Fortinet FortiGate Reviews

We mainly use the solution as a firewall. 

The solution is very user-friendly.

The collection of the integration of multiple nodes makes everything very easy. The fact that you can push, directly, one element, and you can leverage the distribution of the policy very well has been great. 

Honestly, the console is done very well. It's easy to use.

From a strategic point of view, I've seen, in recent years, a big challenge from Fortinet to recover some kinds of space with respect to the other two biggest players, Check Point and Palo Alto. That has happened much more since the beginning of the next generation file. I found Fortinet recovered much market space in the last year.

I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security. Other vendors have developed some kind of specific product to protection. Containers now are very common, especially in the cloud. It's an area that needs to be addressed.

I've worked with the product for three or four years, more or less. 

The stability has been great. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

We have more than 10,000 people o the solution. The scalability capabilities are enough. We haven't had a problem at all. 

It would be hard to rate technical support due to the fact that, up until now, we've never had to deal with them.

That said, from talking with colleagues, my understanding is that they are good, and they offer standard levels of support in line with other competitors. 

We've also used Palo Alto and Check Point.

The initial setup is straightforward, however, we have knowledgeable teams. We also use Fortinet to check the configurations and make sure everything is supported during implementation. 

It's pretty standard to deploy. We're also familiar with Palo Alto and Check Point and there is not much of a difference between the three.

We managed, with my team, the setup. We also engaged with Fortinet in terms of professional services in order to check the installation and offer some support.

That said, we have many people on our team certified with the biggest firewalls and security infrastructure vendors.

It's very difficult to discuss pricing as we have generally, in terms of pricing, at the end of the day, we have leveraged deals the existing contracts the client had in place. The client uses various technology vendors. I can't say that one is cheaper than the other. It's all in the same ballpark when you are speaking about comparable products.

We are partners with many vendors, including Fortinet.

Likely our engineers would know what version of the solution we are on. I don't follow those details. 

I'd rate the solution at a seven out of ten. It's stable, easy to set up, and easy to use. However, I have yet to see all of the features in play.

We use Fortinet FortiGate to filter information, to ensure that we secure our network. Additionally, it's for overall security and to ensure that no information is leaking out.

Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure.

Since we have been using Fortinet FortiGate, we've not had anyone breaking into our network. We've used some penetration tests, and the system is very secure. However, the security of the network is dependent on the personnel itself.

For example, if you have a phishing email, you click on it, it takes you to the wrong server, and you put your credentials there, they can use those credentials to attack your system. In terms of somebody trying to break into your network without having the necessary credentials, Fortinet FortiGate is very good.

The solution could improve by being more secure.

I have been using Fortinet FortiGate for approximately six years.

Fortinet FortiGate is stable. It's used across all the countries, this is the way most multinationals run their system.

The solution is scalable.

If the business expands into other geographical zones, we will need to expand the network and secure it. This is when we will expand the use of Fortinet FortiGate. However, because of this pandemic, businesses are slowly getting back to normal. 

I don't think that expansion will come up in the next one or two years. Maybe in the next three years once they start to pick up their business, then there might be such an expansion or increase in hardware needed.

Each of the devices is licensed every year and in case you have a serious critical issue we can contact the support from FortiGate directly. We contact them every once and a while but not often. We have to purchase a license that allows us the support to use them.

The support could be faster to come out with a solution.

We were using Cisco previously.

The Fortinet FortiGate deployment is not difficult. It's not simple, but it's easy for someone to learn. The whole process took approximately three hours. Cisco solutions are more difficult to deploy.

We have experts in-house with experience and we did the deployment in-house. They used the deployment resources internally to deploy it.

The solution requires a license annually, it is not a user license, you can have as many users as your want. I must renew the license regularly per device.

The support is included in the license.

I rate Fortinet FortiGate a nine out of ten.

We use Fortinet as a perimeter firewall. The solution is deployed on-premises.

The best feature is the ease of use. I think it's pretty much a well-rounded product. It has more features than we use, but a lot of products are like that. We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well.

The logging details need to be improved.

We have been working with Fortinet for about 18 months. We are running the current version.

The solution is very stable.

We haven't had a need to scale it, so it provides directly what we need it for.

There are approximately 2,800 users in my organization. The solution doesn't require a lot of staff for maintenance.

Technical support is very good. On a scale of one to five, I would give them a four.

We previously used Check Point. We switched because the devices became in the end of support and then we got pricing on the replacement models, and the pricing was a little bit ridiculous for what we needed so we looked into Fortinet. 

Fortinet said that they could migrate from Check Point for us or help build an easy migration from Check Point to Fortinet. It wasn't that easy at the end of the day, but it all got done. 

The switch was really down to pricing and the functionality that we required, so the decision was made to go with Fortinet because of that and ongoing maintenance costs.

It wasn't complex. It was time-consuming because there were so many rules that had to be set up. We were migrating away from Check Point and going to Fortinet. 

Deployment took six weeks.

Deployment was completed with a consultant.

The license is yearly. 

We pay for the top end. It's called 360. We get signatures for blacklist. We get signatures for a whole host of different bad actors that search the internet.

It covers the hardwares, software, and it covers the subscriptions to the signatures because the box uses three or four different types of signatures for interrogating inbound and outbound traffic.

I would rate this solution 8 out of 10. 

It does everything we need it to do. We're quite happy with it. It's very reliable. We haven't had any problems with it. We had a few teething problems that everybody has when you first use something new. Everything works, and the majority of time we don't even know it's there, which is the best power for an IT appliance that you can buy.

My advice is that if you haven't tried it, you should try it and see if you like it.

Its user interface is good, and it is always working fine.

Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why.

In terms of additional features, I don't have any requirements. It is okay for me. I do lots of things, and I still don't know everything about FortiGate. If I need something, it might already be there in FortiGate. 

I have been using this solution for one and a half years.

It is very stable. We didn't have any problems in one and a half years.

We just have one firewall, and we are too small to have redundancy or something like that. In the future, we would like to have a second unit. We have lots of problems locally with the internet fiber. It is not very good, and ADSL is bad. So, first, we have to stabilize and upgrade our connection, and later, we will try to have redundancy, but it is not necessary at this time.

I never contacted them.

When I came here, Netgate was installed. My IT department and my IT subcontractor explained to me that FortiGate was better than the previous solution. We changed it one and a half years ago, and it has been working well.

It was an IT subcontractor who did the implementation. Our experience with them was very good.

It is too early for an ROI, but I have no problems with it. Everything is good.

I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost.

When we tried to find something better, our IT subcontractor recommended FortiGate or Stormshield. I tried to find a subcontractor at my location for both, but I could only find a subcontractor for FortiGate, so I chose FortiGate. I wanted to have a local subcontractor. There are some products for which we don't need local support, but for some of the products, such as a firewall, we prefer to have local support.

I would advise others to find a local contractor. That's because it is a product that can do a lot of things. If you don't know it well, you can make mistakes. Because I learned how to use it, I can now modify or update it. I can do some of the things in FortiGate, but when starting with it, it is better to have someone locally to guide you and do the initial setup.

It is a good and very useful product for me. It is very stable, which is the only thing that I want from a firewall. I would rate it a nine out of 10.

In most cases, we use the solution as a firewall to access the internet. For example, we use Cisco Wireless for our clients to have access to the network and we use within the same solution the FortiGate Firewall for them to access the internet as well.

The solution offers very easy usability. 

The product can scale well.

The solution is extremely reliable.

The pricing and licensing models are pretty good. 

The user interface, both the web and CLI versions, are very good.

The solution overall is quite good. It works how we need it to. I can't recall seeing any features that are lacking.

We haven't had any breaches in our organization, however, I have read in journals that there have been some issues.

There may have been some bugs after an update, however, that has since been resolved. We saw a few bugs in the web field and when we ran an update it was resolved in the new version. 

Some resources must be accessed via web fields. We were not able to access them at first. However, it was a simple task to fix it and that has since been resolved.

The pricing could be a bit better, especially when you consider how they have the most basic offering priced.

I've been using the solution since I started at my current company. I began my employment here about a year ago or so.

The solution is quite stable. It doesn't give us issues. There are no bugs or glitches. It doesn't crash on us. It doesn't freeze. It's reliable. Fortinet has created a really reliable solution.

We've found the scalability of the solution to be very good. If a company needs to expand on this solution, it can do so with ease.

We have between 2,000 and 3,000 users on the solution currently.

We do plan to continue to use the solution going forward. We have no plans to change anything.

I've never contacted technical support. Having never dealt with them, I can't speak to their responsiveness or knowledgeability. I don't know enough about them from any kind of personal experience.

I also use Cisco wireless solutions. Our company uses both simultaneously.

While I did not participate in the main part of the installation, I've discovered from deploying small FortiGates such as FortWiFi 60E, that it's good. It's not too complex of a process. It's pretty straightforward. It's easy.

We've found the pricing to be fair and the licensing model is quite good. It's a reasonable cost. It's not too expensive.

That said, I do feel they could work on the pricing policy a bit.

Right now a license to use some of the simpler features like web filtering or antivirus, you have to pay about 80% of the hardware price to have a license for a year. That's a bit too much for such basic features.

We use a variety of Fortinet products. We are using mostly FortiGate 200E and we have some of FortiGate 100E and the FortiWiFi 60E.

We are not using the latest version of the solution at this time. We have version 6.0 and it completely meets our requirements. When we will have to update it we will do so. However, that is not so necessary right now. We will not update it until we need to.

I'd recommend the solution to other organizations. It's been a positive experience overall.

I would rate the solution at a nine out of ten.

We are a managed services company, and we are also a partner with Fortinet and Cisco Meraki. The firmware that I just started using is 6.4.4. Most of the FortiGates that I sell are 60E and 60F. For some of our larger customers, I have got a handful of FortiGate 80, 100, and 200.

Fundamentally, its primary purpose is security at the edge of the network. I have got some clients who are starting to use the SD-WAN feature for a multi-location setup. I have got other clients who are using a lot of IPSec tunnels. I also have some clients who, with the increase in remote workers, are taking advantage of the FortiClient product that ties in. They are using that for remote VPN connections. 

We are a managed services provider, and I would say that it has improved the way our client's organization functions. I would also hope that it is seamless for them. They don't even know it. The biggest improvement for us is that it allows us to do more with a smaller staff.

One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent.

One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them.

FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works.

Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware.

The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack.

I have been using this solution since 2007.

If you have the firmware version 6.4.3 and are using FortiLink in VLAN, it has trouble with tunneling networks for a wireless network. It won't give it a route to the internet. I found it just last week. There was a version back in 6.2 where it required 12 characters for the password of a wireless network on Web 2.0 as opposed to the traditional eight characters. The problem came when you wanted to edit it. If you upgraded to that firmware from a previous version, it wouldn't let you save any changes without changing the password, making it a requirement. That was kind of problematic for a while, but for the most part, it has been pretty stable and responsive.

It is easy to scale as long as you start with the right firewall. Our clients are of different sizes. We have clients with the home office with two or three employees. One of the clients has about 26 locations in all four time zones and about 400 employees.

I haven't used their official tech support, which is actually a good thing. The reason I haven't used their official tech support is that they have a support mechanism in place. I have direct access to a local sales engineer, and when I have problems, I call him up on the cell phone. Based on that, they definitely support their partners 100%. They are definitely channel driven, and it shows.

I have deployed SonicWall, WatchGuard, Cisco ASA, Rockies, and Palo Alto. The biggest reason I went with Fortinet is that it felt like it has got Palo Alto type of functionality at a much more reasonable price point.

I spent seven years working at the state level education, and budgets were tough. We had SonicWall subscription services. I could replace them with the brand new FortiGate with a three-year subscription for the same cost. That really changed things. The single pane of management that they have was just the frosting on the cake.

It is pretty simple. For example, I just set up a new network with a 100E, and I have got four stackable switches. It will run a network with 23 access points. I set up all the VLANs, routing, rules, and other things. It won't take more than four hours of work. I am getting ready to box up and ship it out. It will be plug and play once it gets to the site.

Take the training. They've got free training that is available online, and there are different levels for technical training. It is crucial. If you sign up as a partner, which doesn't cost you anything, the training is free. If you want to go for the test and get certified, you got to pay for the test, but the actual training materials are available to every partner for free. I would say that definitely take advantage of those. When you have new employees as network engineers, make this training a part of the routine.

I would rate Fortinet FortiGate an eight out of ten. I have been using it for years, and I do try to evaluate it on a regular basis and continue to stick with them. I just don't have a lot of bad things to say about them. Aside from their product, I'm a also fan of their company and how they do business, which makes it easier to do business with them. I don't necessarily appreciate the business practices of some of their competitors. It is nice not to have to worry about that.

We primarily use the solution as a firewall.

We use the firewall to enforce our company ideologies and principles and policies. The solution has built-in features for web filtering that are great. It categorizes it nicely for you. 

The interface itself is nice to work with. It's a lot better than the initial interface that they used to have around version four. I used to work for FortiGate some time back, and the earlier interfaces were not as good as these latest ones. 

I like that once you open it up, you have a dashboard that can give you a holistic overview of what is happening. You can see, for example, how your resources are doing on your firewall or if you still have disc space for logs and so forth.

The solution gives you an immediate view of what's happening on the hardware itself. What we have done with FortiGate is we have put up a FortiAnalyzer, a FortiGate reporting hardware. We are using it in conjunction with FortiGate. 

The solution offers good reporting. We get our reports from there. We have the opportunity to get real-time reports. 

There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth.

We have access to quite a few features. The web filter and application control are primarily what we are using. Then we also have a VPN feature, which allows for our remote users to connect and get through the firewall. 

The commercial side of things can be improved a bit. They have such a good product, and when you disable some features, it has to be commercialized for you to enjoy those features. Therefore, you are actually buying half a product. You have hardware there, and yet, your features are not enabled. The primary things, such as the antivirus, web filter, DNS filter, application intrusion, file filter, and email filter come with the general license. There are other things that you want to also enjoy in this system and you can't. 

There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering. That's one of the drawbacks they could look at. 

Sometimes the firmware automatically updates itself. Then it corrupts the configuration and you have to roll back or you have to do amendments to the configurations. That, however, has happened only once with us. We have put in controls for automatic updates to stop them and now we do manual allowance or we allow the manual update.

Most of the features are good. They give you pricing and you get a VPN for about 10 users where you can test it. For us, we feel that we need to buy extra licenses due to COVID, as people are working from home. Under the current conditions, we are not getting the best out of the firewall. 

They could just maybe put better graphics or better reporting into the solution. I want to know who is the user and what is the exact website they're visiting. Something like that would help. They should do more like what the GFI is doing.

We've been using the solution for a bit over a year now.

6.4.2 is our current version. The latest is 6.4.3. It's available like I say, however, we have not installed it. We'll wait until around December, then we will then install that one. We like to wait to witness its stability. Once we know it is bug-free, then we allow it to run as the latest platform.

We have a cluster and we have configured it with high availability. What we have done is we have put one primary and one secondary in case it breaks or it gets damaged. We have a third one at our DR site as well, which works in conjunction with Plateau. We have employed the same rules and some stricter rules on the DR site, just to allow traffic between these machines.

We allow certain times for updates on the infrastructure we have at the DR. We are planning some more, however, we don't enjoy all the features yet. We want to bring in an SD-WAN. Maybe that can also help us with scaling our network at different angles and from the cloud or being from an LD device or so forth. We're still working on that.

We have a partner that we work with. We have support at another level and I'm the primary person that looks after the firewall. If I have an issue that is urgent and I don't have the time to do the knowledge base to actually turn it around, we usually engage our partner, which has engineers that have the knowledge necessary to deal with it and who are certified in FortiGate. 

We have what is called FortiCare. We have FortiCare support as well for firmware and general updates and all those other things. I normally do updates and so forth myself. It's very little intervention from outside technical support.

Having background knowledge, the initial implementation was not really complex for me. You just need to know your environment and what is needed as well as what is allowed. 

The business input was the only item outstanding as there were issues such as who needs to have social media access at what time and who needs to have full access. Those were business decisions, however, but from the technical side, it was fairly easy.

They have almost all the features embedded in the solution. It's just that some features are not available because you have to pay for it. There are lots of add-ons available, and you need to pay extra for them, so pricing can add up.

We are strictly a government entity. We are a customer.

The model that we are using is the 500E, which is for small and medium enterprises. We are not a big institution. We do not have the latest version. We like to wait about three months before we apply anything new to make sure the early releases aren't flawed. After three months, after we've got a good review, then we will say, "Okay, let's upgrade to that version."

Even though we feel that sometimes they create a new version to take care of a vulnerability or threat, we like to be safe and avoid bugs. The version that we are fitting currently is 6.4.2, which is fairly stable.

Apart from the fact that they should just include everything in their offering, everything else works fine for me. There's a whole lot of Fortinet products that work together, FortiSwitches, FortiAP's, etc. Overall, I would give it eight of ten. 

I'm primarily using the solution for security purposes, and also for managing the network for various companies. I am deploying it for uniting management statuses, in order to be able to manage everything inside and to control security policies. It can fight against attacks to the system or for email searches. It is basically a central management security appliance.

We find it's good for managing the network and offers good defense against attacks.

Technical support is great. It's really fast.

Overall the solution is pretty user-friendly. It has a good dashboard and is pretty easy to navigate.

The pricing is excellent. It's much less expensive than Cisco.

The only thing is sometimes you have to learn with CLI. For those not familiar with CLI it can be an issue. It would be ideal if we could avoid using CLI. If you make a mistake in the command line, it's harder to detect. It would be much better if they had a user-friendly GUI.

The initial setup is complex.

I've been using the solution for five years.

The solution is very stable. You don't have to worry about bugs or glitches. I tend to wait and not upgrade to the latest version right away to ensure this is the case.

The solution is scalable. If you need to expand it, you can. We have it at a variety of networks and sites with no problem.

We have 120 users that are connected to a minimum of 80 computers and a minimum of 15 servers, which is great. The solution is working and it is still stable even across all of these devices and servers. We have multiple networks inside as well, so we are not only on one network. We set them separately, which is why the initial setup for us was quite complex. We're through with that though.

The technical support is pretty good. they're pretty knowledgeable and responsive, especially when you get to the Level 3 techs.

We previously used CheckPoint. Unfortunately, they didn't have a very good service, especially in technical support, and therefore we decided to switch.

For our organization, the initial setup was not straightforward. It was pretty complex. That's due to the fact that we had many networks to set up and many sites to take into account.

We set up the solution ourselves, although we did work closely with Fortinet as part of their bundle package.

The licensing is paid on a yearly basis.

I evaluated Palo Alto. They didn't have the complete solution we wanted. Neither did Juniper, which we also looked at. We looked into possible having Cisco, however, Cisco is too expensive. 

When we looked at Cisco, we also evaluated Meraki, which is a part of Cisco. It did not have what we needed either. 

We are using the 200E in our environment. We had 200D before.

We're not using the latest version of the solution, which is 6.4. I like to wait on new versions to see if it is stable before deploying it. I like to take my time and avoid headaches where possible.

I would recommend the product to other organizations. It's got great bundle options which make it a very good choice - and it's much cheaper than Cisco.