The purpose of this solution is to provide intrusion protection and more robust endpoint security for small offices. We are providing an enterprise solution for a small business by adding endpoint protection coupled with Intrusion Detection and Protection. For small offices needing HIPAA compliance, we need to make sure we are providing robust protection instead of the default modem gateway provided by the ISP.
The Fortinet product provides enterprise capabilities in a small footprint at a price point that is more attainable for a small business. The product meets the IPS/IDS/Endpoint protection that small organizations need for their HIPAA and PCI compliance. While the end user may not understand the true capabilities, the managed service provider can more easily deploy and maintain this small footprint product.
The main reason why I purchased the particular unit was based on other reviews and leadership in this space. Being able to have a VPN solution as well as integrated access points is a plus. For me, it's all about simplicity. When you look at my particular model for a managed service provider, it's basically to help simplify, protect, and remain compliant. When you're trying to implement something, it's about making sure it is simplified. This seems to fit the bill.
The product has enterprise capabilities, which means there are a ton of configurations possible. What I'd like to see in the product is more of a branch in the box wizard deployment for those that are not as well versed in firewall and routing. For a small business, the firewall should be able to self-configure for a Unified Threat Management configuration with 2 SSIDs for protected wireless network for internal gear and a guest wireless network for employee cell phones and guests. I'd like to open the box, plug in the router behind the cable modem, and check a few boxes, and the rest is done automatically. I don't want to have to build a configure VLANs, SSIDs, security protocols for each port, and try to figure out and understand all the layers in an effort to deploy a solution. It's great to have those capabilities in case you need them, but for most of the offices I am trying to deploy these into--it should be a branch in a box.
I've only been using the solution for a few weeks. It's very new for us.
Stability has been fine. I've had no questions about the stability of it. It seems so far it is staying up. I haven't had any issues to speak of.
I haven't really pushed this product from a scalability perspective. Certainly, if you look at the performance metrics, the F series appears to have really expanded the capacity and capabilities beyond past models. If you look at 40E versus 40F, there's a fairly substantial difference. For a small office, it's going to be just fine.
I haven't reached out to technical support and therefore can't speak to their level of responsiveness.
N/A
The initial setup is complex for me due to my lack of experience with the Fortinet FortiGate product. The complexity can be a good thing, however, as there's a lot of really good features associated with it. Where it could be simplified is in having that easy deployment option, and then you can start going down and trying to get into the nitty-gritty and figure out when do you need the extra features.
Right now, I'm just in a test environment getting all the firmware up and tested. Then, once I have it tested, I'll take it to the client location and yank out their WiFi mechanism, their WiFi router, and put this in.
I'm currently handling the implementation for a client.
ROI is somewhat difficult to measure when you are mostly talking about deploying a product for endpoint security. If your environment stays protected, then it was a good return on investment.
When you look at these endpoint security systems and firewalls, these products a few years were way too expensive for a small business. Now we have enterprise level security in a footprint that is less than $1,000. For offices that have 10-25 computers needing protection, this is a better solution.
The good news is that Fortinet does have a good support network as well as their education academy to help someone get up to speed on their product.
We use this solution for different reasons.
We use it for the firewall with SDWAN functionality
We use it in some use cases as a VPN Server.
We use it as a Wi-Fi controller on some sites.
We use if for internal network segregation and routing
Fortinet FortiGate has improved the way our organization functions.
Versatile with a lot of controls and expert level customizations for advanced users
NGFW features seems to be effective are relatively easy to implement.
Fortigate DC Agent is a useful free feature to automatically detect logged on users and implement user based access policy
Basic VPN is included without extra charges
The Wi-Fi controller feature needs a lot of improvement. The function itself is not as stable as it should be in our use case which might be a problem in either the APs or the controller.
Would like to see more wizards and automation for more features such as virtual servers, SSL VPN, and others where policies, rules entries are created automatically form wizard input.
Some of the features related to load-balancing and traffic shaping are not as straightforward as they need to be.
The VPN functionality needs low-level debugging get what really going on. Log level is too detailed and requires someone who is quite experienced to analyze and solve those issues.
Zero-trust base features are lagging behind the other competition, based on what I have read. Would like to see those features in a clearly in the UI.
I have been using Fortinet FortiGate for four years.
We are not using the latest version, but close to it.
There are some stability issues when move to a newer version. It's always good to be a couple of steps behind when you upgrade as usually the latest major releases are a not stable. We are quite cautious to update.
The stability of VPN connection phase is can be enhanced
Wifi AP/Controller stability is an issue for us
It's quite scalable. The scalability and the migration are okay as well. Licensing model is also stright forword and certain features such as basic SSL VPN requires no to min additional cost per user.
Their technical service is quite good. The application notes and the help on the web are quite good.
I would rate technical support an eight out of ten.
By the time I joined a Fortigate was selected against pfsense.
The initial setup is intermediate in complexity but support and online documentation covers for it.
If you're a small-medium size business:
- Size your use case carefully as licensing price jumps significantly with HW changes.
- Customizable Forticilent SW can be downloaded for free with FNDN membership
- If you have multi sites and require Fortigate based 2FA then consider getting a dedicated fortiauthenticator (VM) with fortiokens acting a central RADIUS server which can be cheaper than cloud tokens an with additional authentication flexibilities.
pfsense; was decided against based required features (mainly VPN which is based in OpenVPN)
Paloalto; is a more expensive with comparable security features based on a recent NSS LABs report
Follow the instructions on the application manual carefully. Otherwise, certain features would not be running quite as they need them to without clear errors reported.
Contact technical support, they're responsive and have solutions for most of the problems.
Chose/size the HW carefully based on your use case as certain features are HW accelerated in higher variants but takes a huge toll on CPU/ memory when running on lower variants.
Consider using Fortigate DC Agent which is useful free feature to automatically detect logged on users and implement user based access policy
Consider segregating functions on different units instead of having all features on a Fortigate (i.e avoid having wifi controller + firewall + VPN on a single unit specially for lower variants)
Because of the flexibility, the advanced user features, the high level of security controls, and the tweaks that are available for the user, I would rate this solution an eight out of ten.
We utilize the services to ensure the stability of our network and clients protection from external treats. With the recent pandemic mobile working have increased in demand and Fortinet have easily bridge that gap to continue to support employee needs.
It has provided us the ability to work remotely during the pandemic. It opens a secure connection to the office for an employee working remotely from home.
The web filtering feature and the intrusion protection system are the most valuable.
It is a resilient appliance.
Its reporting capabilities can be improved. Some out-of-the-box reports needs to be able to provide usable data for example for web monitoring and reporting or browsing patterns and details. Some customers does not require any forensic type reporting and may not want to invest in all the features offered by the FortiAnalyzer.
I have been using this solution for the past seven years.
It is stable.
It is scalable. There are no issues. In terms of the number of users who use FortiGate, we have only about ten users for remote working. Only selected users utilize this remote capability.
Technical support is good. If I have an inquiry or request, it is usually addressed within the same business day or within the 24 hours period as per the vendor's support agreement.
I was on a Check Point platform, and then I migrated to FortiGate. Migrating from the Check Point environment to the FortiGate environment was new for me. We rely on a vendor for support. The vendor was kind of phasing out the support of the Check Point product. That's why we switched.
We are currently on 80D, and it was a direct upgrade. The deployment didn't take that long because it was a direct replacement or upgrade from an older appliance 60D to 80D. It was easy for the vendor to deploy because they saved the policies and other things that were in use for the older appliance and had to be migrated over to the new appliance. It was done within maybe a day or two.
We outsourced it to a local vendor, and it was deployed by the vendor. We do our own internal monitoring, and the vendor does the actual set up. So far, our experience with the vendor has been excellent in terms of response. Their technical staff is also very knowledgeable.
We just pay an affordable flat monthly fee to the vendor for the monitoring and support.
I learned about different options and their benefits and listened to vendors' proposals for migration. We evaluated pfSense, which is open source. We were trying to determine whether to go for open source as opposed to an industry-standard and proprietary product. I also engaged other vendors who offered Sophos technology and SonicWall. I trusted the vendor-supported product and considered the cost associated with the migration. The current vendor could upgrade it with no implementation cost, and we just had to pay a monthly service fee or rental.
Based on the research, FortiGate seemed like a reasonable firewall, and it is also more or less recognized and trusted all over, so I trusted FortiGate. Overall, I was happy with the performance of the FortiGate, so I kind of stuck with that one.
I would definitely recommend this product, but there are other products in the market, such as Sophos and SonicWall, that are just as effective.
We will be using this solution for at least the next three years. We renewed the license for three years in August of this year. We are thinking of upgrading to a newer appliance before that.
I would rate Fortinet FortiGate an eight out of ten. I am pleased with this solution and the features it offers right now. It just needs minor adjustments in terms of reporting and staying up to date with industry standards.
Our clients' main use case for Fortinet FortiGate is for the firewall on the outside perimeter to the internet. Some of them have started using it for SD-WAN.
We are software integrators.
Our clients like the packaging because it's an appliance. It has specific chip sets to accelerate different features in the product.
Additionally, it's inexpensive compared to some of the other technology out there.
In terms of what can be improved, they do have certain features that you can only configure through a CLI and there's no GUI interface for it. That's a pain. But it's nice that the user can do everything one way or the other.
They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI.
I have been using Fortinet FortiGate for at least the last 12 months.
Fortinet FortiGate is pretty stable.
It is hard to judge this year because of everybody working from home. Everybody is using up a lot of bandwidth so I'm not sure if that is a cause for some of the instability with the Forti client. The only place we've seen instability would be updating Forti client with their software called EMS.
So pushing out the client with EMS, like a client update to remote users, has proven a pain in the butt. But that could be because the end users' VPNs are maybe a little bit unstable just because of the high bandwidth demands. It is hard to determine. Maybe it is because some of these users are in remote areas, or non-urban or smaller towns, as opposed to being in an urban area where bandwidth is a little better.
We never jump ahead and say, "Oh, yes. 6.5 just came up. Let's jump on that." We'll probably just wait six months and see what goes on first. And I guess that's probably what a lot of people do because it's protecting your intellectual property and everything which that company owns.
I'm not saying that there's no instability. People will generally just wait and not jump out unless they're testing in the lab. They're not going to jump out and put the first revision that comes out on their firewalls.
In terms of scalability, it scales very well.
They have different models for different sizes. Obviously, if you buy too small and you have to upgrade, then it's a box swap. Some other vendors can just add another unit and you cluster them together. In their case it's more of just switching the box out for more performance boxes if you go too low.
Their technical support is very good.
Every time we've had to open up a case or get their help, if we surpass that person's ability, it gets escalated right away. So it's very good. It usually gets resolved within a day or two.
The initial setup is fairly straightforward.
In terms of ROI, they're inexpensive. Because they're inexpensive, they're just everywhere, in the Federal Government, schools, everywhere where budgets are fairly tight. And it is a very good product. It's a product that's built that if you need to you can add a different box and remove that feature from your main FortiGate and just run it on a different box.
So if you need to expand, you can always do it that way too.
They have good integration if you have multiple firewalls and it allows you to be able to push out policies to all of them at the same time.
Fortinet FortiGate's pricing is pretty hard to beat.
On a scale of one to ten, I would give Fortinet FortiGate a 10 out of 10.
We are a system integrator and Fortigate is one of the firewalls that we implement for our clients. I am a solution architect.
Our primary use for this firewall is the IPS.
One of the things I like best is the ease of configuration.
Management-wise, it is very good.
The most important feature, normally for small business customers, is link load balancing.
The firewall throughput is very good. Most of the customers in this region use FortiGate for their data center firewalls, and the main reason is because of its high throughput.
Fortinet is good in terms of security and threat prevention, but they are not leading. For example, the signature database can be improved.
If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement. Customers that have ISE implemented are able to provide inputs based on malicious traffic, and then ISE will automatically block it.
We have been working with Fortinet FortiGate for the past two years.
Stability-wise, they are good at the job of a data center firewall. For a perimeter firewall, it is for smaller customers, preferably.
The scalability depends on the design and how it was done. You have to think about the next five years. We get lots of new updates on the older versions and if the product is still in support then the new features will be included.
The responsiveness of the support depends on the level of support that you have. If you have premium support then you will get immediate access to them. Otherwise, you have to wait for some time, perhaps an hour, before they get back to you.
On the technical details, there are different levels of access. Once you have engineer access then most of the cases are going to get resolved, or otherwise, they will go to their development team.
In addition to FortiGate, we are using Cisco SFR.
The initial setup is straightforward. We have field configuration guides that we follow and you don't need to have much in-depth knowledge to set it up initially. However, performing the fine-tuning requires that you have proper training on the device.
Deploying the firewall for a new customer will be completed within two to three days, or perhaps a week at the most.
Compared to vendors like Cisco and Palo Alto, FortiGate is the cheapest. However, they only have a small segment of the market. Fortinet is trying to appeal to small and medium-sized customers, and I think that their prices should be a little lower for this segment.
On the high-end devices, it is fine. However, the problem is that their subscription price is very high. If you purchase a one-year subscription with the hardware and then you want to renew for the second year, it is very costly. Your whole price ends up being very high.
As a system integrator, we sell a lot of similar solutions from a variety of vendors. We have found that the Fortinet firewall has a much better throughput than that of the other vendors.
If a large customer is looking for a perimeter firewall then we suggest another vendor, such as Check Point or Palo Alto.
FortiGate is a product that we recommend and we have migrated many customers from other vendors. FortiGate is a better option, although small customers don't care much about security. They only care about basic security. There are only a very few who are really concerned about it and most of them don't have a proper IT group in their company.
I would rate this solution an eight out of ten.
We are selling FortiGate 60E and 200E. I mostly look after imports and finance, and my sales team and my corporate manager look after the business. Currently, we are buying renewals for our customers from a local distributor.
Customers are more inclined towards FortiGate because of application control, web filtering, and anti-spam features. The support from the FortiGate team is good, and price-wise, it is affordable.
They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor.
Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired.
I have been using this solution for almost two years.
It is 100% stable.
It is scalable. We have more than a thousand users.
The support from the FortiGate team is good. My engineers never complained that they are facing any problem with Fortinet in terms of support.
It is very easy to install. It is way easier than Cisco.
The deployment duration varies from customer to customer. It depends on what features they want to utilize, what is their scenario for IP addressing, and what security level they want to implement. It also depends on the policy and the planning of the technical teams. My engineers and the customer's engineers sit together, and they plan the activity and take care of everything. After that, they decide what to implement and how long it will take. Sometimes there are physical, logical, or IP addressing problems, so it all depends on the customer and our implementation planning. I have three guys for deployment.
Its price is affordable and lesser than Cisco. Cisco is expensive.
In terms of licensing, there is only one issue. If a customer's license has expired a month ago and they do the renewal after one month, Fortinet renews the license from the start of the previous month. The activation of the product is done from the previous month, not from the date of renewal. The customers usually shout and complain that because they are paying today, the renewal should start from today. The support contract renewals or licensing should be renewed from the date of renewal, but Fortinet starts from the day it had expired. It is a loss for customers. They might have had some problems because of which they did not take the license one month before. Fortinet should work on this. Cisco doesn't do this. Cisco always starts from the day they apply for the license.
We plan to keep selling this solution. Fortinet has launched new partnership levels. They have removed the silver partnership. We were a silver partner previously, and we have now become a premier partner or something like that. So, we have to improve our partnership on new levels.
I would definitely recommend this solution. We always support customers and recommend buying Fortinet. It is a better, more stable, and relatively cheaper product than Cisco. We supply Cisco only when a customer forces us to go for Cisco.
I would rate Fortinet FortiGate a nine out of ten.
In most cases, we use the solution as a firewall to access the internet. For example, we use Cisco Wireless for our clients to have access to the network and we use within the same solution the FortiGate Firewall for them to access the internet as well.
The solution offers very easy usability.
The product can scale well.
The solution is extremely reliable.
The pricing and licensing models are pretty good.
The user interface, both the web and CLI versions, are very good.
The solution overall is quite good. It works how we need it to. I can't recall seeing any features that are lacking.
We haven't had any breaches in our organization, however, I have read in journals that there have been some issues.
There may have been some bugs after an update, however, that has since been resolved. We saw a few bugs in the web field and when we ran an update it was resolved in the new version.
Some resources must be accessed via web fields. We were not able to access them at first. However, it was a simple task to fix it and that has since been resolved.
The pricing could be a bit better, especially when you consider how they have the most basic offering priced.
I've been using the solution since I started at my current company. I began my employment here about a year ago or so.
The solution is quite stable. It doesn't give us issues. There are no bugs or glitches. It doesn't crash on us. It doesn't freeze. It's reliable. Fortinet has created a really reliable solution.
We've found the scalability of the solution to be very good. If a company needs to expand on this solution, it can do so with ease.
We have between 2,000 and 3,000 users on the solution currently.
We do plan to continue to use the solution going forward. We have no plans to change anything.
I've never contacted technical support. Having never dealt with them, I can't speak to their responsiveness or knowledgeability. I don't know enough about them from any kind of personal experience.
I also use Cisco wireless solutions. Our company uses both simultaneously.
While I did not participate in the main part of the installation, I've discovered from deploying small FortiGates such as FortWiFi 60E, that it's good. It's not too complex of a process. It's pretty straightforward. It's easy.
We've found the pricing to be fair and the licensing model is quite good. It's a reasonable cost. It's not too expensive.
That said, I do feel they could work on the pricing policy a bit.
Right now a license to use some of the simpler features like web filtering or antivirus, you have to pay about 80% of the hardware price to have a license for a year. That's a bit too much for such basic features.
We use a variety of Fortinet products. We are using mostly FortiGate 200E and we have some of FortiGate 100E and the FortiWiFi 60E.
We are not using the latest version of the solution at this time. We have version 6.0 and it completely meets our requirements. When we will have to update it we will do so. However, that is not so necessary right now. We will not update it until we need to.
I'd recommend the solution to other organizations. It's been a positive experience overall.
I would rate the solution at a nine out of ten.
I primarily use the solution for network security - especially for the VPN connection, the remote site connection.
The solution is very easy to install.
The services from Fortinet products are very, very good. The WIFI that Fortinet provides for us, for example, is fantastic.
The VPN tunnel is very stable and there is more than one option for the tunnel, which is helpful.
We can customize the product well.
There's a very intelligent solution that they gave us in order to make the VPN connection easy. It is a very, very, very useful tool.
The stability of the solution is excellent, as it is with other Fortinet products.
Fortinet is a very big product. It has FortiGate, FortiWiFi, FortiSwitch, email security, etc. Due to this, they have some weaknesses in the ISPs, the services. They could improve these aspects. Hotspot services especially could be a lot better.
There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs.
I've been using the solution for about three years at this point.
The solution is very stable. That's not a problem at all. There aren't bugs or glitches. It doesn't crash or freeze. It's quite reliable.
The solution can scale well. If a company needs to expand it, they can.
I have various clients that use the solution and they have a user base that can range anywhere from five users to over 10,000.
I do plan to continue to use the solution in the future, however, I can't speak as to if my clients will expand their services or not.
Technical support, by and large, is very good. Fortinet has a very fast response time for their support tickets. It doesn't matter if the help is coming from the local distributor, or from web support. I don't face any problems with their level of attentiveness. I'm quite satisfied.
I use a wide variety of products in my shop. For example, I also work with Sophos UTM, Cisco, HPE, and Aruba products.
There's a lot of problems in, maybe, let's say, Sophos products. Especially in their support. They have very weak support. Cisco has good support, on the other hand, and a very good product, however, it is too expensive. HPE is a very nice product and has good support, however, it's not a UTM. Therefore, often we end up recommending Fortinet options.
The initial setup was not complex. It was pretty straightforward.
How long it takes to deploy the solution depends on the company and the configurations required. Sometimes I am able to do it in one day, whereas other times it takes more than one month to complete.
I'm just a customer. I'm using the latest version of the solution. I'm using the F-series. Previously, I used the E-series.
We use the on-premises version of the solution as Fortinet does not yet support the cloud.
I am not an organization, I am in IT support. I have my own agency for installing such devices. I use it for some universities which is more than 10,000 students in some cases. I also use it in some factories which have four to five users. It works just as well for small and medium-sized companies as it does for enterprise-level organizations.
I would recommend the solution to others for sure.
Overall, I would rate Fortinet's solution at a nine out of ten.
