandatory delivery time of six to eight weeks. This can happen within probably four or five days or maybe two days itself after the confirmed order. That is one of the biggest advantages of having a VM-based firewall because you do not require any physical configuration. You can do a virtual or a software configuration, and you can be in business within the shortest possible time. Customers appreciate that because the delay in terms of deliveries is no longer available. Either you can install it on customer premises or we can install it on a cloud also.
Hybrid Mesh Firewall feature is beneficial because even if you have a Mesh Firewall, how it works is if you have an architecture designed in such a way that it will be controlled from centrally but utilized locally. You have a mesh of ten firewalls, but you are located at ten different locations and you want to go to the internet and you probably have a local gateway. In the older design, you have to come through a central location and then access your internet and go out, which becomes problematic because your latency would be very high. You will get a delayed response for anything and everything you want to access. However, with a meshed environment and a proper internet POP, you can have the standard controls implemented across. At the same time, since you are accessing the systems locally over the internet, the response time or latency is fast. That is one of the biggest advantages one gets with a mesh firewall and centralized management.
I also speak about real-time threat response capability, and it is real time. You get fast access and people are happy because when they ask for any query, you get an immediate response rather than waiting earlier for a longer time. That is the advantage.
Fortinet FortiGate-VM definitely improves overall security posture because it has better features in terms of better management or better configuration options and parameters. Any firewall cannot be configured with default parameters because it will probably give you issues. If you can configure it properly, and it has a GUI interface, the graphical interface actually helps you configure things much faster and in a better manner.
One benefit with such VM-based solutions is that if you are connected to the internet, all the updates and all the threat intelligence platforms are always kept online and up to the mark. You do not have to wait for an update which will happen probably a week, ten days, or a month later. Whatever updates are required are instantly available. Therefore, threat detection, even if it is a zero-day, can occur in a much better way because if it gets updated at the central Fortinet level, it gets percolated directly to the firewall's database, making it a better option.
I have been using Security Fabric Automation features to generate alerts or automate threat response because that is essential. When you have a fabric implemented, any issues with the firewalls can be immediately known, and you can take actions accordingly. That is a good feature.
Negatives are it could be the same as physical, because if the physical box has some defects, obviously it does not work. The same thing happens if the cloud has issues or a VM is not working well. Those are typical unavailability problems. Usually when it is VM or a cloud, you get better availability. But you never know what problems can happen. At least what I have seen is if the configuration is right and if you have a decent way of doing things, usually there are no issues. If the configuration has challenges then obviously configuration and availability are the main keys in terms of having a better one. They could be negatives also because if you do not configure, you have a problem. If the VM is not available, then also you have a problem because you cannot communicate. Those are the negatives I would address.
The general stability of Fortinet FortiGate-VM is very stable.
The scalability of Fortinet FortiGate-VM depends on the VM configuration. Assuming I know that there are twenty, I am giving an example. Let us say the solution requires the base one supports five locations, and if you want to increase the number of locations and the bandwidth requirements, then obviously I can just increase my VM CPU or the basic. Alternatively, I can create a bigger VM or the larger VM and just implement this, which will take lesser time. It is not that complicated to do it, but it is possible to do it without much downtime.
I rate customer support and technical support from Fortinet at a nine because we have certified people on our roles for such products. Most of the problems are troubleshot by my own team. Only when there are some peculiar issues do I have to talk to support and get the necessary done. Once the tickets are raised and severity is defined, then they are pretty prompt in supporting also.
Positive
The implementation and deployment part is really straightforward because there is no hardware involved. If there is no hardware, then obviously software-wise you can configure it much faster and much better because as soon as you get the license. All these things are controlled by an activation key which is at Fortinet's side. When I am talking about Fortinet FortiGate-VM, the VM requirements are already set. I can immediately implement that, download the part, and for activation, if I get the key, I can be starting in no time. If I had to wait for an appliance, the appliance takes probably six to eight weeks to deliver. I should not have to wait for six to eight weeks when I can get things done without much of a challenge.
The accessibility of integration across various environments in Fortinet FortiGate-VM is very easy, I would say, because we integrate with multiple SIEM systems. We have found that integration is relatively easier. As soon as you integrate with your SIEM, even we have integrated with our ticketing system, that is also possible, and we have done that. All you require is a little bit of understanding regarding parameters, and if you know what to look for and where to look, I think those are possible to do.
In terms of how the price of Fortinet compares to other products on the market, I think Fortinet is a much better product in terms of availability and support from Fortinet's side as well. My company has a long relationship with Fortinet. We deal mostly with Palo Alto on an appliance basis. They may be having such a product, but at least my experience with Fortinet is better than others.
Regarding TCO related to Fortinet, I think the customer is the right person to talk about that because I can only talk from a features point of view. In terms of similar size equipment, the customer must have a comparison with, let us say, Palo Alto or Juniper versus Fortinet. I think Palo and other products are a little expensive. Unless you go with some cheaper options, maybe a Cisco or Sophos kind of thing, those are cheaper options but still give you value for money. That is why I believe a customer chooses Fortinet. There is also an architecture thought process that goes behind. An enterprise customer will always go with an internal firewall and external firewall architecture and frequently choose one OEM for internal and another for external. Therefore, they will have a mixed bag kind of a thing, like Fortinet and Check Point or Fortinet and Juniper. It all depends on the architecture as well. To answer that question in terms of TCO is relative compared to the customer, and I will not be in a right position to provide an incorrect answer. I would rate this solution a nine overall.

My main use case for Fortinet FortiGate-VM is allowing particular VMware subnets in our organization and performing IP NAT translation for cloud environments and virtual machines. We also provide VPN access for two clients to access their internal VMs. Additionally, we created a service based on what customers are looking for, including TCP, IP, HTTP, and other protocols. When customers request access to particular social media applications, we accordingly configure the system according to their requirements.
Sometimes we also use Fortinet FortiGate-VM as an SD-WAN solution to create templates regarding incoming and outgoing traffic for managing our applications for better performance and scalability.
Fortinet FortiGate-VM has positively impacted our organization by maintaining security with multiple policies for both incoming and outgoing traffic, covering both inside LAN and outside WAN environments. We allow particular subnets we are using in our organization to operate exclusively, while we automatically block and deny other subnets, which helps prevent unauthorized access through Fortinet FortiGate-VM firewalls. This approach also enables us to create specific subnet addresses and services defined for users.
The best features Fortinet FortiGate-VM offers are the user interface, which is user-friendly and easy to navigate. The GUI allows us to segregate issues efficiently since all features are consolidated into one tab for network, interface, policy, security, policy object, user authentications, addresses, and services, making it very smooth and easy to understand. Another valuable feature is that when Fortinet features such as IDS and IPS are about to expire, the system continuously gives pop-ups reminding us to renew licenses to access these features. This helps us identify and stop potential outages related to sudden license issues. Troubleshooting with Fortinet FortiGate-VM is much easier than with Palo Alto, where troubleshooting is quite difficult.
For day-to-day logging, the system log feature is where I identify issues regarding particular policies related to the subnet and services. On the dashboard, I can identify problems through system logs. Similarly, we can easily identify CPU graphs showing how much CPU utilization is occurring on our physical or VM firewalls, as well as which processes and users are consuming the most bandwidth, allowing us to manage data transfer effectively.
Fortinet FortiGate-VM makes troubleshooting easy through its user interface. We can check previous policies and monitor hit counts, allowing us to quickly identify root causes, which is unlike Palo Alto where troubleshooting is complicated. Fortinet FortiGate-VM presents everything in a more user-friendly manner. I recommend that Fortinet provide updates and pop-ups for critical licensing matters.
I have been using Fortinet FortiGate-VM for six to seven months, and in the past nine months, I have also used it for more than one and a half years.
Having worked with Fortinet FortiGate-VM for the last three years, I have not encountered any major issues, except for occasional hardware problems such as auto rebooting and CPU utilization spikes that sometimes occur when multiple users log in at the same time, which can create packet latency.
Fortinet FortiGate-VM allows us to provide multiple user access to inside applications, enabling users to access the internal network through VPNs. This feature makes Fortinet FortiGate-VM very effective, as we can create virtual machines to manage all clients and environments through its policies.
The customer support for Fortinet FortiGate-VM is excellent. During incidents, we can create tech calls with their support team, allowing us quick access and assistance. I would rate the customer support a nine out of ten.
I am currently using Fortinet FortiGate-VM, but previously in my organization, we used Palo Alto. Based on user interface access, I find Fortinet FortiGate-VM far better than Palo Alto.
Before choosing Fortinet FortiGate-VM, we did not evaluate other options and simply opted for it. We were satisfied with the decision, as we already had two to three models existing in our data centers.
In terms of return on investment, we save time through troubleshooting since Fortinet FortiGate-VM functions as one device, allowing us to eliminate multiple routers. We can manage all routing, switching, and NAT policies within one firewall, which helps us significantly in managing data center operations with fewer employees.
Regarding pricing, setup cost, and licensing, the main client I deal with is a reputed company in the market, making it easy for them to afford Fortinet FortiGate-VM compared to Palo Alto, which is much more costly.
My selection for a rating of nine out of ten is not based on a specific reason, but there are many factors contributing to it. The features of Fortinet FortiGate-VM are easier to navigate and compatible with other firewalls. Additionally, the continuous introduction of new solutions including SASE, SD-WAN, FortiManager, and FortiLog Analyzer makes Fortinet FortiGate-VM stand out among others.
I advise others considering Fortinet FortiGate-VM to choose it if they are currently using Cisco ASA or Check Point. If they are using Palo Alto, I suggest switching to Fortinet FortiGate-VM, as it includes everything from SD-WAN and SASE all in one analyzer. With Palo Alto, you need to acquire different products and licenses for comparable features. I would rate Fortinet FortiGate-VM a nine overall.
Network and infrastructure security can be used depending on the environment which a customer has, but it is usually more useful in virtual data center protection. Fortinet FortiGate-VM can protect VM infrastructure, virtual infrastructure, or cloud infrastructure in AWS, Azure, or other cloud vendor providers, as well as virtual infrastructure on premises in your own private data center.
I would say that it is cheaper than other vendors. In comparison of features, it is at the same level as Palo Alto and Check Point. It is a leader in the Gartner quadrant with the same feature set but at a lower price. However, it also has some weak points that require careful sizing of the solution before using it with all security features switched on, because it has a significant downgrade of throughput capacity when switching on more security features. If you need all features switched on with all signatures and SSL inspection, then you need to check for a higher grade model.
Fortinet FortiGate-VM provides integration across various environments, which is important especially for integration with domain controllers and authentication services. This is very important nowadays. All other integrations depend on the project and company needs.
With this solution, you can apply the zero trust concept in place with role-based access to the internet. URL filtering works well, and it is flexible. At the same time, with integration with other security solutions, you can quickly respond to incidents if anything happens. In total, fewer security incidents appear and you can respond more quickly.
After deployment, you have better visibility. You can see who, where, when, and how, and you can make reports.
I would say that it is cheaper than other vendors. In comparison of features, it is at the same level as Palo Alto and Check Point. It is a leader in the Gartner quadrant with the same feature set but at a lower price. However, it also has some weak points that require careful sizing of the solution before using it with all security features switched on, because it has a significant downgrade of throughput capacity when switching on more security features. If you need all features switched on with all signatures and SSL inspection, then you need to check for a higher grade model.
Real-time threat response is better in Palo Alto because they have an embedded machine learning engine which can detect viruses. In Check Point, you have to have a sandbox or be connected to the sandbox to check for unknown threats.
These are not problems per se, but you need to be more careful and more experienced when choosing this solution. You should not look just at a data sheet, but also look at real tests in the field and load tests from companies who are making them. The best way to choose is to test in your environment, see the capacity and throughput which you need, and then choose the model after a proof of concept.
It depends on the project. If you need just an internet connection for a few people, you just plug it in and it is done. You write two rules which allow access and apply basic URL filtering. If it is a data center segmentation solution, you need to plan a lot before you deploy it, and deployment would be complicated with any product. For basic setups for small businesses, it is easy and plug and play. However, for big projects like data center protection, it is complicated with any vendor, not just easy.
I work with the product both as a customer and as a partner integrator, and also as a reseller.
There is a significant impact because you see full network visibility from layer three to layer seven, all threats, and all vulnerability exploitation attempts. With SIEM integration, it highlights a lot of data which can be used with PI solutions and also for incident response.
It is scalable. As for technical support, I was a tech support person, so I did not have a chance to escalate. I faced issues and fixed them myself. I did not escalate to the second level, so I do not closely work with their support team.
Regarding real-time threat response capabilities, I think they are better in Palo Alto because they have an embedded machine learning engine which can detect viruses. In Check Point, you have to have a sandbox or be connected to the sandbox to check for unknown threats.
The impact of threat detection on IT security operations is significant because you see full network visibility from layer three to layer seven, all threats, and all vulnerability exploitation attempts. With SIEM integration, it highlights a lot of data which can be used with PI solutions and for incident response.
As a reseller and a user, the biggest benefit that stands out is that it is cheaper than other vendors. In comparison of features, it is at the same level as Palo Alto and Check Point. It is a leader in the Gartner quadrant with the same feature set but at a lower price. However, it also has some weak points that require careful sizing of the solution before using it with all security features switched on, because it has a significant downgrade of throughput capacity when switching on more security features. If you need all features switched on with all signatures and SSL inspection, then you need to check for a higher grade model.
Fortinet FortiGate-VM has some embedded features for automation such as tagging and dynamic groups. Using the API, you can respond and integrate with SIEM solutions. However, this requires technical background and work effort.
My overall review rating for this product is seven out of ten.

Fortinet FortiGate-VM is used for virtual machine deployment within data centers to protect applications. Some customers do not want to deploy hardware firewalls due to budget constraints. With a good hypervisor, they can deploy Fortinet FortiGate-VM firewall in their data center as a virtual firewall.
For example, if you have applications hosted in a data center and do not want to deploy Fortinet FortiGate hardware firewalls due to budget constraints and have a good hypervisor, you can secure your application by deploying Fortinet FortiGate-VM on your hypervisor in the data center to protect the application directly. Traffic comes first to Fortinet FortiGate-VM, and then clean or secure traffic reaches the data center server.
Fortinet FortiGate-VM is similar to a Fortinet FortiGate hardware firewall, and we can get all the same features. It is a good solution with Fortinet FortiGate-VM firewall.
Deployment is easy within any hypervisor cloud, whether Citrix Xen, VMware, or Nutanix.
The threat detection capabilities are excellent. I would rate this as ten out of ten because of the good features that come with the services and FortiGuard connection. You can get signatures every hour, including IPS signatures, anti-malware signatures, web filters, and application filters. These signatures come directly from the firewalls. An additional feature is the ability to create custom signatures in Fortinet FortiGate-VM, such as application signatures and IPS signatures.
Regarding the solutions, more features need to be introduced. Fortinet FortiGate-VM has FortiWAF features, but they are limited. These features need to be enhanced in Fortinet FortiGate-VM itself. Although Fortinet FortiGate has FortiWAF feature as a standalone feature, more features need to be onboarded into this firewall. Additionally, some features should be offered for free. For example, the minimum comes with two CPU, but at least four CPU license-based or still two CPU should be free.
I have been using Fortinet FortiGate-VM for the last six to seven years.
Stability is ten out of ten. Stability and scalability are both ten out of ten.
Stability and scalability are both ten out of ten.
The technical support of Fortinet FortiGate-VM and Fortinet FortiGate is eight or nine out of ten.
Positive
Regarding Fortinet FortiGate-VM, I do not see any virtual machine of Cisco firewall to deploy in any hypervisor. This is the only time I have seen Fortinet FortiGate-VM with the feature to deploy on any hypervisor. Usually, these features are not available in other vendors.
Setup can be completed within ten to fifteen minutes. Operational tasks and maintenance are very easy.
Five people, all technical staff, are capable of deploying Fortinet FortiGate-VM.
Integration capabilities are very good. I deployed and integrated Fortinet FortiGate-VM with Microsoft AD server. Integration is very easy and can be completed within two to three minutes with Microsoft AD or any other third-party servers.
Pricing cannot be said to be cheap because the pricing is not fixed. Pricing varies based on the size of the deal. If you have a good size deal, you can get more discount from Fortinet FortiGate team. If you buy a single Fortinet FortiGate-VM, you will not get as much discount from the Fortinet team. This can be marked as six, seven, or eight.
Many organizations, enterprises, oil and gas companies, public sector, and commercial sector are all using these firewalls. The banking sector is also using them.
Automation can be configured in Fortinet FortiGate-VM. For example, if someone logs into Fortinet FortiGate-VM from an IP address, I can receive an email with the user login IP address, username, login time, and date.
I recommend this one hundred percent if you want to deploy a solution, have budget constraints, and do not want to buy hardware Fortinet FortiGate-VM. I will recommend using Fortinet FortiGate-VM deployed on your hypervisor. I would rate this solution ten out of nine. My overall review rating for this product is nine out of ten.
We are using Fortinet FortiGate-VM on one VM, and two we are using as a dedicated appliance.
The features that we actually use are the IDS/IPS or IPS feature. We also use Intrusion Detection and WAF, Web Application Firewall. They have their own VDOM. We are using FortiAnalyzer for that separately and FortiBackup.
We are not using it yet. What we are focusing on first was migrating to a new VPN. That was one of the first steps. Then enabling the firewall and moving all the subnets as a gateway through Fortinet FortiGate-VM. If I remember correctly, we also are enabling WAF, enabling SSL inspection, and introducing FortiAnalyzer and so on.
Security is of course a major improvement, and we have more visibility on the network. We can probably say that the cost is manageable with four or five people managing those since we are a telecom and we also have our SOC. Comparing with others, it's straightforward and simplicity. We are not paying for features we are not using right now, but for the future, probably the Fabric and so on, but we only have those now.
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us.
We use an on-premises deployment.
The features that we actually use are the IDS/IPS or IPS feature. We also use Intrusion Detection and WAF, Web Application Firewall. They have their own VDOM. We are using FortiAnalyzer for that separately and FortiBackup.
I'm not entirely sure because I have to check now. What we purchased is a licensing for three years. I have to check now because in the coming year, we will be checking those. Probably, I'm not sure what the price is. It might be that it should be a little cheaper for us.
We have been using Fortinet FortiGate-VM for two years for the firewalls, and I think four years with our mail, FortiMail.
There are not really complexities, so I would say that it's straightforward.
It does not cause issues because actually it makes it longer. We do not only work with Fortinet FortiGate-VM, but I think it was around three months when we established everything. We were not in a hurry, which is why we did it ourselves. We had some kind of process first to determine our design and so on, the basic design. Because we are a telecom, we have to involve a lot of units and so on. But for deployment, it was straightforward. Until we had what we needed, and then we created everything ourselves from firewall. It does not take one hour or one day because we work partially on that and mostly focused on other jobs that we have, then we come back to Fortinet FortiGate-VM and so on. Probably we can say that within three months, we have started moving VLANs and people making through the gateway and so on. We implemented VPNs and some other things.
We have had several cases with some support, but we can make it somewhere around eight.
Positive
We are part of Telekom Slovenia. From our mother company, they have infrastructure that we took all the hardware from. I think it's a regional setup on the Adriatic part of East Europe, but I'm not sure.
There are not really complexities, so I would say that it's straightforward.
We did it with our team. We are about four members in my unit who are dealing with Fortinet FortiGate-VM. In the beginning, when we introduced FortiMail, it was from Forti itself with support from them, establishing the first setup. This is regarding the FortiMail VMs. It was some kind of lessons or training. We were together with them, and regarding the Forti Firewall, we did it alone with our team.
My team is mostly dealing with it. I only get some reports from them as my duty. I am not involved directly in implementing it and so on. But I am aware of the functionality and so on from Fortinet FortiGate-VM. We have a team of four people mostly who are dealing with Fortinet FortiGate-VM. There are also two or three others who are dealing with the FortiMail. We also have a SOC here who is dealing with the FortiAnalyzer. As a Head of Security, I am getting those reports and so on. My input or my role is very low on some occasions, but I am not typically managing directly those firewalls.
It might be positive.
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us.
I'm not entirely sure because I have to check now. What we purchased is a licensing for three years. I have to check now because in the coming year, we will be checking those. Probably, I'm not sure what the price is. It might be that it should be a little cheaper for us.
We are part of Telekom Slovenia. From our mother company, they have infrastructure that we took all the hardware from. I think it's a regional setup on the Adriatic part of East Europe, but I'm not sure.
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us. I would rate this review as an eight out of ten.

Being a cloud service provider with data centers using VMware technology, we primarily use it as a firewall and for Disaster Recovery in Hybrid Cloud Solution. We faced some issues with changes from NSX-V to NSX-T on VMware Cloud Foundation Infrastructure, which is no longer able to provide SSL VPN remote connections for end-users, so we replaced it with Fortinet FortiGate-VM for our customers as a new endpoint in the cloud, enabling us to create a VPN and utilize SSL VPN solutions. My customers mostly deploy Fortinet FortiGate-VM on the cloud.
We are using VM01 most of the time, as we have more customers, although sometimes we can use VM02. In the EMEA region, we mainly have customers related to Fortinet FortiGate-VM. My favorite capabilities are VM01 and VM02.
We use it in a hybrid cloud solution, meaning the customer on-premise is using another technology or the same. It's better for us if they are using Fortinet, and we don't face issues with this solution. For what we need to do, which is setting up a VPN connection between both sides and using it for SSL VPN connections for remote users, it works effectively and we haven't encountered vulnerabilities.
It's user-friendly and easy to set up. It's designed with the customer in mind. As someone who is precise, I understand the importance of selling the solution effectively while ensuring it meets the customer's needs. This means that my focus is on gathering customer feedback. It's not just about what I see; it's about understanding the customer's perspective. Customers often want to know how they can use the solution and how to set it up, which is the main concern I address.
Fortinet Security Fabric's Real-time Threat Response capabilities are satisfactory; it's a good solution.
There are vulnerabilities to address regarding security, as customers often ask about that. The main concerns are vulnerability detection and identification. Regarding the effectiveness of Fortinet FortiGate-VM in providing high-level security for high-level customers, we have some visibility issues, so it doesn't seem high level; there's definitely room for enhancement.
I have been working with Fortinet FortiGate-VM for two years.
We provide reliability; if one VM is up, the other can be down, so if there's a problem with the first, the backup can be activated. It's more about the design than the solution itself.
For SMB customers, it is a very good solution; I am unsure about enterprise customers.
Flexibility and scalability are very important for our customers. They primarily use this solution for SSL VPN and VPN connections, and most of the time it's for disaster recovery as a service in our cloud, functioning as a hybrid solution where they use something in their on-premise environment and just need an endpoint in the cloud.
We provide managed services, handling the setup to create the necessary VPN connections for secure data transfer. If a customer wants to move from VM01 to VM02, it's not difficult for us to manage. Fortinet FortiGate-VM adapts effectively; for example, you have a limited number of VPN connections on VM01, accommodating around 1,000 remote users, and if the customer needs another endpoint, we can deploy VM02 and manage that transition effectively.
Our support is good; we are the ones providing technical support to our customers. As a cloud service provider, our value is in offering solutions with our expertise, so we don't rely on Fortinet for support.
Positive
We moved to this new solution at the end of 2024. I have three customers using Fortinet solutions and haven't faced any issues.
It's user-friendly, and we can set it up easily with customers.
Most of our customers appreciate FortiManager, as the tools are interesting for easy setup of the product. Feedback regarding the interface is good; it's easy to understand, and the documentation from the Fortinet partner portal provides comprehensive information on product setup and management, which is beneficial for them.
My customers mainly use a managed services solution, meaning they don't have a lot to do by themselves; our services provide the solution. If customers want to deploy it by themselves and are already Fortinet customers, we just provide resources on the cloud. They can directly set up what they want on the VM we provide in the cloud.
The price is interesting for the customer; if you compare this solution with Competitors, it is maybe more suitable for SMB customers. The price is better than the competition.
We also provide EDR, XDR, SD WAN solutions around Fortinet, but we don't have customers in South EMEA using this solution.
I would rate Fortinet FortiGate-VM an eight out of ten.

We are mainly using Fortinet FortiGate-VM firewalls which are particularly hosted in cloud environments. It will connect cloud environments with on-premise networks and secure cloud-hosted VM traffic, both outgoing and incoming traffic. Those are the main requirements we are receiving.
Real-time threat response is really good, and sandboxing and all the signatures are most of the time accurate. They are aligned with recent threats, and Fortinet also has Fortinet Labs where they do their own research and publish new signatures and threats in real-time to the firewalls and all the devices, so I think it is pretty good.
When comparing with Sophos, I think Fortinet's Security Fabric is really nice because they do have more signatures. When we talk about IPS and all these security features, I think Fortinet is good in that aspect.
Fortinet does provide a lot of visibility in Fortinet FortiGate-VM, and some devices do not have an inbuilt HDD. For logs and data retention, they provide the FortiCloud free service for seven days. Using those features, we gather information to troubleshoot and find root causes. They also have a FortiView section, which is very useful to find out the top sources, top destinations, and which sessions are running. It is very useful.
We mainly get firmware upgrades from time to time, and there are bugs. For the moment, I do not have any features in my mind to mention regarding improvements.
Since I have not worked with VMs so frequently, I cannot tell exact points. Overall, you are asking about the improvements which have to be done on the VM side. They are updating frequently, but sometimes it depends on internet connectivity. Those databases are not getting updated in such cases, so external threat feeds are helpful.
I can say it has been about one to two years using it as a company. We use both the platforms.
I have not experienced any stability issues.
It is scalable, but as per my knowledge, the license is bound to the hardware it comes with, which I have read.
I have worked with the customer team and also the technical team. When we come to technical support, they provide very professional support to mitigate threats or troubleshoot issues. They provide the expected support.
Three years ago, I worked in a different company. Now I work in a different one.
I think someone who is new to firewalls can do the initial setup without any issue if they follow the guide. It is not that complex.
Most of the time, we are purchasing it through our local partners and local distributors.
Obviously, when a customer hosts their firewalls in VMs, they will get ROI because they do not need that many specifications or hardware requirements to host a firewall.
It is reasonable.
I am actually working with Fortinet and Sophos, and also I am looking partially for a rival to Checkpoint as well.
Both Fortinet FortiGate-VM and appliance are available. The difference between Fortinet FortiGate-VM and appliance is the platform which you are hosting. In the appliance, I am really seeing the appliance already with the required OS and everything. When we go to the VM side, we have to host the VM according to the defined specifications, and we have to get the licensing for it. Basically, in the firewall maintenance and configuration part, I cannot see any huge difference. It is the same. When we go to the VM side, all the network cable management and some things are happening virtually.
Feature-wise, as per my knowledge, there are no additional features when you go to the VM or the appliance. You can have the same features either you go with the appliance or VM.
Fortinet FortiGate-VM, mainly affordability and flexibility because some customers do have their infrastructure in cloud environments. Some customers do not prefer to use the cloud platform's native firewalls. In those cases, customers are listing to host their own firewall. For cases in those situations, the customer can get the benefit for those areas since it is affordable. I think it is more affordable than cloud-native firewalls.
Benefits mean the main benefit is when a customer is trying to purchase a firewall. They do not need to pay a price for the appliance. They only need to purchase a license. For the appliance, they can use their own platform to host the firewall. I think that is the main benefit when it comes to the VM side.
Overall network security posture: when a customer implements their firewall in the VM in the cloud environment, they can monitor their hosted VMs' outgoing and incoming traffic. They can restrict access, and they can include IPS, AV, ATP, all these things to secure the traffic. I think it is a huge benefit rather than using the native cloud firewall that is provided by the platform.
When we come to threat detection, I can mention IPS as well. Also under the threat landscape, since as I remember, Fortinet FortiGate-VM has the largest signature base in the IPS. They help us to prevent a lot of known threats using their signature database, which updates continuously.
When we compare it with Sophos, I think the most benefits are their security posture. They have a strong security posture in Fortinet FortiGate-VM compared to Sophos. Also the utilization: Fortinet FortiGate-VM OS is very suitable for small hardware because Sophos OS runs on Linux, which requires huge CPU and RAM utilization. Those are the pros and cons when you compare it with Sophos.
We are using that. Recently we have done an implementation where when someone tries to scan our ports in the firewall for a few times, we have scripts to block those IPs. It is very useful and user-friendly. We can get a lot of tasks done through that automation feature.
Rather than depending on Fortinet's security posture, they provide us the possibility to integrate our firewalls with external threat feeds, which is a huge benefit. If Fortinet misses any host or signature update, we can get it updated through the external threat database.
It is very flexible. We can use several external authentication platforms to integrate with our firewall, for example, SAML or LDAP. They provide so many integration points, and as I remember, they are free of charge as well.
You have to size your firewall depending on your connection types and the threat sources. Fortinet FortiGate-VM firewall is based on that. You have to do proper sizing on the VM that you are putting the firewall on.
In our country, Sri Lanka, most of the customers use their internal firewall and perimeter firewalls. When we take all the customers, it is about more than thirty to forty percent using Fortinet FortiGate-VM as their internal or perimeter firewalls. Huge customers, so we do have a high demand for Fortinet for the internal and perimeter levels.
I would rate this product a seven out of ten overall.