We performed a comparison between Cisco Secure Firewall, Fortinet FortiGate, and Fortinet FortiGate-VM based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The solution is used for the protection of the mobile data network. It is protecting 3G/4G Internet customers and the Private APN."
"We are mostly using it for remote access, so the remote access feature is the most valuable, but all other features are also needed and required. It is also a very straightforward and reliable solution."
"Strong in NAT and access-lists."
"We can easily track unauthorized users and see where traffic is going."
"Because of the deeper inspection it provides we have better security and sections that allow users broader access."
"It's the VPN side of things that has been most useful for us. It allows us to secure our users even when they're working from home. They are able to access all of our resources, no matter where they are in the world."
"Clustering architecture which offers zero downtime upgrades, keeping uptime close to 99.999%."
"It is extremely stable I would say — at least after you deploy it."
"The technical support is great."
"The Intrusion Prevention System and the web filtering are both working well."
"I'm pretty happy with its reliability. It is also very scalable."
"The solution is easy to configure and maintain remotely."
"I like that they have given me a solution at a fair price."
"The pipe filter application is an outstanding feature."
"It's very easy to configure."
"Fortinet FortiGate appears to be scalable."
"I did like the ability to back up the configuration into the cloud, as opposed to having to store the configurations or just downloading them, the backups, to local devices."
"The most valuable features are the web proxy for protection and web gateway for deployment."
"The dashboards are a good feature."
"The standard features, including the filtering, are quite good. All the basic features are pretty useful for us."
"We like FortiGate-VM's IPS features and its ability to create multiple virtual firewalls."
"FortiGate-VM's firewall is excellent."
"The product can scale."
"Initial setup was quite straightforward, as we can simply head to the required sections to apply the planned network."
"The ease of use needs improvement. It is complex to operate the solution. The user interface is not friendly."
"The integration between the on-prem proxy world and the cloud proxy would benefit us. One single policy setting would make sense."
"It integrates with other security products from Cisco, but sometimes, there can be glitches or errors."
"Technical support takes a long time to respond."
"One of my colleagues is using the firewall as an IPS, but he is worried about Firepower's performance... With the 10 Gb devices, when it gets to 5 Gbps, the CPU usage goes up a lot and he cannot manage the IPS."
"The solution’s GUI could be better."
"They need a user-friendly interface that we could easily configure."
"Security generally requires integration with many devices, and the management side of that process could be enhanced somewhat. It would help if there was a clear view of the integrations and what the easiest way to do them is."
"Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."
"FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."
"The UI could be improved."
"In terms of what could be improved, the SD-WAN is quite difficult, because if you install the new box, 15 is okay, but if you change from an old configuration, if there is already configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface."
"The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are."
"I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."
"The feature which gives us a lot of pain is ASIC architecture."
"Application management can be improved."
"There should be more options to use lower-end models in a high availability configuration."
"Technical support could be improved."
"There are certain GUI features that should be present but are not."
"The solution can improve by adding separate interfaces for proxy and flow-based usage."
"The solution's web-filtering configuration could be better."
"The solution could use very well-defined support for resellers."
"The price and licensing of the solution can be better."
"It would be better if it could provide you with options before completely blocking anything through the web filter. If you are doing a deep SSL inspection on the site if it says it's expired, it doesn't give you the option to continue at your own risk. I can't say that it's bad, but SSL internally isn't really a requirement. However, its security features can help. Right now, we have people going out and spending on purchasing the SSL certificates for internal sites."