Fortinet FortiGate Reviews

I am a project manager and I have implemented this product in several different projects. The deployments are for enterprise clients, government agencies, and several universities.

This is a complete security solution that we can offer to our clients.

It provides security EOT (Encryption of Things).

The most valuable features are simplicity, management, and that it's constantly evolving. 

Different modules offer different functionality including the facility for web application control, VPN, and complete security integration.

It is easy to integrate FortiGate with other products.

With the addition of some features, it is possible that FortiGate can be used in all verticals.

I have been working with FortiGate for 10 years.

FortiGate is a very stable product.

I have implemented FortiGate in approximately 200 projects, and it is a scalable solution.

It is primarily used by medium-sized and enterprise companies. Medium-sized companies normally have between 10 and 50 users whereas an enterprise will have more than 5,000.

The technical support from Fortinet is very nice.

I would rate them a five out of five.

I work with several products from Fortinet including FortiGate, FortiManager, FortiAnalyzer, and FortiSIEM. The selection of which products to use depends on the company.

We work with what we refer to as the Fortinet fabric.

We also have experience with products from Check Point and Palo Alto.

Fortinet is competitive price-wise.

One of our clients in space evaluated FortiGate in terms of pricing and integration, and they chose FortiGate.

I would rate this solution a nine out of ten.

For IPS, IDS, traffic management, SDWAN, high availability, we leverage Fortinet FortiGate as a virtual appliance to secure our data center, internal office infrastructure, and site-to-site VPNS Site to client VPNS for our internal lab controls, rather than using physical Fortinet FortiGate hardware.

We implemented Fortinet FortiGate as part of our compliance requirements to address the high volume of intrusion attempts we were experiencing. This solution provides us with a insight on Intrusion to block these attacks and gain insights into who is trying to access our network. Essentially, we aim to understand the nature of incoming and outgoing network traffic.

FortiGate offers visibility into the types, brands, versions, and users of connected devices. This visibility is crucial for our industrial devices, as their reliable operation is essential to our business.

Fortinet Security Fabric empowers us to comply with regulations, governance, and compliance requirements across regions like the US and Europe, ensuring smooth operations for our global business.

FortiGate's built-in APIs enable us to integrate with the vendors of our choice.

Fortinet's FortiGate is easy to deploy in our environment thanks to its well-written and easy-to-follow documentation.

FortiGate is a highly benchmarked product that improves efficiency and adds value to our organization.

Although we don't see a benefit overnight, we gradually see the benefits of FortiGate over the years. It has provided a lot of insight into our organization's activities.

FortiGate significantly helped reduce the risk of cyberattacks that could disrupt our production. This has protected us against financial losses.

Fortinet has its management suite so it helps to centralize the management of network and security operations in our company. This helps us easily manage the issues and solutions that are required.

Fortinet FortiGate provides us with actionable data to inform our decisions about the most appropriate course of action. It delivers insights into resource consumption and compromised hosts, helping us identify the source of unauthorized login attempts. This comprehensive view allows us to understand what's entering our network.

Fortinet Security Fabric improved security across our industrial control systems.

Fortinet FortiGate helped reduce our mean time to remediate.

Fortinet FortiGate helped to mature our approach to cybersecurity for protecting our industrial equipment. The level of detail we can see regarding incoming traffic and ongoing activities is quite high. This detailed visibility extends to host configuration and other such aspects, providing us with valuable insights. As a result, Fortinet can provide a clear understanding of how to manage our network and quickly mitigate any issues that may arise.

The most valuable feature of FortiGate is FortiView which provides proactive monitoring. 

Ideally, I'd like to see most CLI configuration options exposed in the GUI to avoid manual command typing. However, there should be a more user-friendly approach than simply replicating everything in the GUI. Alternatively, some users might prefer scheduling tasks through commands for automation.

I have been using Fortinet FortiGate for over 12 years.

I would rate the stability of Fortinet FortiGate ten out of ten. As long as we configure FortiGate properly.

The technical support has improved over the years.

Positive

We previously used an open-source firewall, but we were looking for a solution that was more proactive, easier to manage, and continuously improved. FortiGate was a major competitor at the time and has since become one of the market leaders.

Initially, there was a learning curve during the deployment. We did have the help of local vendors.

If our policies are already in place, we can have the solution up and running in less than a day using a script. However, if we need to determine our policies while implementing the solution, it can take over a month to complete.

Fortinet FortiGate mitigates an excessive amount of manpower requirements because it is easy to manage and this helps contribute to a return on investment.

The price varies yearly and there could be additional costs to help manage the infrastructure. 

In certain markets, if an organization subscribes to their internet service they get a Fortinet firewall included in the cost.

We evaluated some of the leading brands. At the time we found FortiGate easier to administrate and handle. The interface was intuitive and the solution was affordable.

I would rate Fortinet FortiGate nine out of ten.

Fortinet FortiGate is one of the most user-friendly security appliances I've encountered. It has a gentle learning curve, and even beginners can configure it effectively. However, for a successful deployment, it's crucial to have a well-defined network layout, documented initial requirements, and a clear configuration strategy. While physical documentation isn't mandatory, a well-organized approach is essential. This includes using clear and consistent naming conventions for commands and rules, along with detailed descriptions within the configuration itself. This makes it easy for anyone to understand the overall logic and navigate the configuration from start to finish. It's important to note that my approach to policy management might involve unique syntax. This includes how I structure policy sets and identify which ones consume the most resources. Understanding how policies interact with other aspects, like implementation and rule execution, is also crucial. Ultimately, a well-defined naming standard is the foundation for a clear and maintainable configuration.

We utilize Fortinet FortiGate appliances at six branch offices, one data center, and one DLP site. Our network is driven by SD-WAN, and we employ FortiGate as our firewall, FortiEDR for endpoint protection, and FortiSwitch for alerting on all layers of the network.

For me, the best practice is to deploy on-premises for data centers. However, for small branch offices with over ten to twenty staff members, I can deploy the devices remotely. We can provision our cloud and push the configuration to those devices from the cloud.

The visibility that FortiGate provides into our devices is crucial for network segmentation. I want to see the output in a specific way. The traditional approach has shifted slightly, as I'm accustomed to Cisco networking equipment. Typically, we have a call feature, but I'm currently using all the call features for internal routing. However, with FortiGate, most security subnets are segmented and protected behind the firewall. This allows me to lock down or secure sensitive subnets, such as HR or departmental information. I can log in from there, and all other subnets for client users require centralized access. This means that all traffic must go through the firewall, enhancing security.

FortiGate enabled us to achieve compliance with governance requirements. The FortiGate, along with fabric security and checkpoints, essentially act as regulatory checkers, reviewing our security practices against industry best practices and guidelines. If they identify any discrepancies, they alert us, allowing us to develop and implement mitigation plans to address the issues. For instance, if our SSH configurations don't meet security standards, such as algorithm or cipher requirements, FortiGate will notify us, enabling us to take corrective action and regain compliance.

We utilize API calls for FortiGate, including those related to our PRTG monitoring system. Additionally, we employ HVAC calls and leverage another MDR solution from Arctic Wolf to trigger specific events on the FortGate. This API functionality enables us to generate API keys and seamlessly integrate with API features across various platforms.

Integrating FortiGate into our environment is straightforward. Our transition from Palo Alto to FortiGate was seamless, utilizing our existing policies and migration tools. FortiGate also provides provisioning capabilities for defining branch office configurations. As long as branch office devices can access the internet to communicate with Fortinet Cloud, we can remotely implement provisioning for these devices, offering greater convenience for small branch offices.

The built-in APIs streamline integrations with other vendors, reducing deployment time. They effortlessly generate API keys upon logging into the Fortinet network, facilitating the deployment of our PRTT monitor tools. These tools seamlessly integrate with each other, fostering rapid deployment. Most platforms, including Cisco Meraki, Palo Alto, and Check Point, now adhere to industry standards and support API calls.

FortiGate has been instrumental in mitigating the risk of cyberattacks that could potentially disrupt our production operations. I am particularly impressed with Fortinet's cloud-based FortiGuard service, which continuously updates our systems with the latest zero-day attack protection, significantly reducing the threat landscape within our industry. Given the energy industry's heightened vulnerability to cyberattacks, we have implemented measures to restrict access to our network based on geolocation IP addresses. This includes restricting access from countries such as Russia and China, further safeguarding our environment from potential threats. Additionally, FortiGuard's regularly updated list of malicious websites provides an invaluable layer of protection for our industry.

In the event of a production-disrupting attack, we can utilize FortiManager to remotely isolate and mitigate the threat by shutting down specific subnets or networks. We can easily navigate through the unpacked data, and upon detecting a suspicious event, we can initiate automation or SOAR processes to notify the Cloud Service Provider team with whom we have been collaborating. Additionally, we can establish traffic alerts. For instance, since not all users access the AD server simultaneously each month, if we observe such suspicious behavior, we can remotely shut down that network, thereby minimizing our risk exposure.

FortiGate provides us with actionable insights to guide our decision-making regarding the appropriate actions to take. We generate 20 gigabytes of log data daily, which we utilize to establish a baseline for network traffic on our servers and compare it to our generated report. This approach allows us to set a threshold for the read volume of 20 gigabytes of FortiGate data attempting to reach a server from an external source. If this threshold is exceeded, an alert is triggered, prompting us to take corrective action. The centralized monitoring of our environment provides significant value.

Security is not a single, isolated element. It encompasses the entire network infrastructure, including firewalls, routers, switches, endpoints, and even mobile devices. The Fortinet Security Fabric seamlessly integrates these components to provide comprehensive protection. It generates detailed logs, including those from access points linked to FortiSwitch. The FortiSwitch, fully integrated with the FortiGate Fabric, relays security alerts to the FortiViewer in the SOC. This centralized view provides complete visibility into the network, including SSIDs, wireless networks, subnets, and devices protected by FortiClient. The Fortinet Security Fabric tracks individual devices connected to the network, including compromised laptops. FortiClient triggers alerts and sends them to FortiCloud, which also receives logs from the EMS server and the firewall. These logs are consolidated in the FortiAnalyzer and forwarded to the cloud-based log server for analysis. This comprehensive approach to security ensures that all potential threats are identified and addressed promptly.

FortiGate has contributed to a reduction in our operational expenses. Prior to adopting Fortinet, we utilized Palo Alto for firewalls and Cisco for call switches. However, as we began using Fortinet, we gradually transitioned to their products. Currently, we employ FortiGate for our firewall, FortiSuite, and FortiAP Access Points, phasing them in one at a time. This approach has effectively minimized downtime and lightened our workload by enabling centralized management through a single pane of glass.

FortiGate has significantly reduced our time to remediation. We can now check logs from servers, firewalls, switches, access points, clouds, and even devices from different brands, all from a single centralized location. This has greatly reduced the time required for threat hunting and security event investigation.

Fortinet has been instrumental in enhancing our cybersecurity approach to safeguard our industrial machinery. We rely on some heavy equipment that is critical to our industry's operations. To protect this equipment, we have isolated it on a single subnet and implemented strict access controls, allowing only authorized users and MAC addresses to access the network. This ensures that only internal staff can operate the equipment unless authorized maintenance personnel are present. The high level of security we have implemented is essential because our industry's operations are closely tied to the core applications of our industry. We are committed to safeguarding our equipment and preventing any potential risks.

I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager. Additionally, its integration with FortiAnalyzer, which can be deployed in the cloud, enables centralized monitoring of all firewall logs.

Fortinet needs to overhaul its documentation. Our current reliance on outdated documentation has resulted in significant time wastage. While we can locate the necessary documentation, the constant daily revisions necessitate meticulous identification of the relevant documents to prevent the use of outdated information that could jeopardize our environment. At the very least, Fortinet should classify its documentation to clearly indicate the applicable version, as our attempts to do so manually are becoming increasingly tedious.

I have been using Fortinet FortiGate for over three years.

Fortinet FortiGate is stable. I have not encountered any performance issues.

Fortinet FortiGate is scalable. 

The speed of Fortinet's technical support is significantly faster compared to Palo Alto. I recall an instance where I experienced an issue with Palo Alto, and it took an hour to connect with a real technician from Palo Alto. However, when I call Fortinet, it takes a maximum of two minutes to get a knowledgeable individual to address my concerns. Considering the stark contrast in service levels, imagine having a network issue with Palo Alto and having to wait an hour for support. Conversely, with Fortinet, we can receive proper assistance within two minutes. The difference is immense. This is the one aspect I find lacking in Palo Alto.

The reason I don't give Fortinet's support a perfect score is that I've worked in this field for many years and have come to expect a certain level of expertise. Even when we call Palo Alto, Cisco, Check Point, or any other support service, our experience can vary depending on who we get on the phone. If we're lucky, we'll get a highly experienced expert who can quickly resolve our issue. However, we may also get someone who is new to the team or to their role, and they may take a long time to understand our problem. While Fortinet's support is generally excellent, I have had a couple of experiences where I felt like the person on the other end was inexperienced and asked me irrelevant questions. Despite these occasional issues, I am still very satisfied with Fortinet's support overall, but I wouldn't give it a perfect score.

Positive

We previously used Palo Alto for five years and switched to Fortinet FortiGate. Palo Alto is expensive.

The initial deployment is simple. We need to determine which interface is the WAN interface and which is the internal interface.

With Fortinet, we should prioritize a centralized approach to ensure synchronization and consistency across the network. This centralized management strategy will streamline the implementation of SD-WAN, as it allows for the deployment of standardized templates and traffic configurations. Centralized management also simplifies future modifications, as minor changes can be pushed down without requiring complete redesigns. Conversely, deploying SD-WAN without prior centralized management can lead to complexities and potential disruptions. For instance, if WAN interfaces are configured independently of SD-WAN, integrating SD-WAN later will necessitate removing and reconfiguring existing data, policies, firewall policies, and rules. This process can be time-consuming and error-prone.

For medium and enterprise organizations, FortiGate is more affordable. We can choose from a variety of bundles to find the right license for our needs. The software is reliable and easy to install, and it will run smoothly on our systems. FortiGate is priced lower than Palo Alto.

I would rate Fortinet FortiGate nine out of ten.

I compared SD-WAN solutions offered by companies like Cisco Meraki, and Palo Alto. I'm impressed with SD-WAN solutions in general, but I recommend considering purchasing Fortinet's SD-WAN solution, as it could lead to significant cost savings. However, proper planning and design are crucial before deployment to avoid incurring additional expenses due to rework. That's my suggestion.

I'm primarily using the solution for security purposes, and also for managing the network for various companies. I am deploying it for uniting management statuses, in order to be able to manage everything inside and to control security policies. It can fight against attacks to the system or for email searches. It is basically a central management security appliance.

We find it's good for managing the network and offers good defense against attacks.

Technical support is great. It's really fast.

Overall the solution is pretty user-friendly. It has a good dashboard and is pretty easy to navigate.

The pricing is excellent. It's much less expensive than Cisco.

The only thing is sometimes you have to learn with CLI. For those not familiar with CLI it can be an issue. It would be ideal if we could avoid using CLI. If you make a mistake in the command line, it's harder to detect. It would be much better if they had a user-friendly GUI.

The initial setup is complex.

I've been using the solution for five years.

The solution is very stable. You don't have to worry about bugs or glitches. I tend to wait and not upgrade to the latest version right away to ensure this is the case.

The solution is scalable. If you need to expand it, you can. We have it at a variety of networks and sites with no problem.

We have 120 users that are connected to a minimum of 80 computers and a minimum of 15 servers, which is great. The solution is working and it is still stable even across all of these devices and servers. We have multiple networks inside as well, so we are not only on one network. We set them separately, which is why the initial setup for us was quite complex. We're through with that though.

The technical support is pretty good. they're pretty knowledgeable and responsive, especially when you get to the Level 3 techs.

We previously used CheckPoint. Unfortunately, they didn't have a very good service, especially in technical support, and therefore we decided to switch.

For our organization, the initial setup was not straightforward. It was pretty complex. That's due to the fact that we had many networks to set up and many sites to take into account.

We set up the solution ourselves, although we did work closely with Fortinet as part of their bundle package.

The licensing is paid on a yearly basis.

I evaluated Palo Alto. They didn't have the complete solution we wanted. Neither did Juniper, which we also looked at. We looked into possible having Cisco, however, Cisco is too expensive. 

When we looked at Cisco, we also evaluated Meraki, which is a part of Cisco. It did not have what we needed either. 

We are using the 200E in our environment. We had 200D before.

We're not using the latest version of the solution, which is 6.4. I like to wait on new versions to see if it is stable before deploying it. I like to take my time and avoid headaches where possible.

I would recommend the product to other organizations. It's got great bundle options which make it a very good choice - and it's much cheaper than Cisco.

We use Fortinet FortiGate as our security and routing solution.

We implemented Fortinet FortiGate to enhance our security posture by blocking and restricting access to certain websites and securing our VPN traffic. 

Fortinet FortiGate offers enhanced visibility and segmentation for our industrial devices, a crucial process when some machines utilize systems demanding high-level security.

We have implemented Fortinet Security Fabric on our VM infrastructure, and it has provided great service in helping us meet regulations, governance, and compliance requirements. This is important to us because Fortinet Security Fabric connects to our sandbox, allowing us to scan shares across all clusters and enabling FortiGate to resolve any online issues.

Fortinet FortiGate has enhanced our organization's security by enabling secure VPN access and restricting access to social media sites, thus ensuring that employees can focus on their work. We saw the benefits of FortiGate within weeks of the deployment.

FortiGate helps reduce the risk of cyberattacks that could disrupt our production by isolating the affected traffic and creating a log for us.

It also helps to centralize the management of our network and security operations.

The centralized management allows us to access all of our firewalls and policies using a single interface.

Fortinet provides actionable data to help us make informed decisions about the actions to take. For example, if one of our firewalls goes down, the solution helps us rectify the issue by providing details on the problem and how to address it.

By consolidating the numerous individually connected batches, FortiGate helped us reduce operational expenses associated with the extra costs they incurred.

Fortinet FortiGate has helped us mature our approach to cybersecurity for protecting our industrial equipment. Their knowledge and daily webinars on email security and virus prevention have empowered us to stop attacks and maximize our efficiency.

The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox. These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.

The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces. This functionality should be improved.

I have been using Fortinet FortiGate for seven years.

I would rate the stability of Fortinet FortiGate a ten out of ten.

While Fortinet FortiGate firewalls are scalable, upgrading to a new version or adding hardware requires purchasing a new license to migrate the old backup to the new firewall. 

While the technical support team is knowledgeable, their response time to support tickets is concerning. It typically takes them 48-72 hours to respond, which significantly disrupts my work.

Neutral

While we previously used the open-source PSS firewall, it lacked the layered security architecture offered by Fortinet FortiGate.

We migrated to Fortinet FortiGate for its superior control, in-depth scanning, and ability to minimize cybersecurity risks, features not offered by other firewall solutions.

The initial deployment is easy. The solution can be installed by following the on-screen prompts, and the policies can be implemented through the interface dashboard.

Deploying the system takes one full business day. We begin by gathering user requirements from each department, as they have varying policies. The policies are implemented department-first, followed by branches. Finally, VPNs are generated for remote users. Two people are required for the deployment.

The implementation was completed in-house.

Since implementing Fortinet FortiGate, we have observed an increase in user productivity, which translates to a positive return on investment.

While Fortinet FortiGate has a higher price point compared to Sophos XG, its user-friendly interface justifies the cost. Additionally, its fixed pricing structure eliminates concerns about surprise fees.

After evaluating Sophos XG and finding its interface overly complex for our needs, we opted for the user-friendly interface of Fortinet FortiGate.

I would rate Fortinet FortiGate an eight out of ten.

We have one person that deals with maintaining Fortinet FortiGate.

We have 1,100 users in multiple cities and departments using FortiGate.

The Fortinet FortiGate 60F is a good choice for organizations to begin evaluating firewalls.

The use case varies depending on the customer, but we use all of FortiGate's features, including policies, web filtering, routing, etc. 

FortiGate firewalls are easy to manage through a user-friendly web interface. They also have advanced features like DDoS and DLP. However, I wouldn't recommend enabling all these features on one device because it can cause performance issues. 

We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs. 

I have been working with Fortinet for nearly ten years.

I rate FortiGate an eight out of ten for stability. It is less stable than Palo Alto Networks and Check Point firewalls because there are lots of bugs in the latest firmware. 

FortiGate is scalable. 

I rate Fortinet's support a seven out of ten. We had to open several tickets due to the firmware bugs. We don't have an issue with the support team. It's more of a problem with the testers and developers. 

Neutral

I have also used Palo Alto and Check Point firewalls. Fortinet firewalls are cheaper and easier to manage. Palo Alto is more complex and harder to use, but it's more stable than FortiGate. Palo Alto doesn't didn't have as many models for small and medium-sized enterprises.

FortiGate is easy to deploy. The deployment time varies depending on the customer's network topology. How many policies does the customer require, and what kind of license do they have? FortiGate is easier than Palo Alto Networks and Check Point and takes less time.

We typically start by analyzing the customer's topology and understanding their requirements, including policies, routines, etc. We implement the device once we know what the customer needs. One engineer is usually enough to deploy FortiGate in a small or medium-sized environment. 

An enterprise project requires a more detailed analysis of the network requirements before implementation. That can take two or three days. Once we understand the network, it may take another two or three days to configure the device and one or two days to implement it. 

Fortinet has more device options that are affordable for small businesses than Palo Alto, and its enterprise-level models are also cheaper. Palo Alto also has a separate license for VPN connections and SD-WAN, but FortiGate offers these standard features. 

I rate Fortinet FortiGate a seven and a half out of ten. I deducted a few points because of the device's capacity, stability, support, and routing table issues. I strongly recommend FortiGate if a customer wants to use SD-WAN. Before implementing, you should understand the network's topology to minimize unwanted issues. 

We use FortiGate for security. Some clients use the whole Fortinet solution, including FortiSwitch, FortiAP, and FortiExtender, but FortiGate is my bread and butter.

We have a hybrid deployment. A lot of it is onsite, and we have data center collocations. Some customers do collocations with us, but others request connectivity to Azure or another cloud services provider. Fortinet has plugins for Azure, AWS, or Google that make it easy to configure VPNs out of the data center or off-site. 

Typically, we stick with Azure because their support is better, but we do have a handful of customers that choose AWS. We have the solution deployed across Canada. One of our biggest customers is a retail company with many little stores under their umbrella. We cover everything from British Columbia to a couple of sites in Newfoundland. I estimate that we have around 1,200 users.

We need to allow a set of websites or block another set. FortiGate gives us the ability to do it based on URL domain. It's so much easier because you input the domain microsoft.com instead of adding the specific URL. Other firewalls can't do that the way FortiGate does. It helps us with compliance and security.

FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. 

Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features.

My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint.

I've been using Fortinet solutions for about four or five years now.

I think FortiGate is going to be around forever. If I don't see their stock price double in the next two years, I'm going to be surprised. I think it's a very underrated solution. 

Scaling up only requires adding a router. Once you have your network in place and a basic template, you buy another router and add it to the mix. It's incredibly easy to add and configure devices. 

I rate Fortinet support 10 out of 10. The support gets better as you get more certifications. I'm trying to get my certification to see how much better it can be. With an NSE 7 certification, you can contact Tier 3 support directly. I'm already getting my cases resolved in 24 to 48 hours using Tier 1 and 2 support.

We used Juniper firewalls in the past. The two solutions are similar in terms of features, but Fortinet blew it out of the water with regards to pricing and user-friendliness.

The main difference is CLI versus GUI. You have to know what you're doing on a Juniper because it's all command-line based, but Fortinet is 99 percent GUI-based. You log in to Fortinet and check off what you want to allow or block. 

Our biggest Fortinet solution was 500 plus retail sites. This customer chose the whole nine yards, including FortiGate, FortiSwitch, FortiAPs, and the FortiExtender, which is the LTE router. 

I made the templates for the configuration for our bottom tiers because they were the ones rolling them out. I made a standard template config and wrote notes specifying necessary changes for each site. 

The primary difficulty was trying to understand our customer's requirements and concerns because they were with an old provider. The provider had a lot of things on-site that weren't necessary. Deploying the Fortinet solution itself wasn't hard. 

Getting there was hard because we had to sit down with the customer and their tech team to determine what was needed because they had old Cisco routers. That took about three weeks and required a lot of on-site visits, but it wasn't hard to deploy the solution once we got an understanding of the requirements was not hard.

We trained the customers to manage and maintain the solution themselves. The only maintenance we do is emailing them monthly when we get notifications from Fortinet about router upgrades. You can configure it and then forget it. 

We are the integrator/consultant for the solution. We are the one in between the client and the internet service provider.

FortiGate firewalls pay for themselves. We bought our first FortiGate when they came out with the 50Fs and thought we would never see the return on investment. However, they paid for themselves because we rent them out, and customers loved them so much that we just retired our Juniper and Cisco solutions.

Fortinet's pricing is more straightforward than other solutions. If Fortinet doesn't stick out when you're searching for a solution, you are a glutton for punishment. You only need to know two things when purchasing a Fortinet solution: your total bandwidth and bandwidth at the site. You need to estimate the future bandwidth with other solutions if your customer plans to upgrade.

You have to consider whether you'll need to resell your licenses or wait until they expire and get new ones. You need to worry about out-of-pocket costs with other solutions, but you could pay for a higher-tier Fortinet license. You don't need to worry about it for 10 years and still be under budget.

Fortinet encourages people to buy their base product and then add what they need. That mentality goes a lot farther in the game because it affords people security. That's how they got into the market and became so competitive.

We evaluated Meraki, Dell's old SD-WAN, and Cisco's Viptela. Price and flexibility were the main factors. Viptela, Juniper, and others make it so hard to pick a solution. You have to be highly specific about what you want, including the amount of bandwidth and encryption level at every site. You have to pick a different router per site, depending on your functionality and requirements.

I rate FortiGate 10 out of 10. It's a tremendous little firewall. It takes care of all your security concerns.  When people say, "I need to make my organization more secure," the first thing that comes to mind is Fortinet. Everyone is talking about Cisco, Juniper, Palo Alto, and Check Point but overlooking Fortinet, which is a relatively new player in the game. 

Fortinet's next-generation firewall is more affordable and user-friendly. They also have an extensive knowledge base online. Good luck finding that community support on a Palo Alto, Cisco, or Juniper website without paying.

We use Fortinet FortiGate to safeguard our online users, who are primarily students, around the clock.

Over the past seven years, we've utilized Fortinet FortiGate to address a wide range of security challenges. Initially, we implemented a firewall to secure our network perimeter. Subsequently, we sought to protect internal network segments. Next, we implemented application-level security measures. And most recently, we've implemented selective service controls to manage access to applications like Google services, WhatsApp, and video conferencing platforms. These measures have addressed evolving security needs over time. Currently, we're focused on enhancing authentication and remote access security. To achieve this, we're implementing security tokens to verify user identities and ensure authorized access.

Fortinet FortiGate enables us to comply with regulatory governance and compliance requirements.

FortiGate is one of the security solutions we have implemented to enhance and protect our network infrastructure, including devices, across the campus for all users. Specifically, FortiGate has shielded us from Internet security threats, application threats, and unwanted websites or access to unauthorized web services. For instance, access to classified websites is restricted based on user permissions. This has resulted in a cleaner network environment, not just from a security standpoint but also in terms of overall network performance. Secondly, FortiGate has significantly alleviated the burden on network administrators and server managers. The product has proven to be highly reliable.

It has effectively reduced our risk of cyberattacks. We have experienced a very small number of incidents, primarily due to configuration loopholes. However, FortiGate has been successful in preventing intrusions from the Internet. It has effectively thwarted hacking attempts, making it a valuable tool for our computer and network security.

We operate in an educational setting and do not rely solely on online connectivity. Therefore, an internet outage would only impact academic activities. While some internet services are utilized within our campus primarily for business purposes, they are not entirely internet-dependent. Consequently, the impact of equipment failure is minimal. In the event of equipment malfunction, we have established contingency plans and alternative facilitating services in place. Additionally, our devices are designed for high availability, with two devices functioning as a backup in case one fails. We have not experienced any device failures to date.

It has streamlined the management of our network and security operations. While the machine itself doesn't provide an out-of-the-box solution, its effectiveness hinges on the expertise and security knowledge of its users. Therefore, engineering and security proficiency are paramount to maximizing the benefits of FortiGate.

FortiGate offers a lot of reporting logs and reports. By continuously monitoring these resources, we can gather sufficient information to take immediate action and implement necessary changes. However, the effectiveness of this approach hinges on having dedicated personnel to review and respond to the provided insights. The device itself cannot act autonomously without human intervention and analysis.

FortiGate has helped us reduce our mean time to remediation by 60 percent. Its user-friendly interface facilitates rapid issue resolution.

Fortinet FortiGate is an extremely user-friendly product. In terms of security, we have not experienced any security flaws or loopholes, and it has proven to be quite stable. Additionally, we have not experienced any downtime, which is of utmost importance.

The log analyzer, for instance, is a product being developed as a common solution for multiple FortiGate devices. Consequently, the log analyzer's functionalities are not fully integrated into the individual FortiGate products. I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool.

While Fortinet claims to offer a comprehensive network solution, it falls short in addressing computer application issues, particularly server security. Fortinet's capabilities are primarily focused on network security.

I have been using Fortinet FortiGate for over seven years.

I rate the stability of Fortinet FortiGate ten out of ten.

Fortinet FortiGate is a fixed configuration that depends on the number of nodes and devices.

The support from Fortinet and its vendors is good.

Positive

The initial deployment can be completed in a few days. Two to three people are involved in the deployment.

In the Asian economy in which we operate, FortiGate is expensive.

I would rate Fortinet FortiGate eight out of ten.

I'm not involved in the operation of industrial devices. We do, however, have devices that are part of laboratories, and they may be flagged during searches because we belong to the education sector. In any case, FortiGate provides protection, and I wouldn't know the extent of visibility there because it's primarily concerned with providing security for those devices. If they are connected to the network, alright.

We have around 1,500 users and over 3,000 devices that utilize FortiGate.