Fortinet FortiGate OverviewUNIXBusinessApplication

Fortinet FortiGate is the #1 ranked solution in best firewalls, SD-WAN tools, and top WAN Edge tools. PeerSpot users give Fortinet FortiGate an average rating of 8.4 out of 10. Fortinet FortiGate is most commonly compared to Cisco Secure Firewall: Fortinet FortiGate vs Cisco Secure Firewall. Fortinet FortiGate is popular among the large enterprise segment, accounting for 50% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 23% of all views.
Fortinet FortiGate Buyer's Guide

Download the Fortinet FortiGate Buyer's Guide including reviews and more. Updated: December 2022

What is Fortinet FortiGate?

Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

Benefits of Fortinet FortiGate

Some of the benefits of using Fortinet FortiGate include:

  • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
  • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
  • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

Reviews from Real Users

Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

Fortinet FortiGate was previously known as FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate.

Fortinet FortiGate Customers

Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co.

Whitepaper and case studies here

Fortinet FortiGate Video

Fortinet FortiGate Pricing Advice

What users are saying about Fortinet FortiGate pricing:
  • "Fortinet's pricing is more straightforward than other solutions. If Fortinet doesn't stick out when you're searching for a solution, you are a glutton for punishment. You only need to know two things when purchasing a Fortinet solution: your total bandwidth and bandwidth at the site. You need to estimate the future bandwidth with other solutions if your customer plans to upgrade."
  • "It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive."
  • "Fortinet FortiGate has different licensing models, depending on what you're going to do. Services included would depend on the license model. Licenses can be renewed annually."
  • "Pricing and licensing is a little bit complicated in FortiGate. They are always on the higher side. This is one issue that we always raise with the company that they should reduce the price according to Indian market requirements. There are no costs in addition to the standard licensing fees."
  • "When you look at these end security systems and firewalls, these firewalls even five years ago were $50,000 or perhaps $25,000 to implement in some types of customer sites. Now we're talking about tools that are $1,000. In this case, it might have been $500 or something like that."
  • Fortinet FortiGate Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Eric-Smith - PeerSpot reviewer
    Solutions Engineer/Consultant at a tech services company with 11-50 employees
    Real User
    Top 10
    A reliable and consistent solution that allows us to manage the entire network from one interface and supports on-premises and cloud deployments
    Pros and Cons
    • "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them."
    • "FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works. Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware. The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack."

    What is our primary use case?

    We are a managed services company, and we are also a partner with Fortinet and Cisco Meraki. The firmware that I just started using is 6.4.4. Most of the FortiGates that I sell are 60E and 60F. For some of our larger customers, I have got a handful of FortiGate 80, 100, and 200.

    Fundamentally, its primary purpose is security at the edge of the network. I have got some clients who are starting to use the SD-WAN feature for a multi-location setup. I have got other clients who are using a lot of IPSec tunnels. I also have some clients who, with the increase in remote workers, are taking advantage of the FortiClient product that ties in. They are using that for remote VPN connections. 

    How has it helped my organization?

    We are a managed services provider, and I would say that it has improved the way our client's organization functions. I would also hope that it is seamless for them. They don't even know it. The biggest improvement for us is that it allows us to do more with a smaller staff.

    What is most valuable?

    One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent.

    One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them.

    What needs improvement?

    FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works.

    Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware.

    The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack.

    Buyer's Guide
    Fortinet FortiGate
    December 2022
    Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    656,474 professionals have used our research since 2012.

    For how long have I used the solution?

    I have been using this solution since 2007.

    What do I think about the stability of the solution?

    If you have the firmware version 6.4.3 and are using FortiLink in VLAN, it has trouble with tunneling networks for a wireless network. It won't give it a route to the internet. I found it just last week. There was a version back in 6.2 where it required 12 characters for the password of a wireless network on Web 2.0 as opposed to the traditional eight characters. The problem came when you wanted to edit it. If you upgraded to that firmware from a previous version, it wouldn't let you save any changes without changing the password, making it a requirement. That was kind of problematic for a while, but for the most part, it has been pretty stable and responsive.

    What do I think about the scalability of the solution?

    It is easy to scale as long as you start with the right firewall. Our clients are of different sizes. We have clients with the home office with two or three employees. One of the clients has about 26 locations in all four time zones and about 400 employees.

    How are customer service and support?

    I haven't used their official tech support, which is actually a good thing. The reason I haven't used their official tech support is that they have a support mechanism in place. I have direct access to a local sales engineer, and when I have problems, I call him up on the cell phone. Based on that, they definitely support their partners 100%. They are definitely channel driven, and it shows.

    Which solution did I use previously and why did I switch?

    I have deployed SonicWall, WatchGuard, Cisco ASA, Rockies, and Palo Alto. The biggest reason I went with Fortinet is that it felt like it has got Palo Alto type of functionality at a much more reasonable price point.

    I spent seven years working at the state level education, and budgets were tough. We had SonicWall subscription services. I could replace them with the brand new FortiGate with a three-year subscription for the same cost. That really changed things. The single pane of management that they have was just the frosting on the cake.

    How was the initial setup?

    It is pretty simple. For example, I just set up a new network with a 100E, and I have got four stackable switches. It will run a network with 23 access points. I set up all the VLANs, routing, rules, and other things. It won't take more than four hours of work. I am getting ready to box up and ship it out. It will be plug and play once it gets to the site.

    What other advice do I have?

    Take the training. They've got free training that is available online, and there are different levels for technical training. It is crucial. If you sign up as a partner, which doesn't cost you anything, the training is free. If you want to go for the test and get certified, you got to pay for the test, but the actual training materials are available to every partner for free. I would say that definitely take advantage of those. When you have new employees as network engineers, make this training a part of the routine.

    I would rate Fortinet FortiGate an eight out of ten. I have been using it for years, and I do try to evaluate it on a regular basis and continue to stick with them. I just don't have a lot of bad things to say about them. Aside from their product, I'm a also fan of their company and how they do business, which makes it easier to do business with them. I don't necessarily appreciate the business practices of some of their competitors. It is nice not to have to worry about that.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Network Solutions Architect at Yazata Solutions
    Reseller
    Top 20
    SSL proxy makes URL filtering easier because the encryption is done before the packet ever leaves
    Pros and Cons
    • "FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features."
    • "My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint."

    What is our primary use case?

    We use FortiGate for security. Some clients use the whole Fortinet solution, including FortiSwitch, FortiAP, and FortiExtender, but FortiGate is my bread and butter.

    We have a hybrid deployment. A lot of it is onsite, and we have data center collocations. Some customers do collocations with us, but others request connectivity to Azure or another cloud services provider. Fortinet has plugins for Azure, AWS, or Google that make it easy to configure VPNs out of the data center or off-site. 

    Typically, we stick with Azure because their support is better, but we do have a handful of customers that choose AWS. We have the solution deployed across Canada. One of our biggest customers is a retail company with many little stores under their umbrella. We cover everything from British Columbia to a couple of sites in Newfoundland. I estimate that we have around 1,200 users.

    How has it helped my organization?

    We need to allow a set of websites or block another set. FortiGate gives us the ability to do it based on URL domain. It's so much easier because you input the domain microsoft.com instead of adding the specific URL. Other firewalls can't do that the way FortiGate does. It helps us with compliance and security.

    What is most valuable?

    FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. 

    Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features.

    What needs improvement?

    My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint.

    For how long have I used the solution?

    I've been using Fortinet solutions for about four or five years now.

    What do I think about the stability of the solution?

    I think FortiGate is going to be around forever. If I don't see their stock price double in the next two years, I'm going to be surprised. I think it's a very underrated solution. 

    What do I think about the scalability of the solution?

    Scaling up only requires adding a router. Once you have your network in place and a basic template, you buy another router and add it to the mix. It's incredibly easy to add and configure devices. 

    How are customer service and support?

    I rate Fortinet support 10 out of 10. The support gets better as you get more certifications. I'm trying to get my certification to see how much better it can be. With an NSE 7 certification, you can contact Tier 3 support directly. I'm already getting my cases resolved in 24 to 48 hours using Tier 1 and 2 support.

    Which solution did I use previously and why did I switch?

    We used Juniper firewalls in the past. The two solutions are similar in terms of features, but Fortinet blew it out of the water with regards to pricing and user-friendliness.

    The main difference is CLI versus GUI. You have to know what you're doing on a Juniper because it's all command-line based, but Fortinet is 99 percent GUI-based. You log in to Fortinet and check off what you want to allow or block. 

    How was the initial setup?

    Our biggest Fortinet solution was 500 plus retail sites. This customer chose the whole nine yards, including FortiGate, FortiSwitch, FortiAPs, and the FortiExtender, which is the LTE router. 

    I made the templates for the configuration for our bottom tiers because they were the ones rolling them out. I made a standard template config and wrote notes specifying necessary changes for each site. 

    The primary difficulty was trying to understand our customer's requirements and concerns because they were with an old provider. The provider had a lot of things on-site that weren't necessary. Deploying the Fortinet solution itself wasn't hard. 

    Getting there was hard because we had to sit down with the customer and their tech team to determine what was needed because they had old Cisco routers. That took about three weeks and required a lot of on-site visits, but it wasn't hard to deploy the solution once we got an understanding of the requirements was not hard.

    We trained the customers to manage and maintain the solution themselves. The only maintenance we do is emailing them monthly when we get notifications from Fortinet about router upgrades. You can configure it and then forget it. 

    What about the implementation team?

    We are the integrator/consultant for the solution. We are the one in between the client and the internet service provider.

    What was our ROI?

    FortiGate firewalls pay for themselves. We bought our first FortiGate when they came out with the 50Fs and thought we would never see the return on investment. However, they paid for themselves because we rent them out, and customers loved them so much that we just retired our Juniper and Cisco solutions.

    What's my experience with pricing, setup cost, and licensing?

    Fortinet's pricing is more straightforward than other solutions. If Fortinet doesn't stick out when you're searching for a solution, you are a glutton for punishment. You only need to know two things when purchasing a Fortinet solution: your total bandwidth and bandwidth at the site. You need to estimate the future bandwidth with other solutions if your customer plans to upgrade.

    You have to consider whether you'll need to resell your licenses or wait until they expire and get new ones. You need to worry about out-of-pocket costs with other solutions, but you could pay for a higher-tier Fortinet license. You don't need to worry about it for 10 years and still be under budget.

    Fortinet encourages people to buy their base product and then add what they need. That mentality goes a lot farther in the game because it affords people security. That's how they got into the market and became so competitive.

    Which other solutions did I evaluate?

    We evaluated Meraki, Dell's old SD-WAN, and Cisco's Viptela. Price and flexibility were the main factors. Viptela, Juniper, and others make it so hard to pick a solution. You have to be highly specific about what you want, including the amount of bandwidth and encryption level at every site. You have to pick a different router per site, depending on your functionality and requirements.

    What other advice do I have?

    I rate FortiGate 10 out of 10. It's a tremendous little firewall. It takes care of all your security concerns.  When people say, "I need to make my organization more secure," the first thing that comes to mind is Fortinet. Everyone is talking about Cisco, Juniper, Palo Alto, and Check Point but overlooking Fortinet, which is a relatively new player in the game. 

    Fortinet's next-generation firewall is more affordable and user-friendly. They also have an extensive knowledge base online. Good luck finding that community support on a Palo Alto, Cisco, or Juniper website without paying.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Fortinet FortiGate
    December 2022
    Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    656,474 professionals have used our research since 2012.
    CEO/CTO with 201-500 employees
    Real User
    Top 10
    Stable with good pricing and fairly easy to use
    Pros and Cons
    • "The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback."
    • "You do need some IT knowledge in order to effectively work with the solution."

    What is our primary use case?

    We primarily use the solution as a hardware firewall. In China, there's a lot of content that would be available in the West that isn't allowed here. We're able to block certain content from getting through filters.

    What is most valuable?

    The solution offers a very good package for all kinds of virtual appliances, subscriptions, and so on. It's a reasonable price. It's not too much.

    The services on offer are just superb. 

    The way it can block certain content is very useful for us. It gives you a good heads up as to what streams are being blocked from the network, which helps with visibility.

    The simplicity of the product is great. It's very easy to use, which is a compliment we get all the time in terms of feedback.

    There seems to be good reporting features. 

    The scalability is there. If you need to expand the product, you can.

    The menu structure is more logical than, for example, Cisco or SonicWall. I find that the Fortinet is easier to understand in terms of the installation process and setup. 

    What needs improvement?

    The only problem that we have here in China is that the whole subscription process on Fortinet is a little bit difficult if you are doing it from China. China has kind of a firewall around the country, and we sometimes have complications due to that aspect.

    As a whole, I don't think that the product is actually missing any features.

    You do need some IT knowledge in order to effectively work with the solution.

    For how long have I used the solution?

    I've been working with the solution since about 2016. It's been a few years at this point.

    What do I think about the stability of the solution?

    The solution is very stable. There aren't issues with bugs or glitches. It doesn't crash or freeze. It's very reliable.

    What do I think about the scalability of the solution?

    The scalability is good. You can expand it as needed and add on extra apps to add in extra functionality if you want to.

    We mostly deal with mid-range companies. 

    How are customer service and technical support?

    I only talk with people here in China that are the Chinese sellers or distributors from Fortinet. They are Chinese and I don't speak or understand one single character Chinese. So for me, it's very difficult to communicate with technical support. Most of the time, I let them talk with one of the people who I know who is fluent in English and Chinese. That's what I do. 

    Most of the time, I can do all the research on the internet to see what kind of device I need and then I get a translator and we figure it out.

    Which solution did I use previously and why did I switch?

    We only use Fortinet's FortiGate for our hardware firewall protection.

    However, if our clients need extra security, we may add other brands and security layers. We also work with SonicWall, Checkpoint, and Barracuda, for example.

    I've also worked with pfSense, which is free, however, it has much more of a do-it-yourself approach. It's also quite different from other solutions. If you have Cisco experience, you'll be able to navigate Fortinet, whereas pfSense requires much more in-depth study. It has its own language, basically. That's one of the reasons you won't find too many of its configurations in China.

    How was the initial setup?

    The initial setup, for me, at least, is very straightforward. It's just a few clicks and you're set up. It may be a bit more complex for someone else who may not be as familiar with the product.

    What about the implementation team?

    I have partners that assist with the initial setup and I have network engineers who are doing the job for me. They are working for me as they are my employees. As their boss, of course, I have to know a little bit about how to handle it as well. We handle the implementation process for our clients. We implement it according to ISO and Chinese security standards.

    What's my experience with pricing, setup cost, and licensing?

    The solution is pretty affordable. It's not overly expensive. It's not like Cisco where you pay an awful lot of money mostly for the name.

    There are extra apps you can add to the product, however, those come with an extra price tag as well. That said, it allows you to do more things and expands its capabilities.

    I like to use Fortinet due to the fact that with the device you can do so much more, it's not only web filtering. If you decide to use it for something else, you just pay some money to Fortinet for another package and you are good to go. It makes it a little bit easier for small or large companies as it's so flexible in its offering. 

    In China, due to business constraints, licensing is quite complicated here.

    What other advice do I have?

    I'm a service provider in China. Basically, I'm connecting companies, foreign companies or Chinese companies, or even foreign public services to business VPNs or business cross border interconnections.

    Whether we use the latest version of the solution or not depends on the client, their needs, and the environment. If a client needs more security, we may even layer in other brands to help with that.

    We tend to keep deployments on-premises as you can run into issues with using the cloud in China. We prefer to have it on-premises and then bring lines in to hook everything up. It's simpler and there are fewer issues.

    In general, I would rate the solution at a ten out of ten. We've just been pleased with the product and the ease of use.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
    PeerSpot user
    Network admin at Penobscot Valley Hospital
    Real User
    Top 10
    An easy-to-use product that does a lot for you and allows you to be independent
    Pros and Cons
    • "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall. You don't need to pay some other company for another product to do that for you. The firewall can do that for you. So, it's an easy-to-use product for people to be independent. They don't need to rely on other vendors to do what the firewall can do. They can do everything."
    • "I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself."

    What is most valuable?

    It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall. You don't need to pay some other company for another product to do that for you. The firewall can do that for you. So, it's an easy-to-use product for people to be independent. They don't need to rely on other vendors to do what the firewall can do. They can do everything.

    The GUI is good. I'm really happy with the ease of use of the firewall. Fortinet's support is also great.  

    What needs improvement?

    I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself.

    For how long have I used the solution?

    I've had different models of Fortinet since 2009. They all are physical appliances. I had 300As, and now I'm on 300Ds. I've got a remote site with a different model, which probably is 60F. They are great little firewalls, and for bigger size places, they have 300 models.

    I don't have virtual appliances. I don't have a virtual infrastructure. I have an older virtual environment with Hyper-V, and the servers are not up-to-date. It was a money thing. So, it was better to go with the appliance itself.

    What do I think about the stability of the solution?

    I'm happy with what they got. It is a great product. Sometimes, you're going to get a lemon—the way it initially happened with FortiAuthenticator 300F—but that doesn't happen very often.

    If there is a problem, the next business day, they send it and get the replacement, and they help me configure it.

    What do I think about the scalability of the solution?

    In terms of its users, everybody uses the firewall because they're going out. That's our egress point. So, there are about 20 users for that. We have a dozen IPsec tunnels with which we connect to different companies. So, security is a big part of it. I also have a remote location with about 10 users who use a different firewall.

    We probably won't be increasing its usage. Now that I got Authenticator, it nicely compliments the Fortinet firewall. The size of the company isn't going to grow any more than what it is. So, we're good.

    How are customer service and support?

    Their support is great, but it also depends on who you get for support. From the support perspective, they can help you do it yourself, which is always more beneficial to both parties. They can stop being so time-sensitive about the call duration and let a user help himself a little bit more.

    It takes time to study this stuff, and I don't always have time to do it. So, I'm looking for a quick answer because I get interrupted all the time during work. I don't always have the time to study something and figure it out. So, I have to call them, but I don't always get somebody who really knows what they are doing. They don't know deep enough to help you. They're troubleshooting with you, and that's the difference between Level 1 and Level 2 support.

    Which solution did I use previously and why did I switch?

    When I first got here in this job in 2007, they had Cisco ASA Firewall, but it was too cryptic. You had to enter all these CLI commands for a configuration. It also didn't do everything that Fortinet could do. It was very limited, and it wasn't easy to use. I know what I want to do, and I don't have to learn a special language in order to do it. I just want to be able to use some basic programming code that they have put into the firewall and use the GUI interface with it to actually visualize what I am looking at. Some of the Cisco products are not visual enough. That was one of the reasons I stayed away from it. Cisco is also very high-priced. They price themselves out of business a lot of times for equipment, but Fortinet is just great.

    I've also used SonicWall before. It was okay, but it is better for bigger places. I was looking for a midrange-size firewall for a couple of hundred users, and I felt Fortinet was the right fit.

    How was the initial setup?

    Its deployment and maintenance are easy. 

    What about the implementation team?

    I pretty much used the support from Fortinet to do it. They're good about their support. I did it myself by being a nuisance to Fortinet. I kept calling them to ask questions. They had to remote on to it and see you do something you don't know how to do.

    What's my experience with pricing, setup cost, and licensing?

    It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive.

    What other advice do I have?

    Fortinet has got great firewalls. They do everything. They do FortiTokens for two-factor. They do the IPsec VPNs, SSL VPNs. They have a great GUI for you to know, but you still got to know the CLI commands. 

    I would rate it a 10 out of 10. It does its job, and it is easy to use. The support is great.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Amar Patil - PeerSpot reviewer
    Security Engineer at Hitachi Systems, Ltd.
    Real User
    Top 10
    Secure, performs well and easy to manage
    Pros and Cons
    • "The management console is pretty simple, so anyone who understands networking can initially deploy the solution."
    • "Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN."

    What is our primary use case?

    Most organizations use the Fortinet firewall as perimeter security at the gateway level.

    How has it helped my organization?

    FortiGate has threat protection, antivirus, and even SSL encryption and decryption. So FortiGate is primarily used for security purposes. And a few customers also use this firewall for web filtering and application control. So these are the two features for which people use FortiGate.

    What is most valuable?

    FortiGate is primarily a gateway,  but customers also use web filter threat protection and application control. And some people use it as a special VPN for remote access. I recently deployed one virtual firewall where they're only using the FortiGate firewall for VPN. I can't say one feature is the most valuable because it's a bundle solution. So no one uses FortiGate for just one single feature. 

    What needs improvement?

    Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

    For how long have I used the solution?

    I've been using FortiGate for around five years.

    What do I think about the stability of the solution?

    Before version 6.0, FortiGate's firewall performed well enough, but lately, they've introduced so many features. After that, its stability has been somewhat lacking. This is because they're constantly updating their firmware. So it was pretty stable, but nowadays, it's not that stable.

    What do I think about the scalability of the solution?

    I haven't worked on the scalability side because most of the time, the pre-sales tools are relatively bigger devices. So right now, I haven't faced any issues with scalability. They have some larger devices for the data center. So if we talk about their hardware, I think they're capable of handling around 10,000 to 15,000 people on a single device. But if you go with the virtual environment, I don't think there is a problem. Fortinet has a single OS that we can deploy on whatever hardware capacity we want to configure over there or through virtualization.

    How are customer service and support?

    Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.

    How was the initial setup?

    The management console is pretty simple, so anyone who understands networking can initially deploy the solution. But you need some good hands-on experience for advanced configuration. The amount of time required to deploy depends upon the project and also the organization. So it takes around four to five days to deploy a smaller device. And for the largest device, it takes around a maximum of two months. We do the deployment on our own. So we have a sales team, a pre-sales team, and a deployment team. Our sales team gets this and handles the sales end. After that, we come into the picture. So we do the whole migration, as well as the new implementation and everything. It should take no more than two people to deploy. If we want to migrate from one Fortinet device to another, then we use the command line. They have some script in their firmware, and we can migrate the script directly from the older firewall to the new one. So it isn't too complex.

    What's my experience with pricing, setup cost, and licensing?

    I'm somewhat aware of the pricing, but most of the time, the pre-sales staff only defines their requirements. And we get the licenses at the time of implementation, then register and activate them. But I think Fortinet has multiple packages. They sell licenses for a period of one, three, or five years. They also have special add-on licenses for various things. So, for example, if you want to get a security rating for the firmware configuration and everything, you need to purchase an additional security license. And if you want to do some IoT-related security, you also need to purchase separate licenses. 

    What other advice do I have?

    I rate FortiGate eight out of 10 based on the performance, stability, performance, management, rights, and features. So most people lack SSL encryption and the certificate part. Those servers are running behind the FortiGate firewall. And most of the people I've seen are not using SSL encryption over there. And even for internet purposes, they're not using deep scanning.  So my suggestion to people thinking about using FortiGate is to prepare a plan before implementation and implement those things in inbound inspection and outbound inspection. This is recommended. And also, if you have multiple band links, then you must use SD-WAN. They have SD-WAN options in the FortiGate firewall. It's a pretty good feature. So you can use that to improve your stability and performance.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Thendo Ndzimeni - PeerSpot reviewer
    Network Administrator at Automated Outsourcing services
    Real User
    Top 10
    Secure, multifeatured, and user-friendly solution for protecting networks
    Pros and Cons
    • "Secure, user-friendly, stable, and scalable network security solution. Installation is straightforward."
    • "Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%."

    What is our primary use case?

    We use Fortinet FortiGate for web filtering, IPS reporting, and firewall policy routing.

    What is most valuable?

    What we like about Fortinet FortiGate is that it's fast. You can also use it immediately, e.g. you don't have to wait and apply the policy before you can use it. It's robust and offers immediate usage, unlike Check Point, which we noticed was a slow product.

    Fortinet FortiGate is also more secure, depending on how you set up the SD-WAN technology.

    We also like the zero trust access, arrays, and the EDR features on this product. It's also 100% more user-friendly, e.g. even when I worked with them configuration-wise. The availability of the support hotline and their knowledgebase articles, e.g. the Cookbook, help a lot. Those articles are accessible to everyone, and they're free.

    Whenever you implement a solution, you can run through Cookbook, then you can install the Fortinet certificate if you aren't able to, if you're stuck, but most of the time you are likely to get it right. The Cookbook explain everything straight to the point, and this makes it much easier.

    What needs improvement?

    Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%.

    For how long have I used the solution?

    I've used Fortinet FortiGate for three years, and the last time I used it was last year.

    What do I think about the stability of the solution?

    The product is very stable. It's a powerful product.

    What do I think about the scalability of the solution?

    Fortinet FortiGate is a scalable product.

    How was the initial setup?

    Installing Fortinet FortiGate is straightforward. The Cookbook tells you where the issue is, then the packs that come with the software, they are quick to advise on what bugs you can expect, and how those bugs can be fixed. I enjoyed installing the product.

    The initial setup for Fortinet FortiGate took less than a week. We spent another week migrating the policy, or recreating the policies on the new object, because of the incompatibility with Check Point. We had to recreate the policies, otherwise, the change was quick, and we just had to mount them and connect the HA link and the other internet link. The setup was quick.

    What's my experience with pricing, setup cost, and licensing?

    The product has different licensing models, depending on what you're going to do. For the IoT service, initially the program was for free, then the IoT service and the mix firmware that we had, we had to pay.

    Services are separate in terms of Fortinet FortiGate license models, e.g. you could have IPS, AV scanning on high availability, etc. The license could be on annual renewal.

    Which other solutions did I evaluate?

    I evaluated Check Point, but my problem was that it was too slow to install, and you have to wait long while your environment is down. With Fortinet FortiGate, it was instant. Fortinet FortiGate is very easy to install, unlike Check Point. Fortinet FortiGate is a better product.

    What other advice do I have?

    I have experience with Fortinet FortiGate. I used to manage the product in the past, but in a different company. I transferred to another company into a new position, and Fortinet FortiGate is being used in my current company.

    This product can be deployed both on-premises and on cloud. We use version 300E for on-premises, and VM04 on cloud.

    They are doing a lot of things to improve Fortinet FortiGate, that I can't think of anything else I'd like added to it. There's zero trust access, the EDR, and the arrays. I can't really say that there's anything that they have not started. They're able to provide what I want.

    We started with 100 users of Fortinet FortiGate in the company, then it went up to 270 users, because we also had a child company with end users of this product.

    We didn't have to contact technical support for Fortinet FortiGate, because we had a third-party guy who was helping us, and we seldom contact him. If we find an issue, we just email, and he'll write back to us. We also get advise on the old firmware, for example, that there's a higher chance it's static and could be affected by vulnerabilities. Any help was done quickly, and it was nice. Nowadays, we are doing all the work, e.g. not having to contact our third-party guy.

    We don't really need a team for deployment and maintenance. There's another engineer we're sharing ideas with, otherwise, deployment and maintenance are both very straightforward. You just need to know what you're doing, e.g. a good path, IPsec channels, etc., and it'll be much easier.

    I can recommend Fortinet FortiGate to others, especially because I understand it the most now. We do know everybody won't choose it, because Check Point, Cisco, and other competitors are coming up with robust devices. Everyone wants to win against their competitors, but I'm happy with FortiGate. It's a product I can recommend to others.

    I'm rating Fortinet FortiGate a ten out of ten, because it doesn't give me any issues. It's very easy for me to rate it a ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Kshitij Singhai - PeerSpot reviewer
    Owner at Computech Associates
    Real User
    Top 5
    Good web filtering facility and application control, very stable and scalable, and easy to deploy
    Pros and Cons
    • "The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good."
    • "Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."

    What is our primary use case?

    We are basically system integrators. We design and implement firewall solutions for our customers. We also provide after-sales services. 

    We have deployed this firewall for different types of clients. We are providing solutions starting with FG-30E, which is the lowest model in the FortiGate series, and up to 1000 series.

    How has it helped my organization?

    We understand a customer's requirement of current internet users. After that, we design a perfect solution through which they can not only protect their network but also have load balancing between multiple internet service providers. They can also have secure connectivity from a remote office by using a single box device.

    What is most valuable?

    The web filtering facility and application control are the most valuable features from the point of view of our clients. The VPN feature is also quite popular amongst our clients. Two-factor authentication is one of the good features in Fortinet. These features are important for the current scenario of security. Security has become a necessity nowadays. With cyber-attacks becoming more common, protecting an organization's data is one of the major tasks. 

    It is also very stable and scalable, and it is very straightforward to configure. Their technical support is also good.

    What needs improvement?

    Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements.

    They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security.

    For how long have I used the solution?

    I have been working with this solution for the last 12 to 13 years.

    What do I think about the stability of the solution?

    It is very stable. We have been working with this solution for a long time, and we found it to be stable.

    What do I think about the scalability of the solution?

    It is a scalable solution, and you can also upgrade. They come up with a new feature every time. Whenever you're updating your firewall firmware, it is ready to mitigate threats available in the fiber scenario.

    Our clients are small, medium, and large businesses. We have deployed it for small offices or retail stores as well as for big manufacturing units. We also have clients from Education and Healthcare. Some of the large companies have between 800 to 1,000-plus devices protected through this firewall.

    How are customer service and technical support?

    Their technical support is good.

    Which solution did I use previously and why did I switch?

    I have a little bit of experience with other firewalls such as Sophos and Check Point. There are some basic differences in the features and their functionality, but I cannot say that this one is the best, or this one is not good. I have more confidence in Fortinet FortiGate, so we are focusing only on this.

    In terms of support, we had purchased a Check Point product for a customer, and we were trying to get support from the team, but it was very difficult. Sophos is okay in terms of support.

    How was the initial setup?

    Its initial setup is very straightforward. It is very easy if one knows the basic concepts. It has a graphical user interface, which makes it straightforward to configure. You can configure it step by step. The basic implementation of this firewall can be done in a very simple way. There could be some complexity at the Enterprise level, but at a basic level, it is very straightforward.

    The deployment duration depends on the complexity level. A simple deployment can be completed in a few hours. A complex deployment can take one to two days depending upon the requirements. This is because, in addition to implementation, we also have to test the solution as per a customer's requirements to see whether it is fulfilling the given task or not.

    What about the implementation team?

    We are a very small company with seven to eight people. We have a total of three people working with firewalls. They're network and support engineers.

    What was our ROI?

    Our clients definitely get a return on investment. It is a really good product, and the stability of the product is a very important factor for our clients.

    What's my experience with pricing, setup cost, and licensing?

    Pricing and licensing is a little bit complicated in FortiGate. They are always on the higher side. This is one issue that we always raise with the company that they should reduce the price according to Indian market requirements. There are no costs in addition to the standard licensing fees.

    What other advice do I have?

    It is a good product, but I would always recommend selecting an implementer partner carefully. The implementor should be able to implement all the features so that you get the best benefits of the firewall. An implementation partner is very important. If you don't have a proper partner, you will probably end up with a mashup, and you won't be able to use all the features. Your performance might also not get optimized.

    I would rate Fortinet FortiGate an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Channel Partner
    PeerSpot user
    Michael-Sugg - PeerSpot reviewer
    CEO at Sovereign Managed Services
    Real User
    Top 5
    Very complete with good capabilities and very good stability
    Pros and Cons
    • "The main reason why I purchased the particular unit was that it had good reviews and what other people were saying as far as its completeness and its leading capabilities in terms of endpoint security was very good."
    • "To some degree, it's almost a question as to why some of this stuff isn't simpler. For example, for an AP deployment, while it's integrated, the number of steps that you have to go through in order to get the AP up, seems like a lot."

    What is our primary use case?

    The purpose of this solution is to provide intrusion protection and more robust endpoint security for small offices. We are providing an enterprise solution for a small business by adding endpoint protection coupled with Intrusion Detection and Protection.  For small offices needing HIPAA compliance, we need to make sure we are providing robust protection instead of the default modem gateway provided by the ISP.

    How has it helped my organization?

    The Fortinet product provides enterprise capabilities in a small footprint at a price point that is more attainable for a small business. The product meets the IPS/IDS/Endpoint protection that small organizations need for their HIPAA and PCI compliance.  While the end user may not understand the true capabilities, the managed service provider can more easily deploy and maintain this small footprint product.

    What is most valuable?

    The main reason why I purchased the particular unit was based on other reviews and leadership in this space. Being able to have a VPN solution as well as integrated access points is a plus. For me, it's all about simplicity. When you look at my particular model for a managed service provider, it's basically to help simplify, protect, and remain compliant. When you're trying to implement something, it's about making sure it is simplified. This seems to fit the bill.

    What needs improvement?

    The product has enterprise capabilities, which means there are a ton of configurations possible.  What I'd like to see in the product is more of a branch in the box wizard deployment for those that are not as well versed in firewall and routing.  For a small business, the firewall should be able to self-configure for a Unified Threat Management configuration with 2 SSIDs for protected wireless network for internal gear and a guest wireless network for employee cell phones and guests.  I'd like to open the box, plug in the router behind the cable modem, and check a few boxes, and the rest is done automatically.  I don't want to have to build a configure VLANs, SSIDs, security protocols for each port, and try to figure out and understand all the layers in an effort to deploy a solution.  It's great to have those capabilities in case you need them, but for most of the offices I am trying to deploy these into--it should be a branch in a box.

    For how long have I used the solution?

    I've only been using the solution for a few weeks. It's very new for us.

    What do I think about the stability of the solution?

    Stability has been fine. I've had no questions about the stability of it. It seems so far it is staying up. I haven't had any issues to speak of.

    What do I think about the scalability of the solution?

    I haven't really pushed this product from a scalability perspective. Certainly, if you look at the performance metrics, the F series appears to have really expanded the capacity and capabilities beyond past models. If you look at 40E versus 40F, there's a fairly substantial difference. For a small office, it's going to be just fine.

    How are customer service and technical support?

    I haven't reached out to technical support and therefore can't speak to their level of responsiveness.

    Which solution did I use previously and why did I switch?

    N/A

    How was the initial setup?

    The initial setup is complex for me due to my lack of experience with the Fortinet FortiGate product. The complexity can be a good thing, however, as there's a lot of really good features associated with it. Where it could be simplified is in having that easy deployment option, and then you can start going down and trying to get into the nitty-gritty and figure out when do you need the extra features.

    Right now, I'm just in a test environment getting all the firmware up and tested. Then, once I have it tested, I'll take it to the client location and yank out their WiFi mechanism, their WiFi router, and put this in.

    What about the implementation team?

    I'm currently handling the implementation for a client.

    What was our ROI?

    ROI is somewhat difficult to measure when you are mostly talking about deploying a product for endpoint security.  If your environment stays protected, then it was a good return on investment.

    What's my experience with pricing, setup cost, and licensing?

    When you look at these endpoint security systems and firewalls, these products a few years were way too expensive for a small business. Now we have enterprise level security in a footprint that is less than $1,000.  For offices that have 10-25 computers needing protection, this is a better solution.

    What other advice do I have?

    The good news is that Fortinet does have a good support network as well as their education academy to help someone get up to speed on their product.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Fortinet FortiGate Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2022
    Buyer's Guide
    Download our free Fortinet FortiGate Report and get advice and tips from experienced pros sharing their opinions.