Fortinet FortiGate Reviews

We have a Fortinet FortiGate 900 series that is a big UTM. We also have 10 Gig switches, all fiber, for distribution of the service provider's connections.

The key features include SD-WAN, firewall use, intrusion prevention, intrusion detection, and application control. 

I have tested 90% of the features that Fortinet FortiGate offers. This type of solution helps us integrate all communications of our company. They guarantee operational continuity of our company and reduce risks by eliminating and detecting threats. This solution gives us agility.

The area that Fortinet may improve is customer support. When you have an incident, situation, or open a case, the support is not as good as Cisco or other platforms I have tested. There are many opportunities for improvement.

I've been using the solution for eight years.

Currently, we are experiencing a general outage of one of the main internet service providers of the Dominican Republic, and we have not been impacted in our operations because with SD-WAN, we have another internet service provider and we are working with the second WAN connection without any disruption.

The area that Fortinet may improve is customer support. When you have an incident, situation, or open a case, the support is not as good as Cisco or other platforms I have tested.

Before Fortinet FortiGate, we had Cisco.

It was not easy. While it might be easier now than eight years ago, you have to be careful and ensure you use a great partner that helps you implement this solution as easily as possible.

The experience is good when you use a quality partner or integrator. We use an integrator, located in the Dominican Republic. They have great support here and extensive knowledge.

The return on investment is great. Previously, we were using a dedicated point-to-point connection from the service provider that cost approximately $3,000 a month. When we implemented Fortinet FortiGate, we changed to two internet high-speed dedicated connections, costing approximately $2,000 in total, resulting in significant cost savings.

The cost efficiency is notable because it is an overall product with a mid-range price point, and you receive more value for the price.

Before Fortinet FortiGate, we had Cisco.

The only product that I have not integrated yet is the Unified SASE. This gives my team agility because as the Chief Information Security Officer, I do not have frequent contact with the platform, but my team has this interaction. 

On a scale of one to ten, I rate this solution a nine.

On-premises

Other

We usually use Fortinet FortiGate for a perimeter firewall, but also for our outbound traffic as well as for the tunnels, with around 40 to 50 tunnels on our firewall.

We are using it in our data center; we have the 2,000 series HA firewalls.

Fortinet FortiGate has positively impacted my organization by allowing us to replace all the firewalls in other locations, as around 90% of our company operates on Fortinet.

We enable the SD-WAN zone to handle multiple ISPs, allowing it to automatically switch over the WAN link if any latency hits the threshold value, eliminating the need for manual failover. The impact of SD-WAN on our network performance provides great stability with zero downtime; it immediately switches over without any delay, not even a fraction of a second.

Fortinet addresses many vulnerabilities with respect to SSL VPN on their devices; quarterly patch upgrades are released, and the Fortinet team is retiring remote VPN services in favor of whole encrypted IPsec remote VPN to enhance security against hackers.

I have found Fortinet FortiGate's user-friendly design to be the most valuable feature so far. Anyone can easily understand how exactly it works, unlike Palo Alto and Check Point which are complex to understand. 

I believe one area that could be improved in Fortinet FortiGate is posturing, specifically for remote VPN users, as there are OS-based limitations I encountered with only Windows; adding domain restrictions for VPN access would make it more competitive and useful.

I have been working with Fortinet FortiGate for almost five years.

Overall, my impression of the stability of Fortinet FortiGate is very good, as I haven't seen any issues in the five years I've been using it, and there is no degradation of services on the firewall. However, I have observed some issues with FortiAPs, which is a different platform.

Based on my experience, Fortinet FortiGate is very scalable. Earlier it was suitable for mid-infra, but now we can use the firewalls for enterprise-level needs.

Whenever I am stuck or need help, Fortinet support is available 24/7, regardless of the time zone I'm in, and they immediately jump in to assist, provided it is licensed.

Positive

Before implementing Fortinet FortiGate, we were using SonicWall and ASA firewalls, which have now been replaced. The reason the previous firewalls were not suitable for our company anymore is that they were not competitive; they lacked UTM features, had limited VPN capabilities, and were outdated, which led us to select Fortinet over Cisco FTD for future needs.

It's not so complex. It's user friendly. I have implemented more than hundred devices from scratch.

As partners with Fortinet, we are end-users of this tool for our customers.

I am not exactly aware of the pricing of Fortinet FortiGate, but I would say it is considerably cheaper compared to other firewalls.

I evaluated other options, particularly Palo Alto. Fortinet FortiGate is user-friendly and as competitive as Palo Alto, Check Point, and FTD. It has the same features as other vendors but at a lower cost.

I would rate Fortinet FortiGate a ten out of ten.

On-premises

I am reselling FortiGate Next Generation Firewall (NGFW) or handling the administration of this product for various customers such as universities and those in the hospitality industry.

FortiGate Next Generation Firewall (NGFW) is more realistic in application, allowing for more specific, customized security policies without the extensive work involved with static rules. This feature is what I desire from the next-generation product. Its segmentation capabilities allow me to apply rules based on team needs or social networks, automatically updating for new networks. This removes worry about what happens when a new social network appears.

It would be better if there was more transparency regarding what the automatic rules do. When a site is blocked, it is necessary for me to consult the logs to understand what the Next Generation Firewall policy has blocked. There is usually no information about what is included or not included in these automatic rules.

I have had about five years of experience with FortiGate Next Generation Firewall (NGFW).

The support is not good because I generally search for solutions online. When I open a case, they usually identify it as a bug they are working on. I must study the best version to install to avoid previously found bugs.

Neutral

The initial setup of FortiGate Next Generation Firewall (NGFW) is pretty straightforward and easy.

For one implementation, only one person is needed for configuration. However, for tasks like interconnecting, putting the device in a rack, and other physical requirements, more people are required.

The licenses are expensive, and whenever a customer needs to renew the license, it becomes a significant expense. However, the hardware itself is relatively inexpensive compared to the license costs.

Netgate pfSense and FortiGate Next Generation Firewall (NGFW) differ significantly in terms of pricing and features, with FortiGate offering many more features.

On a scale of one to ten, I would rate FortiGate Next Generation Firewall (NGFW) a seven.

The SD-WAN feature of Fortinet FortiGate has been most impactful in maintaining our network's integrity.

Fortinet FortiGate's threat detection capabilities are good for our use because it's an internal firewall; however, we haven't enabled some of the features that are there. We've enabled IPS and antivirus generally.

They could improve the response time and quality of support.

I'm not sure what additional features they need to have in the future to make it better. For the purpose that we use it, it is doing the job, but I haven't explored some of the features.

I have been using Fortinet FortiGate for seven years.

I haven't had any issues with the stability or performance of the actual firewall. It has been fine with no bugs.

We didn't have to think about upgrading or anything; it does what we bought it for. If it wasn't for the end of support and the end of sale, we would not think about changing it. We are considering similar products for upgrading, maybe newer or bigger hardware.

The product is scalable. Currently, 120 people are using Fortinet FortiGate in my company.

I would rate their technical support about six out of ten; I'm not fully satisfied. They could improve the response time and quality of support.

Neutral

Fortinet FortiGate has delivered financial and operational ROI to my organization. It took about two to three years to realize ROI with Fortinet FortiGate.

At the time we bought them, I was satisfied with their pricing; I don't know how the new pricing will be.

We have to pay additionally for maintenance or support; it is not all included.

I would rate Fortinet FortiGate a seven out of ten.

On-premises

I use Fortinet FortiGate just for the data center to connect to it. I put Sophos on the internet and FortiGate on the data center.

For application filtration, I really appreciate many features of Fortinet FortiGate because it is more reliable, easy to use, and the reports are easy to read and understand. I have integrated Fortinet FortiGate with the database for reading the reports. I can recommend Fortinet FortiGate for enterprise-level because it has many features and solutions, though I would not recommend it for small companies or individual companies.

To improve Fortinet FortiGate, I think they need to improve the software and make updates more quickly, rather than taking a long time to update the software or firmware.

I have been working with Fortinet FortiGate for approximately four to five years.

I would rate the stability of Fortinet FortiGate a ten out of ten, with ten being the best.

I would rate the scalability of Fortinet FortiGate a ten out of ten, as I think it is reliable and very dependable.

I would rate the technical support from Fortinet between eight and nine; it is a very good vendor, but sometimes there is a delay in getting information from us or maybe a delay for us to contact them.

I am using Fortinet FortiGate and Sophos.

In the beginning of my work with Fortinet FortiGate, the setup was difficult, but after many attempts, I became an expert on how to install and modify every command. For a regular user, I think it is very easy to understand and read the product documentation.

I use Sophos for firewall and Fortinet FortiGate for data center.

I really recommend Fortinet FortiGate. My overall rating for Fortinet FortiGate is 9 out of 10.

Public Cloud

Microsoft Azure

The main use cases for the product revolve around perimeter security, and it depends on LAN to WAN traffic, especially in work-from-home scenarios wherein the customer wants to access the local infrastructure remotely. It is also sometimes used in data centers, but many times Palo Alto is used.

Fortinet FortiGate serves as the first line of defense. It is robust and easy to configure, and I haven't seen any breaches happening when configured properly based on best practices. In the Indian market, clients have a lot of trust in this product.

The most useful functions of Fortinet FortiGate are SD-WAN, which is very easy to configure. Its user interface is also very good, making it easy for any engineer to explain configuration changes over the phone without needing to take remote access. Integration of SD-WAN capabilities with Fortinet FortiGate is simple to integrate.

They are already making improvements with the integration of AI and machine learning (ML). While I haven't personally used these features yet, I see that the focus is primarily on AI operations that fall under the umbrella of AI and ML. Additionally, they offer FortiManager with a signal dashboard that allows for the monitoring and configuration of multiple FortiGate firewalls, which is quite impressive. Moreover, they now provide a SaaS offering for FortiManager, which I believe is a good development overall.

If they can come up with a feature that allows scalability within the firewall itself, such as 'scale as you grow,' that would be a valuable improvement. Fortinet is already implementing AI and ML, although I haven't used it personally. AI ops are covered under it, and they also have FortiManager, which allows for monitoring and configuring multiple Fortinet FortiGate firewalls through a single dashboard.

I have been working with Fortinet FortiGate for more than 10 years.

When it comes to stability, I would rate Fortinet FortiGate a ten out of ten, as I haven't seen any downtime wherever I proposed it.

I would rate Fortinet FortiGate's scalability as an eight out of ten.

I would rate the support from Fortinet a nine out of ten.

We also work with Palo Alto solutions. Palo Alto has a distinct advantage because it offers some great features that are already available, such as DNS security, which we have a lot of experience with. Palo Alto is unmatched in a data center environment. This is why many people tend to trust Palo Alto firewalls more compared to FortiGate. As for perimeter security, FortiGate excels in that area.

In most small and medium enterprises and SMBs, we usually propose SonicWall, and for enterprises, we work with Palo Alto or Fortinet FortiGate, depending on the requirement. It makes sense to propose the Fortinet FortiGate firewall, especially if the customer is already using the SD-WAN feature.

The initial setup for Fortinet FortiGate is simple.

The only challenge with Fortinet FortiGate is the pricing model.

Currently, we are considering Fortinet FortiGate solely for perimeter security, and for SASE and other approaches, we go with other solutions. I have not used AI and ML FortiGuard services with Fortinet FortiGate yet.

Overall, I would rate Fortinet FortiGate an eight out of ten.

My customer's main use cases for Fortinet FortiGate are mainly for threat blocking, compliance requirements, firewall functionality, and basic security.

It's focused on defending against advanced threats and providing better throughput. Additionally, it can accommodate both enterprise companies and independent users. Bandwidth is one of the issues, but there are many benefits. Overall, it's a solid solution that is scalable in terms of throughput.

The best features of this tool include threat protection, email filtering, and web filtering. FortiAnalyzer's integration with the firewall and FortiSASE is beneficial. The integration helps detect the most advanced threats, such as APTs. 

Fortinet FortiGate stable solution has made systems more compliant in the cyber industry for several customers.

They can improve the backend functionality of Fortinet FortiGate, particularly how the policies work in a real-time environment. Improving this aspect can ensure that policies work effectively.

I have been working with this solution for around one year.

The stability can be rated as eight out of ten.

Fortinet FortiGate has very good scalability in terms of bandwidth, throughput, and everything else. It's scalable without any problems.

I would rate Fortinet support a six out of ten. The immediate response is not that good, particularly when raising a critical or P1 ticket; they lag in the immediate response. They can improve on that front, especially in their support service.

Positive

The initial setup of Fortinet FortiGate is straightforward.

My customers have seen ROI with Fortinet FortiGate. The investment they made has provided returns.

I'm not sure about the exact license cost, but generally, it's a reasonable price. If the hardware or the machine is advanced, it will be expensive. However, for medium-sized machines or hardware, it maintains a reasonable price.

I recommend that those who want to use Fortinet FortiGate need to plan ahead. If they are upgrading or expanding their user base in their company, they should purchase a one-level higher version. It would provide good throughput and withstand the number of users in their company.

Fortinet FortiGate can be a bit expensive, but the price is reasonable. I would rate this solution an eight out of ten.

We use Fortinet FortiGate for the firewall as well as for the VPN. Any of the users outside the organization use the VPN. Any staff members working outside the office headquarters or our office location use the VPN.

The main aspect that I deal with is URL blocking and web access. I don't work with other aspects of this firewall.

It has upscaled our security posture, especially regarding external connectivity, because any access or connection from the company has to go through the Fortinet FortiGate firewall. It's doing a pretty good job. We do not have any complaints there.

Anything that we don't want to allow is not coming in. Anything we want to allow is not being blocked. We always have the granular control where we can block malicious IPs or subnets if needed.

Geofencing allows us to limit the countries from which we allow IP connections. There are many features that I may not even know or haven't explored, but in general, Fortinet FortiGate is doing a pretty good job for us. 

The web controls are what I appreciate about Fortinet FortiGate. We have extensive controls over areas where we could block external-facing IPs, external URLs. We can do geo-fencing with the firewalls, which is a good feature. 

There are too many updates coming for VPN, and the VPN keeps disconnecting frequently, which I find problematic. It does what it's supposed to do, but I practically face reconnection issues with the VPN. 

Regarding the Fortinet FortiGate firewall, I don't have any input. My scope is limited.

I have been using Fortinet FortiGate for around three years.

Fortinet FortiGate is stable. We haven't seen any latency issues related to it, though we do experience latency from ISPs.

I would rate the scalability as eight out of ten based purely on my exposure to security controls relating to URL blocking and website access. 

I haven't had a chance to work with Fortinet FortiGate technical support, but from my colleagues' experience, they say the Fortinet FortiGate people are easy to reach but hard to schedule time with. It's not as easy as having the Fortinet FortiGate engineer on the call and getting other teams involved; it requires careful arrangements to join in with the Fortinet team. I would give their support a neutral score of maybe five.

Neutral

I don't know why we switched to Fortinet FortiGate from Juniper; it's a management decision.

I was not involved in the deployment. I think it's not that difficult; there's no complexity involved as long as we are clear on what we want to do.

We have it on both cloud and on-premises.

I was not part of the team that implemented it. I don't know how much they invested, but it would be worth the investment.

My overall experience with Fortinet FortiGate rates as eight out of ten.