Fortinet FortiGate Reviews

We primarily sell FortiGate to clients. We have customers such as pharmaceutical companies and hospitals that require the security on offer. It is a great firewall. 

With many companies dealing with users now working from home, definitely a great feature is the SSL VPN. With that, a user can control everything from their own devices and get connected to the servers even if they are off-site.

The initial setup is easy. It's not overly difficult. 

The solution offers very good security. 

It's a good firewall. It's very easy to configure.

We require troubleshooting and those kinds of things. We have to worry about debugging. It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics. That would be much better. FortiGate has only CLI-based diagnostic capabilities. Sometimes it's become very difficult to do all this troubleshooting.

We've been handling security solutions lie FortiGate for ten to 15 years at this point. It's been a while. 

There are some bugs you have to deal with. There's some troubleshooting that needs to be done. 

The solution isn't scalable per se as it is hardware. However, you can always buy more hardware to expand it if you need to. 

Technical support is good. You get very good support from this product overall. We're quite satisfied with their level of service. 

The implementation process is not complex. It's an easy solution. It's not complex setting everything up.

We are resellers of security products. 

New users should be aware that this solution offers very good security. The different level of security we have in Fortinet, in general, is good. They can use various security products to help protect their organizations.

I'd rate the solution at a nine out of ten.

Most organizations use the Fortinet firewall as perimeter security at the gateway level.

FortiGate has threat protection, antivirus, and even SSL encryption and decryption. So FortiGate is primarily used for security purposes. And a few customers also use this firewall for web filtering and application control. So these are the two features for which people use FortiGate.

FortiGate is primarily a gateway,  but customers also use web filter threat protection and application control. And some people use it as a special VPN for remote access. I recently deployed one virtual firewall where they're only using the FortiGate firewall for VPN. I can't say one feature is the most valuable because it's a bundle solution. So no one uses FortiGate for just one single feature. 

Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

I've been using FortiGate for around five years.

Before version 6.0, FortiGate's firewall performed well enough, but lately, they've introduced so many features. After that, its stability has been somewhat lacking. This is because they're constantly updating their firmware. So it was pretty stable, but nowadays, it's not that stable.

I haven't worked on the scalability side because most of the time, the pre-sales tools are relatively bigger devices. So right now, I haven't faced any issues with scalability. They have some larger devices for the data center. So if we talk about their hardware, I think they're capable of handling around 10,000 to 15,000 people on a single device. But if you go with the virtual environment, I don't think there is a problem. Fortinet has a single OS that we can deploy on whatever hardware capacity we want to configure over there or through virtualization.

Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.

The management console is pretty simple, so anyone who understands networking can initially deploy the solution. But you need some good hands-on experience for advanced configuration. The amount of time required to deploy depends upon the project and also the organization. So it takes around four to five days to deploy a smaller device. And for the largest device, it takes around a maximum of two months. We do the deployment on our own. So we have a sales team, a pre-sales team, and a deployment team. Our sales team gets this and handles the sales end. After that, we come into the picture. So we do the whole migration, as well as the new implementation and everything. It should take no more than two people to deploy. If we want to migrate from one Fortinet device to another, then we use the command line. They have some script in their firmware, and we can migrate the script directly from the older firewall to the new one. So it isn't too complex.

I'm somewhat aware of the pricing, but most of the time, the pre-sales staff only defines their requirements. And we get the licenses at the time of implementation, then register and activate them. But I think Fortinet has multiple packages. They sell licenses for a period of one, three, or five years. They also have special add-on licenses for various things. So, for example, if you want to get a security rating for the firmware configuration and everything, you need to purchase an additional security license. And if you want to do some IoT-related security, you also need to purchase separate licenses. 

I rate FortiGate eight out of 10 based on the performance, stability, performance, management, rights, and features. So most people lack SSL encryption and the certificate part. Those servers are running behind the FortiGate firewall. And most of the people I've seen are not using SSL encryption over there. And even for internet purposes, they're not using deep scanning.  So my suggestion to people thinking about using FortiGate is to prepare a plan before implementation and implement those things in inbound inspection and outbound inspection. This is recommended. And also, if you have multiple band links, then you must use SD-WAN. They have SD-WAN options in the FortiGate firewall. It's a pretty good feature. So you can use that to improve your stability and performance.

We use Fortinet FortiGate as a firewall. On some particular days, when our network traffic is very busy, we use a separate debit line. We need additional monitoring to know whether our production was cut by peak rates or not.

It satisfies all of our requirements.

The most valuable feature is the threat protection. With many users, I've found an issue where sometimes I need to monitor the traffic that I need to filter.

We have many users currently with this solution. One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at peak time when the number of contracts and users are at maximum. We feel a kind of bottleneck.

When I first entered the log section, I could not find any results. I did not find any proof, i.e. reporting and analytics on the speed and network availability were not optimized. I could not find any such log from the server, maybe Fortinet could improve this service.

Fortinet FortiGate is stable.

Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough.

We are very well satisfied with the Fortinet technical support.

We had been using another solution for approximately ten years. The product was not up to date, so we were not getting any support for it.

The initial setup is straightforward. The total amount of deployment time required depends upon the number of users. Fortinet FortiGate automatically corrects any mistakes you make in the installation process.

I cannot find anything lacking in Fortinet FortiGate. I would rate it a nine out of ten. We advise other users to go for Fortinet.

There is a back-up service that needs to be included with the firewall support.

I have the requirement to filter what information goes to the user to see which user require the most bandwidth and other resources. When there is a disconnection, that should be shown somewhere in the reports.

The UTM (application control) features have been very important, because they have solved many issues that other firewall providers have not developed as Fortinet has.

A clear example of this feature advantages is blocking and allowing the Google suite. For example, without UTM, we would not have been able to execute some customer requirements like this one:

A customer asked us that some host on their LAN is going to be assigned to be a POS workstation. They needed that workstation to have permissions to some applications and some URLs, and they needed to block users from opening sites like YouTube, Google+, and Google Drive, but they needed to get in to some POS URLs hosted in the Google cloud. We were working with rules allowing some specified URLs, but it didn’t work because the subnetting IP address the customer needed to be allowed, sometimes matched the YouTube service. Google support engineers told us they rotate their IP addressing subnets to be more secure and they do not always attach an IP address to a domain name. So, sometimes the customer’s workstations were able to open YouTube sites too.

The way we could block YouTube and allow the customer POS URLs sites, was by configuring an application control sensor, where we were able to block some categories like this:

Another requirement was to allow some specified applications, so we configured the next sensor structure:

Another customer reported to us they had issues working with Gmail attachment files; they could not do it. Executing some packet captures and with the Fortinet TAC help, we found they were using the latest Chrome versions that use the QUIC Google protocol, which is not supported by Fortinet because it is not a valid protocol. We proceeded to block the QUIC protocol using an application control sensor.

After this blocking action, the customer was able to work without any issue.

It can block applications in level 7.

Even though other companies have latest-generation firewalls, FortiGate’s database is bigger.

They could improve performance with all the UTM features working.

Sometimes, we have seen that when you enable the antivirus sensor, customers report slow web browsing. We know this is normal, but we would like to know if it is possible to make feel the customer their web browsing is fast with not as much delay. The antivirus sensor analyzes all the protocols and packets we specified, and this is an important performance affectation. In my personal point of view, I don’t think it is a serious issue, but we receive many reports from users who browse the web with antivirus sensors applied to their firewall policies.

I have been using it for seven years.

It is working in route mode, with all UTM licences active; it has FSSO configured to give permission to the users. It is configured to provide VPN SSL service.

I have encountered stability issues only when we enable all the UTM features.

I have not encountered any scalability issues.

Technical support is 9/10.

We have been using FortiGate solutions for eight years. We have been upgrading when solutions in the family become unsupported.

The initial setup is easy; no issues with doing it.

My company did not evaluate other options. They decided to purchase FortiGate directly.

Work a lot with all of the UTM features because they can be very helpful right now with configuring firewall policies. The policies became very whole.

The major function of this solution is traffic shaping for end-users. You can use a specific appendix for the specific manager.

We are using the latest version of the solution: 100D.

The solution is deployed on-premises.

From the firewall perspective, the rules and policies are very sufficient and easy to use.

The solution is very expensive.

It's very stable.

It is scalable.

The support is very good. They respond on time and are professional. From a technical perspective, they're good.

It's easy to set up.

For maintenance, if you want to add a mesh configuration, you can restore your configuration from the backup.

Most people prefer the functions and capabilities in FortiGate, but compared to other solutions, it's expensive.

The price depends on the size of the company. From the beginning, you just want to know the internet bandwidths, speed, and the number of users to be able to offer the right product and model. They have a lot of products in FortiGate according to the size of the company, like 200D and 300D.

I would rate this solution 10 out of 10. 

It's a very unique and efficient product for a security firewall. The only comment I have is that the price is expensive for small companies or startup companies.

It is mainly for the SD-WAN network.

It is simple to manage, and there are a lot of functionalities in the same box.

At the moment, we are having some problems with IP multicast. 

We would like to have the ability to disable some of the security functionalities. 

It is stable. We didn't have any performance issues.

It is scalable.

Their support is good.

Its setup is easy.

I would recommend this product. We are very satisfied with this product. 

I would rate it a nine out of ten.

I am using Fortinet FortiGate as a firewall.

The most valuable features of Fortinet FortiGate are remote access, web filtering, and IPS.

Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful.

The way Fortinet FortiGate handles the phase two connection of a VPN setup could be better. For example, if I have to make a phase two traffic selector input, I cannot add more ports. For example, on a specific IP address pair, if I have an IP address pair source and destination, then I can only add one port. I'm not sure if I can do that through the command line, but on the GUI, I cannot, and this is a problem. I have to select another IP address pair to allow another port and this means new traffic selectors and a new set of tunnels. This causes more tunnels to need troubleshooting. 

I would like to be able to pass more diverse information through the same tunnel, and it doesn't seem to be possible if you want to limit the traffic through the tunnel and not allow all protocols between the same IP address pair. If we want to limit the ports, then I find there is a problem.

I have been using Fortinet FortiGate for approximately a year and a half.

We have a contract with a Fortinet partner, and they're very good at providing support. We don't have the communication directly with Fortinet.

I have previously used a Cisco firewall, the 5520 model. It was not a next-generation firewall and did not have IPS integrated, and it was quite difficult to manage and to find features and implement them. Fortinet FortiGate is very good at this.

The initial setup of Fortinet FortiGate is straightforward.

I do not have first-hand experience with the rice of Fortinet FortiGate, but I have heard the price was reasonable.

I rate Fortinet FortiGate a ten out of ten.

We have several sites spread geographically across Latin America and Asia that use FortiGate. Some of them are unable to support cloud services so we have deployed it on-premise in order to provide ourselves with a fast and secure network.

I like that you are able to manage FortiGate from the FortiManager to create a more centralized environment.

The solution's framework needs to be frequently updated in order to have a stable solution.

We have been using this solution for a little over one year.

This is a stable solution is you are able to effectively maintain the framework.

This is a scalable solution. We have about six thousand users and have plans to increase.

My company used Blue Coat and Zscaler in the past but I am unsure why they switched.

The initial setup was not 100% straightforward, but it was also not too complicated. You have the choice to use templates or design your own so deployment length will be dependent on that.

This is a great solution for companies spread across Latin America and Asia.

I would rate this a seven out of ten.