Fortinet FortiGate IPS Reviews

We use the FortiGate IPS solution to analyze malware. When we receive attacks, we analyze the IPs.

The product has an inbuilt IPS software. We can configure it to block specific anonymous attacks that are happening.

They should provide us with a CSV number for patch updates. It will help us block specific signatures as well.

I have been using Fortinet FortiGate IPS for four years. We are using the latest version.

The product is stable, but we need to monitor IPs as new patches are released daily. Attackers will use these new patches to develop new attack methods and signatures. We need to ensure that our FortiGate IPS is up-to-date with the latest patches. We can get the logs and see if anything we have detected is suspicious. It includes programs, applications, files, or anything else. We investigate suspicious activity and act appropriately, such as blocking IP addresses or updating policy analytics.

The product is scalable. I sometimes have enterprise clients, but my client base is mostly small businesses. We have to implement the entire setup for them. In addition to the endpoint solution and firewall, we need to create IP addresses for users and define their services. Then, we can protect these resources from FortiGate by enabling the IPS upgrade.

There is a customer support portal number. We can create a case there and upload our details. They provide support services instantly.

Neutral

The initial setup is easy. The default CSV is already updated so that we can block those threats. We have to update the block list from the policy settings.

The product is expensive. I rate its pricing a six out of ten.

Enterprises use Fortinet FortiGate IPS because it protects government or critical infrastructure networks. For small businesses, IPS may be sufficient. Overall, I rate it a six out of ten.

I am using the product for enterprise network and security purposes.

I like the tool’s capabilities of integrating security around social media, site booking, and other essential features.

They can improve in the area of creating daily, monthly, and item-wise reporting. I think they should focus on including IP-controlling functions. 

I would like for Fortinet to add a ransomware protection feature in the next release.

I have been working with it for the last five years.

I would rate the stability a seven out of ten.

It is highly scalable. We have around 100 users using this solution in one location. Around 60 users use it in a second location and a minimum of 40 users use the solution in a third location. These users are both on the engineering and management levels. I would rate it eight out of ten for scalability.

They provide good technical support. I would rate it a nine out of ten.

Positive

Initially, I worked with Palo Alto. I switched to FortiGate because it is a reliable product.

I found the process easy. The implementation took just an hour to complete.

I did the implementation myself. If the implementation was more difficult, I would have needed more help from Fortinet. One IT manager maintains the solution.

We pay a monthly licensing fee and there are no additional costs.

I would rate Fortinet FortiGate a seven out of ten. I would recommend this solution to others. However, sometimes I have some troubleshooting problems and that is why I think a seven is suitable.

We use it for intrusion prevention mechanisms. If there is any unwanted traffic, we block it. We use it to avoid unwanted traffic. Most places in Oman use FortiGate firewalls, even the government sector, private sector, and ISP providers.

The customization is a little bit difficult because we have to customize everything. Typically, we will enable everything.

We have been using this solution for more than five years. We are using the latest version, and it is deployed on-premises only.

It is stable.

It is a scalable solution.

FortiGate tech support is very good because we get immediate support from them. For example, whenever we raise a ticket, we get an immediate response, and someone attends to help.

It has an easy setup. Fortinet FortiGate IPS, by default, gives a default IPS. We can customize it so we can give the user what they need. It's a quick deployment process, we can configure the management, and it is easy.

It has an annual license. I don't know the specific price, but it's expensive and not a very cheap product.

I rate the solution an eight out of ten. Regarding advice, the only problem is that they release many versions, similar to what Cisco does. Every two, or three months, they release new iOS versions. Sometimes, we have to upgrade, or it is not secure. Recently, we upgraded to a new version, and all the clients called us to upgrade to the new version too.

We own some real estate and we're renting apartments for another company, and we provide them with services. For example, we provide internet and security. We are managing the tenant through the firewall and they have been performing very well from our side.

This solution is a security gateway for our environment. URL filtering and other features have helped the way our organization functions.

The most valuable features of Fortinet FortiGate IPS are the dashboard and reporting which give us very good visibility.

Fortinet FortiGate IPS could improve the VPN. There are times it is slow.

I have been using Fortinet FortiGate IPS for approximately three years.

Fortinet FortiGate IPS are highly stable.

The scalability of Fortinet FortiGate IPS is good.

This solution is a firewall and anybody connected to the internet here, passes through the gateway. We have approximately 50 to 60 people in the building using the solution. We plan to increase the usage of the solution.

The support from Fortinet FortiGate IPS is very responsive, and quick.

I rate the support from Fortinet FortiGate IPS a five out of five.

Positive

I have previously used Check Point and Sophos.

The initial setup of Fortinet FortiGate IPS is straightforward. The whole process took approximately one day.

We use an implementor for the implementation of Fortinet FortiGate IPS.

There is only a standard license cost to use the solution.

We only need one administrator for the maintenance of the solution.

I rate Fortinet FortiGate IPS an eight out of ten.

Any time a firewall is deployed at a customer site, we'll use the intrusion detection, mostly on the input side, on VPN connections, as well as forward connections and established related environments. If you go to a website, you want to be sure it returns the content that it should, for instance. So we'll use IPS both for user traffic originating from behind the firewall, inbound NAT PAT, as well as for VPN connections. We are partners with Fortinet. 

Integrated management would probably be the most valuable feature. I can take a single FortiGate and manage switches and access points from a single login. I think it's on par with a Palo or a Check Point. I also like their sandbox. The solution covers what we need for most environments, whether small, midsize or enterprise. That aside, the user interface is pretty good and the packet capture works fairly well. The CLI is their own flavor of everything, but that's going to be true for just about anybody that's out there. IPS has widespread capabilities.

The biggest problem we have is the way they handle virtual IPs. It's not handled well at all and even pfSense handles that better. There are three different ways to configure it, depending on whether it is an internal or a through process, and it's just unnecessarily complicated. It would be nice if everybody got together and agreed on some language in their CLIs, but that's not going to happen. If you only dealt with one product on a regular basis, then the problem wouldn't be as evident.

I've been using this solution for many years. 

Scalability is relative because a given platform only has so much horsepower. It's not too bad to move from one platform to another, as long as they're on the same software rev. If they're not, then you run into the typical hassles where a backup from an earlier rev doesn't cleanly install on a newer rev. It would be nice if that was a little bit cleaner. 

The customer support is excellent. The first-line tech support is pretty quick about establishing whether they're going to be able to address a given problem. They can often escalate it on the phone, but they're also pretty good and timely if you're going through email. Once you have somebody assigned, it's pretty good.
We also have great local engineering support here in North Carolina. 

The initial setup isn't too complicated for a single WAN. You have to assign your name, your address, set up your aliases and then build rules. I think the VPN configuration could be a little simpler, but it's no harder than setting it up on a SonicWall, for instance. The setup can be done in less than an hour, including running updates and registration. A single person can deploy 10 switches, a pair of FortiGates in HA, and let's say 10 access points. One person will do the programming and then all installation is done by two specialists by code.

Fortigate is as cost-effective as its competitors. As the boxes get big, it gets pretty expensive but that's for large organizations that have a substantial IT budget.

My advice is to go through some basic training before trying to take it out of the box because the language that's used to configure FortiGate is not the language used on the Cisco ASA or on WatchGuard, or Juniper. The language is a little different so what you think you're configuring and what you're able to configure are two different things. The way that the policies are applied is different than it is from other boxes. So just because you have a technician-level cert with Cisco, you will not be able to successfully configure a VPN on a FortiGate. 

I rate this solution eight out of 10. 

We use the solution for a large government customer. We helped them migrate from Check Point to Fortinet FortiGate. The customer had a lot of applications that are accessed by HTTPS. It was necessary to put some protection in place to prevent certain internet access. They have a reverse proxy published behind FortiGate. The reverse proxy balances the servers.

FortiGate uses IPS profiles for the reverse proxy. The operation system is Linux, and the server is Apache with HTTPS of medium, high, and critical severity. FortiGate is used to inspect the connections between the servers and the customers. It is used to protect the environment.

We use .NET services to block IPs. We use the tool’s features to prevent access to classified IP addresses. We use ISDB to prevent network access to malware, botnet, BitTorrent networks, and mining for cryptocurrencies.

We prevent access to certain classified addresses to stop attackers from understanding our environment. Attackers try to study the environment to explore its vulnerabilities and attack us. The solution protects the environment from internal and external threats.

Our customers have a specific application for two-way inspection. Two-way inspections are not possible in FortiGate. It is usually available in load-balancing solutions like F5. It would be a good improvement if the product provides two-way inspection features in the next release.

I have been using the solution for five years.

The support is good. We need to raise specific tickets for specific problems. If we have any issues, the team helps us solve them.

Positive

It is easy to deploy the solution. The configuration of the firewall is simple.

The protection of the customers’ networks is our return on investment. The integration with FortiAnalyzer allows us to see the traffic and perform troubleshooting. Creating a profile with IPS does not require many steps. The level of protection provided by the tool is better than other vendors.

Fortinet FortiGate is better compared to Check Point.

Overall, I rate the product a nine out of ten.

I work with multiple customers. Most are comfortable running IPS within their firewalls rather than deploying it. The standard deployment requires finding a service owner and training them on the platform. However, if I deploy a next-generation firewall with integrated IPS and VPN capabilities, it simplifies things. It's straightforward for someone to manage. Consolidating a VPN server, IPS, and standalone firewall into one appliance can be challenging for many customers. Fortinet's servers are increasingly popular.

Fortinet has serious vulnerabilities. Some of their interfaces are exposed to attacks. Since they are more prevalent, they may attract more attacks and have more vulnerabilities discovered.

If I'm incorporating FortiGate IPS, FortiGate firewall, Forti VPN server, or any other component into an existing Fortinet fabric, I already have a Fortinet analyzer and FortiManager. With this integrated Fortinet ecosystem, stability issues are significantly reduced. Additionally, inserting a standalone Fortinet device is much easier and much more accessible.

Customer support is fine and fairly responsive.

Neutral

We used Cisco products and operated within a Cisco ecosystem. Currently, Cisco is too expensive, but FortiGate IPS does not position itself as premium like Cisco.

The initial setup can be completed within a month with some IT security architecture by replacing IPS.

The product is expensive but comparable to Cisco.

There are limitations to consider, such as the sandbox capacity. Increasing the sandbox limit is essential for better integration with the firewall IPS, facilitating traffic offloading. Since my customers deal with heavy content, we often need to upload content for analysis by the IPS and sandbox. Thus, the system effectively fulfils its intended purpose. However, we do not need to assess features beyond what the customer requires. As long as we meet their specific needs and use case, it's satisfactory.

We're building a network of partners, you know, offering competitive pricing to engage in significant projects. Firewalls are pretty standard. The ecosystem issues may revolve around business support and pricing.

You need more considerable internal resources to manage it. For clients with a robust security solutions team, architects, and skilled developers who handle data and generate similar content, I would recommend Fortinet FortiGate IPS. These individuals should be capable of upgrading their packages and downloading them. If they are comfortable with Docker, they can deploy it as an appliance on a server.

Overall, I rate the solution a six out of ten.

We're a healthcare company and use the solution in many ways. It builds a tunnel between the customer and our office. We use it for directing applications. It clears application problems based on latency and packet loss. People working from home can connect to the VPN in a secure way as well. 

We like the accessibility it provides.

Every process we do is underwritten under Fortigate. 

When we have to access the tunnels, we can use a VPN to access applications from the customer. 

We can dig into the security and enforce security policies. Everything is controllable from the server. 

It is easy to set up. 

The solution is stable.

It's reliable.

Technical support is helpful and responsive. 

Fortigate is always innovating. I'm not sure if any improvements are needed.

We'd like to have multi-factor authentication via fiber.

I've used the solution for six to seven years. 

The solution is stable. I'd rate it eight out of ten. There are no bugs or glitches, and it doesn't crash or freeze. 

The solution scales very well if it is the cloud. If there are hare hardware pieces involved, and more users are added, we have to swap out the hardware box. 

Most SMBs are on this solution. We have 20 to 50 customers on the product.

Technical support is very good. 

Positive

We have a mixed environment. We have Cisco and Fortigate. Whatever is needed is what we will use. 

The initial setup is easy. I'd rate the ease of setup nine out of ten. The deployment depends on how long it depends on the design and implementation needs. It might take about a month. Most of the infrastructure is static. 

Right now, we have three people who are able to handle deployment and maintenance. It does depend on what kind of network it is. 

We handled the implementation ourselves. We are certified in Fortigate. We only depend on a vendor for the hardware part and any related warranties. We can do the configuration and building of the firewall. 

I'm not sure of the exact pricing. My understanding is it is pretty pricey. I'd rate it seven out of ten. 

We are a customer and end-user.

Fortigate is a one-stop solution for all network needs. There are many features that are embedded into the firewall. The more you use it, the more options will be revealed. It's very strong on the market.

I'd rate the solution nine out of ten overall.