Fortinet FortiGate Reviews

It is used as a defense mechanism for securing the internal network from the external network. We also use it to have VPN tunnels between us and our partners and the support organizations we work with.

We are using FortiGate 200F.

We are mostly using it as a defense mechanism. It has many more possibilities, but at this moment, it is only used for defense against attacks. It is doing what it should do with the FortiGuard subscription on it, which is an advanced security subscription.

It is easy to use. We chose this product for the possibility to have virtual domains (VDOMs). We are building another company in the group, and we would like to split the firewalling rules and policies between these two companies. Each company would be able to manage its own policies and security rules, which is an advantage of Fortinet FortiGate. We can define VDOMs, and every company can manage its own VDOM as if it has its own physical firewall, but in fact, we would be using the same physical appliance because we are also using the same internet lines. So, it allows us to reuse the existing resources without the disadvantage of having to compromise on policies and security. Each company can choose its own way of working.

I don't see any area of improvement at this moment. I'm responsible for the IT infrastructure. I'm not a security specialist. The IT security is being managed by the CSO in our company. 

We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine.

It has been a little over a year since we have the firewall cluster in place.

It is a stable product. We had some issues in the beginning while setting it up, but we received an update of the firmware, and since then, it has been stable.

It is being implemented for everybody. It is our security layer.

Their support is good. We had some issues in the beginning, and they were resolved within a couple of days after we explained what we were trying to do. They confirmed that it is a bug, and they would give us a fix. A couple of days later, we had the fix.

We were using SonicWall firewalls. We found FortiGate better, and we switched everything. We decommissioned all SonicWall firewalls. One of the reasons why we changed from SonicWall was that its licensing was user-based and function-based. So, every time we did something, we had to add another license or subscription. The licensing of FortiGate is clear. We know what is the price.

We migrated last year from a typical MPLS network to a complete and only one network between the sites. For firewalls, we now have a few solutions in place in our headquarters. We have Fortinet Firewall Cluster, and on the remote sites, we are using Meraki firewalls that are being used as a router at the same time. 

It is easy to use.

Its price is reasonable. They have a clear pricing policy. It is not complicated by the number of VPN users at a time. We know what the price is. The yearly subscription for the security license is rather high, but it is all included for whatever number of users you have and the kind of functions you need.

I would rate it a nine out of ten.

We are using FortiGate as a perimeter firewall.

It is our perimeter firewall. URL filtering, IPS, and antivirus features are most valuable.

It is easy to manage, and it doesn't need much knowledge from the team. It is a stable device, and there are many features that are included out of the box.

Their support can be improved in terms of the response time and the quality of support.

There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision.

I have been using this solution for two years.

It has been very stable over the past two years.

I have no problem with scalability. When I need to add any device, I just find and add it to the network. I have no issue with the count of devices. I can buy a license and add whatever devices I need to add. Currently, I have no issue with the scalability of this firewall, but if I reach the maximum limit, I need to exchange the box or just add licenses. We currently have about 1,000 users.

I have contacted them many times. My experience with them was good, but their support can be improved overall. I would rate them a three out of five. 

It was very simple.

There was a partner supporting us. Our experience with them was very good. I would rate its setup experience a four out of five.

For maintenance, we currently have a team of two people, but it may be extended to three or four.

It has been two years. I don't remember the actual price, but it was affordable.

We buy the boxes and then use the license for three years.

I would recommend this product. It is a very good product to be used as a perimeter firewall.

I would rate it an eight out of 10.

We use Fortigate, and we have a relationship with Fortinet. We are working with the Fortigate 100F firewall. It is mainly for firewalling, but we would also use them for network demarcation as a DHCP or NAT router. We're also working with our Fortinet account manager to try and push further forward using an SD-WAN controller.

In terms of deployment, it comes through to the build lab. We configure it and then ship it to our customers. We are reviewing how to obviously do zero hands with FortiCloud, but what we've done so far has been conventional configuration and shipping.

Fortigate represents a really scalable way of delivering perimeter network security, some level of layer 7 security, WAF, and also a way to create a meshed ADVPN solution.

Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved.

Anything they can bring around safe service would be brilliant. At the end of the day, when we talk to customers about deploying, split tunneling, and looking at endpoint security, remote access or safe type of features would be useful.

I've been selling Fortinet technologies for over 10 years.

It is stable.

It is scalable. It is quite straightforward. Moving from, for instance, legacy 200D to 100F has proved not to be an issue. It is quite straightforward.

I am not a hundred percent sure. Our third-line guys deal with them quite a lot. In terms of escalation, for example, when one of my customers had a query about secure authentication on the portal, it has taken some time to get feedback from the vendor or the manufacturer. So, I am unsure. I've not had a great experience, but I can't really answer that one properly.

It is reasonably straightforward if you've got the management portal in terms of FortiCloud. With that, migrating from one firewall, as it reaches the end of support, to an upgraded firewall is fairly intuitive. You should be able to easily reverse out a script and configuration and apply that to the new firewall, following proper governance as a managed service.

We're a managed service provider, so we would probably put two to three PS engineer days to follow the appropriate protocol. From a lead time perspective, a new high availability firewall deployment should not take more than 10 working days from the config test, deployment, and failover test perspective.

If you are a mid-market business, Fortigate presents a solid proposition for the mid-market. If you are getting to enterprise-level, for me, Palo Alto is still a more viable product when you get up to what I call financial services, enterprise-level service customers. 

I would rate it an eight out of 10 for its ease of deployment and its ubiquitous approach to network security. 

Fortinet FortiGate is user-friendly. When it comes to firewall enterprise security and email security, this solution is at the top. It's better and it's affordable. If you compare it with some other email security like Mimecast and similar solutions, those products are better than Fortinet, but here in the Fiji region, Fortinet FortiGate has better service. In some other regions, this solution may not be doing well, but in Fiji, it's working out well. Fortinet has so many customers in Fiji.

What I'd like to be improved in Fortinet FortiGate is for it to have advanced WAF functionality. Even in FortiADC, WAF functionality is not supported for advanced attacks, e.g. mobile bot attacks. Fortinet FortiGate needs to improve its WAF function.

SD-WAN is also good in this product, but it still needs improvement, particularly in security. We saw some attacks last year, so they need to improve on that.

I've been dealing with Fortinet FortiGate for eight years.

There are some issues with the scalability of Fortinet FortiGate. Certain products and models need to be scalable, but they're not. For example, if you go with 400F, they only have two SFP+ ports, while the F5 has four ports.

When you're expanding the number of users for this solution, they'll ask you to replace the model, and this can be a big cost to customers, which could affect scalability.

We are happy with the technical support for this product, because the Fiji region is supported by New Zealand, where support for Fortinet FortiGate is better.

Fortinet FortiGate is an affordable solution, but when expanding the number of users, they'll ask you to replace the model, so that's an added cost.

Pricing for this product is comparatively lower than other products. If you compare it with Forcepoint, Cisco, and other products, Fortinet FortiGate pricing is reasonable, and that includes all the service and support we need. Whenever we need support as a partner, they're able to deliver that support to us, unlike with F5 where there's premium support and standard support, which means you'll have to pay F5 extra.

I evaluated Cisco and Forcepoint solutions.

We are an IT infrastructure company, and we are dealing with one of the banks here. They need a solution which they'll use for application delivery, load balancing, and as their web application firewall.

We are a reseller and partner of Fortinet, but only for their firewall product, e.g. FortiCloud WAF, not FortiADC. We've also been working with Fortinet FortiGate.

The solution we're looking for which will be implemented for our customer, e.g. a bank, is a solution with basic functionality, e.g. FortiGate. It will only be used for two or so web applications. If our customer needs a bigger functionality, then I would propose a different solution: F5. For the government, we always propose F5.

My advice to people who want to implement this solution is simple: It's an affordable product for the SMB customer, but for customers with bigger environments, I would recommend that they go for other products with premium support.

My rating for Fortinet FortiGate is seven out of ten, if you consider the Fiji market.

We saw that Fortinet is working towards the ZTNA model, e.g. SASE, and also working towards zero trust products, which is good. They're also improving slowly in privileged access management, e.g. they don't have one, but they're trying to introduce it by the end of the year.

We use it for a multi-tenant virtualized environment for public cloud services. We provide cloud services for the public sector.

We have two clusters with the latest version, and we also have two clusters that I would like to replace with the latest version. We have support from the vendor, and we're going to buy two new clusters.

We have all the solutions from Fortinet, and it integrates very well with all of them. I'm very satisfied with its integration with FortiManager and FortiAnalyzer.

The multi-tenancy feature is most valuable. It integrates very well with FortiManager and FortiAnalyzer.

They are flexible in terms of installation. They support many architectures. They can operate with most major public cloud providers. It is a trend now to use hybrid solutions.

It has a lot of features, and it is reliable.

Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing. 

I have been using this solution since 2015.

We're happy with its performance. I would rate it a 10 out of 10 in terms of performance.

We are happy with its scalability. Its users are administrators. Our administrator team has about six people. The environment is set up as a multi-tenant, so each tenant has its own administrator for configuration.

It has been used every day since 2015. It is a core appliance for us.

Their support needs to be improved. We're not at all happy with their support. It sometimes becomes very difficult to get a solution. We are not satisfied with their support for load balancing. The support we have for Cisco firewalls is much better. I would rate them a seven out of 10.

We also have a Cisco solution in operation.

Its initial setup is normal. It is not too complex.

The deployment takes place with the help of an integrator. We have an integrator to help us deploy and install all the solutions. They analyze all the features that we need to use, and then we discuss and finalize the solution before starting with the installation.

We have five to six people in the network team.

We have seen an ROI with this solution.

The licensing scheme of Fortinet is better than Cisco. It is more logical.

Before buying, I would advise thinking about the exact features that you need to avoid expenses. You must understand very well what you need for your daily operations and then decide on the features to buy.

Overall, we're very happy with their firewalls, but when we have issues or bugs, there are some difficulties in finding the resolution. In terms of features, we haven't found any problems. It has many features, but when we use a feature and it has some bugs, I expect better support.

I would rate it a nine out of 10.

Our primary use case is mainly for firewalls. We tried FortiClient as well and FortiToken, but we mainly use it for the firewall.

The solution is deployed on-prem. We are using the latest version.

The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful.

The renewal price and the availability could be improved. We faced a lot of delivery issues because of the pandemic situation. We are a customer, but sometimes we have sister companies, so we deliver or order a few extra boxes. In these cases we are facing some delays, like three or four months. There are a massive delays in deliveries and they're saying that it's from the vendor itself. I don't know how long this will last or if it's just temporary.

We have been using this solution for six to seven years.

The solution is stable. The only issue is the renewal price, which is always higher compared to the purchase price.

We have two people for maintenance from network and security.

We have up to 100 users, and we are pretty satisfied. It's stable. We have never had to scale up because of the newest model. We go with C, E, then F, but at the same level, we never had to upgrade the hardware itself to a higher or a bigger model.

We raised a few tickets and issues, and they replied to us. It was pretty good. We have never faced any problems with getting our issues resolved.

It was straightforward. We didn't face any issues.

We implemented through a reseller and it took couple of days. There were some modifications and configurations that took more time, but the core configuration took a couple of days.

The renewal price is always higher compared to the purchase price.

Fortinet is one of our top products, our main products. They have 75% market share, so we cannot ignore the fact that they are in the market, but I need an alternate solution. I don't want to depend on only one vendor, so I think Sophos will be a good option for us.

I would rate this solution 8 out of 10.

Most organizations use the Fortinet firewall as perimeter security at the gateway level.

FortiGate has threat protection, antivirus, and even SSL encryption and decryption. So FortiGate is primarily used for security purposes. And a few customers also use this firewall for web filtering and application control. So these are the two features for which people use FortiGate.

FortiGate is primarily a gateway,  but customers also use web filter threat protection and application control. And some people use it as a special VPN for remote access. I recently deployed one virtual firewall where they're only using the FortiGate firewall for VPN. I can't say one feature is the most valuable because it's a bundle solution. So no one uses FortiGate for just one single feature. 

Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

I've been using FortiGate for around five years.

Before version 6.0, FortiGate's firewall performed well enough, but lately, they've introduced so many features. After that, its stability has been somewhat lacking. This is because they're constantly updating their firmware. So it was pretty stable, but nowadays, it's not that stable.

I haven't worked on the scalability side because most of the time, the pre-sales tools are relatively bigger devices. So right now, I haven't faced any issues with scalability. They have some larger devices for the data center. So if we talk about their hardware, I think they're capable of handling around 10,000 to 15,000 people on a single device. But if you go with the virtual environment, I don't think there is a problem. Fortinet has a single OS that we can deploy on whatever hardware capacity we want to configure over there or through virtualization.

Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.

The management console is pretty simple, so anyone who understands networking can initially deploy the solution. But you need some good hands-on experience for advanced configuration. The amount of time required to deploy depends upon the project and also the organization. So it takes around four to five days to deploy a smaller device. And for the largest device, it takes around a maximum of two months. We do the deployment on our own. So we have a sales team, a pre-sales team, and a deployment team. Our sales team gets this and handles the sales end. After that, we come into the picture. So we do the whole migration, as well as the new implementation and everything. It should take no more than two people to deploy. If we want to migrate from one Fortinet device to another, then we use the command line. They have some script in their firmware, and we can migrate the script directly from the older firewall to the new one. So it isn't too complex.

I'm somewhat aware of the pricing, but most of the time, the pre-sales staff only defines their requirements. And we get the licenses at the time of implementation, then register and activate them. But I think Fortinet has multiple packages. They sell licenses for a period of one, three, or five years. They also have special add-on licenses for various things. So, for example, if you want to get a security rating for the firmware configuration and everything, you need to purchase an additional security license. And if you want to do some IoT-related security, you also need to purchase separate licenses. 

I rate FortiGate eight out of 10 based on the performance, stability, performance, management, rights, and features. So most people lack SSL encryption and the certificate part. Those servers are running behind the FortiGate firewall. And most of the people I've seen are not using SSL encryption over there. And even for internet purposes, they're not using deep scanning.  So my suggestion to people thinking about using FortiGate is to prepare a plan before implementation and implement those things in inbound inspection and outbound inspection. This is recommended. And also, if you have multiple band links, then you must use SD-WAN. They have SD-WAN options in the FortiGate firewall. It's a pretty good feature. So you can use that to improve your stability and performance.

We use Fortinet FortiGate as a border firewall and in the middle network for segmentation. It is used for inspecting security traffic from users.

The best feature of Fortinet FortiGate is value for money. It is very easy to deploy and scale.

It saves us costs and increases bandwidth throughput.

We have never encountered any issues with it. The price and deployment part of Fortinet FortiGate is good, but it can always be better.

I have been working with Fortinet solutions for about five years. We work with Fortinet FortiGate next-generation firewall, FortiAnalyzer, FortiManager, and sometimes FortiSwitch. We work with Fortinet FortiGate's hardware and virtual appliance solution.

Fortinet FortiGate is stable since we use HA availability solutions.

Fortinet FortiGate is scalable.

I would rate technical support from Fortinet a ten out of ten, the best.

Positive

We used Cisco Firepower and Juniper SRX, and a little bit of Check Point too. We switched to Fortinet FortiGate because of the best pricing.

Fortinet FortiGate has an easy setup.

We bought it from Azure Marketplace, not AWS.

We used an integrator for the deployment.

Its price is good.

I would rate Fortinet FortiGate a ten out of ten.