FortiGate Next Generation Firewall (NGFW) Reviews

FortiGate Next Generation Firewall's design is good. Technically, I haven't used many of its features. The primary purpose we use the solution in our organization is for its SNAT and DNAT functionalities. The solution is also used for its vulnerability patching mechanism.

The solution's GUI is not very appealing. When using a tool from another vendor, we found the GUI of that tool to be quite appealing. FortiGate Next Generation Firewall uses a very old type of GUI, which is not very appealing. The GUI can be improved.

I have been using FortiGate Next Generation Firewall (NGFW) for six months. My company is just a customer of the product.

I am very impressed with the product's stability. Stability-wise, I rate the solution an eight and a half out of ten.

Scalability-wise, I rate the solution a six out of ten.

My company has 2,000 users of the product.

I didn't need any support. The support is good. I wouldn't say the support is bad. I rate the support a seven and a half out of ten.

Neutral

My company seeks the help of vendors to do the initial setup of the product. After that, we just work on policies, SNAT, DNAT, and virtual IPs.

The setup phase was neither difficult nor easy. I rate the setup phase as three or four out of ten on a scale where one is difficult, and ten is easy.

The solution is deployed on-premises.

The solution's deployment took two to three weeks.

Two people were required for the deployment of the product.

The solution's vendor executed the setup phase.

The solution's pricing is quite high when compared to other vendors. I rate the pricing an eight and a half on a scale of one to ten, where one is low, and ten is high.

I highly recommend the solution to those planning to use it.

Overall, I rate the solution a nine out of ten.

The most valuable feature of FortiGate Next Generation Firewall is its SD-WAN. The way it has been structured makes life easier. We have used it for remote access, especially at the height of COVID. It works very well.

There are times when we would want to set an IP address on a physical interface and then attach secondary IPs or sub-interfaces on that. I'd like to have as many as possible. There's a limitation wherein you can only have about 30 virtual or secondary IPs on a particular interface. I would like that to be expanded to 254 or 256 secondary IPs.

I have been using FortiGate Next Generation Firewall (NGFW) for five years.

I rate FortiGate Next Generation Firewall ten out of ten for stability.

The good part of the solution is that you can have Virtual Domains (VDOMs) that allow you to use it for multiple use cases. Around 20,000 users are using FortiGate Next Generation Firewall in our organization.

I rate FortiGate Next Generation Firewall an eight out of ten for scalability.

Whenever I have a problem and have to call their technical support team, I can email them. In the next few minutes, we'll get on a Zoom or Teams call and exchange notes.

Positive

The solution’s initial setup was easy. I rate FortiGate Next Generation Firewall an eight out of ten for the ease of its initial setup.

The solution's deployment does not take long. If everything goes fine, you will complete the initial configuration in an hour and test afterward. The testing phase is where you face issues. If you are migrating from another device to FortiGate, you would want everything that was running previously to run even on the newer one.

Three people were required for the solution's deployment, including an external person, myself, and a colleague.

I rate FortiGate Next Generation Firewall a five out of ten for pricing.

I learned from some reviews that FortiGate ranks quite highly compared to Palo Alto and Check Point. Considering our budget, we thought we could manage with FortiGate Next Generation Firewall.

I would strongly recommend FortiGate Next Generation Firewall to others because it's a brilliant next-generation device.

Overall, I rate FortiGate Next Generation Firewall a nine out of ten.

The use cases of the solution depend on what the customer wants from the tool. If a customer is looking for a core firewall, I provide them with FortiGate Next Generation Firewall (NGFW). Suppose a customer is looking for a tool from a patch connectivity perspective with multiple branches and wants those branches to be connected to the data center. In that case, we can suggest FortiGate Next Generation Firewall's features to them.

Routing and reporting are two areas where the product has an added advantage compared to any other product.

Vulnerabilities owing to viruses in the OS need to be reduced in FortiGate Next Generation Firewall from an improvement perspective.

Some vulnerabilities get added to the system every two months, which may be code execution or backend and backdoor issues.

In the future, the product should be able to tackle vulnerabilities. Research and development to increase the product's security capabilities is needed.

I have been using FortiGate Next Generation Firewall for a year now. My company has a partnership with Fortinet.

From a stability perspective considering OS and if the vulnerabilities are present, I rate the stability a seven out of ten since it creates a lot of issues in general.

We suggest FortiGate Next Generation Firewall to small and medium businesses.

When it comes to enterprise-level businesses, and considering the need for two-layer security, consider a perimeter firewall, while I can suggest FortiGate only at a level of a core firewall. Suppose an enterprise customer has multiple branches and more branch networks. In that case, they need SD-WAN connectivity with security, for which I suggest they go for FortiGate's SD-WAN feature.

In general, it will not be enough for enterprise companies to have only Next Generation Firewall alone.

I am not familiar with the technical support team because my support team works with them. The solution's technical support is good. We do not face many issues when dealing with the solution's technical support team.

Previously, we were using Check Point in our company.

Compared to Check Point, FortiGate Next Generation Firewall needs to look at how to improve the way it deals with the vulnerabilities which are not there at Check Point and the security effectiveness provided by Check Point.

It is easy to use and implement since anyone can do its configuration part, but there is some requirement for someone with proper technical skills to implement it properly. I can implement anything in any way, but that doesn't mean I can implement any product properly. The implementation requires certain technical expertise.

The implementation of the solution can take two days.

One person is required for the implementation phase.

The solution's pricing is competitive.

The usefulness of the product is an aspect that depends on the customers using the tool. We cannot even compare two products and say one is good for the customer and the other is bad. If a customer asks me to be an architect for their data center, I would say that for a perimeter firewall, they need to go for Check Point. Coming to a core firewall, if a customer says that they need two layers of security and two different vendors, it should be Check Point on the perimeter level. At the core level, a customer can go for Fortinet. Certain customers prefer the SD-WAN feature from Fortinet if they have branch firewalls and want an SD-WAN feature too. FortiGate has an added advantage because they have an SD-WAN feature with security that we can provide to their branch devices.

I don't have any suggestions for those planning to use the solution since we are pretty new to the solution, and we need to devote time to be able to comment on the solution.

I rate the overall product an eight out of ten.

We are a distributor of Fortinet products. My role primarily involves importing these products and delivering them to our partners and resellers, who in turn sell them to the end customers.

FortiGate is a rapidly growing vendor with a wide range of ready-to-use products. Their delivery time is remarkably quick, usually between two to four weeks. They provide excellent support, especially when it comes to helping resellers who may encounter implementation issues with Fortinet. The technical presales and support teams are readily available to assist them. So, there are definitely several benefits to working with Fortinet.

The interface, pricing, and support are good. FortiGate release new patches and offers regularly. In the integration file, they don't have anything to add because they have a very wide portfolio and models in the next-generation firewalls. FortiGate has a variety of add-on license tools that can be applied to the firewall.

FortiGate should continue to push them to continue to grow up as they've been growing for the last eight years.

FortiGate NGFW can improve technical support. The engineer who answers the technical support call, email, or phone call, whatever the medium may be. The response time is very bad.

I have been working with FortiGate Next Generation Firewall for eight years. 

We don't have broken devices to be repaired or replaced with new ones, so they are very stable while working.

I rate the solution’s stability a ten out of ten.

I rate the solution’s scalability a ten out of ten.

We have all types of business models and customers in our portfolio, such as the midsized business, enterprise, entry-level, and small businesses. We are working with all of that with all of the Fortinet solutions.

The customer support is very slow. The engineer who answers the technical support call, email, or phone call, whatever the medium may be. The response time is very bad. 

On the other hand, Cisco takes one or two hours to respond, while Fortinet takes a few days. This is an area that they could improve on a global scale.

Neutral

The initial setup of the solution is easy, which is the most important feature for in-domain-wide resellers, partners, and customers. In the end, if you want to use Fortinet as a firewall administrator in your network, it is highly recommended because it is extremely easy to set up, especially for first-time users.  

Even if you have previous experience with Cisco or Check Point, setting up Fortinet is easy. It is a very user-friendly configuration.

I rate the solution setup a ten out of ten. It is very user-friendly.

FortiGate Next-Generation Firewall is cheaper than Cisco or CheckPoint or Palo Alto and more expensive than Barracuda or Sophos or any smaller brands. The prices fit right where they are on the global market.

I advise you to buy it ASAP because it's a very good product.

From my experience as a distributor, some customers don't buy technical support on the devices. They buy only devices. I will advise them to buy the technical support of FortiCare service. In that case, they will have technical support by phone call, or by mail. They will have a replacement if anything is broken 24/7.

Overall, I rate the solution an eight out of ten.

There are many features that we can use. We can see all the logs. Additionally, we can connect with other devices like the FortiManager. We also have a new feature.

We mainly use the Next Generation Firewall for enhancing security. It has powerful capabilities compared to traditional firewalls, especially when dealing with current threats like those in Azure. The Next Generation Firewall can handle more effectively.

The FortiGate Next-Generation Firewall is always updating. For example, if there is a big attack, they fix it in their firmware. They release new firmware with the necessary patches to address the vulnerabilities.

Mainly, we are more secure than with the traditional firewall. The Next Generation Firewall helps a lot in defending against various types of attacks.

In terms of solutions, for now, we don't have any SD-WAN. Yeah. We are planning to implement SD-WAN due to some failures we experienced last year. For our high availability design, this would be beneficial.

So I would like to have SD-WAN as a part of the Next Generation Firewall. It would enhance high availability.

I work with the FortiGate Next-Generation Firewall. We started using FortiGate about five to six years ago. We have been using various versions and migrated to newer ones over time.

It's stable, quite stable. We also have it set up as a firewall with high availability. We were also talking about SD-WAN for our future plans for our stores, mainly for the internal lines, because this SD-WAN technology is something we would like to implement.

It is a scalable solution. We can connect it to any network or with other brands, not only Fortinet. For instance, we can configure it with Cisco or any other brand for connectivity.

In our company, it protects around 500 endpoints.

Customer service and support have different levels of support—level one, level two, level three—based on the severity of the issue. They can also provide scheduled delivery. We usually never face any significant problems with their support.

I am satisfied with the support. They have good knowledge. 

The first setup process was easy to do. It was not difficult at all. 

We set it up ourselves. We created policies, firewall rules, IPsec VPN configurations, and everything was handled by our team.

The deployment took around five days, and the process was quite easy. The setup was straightforward. If we encountered any issues, we could contact Fortinet support. They were helpful and provided support through the hotline in urgent issues.

Maintenance is quite easy. I did it myself. It's user-friendly. We can use the GUI, or we can use the command line, but the GUI is more user-friendly. So it's good.

The price is not very expensive compared to Cisco or Palo Alto. Like Palo Alto, which is the most expensive product.

We have always been using Fortinet. It has been quite stable for us.

I would recommend it to other users. Overall, I would rate the solution a nine out of ten. It is a good solution.

The solution is used in my company since its management is very comfortable. If we compare Fortinet and Cisco, Fortinet's web interface is more user-friendly and offers speed.

We use the solution's URL filtering, IPS, SSL, and, specifically, SSL encryption. In general, the tool offers a user-friendly interface and pleasant management.

I cannot say anything about the product's price, and the tool does not need any customizations.

A firewall has different levels of productivity that its customers can use in their official branches, which can be small offices, big offices, or enterprise-sized organizations. The vendors offer models with different levels of productivity of the product to its users, which is not possible in FortiGate Next Generation Firewall (NGFW). It lacks integration options. I would like the tool to offer its users more integration options. Most of the vendors of NGFW offer integrations open with different solutions. FortiGate is able to integrate with Cisco or Microsoft. FortiGate has a lot of possibilities in terms of integration with other vendors, so the integration capabilities of the tool need improvement. FortiGate Next Generation Firewall (NGFW) has OpenAPI, which gives customers an option to integrate the tool into their custom software.

I have been using FortiGate Next Generation Firewall (NGFW) for seven to nine months. I use the solution's latest version. My company has a partnership with Fortinet.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution an eight out of ten.

Around 3,000 or more use the solution in our company. We have three appliances in total, each having a thousand users.

I rate the technical support a seven out of ten.

The support does open a case when an issue is raised, but since it is the USA, despite the support hearing our problems, they do get late to respond. We only have issues with the support of low priority. I never open high-priority cases with the support team.

Neutral

On a scale of one to ten, where one is difficult and ten is easy, I rate the initial setup an eight or nine. It is easy to install since it can be done with small configuration steps.

The solution is deployed on the cloud. Most of the firewall devices are deployed on the cloud, especially since NGFW of different vendors work on the cloud.

The deployment can be done in just a week since we need to find answers to some questions from our management and our security department. We need to get certain approvals in terms of the security policies before proceeding with the deployment phase.

One or two people are enough for the deployment process.

To those planning to use it, I would suggest that they opt for a pilot offering from FortiGate and try to use it to understand and figure out its advantages and disadvantages.

I like FortiGate Next Generation Firewall (NGFW) more than Cisco, even though I have worked more with the latter tool than the former.

Overall, I rate the solution a nine out of ten.

We use the product for security and filtering purposes.

The product helps block multiple ports during ransomware attacks.

FortiGate Next Generation Firewall (NGFW) 's most valuable features are reporting and filtering.

The product's data guard feature should support a USB port when the internet connection is unavailable.

We have been using FortiGate Next Generation Firewall (NGFW) for three years.

I rate the platform's stability a ten out of ten.

Our organization has 500 FortiGate Next Generation Firewall (NGFW) users. We utilize the platform 24/7. I rate its scalability a ten out of ten.

The platform's initial setup process is easy. I rate the process a ten out of ten. It takes a couple of days. The deployment involves integrating it with SSO in FortiGate. It helps with filtering access to user accounts through Active Directory. One executive is required for deployment. Additionally, one executive is needed to take care of packet updates for maintenance.

We implemented the product with the help of our in-house team.

I rate FortiGate Next Generation Firewall (NGFW) an eight out of ten.

We use FortiGate Next Generation Firewall first and foremost for the main site's security, remote sites, and establishing the connection between the firewalls they use. More recently, we have been using it when implementing SD-WAN.

The total ownership of equipment has several benefits when using one platform for administration. Training is then more focus-oriented to technology like Fabric. From the operations point of view, we have better savings by using this solution.

I like the common administration and the possibility of adding Fortinet defense systems.

I see problems with the licensing. If I have to add a new feature, we need to add a license. There may then be extra costs for our maintenance budget.

I have been using the solution for the past five years.

Fortigate is very stable.

FortiGate is a very scalable solution.

We used SonicWall. We switched to FortiGate looking for better security technology, and better fabric technology based on security. In this approach, FortiGate is still better than SonicWall.

With the initial setup, it's important to sit with the team to establish the application and the main issues to get the best possible script to implement in Fortinet equipment. We had to spend some time to implement it better.

Deployment could take one week, depending on the site, or even three weeks to implement the solution. Around four people were involved in the deployment.

We contacted an external company to provide some professional services through engineers who have better experience in certain kinds of implementations.

The pricing is better compared to other solutions like Check Point, Arista, or Cisco.

To anyone who plans on supporting this solution, refer to training resources in the Fortinet training center. There are people who have some experience that could provide some guidelines to people who start with basic issues and basic tasks, to then grow with experience by implementing some maintenance windows. I rate FortiGate Next Generation Firewall a nine out of ten.