Fortinet FortiGate Reviews

The primary use case is for security purposes, mainly at the gateway level and for internal security, such as virtual training. We also use it for cybersecurity and internal communication, like having a portal. The main goal of implementing the product is to resolve security problems.

We have seen benefits. Recently, Sophos Firewalls and Palantir have also entered the market. However, FortiGate provides a higher throughput at a lower cost than these features and licensing. Our company acts as an integrator, and we work based on the customer's needs and requirements.

Fortinet FortiGate is easy to use. Anyone can easily maintain the box in small to large organizations. Even if we configure and hand it over to them, they can easily consider and register policies. And it's easy to monitor the end-to-end network through the firewall.

There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes. FortiGate's renewal cost is quite high, and our customer care team also receives complaints about it. The renewal part of the firewall is expensive. If a customer pays for the license in advance, they may lose their privileges.

For example, if the license of a box expires in one or two months, and the customer wants to upgrade, there are three to four months between the operation and the end of the current license. If I purchase a new license, it will only take effect from that date. So, it fails in the backward fetch, and I am currently busy setting it up. But if the customer is not processing the card for six months, they will not benefit from the system.

I have been using Fortinet FortiGate for two to three years.

I would rate stability a nine out of ten. It's a stable product. For the most part, it's very reliable.

It is also a scalable solution. However, as integrators, the scalability depends on us. There are many options available, and we can choose the size of the box based on our requirements.

The customer service and support are very good. Once we create a ticket, we can contact them using the ticket number, and they will provide the support we need. As for the contact names, there is no rate, but there are more challenges.

Neutral

We have used Sophos Firewall, Check Point Power EOL, and others. But none of them were like FortiGate. When we upgrade the license, it shows another one, two or three years from that date.

There are no challenges in the initial setup. The people required to deploy the situation are based on the customer's expertise. We handle various types of configurations, and sometimes there are additional requirements with load balancers on top of the firewalls. We need to integrate these firewalls with that ALG.

Generally, we consider security as a separate thing. These firewalls and the LOBs will take care of some further issues based on the customer's requirements. For smaller organizations, one person can provide or ensure a sort of service. We will need three more administrators or developers if there is more traffic or high-cost tech.

Generally, most of the customers maintain their solution on-premises, not on the cloud. I am a technical guy. I am involved in deploying the solution to our customers. I take care of the HCLM upgrade, inflation rate consideration, automation, and other technical aspects of the solution.

We evaluate the area first and then proceed with the implementation by creating a DMZ zone and policies such as CRM and CAP.

FortiGate is a bit pricey, but its unique features and specifications make it an excellent option for certain customers.

As an integrator, we have observed that the licensing cost and the upgrade process are important considerations. When we purchase a new license for one or three years and upgrade it to the existing box, the expiry date does not change from the original. It can create a gap of three, eight, or even twelve months for the customer. Consequently, they buy another box instead of going through the ticket process to get it fixed.

We definitely explore the options. We always understand the customer's requirements first and then offer solutions accordingly. We ask what the customer needs and what their budget is. If their budget is INR 10,00,000, and we find a product that matches their requirements, we will offer it. If FortiGate provides the same features and throughput but costs INR 11,00,000, we might still offer it to the customer. However, if FortiGate doesn't match the customer's requirements, we won't suggest it.

So the main differences between products are the features and specifications. If a product has the same throughput and features as another product but costs more, we may not suggest it to the customer.

The challenge is licensing. Hardware-wise, it's supportive, and the support is good. But the licensing and renewal costs should be lowered, and renewing the license and data for the new license is tough. So, only for licensing, we face challenges. I would rate it a seven.

We have many boxes, and we have changed all the boxes to other products because of this licensing factor only. Even for FortiGate, such a thing happens. If I have a hundred boxes and I want to renew the license, they suggest taking new boxes with three or four at least. So that is why customers are not liking FortiGate. They could provide the same license card along with the box, which is why customers are unhappy.

Overall, the product is a four out of ten because scalability, box performance, and support are all great. However, once it's commercially used, you can only use this box; no other options are available.

We can recommend it, but FortiGate's ability to capture the market, fix the order, and meet the requirements or opportunities is also important. As an integrator, we don't have any issues with it.

We are using FortiGate IPS as a firewall, as an intrusion prevention system (IPS), and as a content filter. Additionally, we use it for SD-WAN, which is very important for us.

FortiGate IPS has made managing our cybersecurity framework easier. It is user-friendly, easy to implement, and helps in threat detection and prevention. Also, SD-WAN management by FortiGate has ensured seamless internet connectivity by automatically switching between lines during provider interruptions.

The most effective features for threat prevention are the IPS, content filter, and SD-WAN capabilities. The user-friendly nature of FortiGate IPS compared to our previous products, like Cisco and SonicWall, is also valuable.

I would like to see more AI features included in future updates, as that would add significant value. Additionally, the pricing of FortiGate is relatively high compared to other products like Cisco and SonicWall. An area for improvement is in their support services, which could be more responsive and quicker to resolve issues.

We have been using FortiGate IPS for more than nine or ten years.

FortiGate IPS is very stable.

I think it is very scalable. I would rate its scalability as nine out of ten.

In the past, direct support from Fortinet was not very satisfactory, as it took a lot of time to resolve issues. However, we now receive excellent support from our partner. They are amazing and provide very good support.

Neutral

We previously used SonicWall and Cisco. Compared to those products, FortiGate IPS is easier to use and more user-friendly.

The initial setup was straightforward and easy to implement. It took only a few hours to deploy.

The implementation was done by a different team, but we supervised the process. We used third-party services for the implementation.

The pricing is relatively high compared to other products like Cisco and SonicWall. This is a point that could be improved, as FortiGate is expensive.

We evaluated SonicWall and Cisco before choosing FortiGate IPS.

I recommend FortiGate IPS because it is very user-friendly, easy to install, and effective in threat prevention. More AI features in future updates would add more value.

I'd rate the solution nine out of ten.

Conventionally, the solution is used for perimeter security. Whenever we find our organization's customer without an existing firewall, we use FortiGate Next Generation Firewall both for perimeter security as a firewall and as a VPN appliance to allow work-from-home employees at the VPN end. In the aforementioned instance, our company also uses the solution to connect different branches.

If our organization is establishing the network for a company with different branches spread geographically, we will use the VPN in IP set and FortiGate. The solution is highly flexible and is available at a cost-effective price. 

When using FortiGate Next Generation Firewall, availing the FortiGuard subscription is very important due to the vast threat intelligence with an international network.

Using the aforementioned network, FortiGate has been able to procure intelligence about the threats and incorporate the mitigation and protection against those threats in FortiGuard. So when you have FortiGuard integrated with the firewall, you have a robust perimeter solution to protect against malware. 

The pricing of the solution should be more affordable. 

I have been working with FortiGate Next Generation Firewall for seven years. 

FortiGate Next Generation Firewall has excellent stability. Fortinet is a top-tier IT security infrastructure company. 

I would rate the scalability a nine out of ten. The solution exhibits impressive stability. Once the solution is installed, it's used 24/7. 

We never had to rely on or communicate much with the tech support. The free resources, documentation, training, and community feedback have been enough to resolve 99% of our company's issues with the product. In our organization, we directly interacted with the support team once or twice and had a positive experience. I would rate the tech support eight out of ten. 

Positive

We used Cisco previously, but it was too expensive for our company. FortiGate Next-Generation Firewall was available at a better price and performance; it was a better fit for our company as a networking vendor. 

I would rate the initial setup an eight out of ten. Our company deals with only the on-premise version of FortiGate Next Generation Firewall. It took about half a day in our organization to deploy the solution. 

Our company has several firewall projects. When our organization identifies a company that needs a firewall but doesn't have one, we contact them. Our company strongly advises potential customers to adopt a firewall, and we provide reasons why the company shouldn't operate without a firewall today, we try to sell them the FortiGate Next Generation Firewall and FortiGuard solutions.

If the potential customer doesn't have access points or the latest switches, our company tries to sell that as well in the form of an integrated solution. 

Our company prefers to program solutions as much as possible in-house before approaching the customers. 

FortiGate Next Generation Firewall has a very high ROI. A customer can realize nearly 100% ROI when it is used along with FortiGuard to establish a robust perimeter firewall based on an international vendor with a global-level threat intelligence network. 

I would rate the pricing a seven out of ten. There are penalties if you don't renew the FortiGuard subscription, and I think the vendor should've refrained from imposing such penalties. If a customer fails to renew for a year, there shouldn't be any penalties on Fortinet solutions, the vendor should eradicate such policies. 

We evaluated Palo Alto, but we still chose Fortinet because, as per our company's evaluation, Palo Alto doesn't offer switches or access points. Before adopting FortiGate Next Generation Firewall, we also concluded that Fortinet offered everything for networking infrastructure, including switches, access points, antivirus, and firewalls. 

FortiGate has end-to-end solutions, they have switches, access points, and a native antivirus and threat management solution. When you onboard FortiGate Next Generation Firewall, you choose a vendor that covers every aspect of the IT infrastructure.

So, if you avail yourself of other products from the same vendor later on, it makes the management processes easier, as the command interface is similar across all the products from Fortinet, including switches, access points, and firewalls. The aforementioned benefit removes the need for training your team when a new solution is onboarded in the organization. 

I would advise others to do a proper assessment in terms of the sizing before onboarding FortiGate Next Generation Firewall. Before adopting the solution, one should know how many users need access to the Internet so that the firewall can be sized or scaled ideally.

A sizing chart is available online to assist users in procuring the correct firewall size. FortiGate Next Generation Firewall offers comprehensive reports on user activity; potential customers should also analyze the reporting aspect before choosing the solution.  

FortiGate Next Generation Firewall handles new and latest security threats satisfyingly. FortiGuard has some AI influence in its threat intelligence features in its international network. I would overall rate FortiGate Next Generation Firewall an eight out of ten. 

We've deployed FortiGate on some customer premises. We've also deployed other Fortinet products, such as FortiMail and FortiManager. We often bundle Fortinet devices. We use FortiGate as a firewall. It is for security and protection. 

The solution has helped our clients secure their network efficiently. It offers security across multiple sites and helps monitor traffic effectively.

It's very good and very stable for businesses. It works very well. 

The UI is better than the alternatives. 

We like using Fortinet devices. They integrate well with one another.

Fortinet provides good visibility and segmentation.

Fortinet's devices are purpose-built to operate in various environments. It operates well across clouds. We can run Fortigate as an MSP.

It helps with intrusion prevention specific to various environments. It provides us with details about the traffic for better monitoring. 

FortiGate has helped reduce the risk of cyberattacks that might disrupt our client's production. 

The product provides policies for strict monitoring to make the network secure. If something hits against a policy, it will be blocked.

We'd like to see the product offer higher discounts to users. They should offer special pricing to premium partners and customers. 

The company has been using the solution for the last five or so years. I've maybe used it for three years.

The stability depends on the FortiGate model. You need the right model for the amount of GB traffic. If a customer deploys a smaller model on more traffic, there may be issues. Otherwise, it handles traffic well. Overall, it's a stable solution. I'd rate stability nine out of ten. 

Our clients are quite sizable. One of them is one of the biggest telecoms in our country. We also have smaller customers that deal with smaller FortiGate models. We have a variety of customers of different sizes from around the country.

It's a scalable solution. I'd rate it nine out of ten. 

Technical support is good. They offer very accurate solutions. We learn a lot from them. We're happy with their level of service. 

Positive

We typically deploy the solution to our client's VMs. The deployment sometimes takes about a month. We have a team of 12 people who work on the FortiGate side. 

Their services are good, and we are happy to work with them, however, the pricing could be cheaper. 

We're a Fortinet partner. 

If we have the option of which firewall to choose, whether Fortinet, Cisco, Juniper, et cetera, we will choose Fortinet. We're very comfortable with their devices. We have a very skillful team, and we've become very comfortable with Fortinet. They have good support as well.

I'd rate the solution ten out of ten. 

We use the solution to secure our entire data, limiting user traffic from within the system, which needs to be assessed to be secure. That is the main motive behind choosing the solution.

Suppose I don't want to pay for the users. We would have done some whitelisting and content filtering on the FortiGate web gate. Based on the policies, any user traffic is filtered through the secure gateway.

It's a flexible solution.

What happens in FortiGate is that a lot of bugs come on a system-by-system basis, like when Fortinet launches new firmware in FortiGate. Most software launches with known or unknown bugs. When we go for upgradation, even after running a bug scoping exam, we don't know whether the BIOS for which we are upgrading would affect the end user. We don't know how the FortiGate firmware will behave in your environment. Whatever the known bug, FortiGate lists it in their documents, but you never know how the problem will impact your environment. That's a major disadvantage of FortiGate because, somewhere, it's very unstable.

Another issue is how deduplication services don't work reliably after enabling deduplication on Fortinet. When they launch any new firmware in the future, they have to ensure firmware functions.

I've worked with Fortinet FortiGate SWG for more than ten years now.

I rate the solution's stability a seven out of ten.

I rate the solution's scalability a seven out of ten. We have around 700 users on the platform.

If any issues arise, we have to log a ticket with Fortinet. By default, they log all the tickets in P3 or P4 priorities. For P1 or P2, they ask to call us on their phone numbers and lines. Whenever we try to call on the phone for any P1 or P2 issues, the next time, the number gets busy, or the email is unavailable. That's why

I feel the support is not up to the mark, and they must work on it.

Neutral

I rate the solution's initial setup a seven out of ten. The deployment time depends on the scenario, such as your infrastructure size. To deploy the solution on a cloud, you have to buy it from the marketplace and deploy it on the cloud. But after that, you have to do a lot of configurations. That depends on the size of the operation.

One person is more than enough to implement the smaller version of the solution. But if the organization is bigger, with more than 500 or 600 users, we would need three to four people.

Fortinet is priced low.

We are exploring Netskope and evaluating it for the future.

I recommend Fortinet FortiGate SWG because it is flexible and cost-effective. I rate it an eight out of ten.

Our customers use these devices as security devices, and we sell these devices to our customers. We also use it ourselves. We have the entire lab, and we use some of the functions in our local network.

It protects our customers' networks from viruses and threats.

The firewall, IPS, and VPN functions are the most valuable features. The antivirus functions are also good.

It works very well. It has a lot of different functionalities. Its cost is also fine for our customers.

In some cases, its initial setup could be hard for customers.

I have 10 to 12 years of experience with these devices.

Their devices are quite stable. We have not had any problems with the operating systems or maintenance of subscriptions. It is a robust device.

In most cases, they work very fast. It also depends on the device they are supporting. In the case of FortiGate, we do not have any complaints, but when we had to buy the FortiADC solution for one of our customers, we faced quite a few difficulties with technical support. I do not know why, but it could be that some devices are supported by different teams in Fortinet. We had difficulties with FortiADC, but we have not had any problems with FortiGate. I would rate their support for FortiGate a nine out of ten.

Positive

We worked with Cisco and Check Point firewalls. We worked with Cisco ASA for a long time. We worked with it for about five years, and we were happy with it, but it was old-fashioned. We went to Fortinet and started working with this company. 

FortiGate has good security functions and high-level technical documentation. Their documentation is very easy to understand. 

FortiGate's performance is also better than Cisco ASA. It has 10 VDOMs. It is a great function because you can add virtual functions for different groups in your network. It is quite useful.

It is deployed on-premises. Our customers prefer to deploy not only Fortinet devices but all security devices on-premises. They rarely use cloud licenses. Some customers only buy it from us, and for some customers, we also set it up.

Its setup is easy for us, but not every company wants to use our service for setting it up because of the cost. They prefer to install it themselves. In some cases, it could be hard for them.

In terms of the implementation strategy, we first try to understand what problem a customer wants to solve by using FortiGate. We collect a lot of information about a customer's network, such as protocols and devices being used. We try to prepare this device in our local lab. We preload the device and send it to the customer, and then we finalize the installation in the customer's building.

We have very technical staff, and we do not have difficulties with installations. We have had situations where customers do not have much experience with it, and then we recommend them to go for certain features such as IPS, antivirus, etc. 

The deployment duration depends on the size of the environment, but generally, it does not take more than one or two months. 

Generally, two to three people are required for the deployment.

For maintenance, our customers have technical staff. They regularly check and ensure that all the functions are working. We are glad to help them if they need any help.

We have seen an ROI. We have bought a lot of these devices, and we have had a good experience with them. It has saved us a lot of money.

It is quite affordable for our customers. There is a separate cost for IPS, antivirus, web filtering, and other features. They have a great choice of licenses. You can go for the license that you want, which is quite useful.

You have to buy a support license for FortiCare. In most cases, people buy the UTM bundle that comes with IPS, web filtering, and FortiCare. 

They are on the right path. They have improved a lot over the past 10 years. Fortinet is one of the leaders in security devices along with Cisco, Palo Alto, and Check Point.

I would rate Fortinet FortiGate a nine out of ten. It is stable. It has quite a lot of features, such as IPS, VPN, etc. It is affordable for our customers. It is a good choice.

We implemented Fortinet FortiGate SD-WAN for a small company that had two internet service providers. The goal was to configure the two links to operate independently, ensuring that they don't share the load. This way, when one link reaches a certain threshold, we can seamlessly switch to the other without any issues. 

We have FortiManager, which enables us to have a unified view for monitoring and managing our devices centrally, as well as dispatching policies.

The solution enables us to consolidate tools and applications and manage them all through FortiManager. You can configure your SD-WAN from Forti Manager, which gives you management functionality. 

The interoperability of the solutions is good because it allows for compatibility with brands other than Fortinet, and we don't encounter issues with it.

FortiGate SD-WAN facilitated a smooth transition for our customers between their two internet service providers, ensuring uninterrupted connectivity without any downtime.

The solution has helped us remediate threats more quickly by enabling real-time monitoring of both links, providing complete visibility into our end links. You can monitor both links on one platform. It's just one single pane of glass where you watch in real-time what is happening. It's easy to manage that way. It helps you to easily remediate issues. 

As long as our policies are granular we are able to use the solution to reduce our MTTD. 

The solution has helped to reduce our MTTR from what used to be five minutes down to 45 seconds.

The solution has helped to reduce the number of help desk tickets because it is now extremely rare for both links to be down simultaneously.

SD-WAN, regardless of the OEM being used, is a beneficial technology that is increasingly adopted by businesses due to its positive impact on business security. It allows us to maintain uninterrupted operations without concerns about past issues.

Fortinet FortiGate is user-friendly.

The support we receive when we need to upgrade is not satisfactory and has room for improvement.

I have been using Fortinet FortiGate for two years.

The solution is stable and we have not had any issues.

The solution is highly scalable.

The technical support is good, but they take a long time to respond and resolve the issues.

Neutral

I have also used Cisco, whose systems are robust and rarely experience downtime. However, with Fortinet, their licensing is highly competitive in terms of pricing. Cisco is primarily geared towards enterprise-level companies, but the learning curve for Cisco is higher compared to Fortinet.

Fortinet's price is very competitive compared to when you look at other brands of equal functionality. The hardware and licensing are compared to the others. It's also simple to use. 

The initial setup is straightforward. I did the deployment and didn't have any issues with it. It took one day to complete. 

The solution provides value and, therefore, offers a return on investment.

The price is highly competitive when compared to other brands that offer similar functionality. Fortinet FortiGate is more affordable both in terms of hardware and licensing, in comparison to its competitors.

I give Fortinet FortiGate a seven out of ten.

I recommend FortiGate SD-WAN because it is easy to implement and simple to use.

The solution is primarily used as a border firewall as well as for internal LAN segregation, internal IPv4 policy management, a VPN for end users, and IPSec tunnels.

Before we implemented this solution, we had only one firewall and old Linux IP tables with no graphical user interface. 

There is no one feature that stands out as most valuable compared to another. All features are correct and no extra items are needed.

The price of licensing could be better. The security of the FortiOS needs improvement, and features are available only in CLI. They could be available also in GUI.

Features like forward traffic capture or NAC in the VPN should take into consideration both Linux devices and Apple devices.

I've used the solution for more than ten years. 

The scalability is okay.

Technical support is not helpful. 

Neutral

We previously worked with Check Point, Palo Alto, Cisco, Watchguard, and PFsense. 

The setup is easy. Support is not helpful.

We handled the initial setup in-house.

The solution is very expensive. 

The price of licensing is too high.

We did not previously evaluate other options before choosing this solution. 

Other Fortinet products are not the best, and Fortinet should take care as this will influence brand reputation.