Fortinet FortiGate Reviews

Most organizations use the Fortinet firewall as perimeter security at the gateway level.

FortiGate has threat protection, antivirus, and even SSL encryption and decryption. So FortiGate is primarily used for security purposes. And a few customers also use this firewall for web filtering and application control. So these are the two features for which people use FortiGate.

FortiGate is primarily a gateway,  but customers also use web filter threat protection and application control. And some people use it as a special VPN for remote access. I recently deployed one virtual firewall where they're only using the FortiGate firewall for VPN. I can't say one feature is the most valuable because it's a bundle solution. So no one uses FortiGate for just one single feature. 

Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

I've been using FortiGate for around five years.

Before version 6.0, FortiGate's firewall performed well enough, but lately, they've introduced so many features. After that, its stability has been somewhat lacking. This is because they're constantly updating their firmware. So it was pretty stable, but nowadays, it's not that stable.

I haven't worked on the scalability side because most of the time, the pre-sales tools are relatively bigger devices. So right now, I haven't faced any issues with scalability. They have some larger devices for the data center. So if we talk about their hardware, I think they're capable of handling around 10,000 to 15,000 people on a single device. But if you go with the virtual environment, I don't think there is a problem. Fortinet has a single OS that we can deploy on whatever hardware capacity we want to configure over there or through virtualization.

Fortinet support is good. They resolve tickets relatively fast. So we've had no issues with that. And I don't know about other regions, but in my region, the salespeople working with Fortinet are strong. They're aggressively working on the sales part. So in the Pune region and the rest of Maharashtra, they're winning more contracts, and people are using FortiGate Firewall.

The management console is pretty simple, so anyone who understands networking can initially deploy the solution. But you need some good hands-on experience for advanced configuration. The amount of time required to deploy depends upon the project and also the organization. So it takes around four to five days to deploy a smaller device. And for the largest device, it takes around a maximum of two months. We do the deployment on our own. So we have a sales team, a pre-sales team, and a deployment team. Our sales team gets this and handles the sales end. After that, we come into the picture. So we do the whole migration, as well as the new implementation and everything. It should take no more than two people to deploy. If we want to migrate from one Fortinet device to another, then we use the command line. They have some script in their firmware, and we can migrate the script directly from the older firewall to the new one. So it isn't too complex.

I'm somewhat aware of the pricing, but most of the time, the pre-sales staff only defines their requirements. And we get the licenses at the time of implementation, then register and activate them. But I think Fortinet has multiple packages. They sell licenses for a period of one, three, or five years. They also have special add-on licenses for various things. So, for example, if you want to get a security rating for the firmware configuration and everything, you need to purchase an additional security license. And if you want to do some IoT-related security, you also need to purchase separate licenses. 

I rate FortiGate eight out of 10 based on the performance, stability, performance, management, rights, and features. So most people lack SSL encryption and the certificate part. Those servers are running behind the FortiGate firewall. And most of the people I've seen are not using SSL encryption over there. And even for internet purposes, they're not using deep scanning.  So my suggestion to people thinking about using FortiGate is to prepare a plan before implementation and implement those things in inbound inspection and outbound inspection. This is recommended. And also, if you have multiple band links, then you must use SD-WAN. They have SD-WAN options in the FortiGate firewall. It's a pretty good feature. So you can use that to improve your stability and performance.

It is our primary router here in the office with all the firewall policies.

The solution has many valuable features. I like all of them.

Its stability is great. On a previous job, we set probably up to 100 FortiGates, and during the three years they were set up none of them failed.

It's a very scalable solution.

The pricing is great and very reasonable. 

The initial setup is simple. 

We use a yearly subscription for a unified protection model. I like the features that it gives me. It is actually a built-in proxy server and it allows me to use great protection and so on. In terms of application control, the built-in anti-virus is okay. One of the things that I like the most is it has a built-in SD-WAN solution - its price is included in the hardware. I don't need to buy anything else to use SD-WAN. This is the feature that I like, in Fortinet, probably the most. All other vendors sell SD-WAN as a separate solution and you must buy a separate controller which has to be installed somewhere, on-premise or on the cloud, and it costs money. Fortigate does not.

I can't think of an area of the product that needs improvement. Even the cost is okay. I have no real complaints. 

It would be good if they had fewer updates. Almost every update has bots that are either critical or something small yet valuable. Whenever I try to do an update, I always fear that something will break.

I've used the solution for a few years. I used it on a previous project and I use it now as well.

The stability has been excellent. It's very reliable and the performance is great. They have not failed in three years. There are no bugs or glitches. It doesn't crash or freeze. 

The scalability of the product is great. If a company needs to expand it, it can do so.

Up to 100 people use it right now, and likely we will increase usage so that it covers 150 to 200 users. 

If our other branch offices open in other cities or other countries, I will buy another firewall for them as well.

I've contacted technical support in the past.

For example, I tried to update my firewall to 7.0.4 and there was a block with the DHCP server. Some devices did not acquire an IP address. Really, it was something about FortiGate. I asked Fortinet for technical support and I created a ticket, and the next day they replied to me they agree that this was a bug that they would work on. As far as I can see now, there is already an option of 7.0.5. While I didn't test it myself, in the changelog I can see that this bug is fixed.

So far, we have been satisfied as they have answered us by the next day typically.

I did not previously use a different solution.

It's an easy setup. Everything is very straightforward and simple to understand. It's not complex, not difficult. A company won't have any issues with the process.

The deployment might take up to one week. I don't remember exactly. I continued to add some features, however, in the instant deployment, when it came here I had another router here, it wasn't too long of a process. Later, I asked my bosses to buy a firewall and when it arrived, on a Friday in the evening, I installed it and everything was fine. It was very fast.

I handle the deployment and maintenance myself. We do not need a big team to manage everything. It's pretty low-maintenance. 

I handled the implementation myself. I did not need a consultant or an integrator.

The pricing is very fair for a firewall. There's nothing to complain about in terms of licensing.

The price model is fair. I have to pay only for the features that only Fortinet gives me. Things like routing are free. Other vendors like Cisco, make me pay for things that should be free.

I would recommend the solution to others.

Fortinet has an education platform that is named trainingfortinet.com and many courses are on there. All the video lessons are free. Users can view them to learn about the features that Fortinet has. It's an excellent resource.

I would rate the solution at a nine out of ten.

Our customers use these devices as security devices, and we sell these devices to our customers. We also use it ourselves. We have the entire lab, and we use some of the functions in our local network.

It protects our customers' networks from viruses and threats.

The firewall, IPS, and VPN functions are the most valuable features. The antivirus functions are also good.

It works very well. It has a lot of different functionalities. Its cost is also fine for our customers.

In some cases, its initial setup could be hard for customers.

I have 10 to 12 years of experience with these devices.

Their devices are quite stable. We have not had any problems with the operating systems or maintenance of subscriptions. It is a robust device.

In most cases, they work very fast. It also depends on the device they are supporting. In the case of FortiGate, we do not have any complaints, but when we had to buy the FortiADC solution for one of our customers, we faced quite a few difficulties with technical support. I do not know why, but it could be that some devices are supported by different teams in Fortinet. We had difficulties with FortiADC, but we have not had any problems with FortiGate. I would rate their support for FortiGate a nine out of ten.

Positive

We worked with Cisco and Check Point firewalls. We worked with Cisco ASA for a long time. We worked with it for about five years, and we were happy with it, but it was old-fashioned. We went to Fortinet and started working with this company. 

FortiGate has good security functions and high-level technical documentation. Their documentation is very easy to understand. 

FortiGate's performance is also better than Cisco ASA. It has 10 VDOMs. It is a great function because you can add virtual functions for different groups in your network. It is quite useful.

It is deployed on-premises. Our customers prefer to deploy not only Fortinet devices but all security devices on-premises. They rarely use cloud licenses. Some customers only buy it from us, and for some customers, we also set it up.

Its setup is easy for us, but not every company wants to use our service for setting it up because of the cost. They prefer to install it themselves. In some cases, it could be hard for them.

In terms of the implementation strategy, we first try to understand what problem a customer wants to solve by using FortiGate. We collect a lot of information about a customer's network, such as protocols and devices being used. We try to prepare this device in our local lab. We preload the device and send it to the customer, and then we finalize the installation in the customer's building.

We have very technical staff, and we do not have difficulties with installations. We have had situations where customers do not have much experience with it, and then we recommend them to go for certain features such as IPS, antivirus, etc. 

The deployment duration depends on the size of the environment, but generally, it does not take more than one or two months. 

Generally, two to three people are required for the deployment.

For maintenance, our customers have technical staff. They regularly check and ensure that all the functions are working. We are glad to help them if they need any help.

We have seen an ROI. We have bought a lot of these devices, and we have had a good experience with them. It has saved us a lot of money.

It is quite affordable for our customers. There is a separate cost for IPS, antivirus, web filtering, and other features. They have a great choice of licenses. You can go for the license that you want, which is quite useful.

You have to buy a support license for FortiCare. In most cases, people buy the UTM bundle that comes with IPS, web filtering, and FortiCare. 

They are on the right path. They have improved a lot over the past 10 years. Fortinet is one of the leaders in security devices along with Cisco, Palo Alto, and Check Point.

I would rate Fortinet FortiGate a nine out of ten. It is stable. It has quite a lot of features, such as IPS, VPN, etc. It is affordable for our customers. It is a good choice.

I use it for a VPN. I use it as a gateway between locations. That's what I use it for.

They're Point-to-Point Networks, Metro Ethernet Networks, and over across the internet. We set it up with an AD VPN tunnel in between the various connections.

We use it for interconnectivity between the various sites to provide VPN tunnels. In contrast, service providers, even on Metro Ethernet and Point-to-Point Networks, cannot provide a secure connection between two points.

We've actually replaced 30 or more Cisco routers that were doing these VPN connections, and we replaced them with the FortiGates in order to provide Point-to-Point connectivity. It increased throughput on the various links, and it increased security.

Their VPN connection, their routing capabilities, their layer three throughput, and their firewall management capabilities that limit access from one VLAN to another are all the most valuable aspects for us. 

The solution is stable.

It can expand easily.

Support is helpful.

The product is significantly cheaper than, for example, Cisco. 

The user productivity has been good as they can, for example, transfer files easier. There is no slowdown. 

In their IPS Web Security Gateway, the reporting functions need to be a little bit more user-friendly for how to get the reports from it. That's one of the reasons why we don't use that function.

With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic.

I've been using the solution for two years. 

The stability is very good. There are no bugs or glitches, and it doesn't crash or freeze. 

We've been able to scale pretty well. It's not a problem of you need to expand. 

End users will be passing through it. Most of the accounting passes through it to various other locations. We have about 1,500 people on the product, technically.

We do have plans to increase usage. We have not completed the entire County yet. We've done 80% and still need to action the last 20%.

Technical support is very helpful. 

Positive

We used to use Cisco. We switched to FortiGate due to its throughput, ease of use, and cost.

Our needs are a little bit more complex than others. That said, overall, I would say it's about average in terms of the ease of setup. We got to do a VPN tunnel across, and it was AD VPN, it was something brand new. 

When I set things up now, it's pretty straightforward. When I first started, it was different as I'd never seen the technology before. When I first started, I'd never seen this technology, I didn't have a clue. Others may be in the same boat. 

Now that we're familiar with technology, this is very easy to set up. We've deployed 30 of them. I've got junior engineers that can follow my instructions and set up the FortiGate, and we're up and running. It gets easier over time. We've been doing this over the last two years.

We have up to two people needed for deployment and maintenance tasks. 

The deployment is completely done in-house. We didn't have any outside assistance. 

We did use Fortinet's tech support when we came into some problems. However, we didn't use any extra vendor.

Licensing is renewed every three to five years. They are less expensive e than Cisco. It has reduced the overall cost of maintaining a Cisco environment.

It's a package deal. There are no extra costs. 

We did not look into other solutions. 

I'd advise potential users to just implement the right size for you and what your needs are.

I'd rate the product nine out of ten. 

We are just a customer and end-user.

Fortinet FortiGate is a firewall used for network security.

Fortinet FortiGate has helped our organization because it provides us with all features that are existing in all the other firewalls, they have a great firewall. Fortinet firewall gives you all the controls you need to control and inspect your traffic from malicious attacks.

The most valuable features of Fortinet FortiGate are the ability to work in proxy mode, which other solutions, such as Palo Alto cannot. There are some features that are better that come at no extra license or subscriptions cost, such as basic SD-WAN. The DLT is useful, other solutions have the same feature too, such as Palo Alto.

Fortinet FortiGate can be deployed in the cloud, they have a full portfolio for security. You are able to integrate other Fortinet solutions together to take full advantage of their security portfolio.

The Fortinet FortiGate documentation library and full resources can be reached easily. You can search and find a solution to a problem you might have. Additionally, the overall solution is highly user-friendly.

Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility.

When using Fortinet FortiGate you sometimes have to use the CLI to do some configurations which can be sometimes more difficult than using a GUI that other solutions can use, such as Palo Alto.

I have been using Fortinet FortiGate for approximately 40 years.

The stability is very good in Fortinet FortiGate. If there are bugs or problems the issues are fixed quite quickly with updates. Palo Alto has a similar level of stability, they support their appliance from updates to the OS.

Fortinet FortiGate has good scalability. You can deploy it in multiple areas and in multiple deployment modes such as firewall, inter-firewall, or core firewall. Fortinet FortiGate has appliances on multiple series that have different performances. You can choose multiple areas or multiple sites.

I have not used the support from Fortinet FortiGate. I have solved the issues I have had from using my own experience.

I have used Palo Alto previously.

When comparing Fortinet FortiGate and Palo Alto, they are equivalent to each other. However, Palo Alto is the Gartner Magic Quadrant leader and is easy to deploy. It would be difficult to describe the advantages or disadvantages because they are very similar.

Fortinet FortiGate has simple ways some of the features can be configured, such as VPN and routing protocols. You need additional effort to do it using Palo Alto. Palo Alto has a more detailed required configuration and this is why extra effort is needed.

I would rate the implementation of Fortinet FortiGate a five out of five.

The process of implementation is easy.

The price of Fortinet FortiGate can be better than others solutions because Fortinet sometimes helps you with the prices. They help the customers buy the solution by providing them a discounted price for good technology to protect their environment from multiple exploitations and network attacks.

Fortinet FortiGate as a less expensive solution than Palo Alto.

I would rate the price of Fortinet FortiGate a four out of five.

I have evaluated other firewall solutions.

Fortinet firewalls are a great new generation firewall. Since we are in these pandemic times with the increasing number of remote workers, you need one solution to protect against the additional breaches on a day-to-day basis. This means you need a great SD-WAN solution. Fortinet FortiGate helps by preventing these attacks because it is a secure solution and you have full visibility of the scalability of the traffic. The solution takes the appropriate actions paths based on the FLAs

Fortinet FortiGate is an excellent choice for you to implement as an SD-WAN solution.

I rate Fortinet FortiGate a nine out of ten.

We have deployed this firewall for many companies. Our clients are financial and medical companies.

It enabled our clients to reach locations and access their applications easily with no latency. It provided ease of access.

Its threat prevention capabilities are most valuable. 

It's a user-friendly firewall. Most of the tasks are very simple. It's simple to configure and troubleshoot this firewall. 

The improvement is related to logs. Instead of the CLI, we should be able to have more insights into the logs of the firewall in the GUI.

I faced a lot of issues when I was trying to deploy the firewall through FortiManager. The firewall is stable, but FortiManager is too buggy, and it doesn't work properly. It gives too many errors.

There are some issues with Fortinet SD-WAN. It's quite complex.

I've been using this solution for more than four years.

It's a very stable product.

It's scalable. We have plans to increase its usage.

Most of the time, they are helpful, but there are times when they don't resolve an issue right away. They take the log, and then they take their time to give input on the issue. Most of the time, they take one or two days to get back after analyzing the logs. Instead of that, they can just schedule a session to resolve the issue right away because sometimes the issue impacts the production environment, so we need to resolve that issue as soon as possible. Overall, I'd rate them a six out of ten.

Neutral

I have worked with other firewalls. Fortinet FortiGate is better than Palo Alto and Check Point firewalls. It's more user-friendly.

I have deployed it for a bank at a core level. On the perimeter, there was a Palo Alto firewall, and at the core level, we deployed the FortiGate firewall at DC and DR locations. After that, we deployed SD-WAN. We replaced the MPLS switch with the Fortinet SD-WAN device, so the whole branch traffic comes to the SD-WAN box, and from there, it comes to the FortiGate firewall, and then it goes to the Palo Alto firewall for the internet access and resource access. While migrating branches from MPLS to SD-WAN, we did require a maintenance window.

There was no difficulty. It was very user-friendly. I have had many difficulties with the Check Point firewall. I have deployed major projects on the FortiGate firewall. I migrated more than a thousand branches on Fortinet SD-WAN and implemented FortiGate super massive firewalls at DC and DR locations. There were no complexities. Only at one location, I had an issue related to SD-WAN, but my query was resolved by Fortinet's local team.

It's an on-premises firewall for the DC and DR locations. I have never worked on cloud projects, but if there is any opportunity to deploy it on the cloud, I will do it. I have only done on-premises deployment.

I am an implementation engineer. I deployed and configured the whole firewall. I also troubleshot any issues. When I had any queries, they were clarified by Fortinet's engineers.

Its pricing is good. It's average or normal as compared to Palo Alto and Check Point firewalls. 

I didn't evaluate other options.

I'd recommend this firewall to others. Most of the time, when I do PoCs, I recommend Fortinet FortiGate. It's quite easy to manage and deploy.

I'd rate Fortinet FortiGate an eight out of ten.

Fortinet FortiGate is used as a network firewall.

Fortinet has been a Perimeter Security which defends our network from Internet attackers, armed with zero-day exploits of common Internet services like HTTP and SMTP. We applied access-control lists to limit classes of VPN users' access to only what they need as a support team or solution deployers. We Shut off unused network services and defended critical resources first. We Build Internet-style perimeters for partner extranets. We also built secured wireless access.

Fortinet FortiGate UTM has many valuable features, such as application control, advanced persistent threat protection, Web and content filtering, IP reputation, integrated WLAN controller, intrusion prevention system, data loss prevention, and antimalware, antivirus, and antispam. It has security features that are in level with the Firewall technologies that are available in the market.

One of the features that I would like to have is endpoint protection, this should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not.

I have been using Fortinet FortiGate for approximately 6 years.

Fortinet FortiGate has high availability, which means that we have deployed two firewalls. In case of any failure of a device, the other one will continue to work. Our university stays online 100% of the time.

Fortinet FortiGate is quite robust. I haven't had any kind of hardware issue. The system has been running very smoothly with all the upgrades as far as I have continued my support with Fortinet. We keep renewing the support every year, which gives us the eligibility for all the updates.

I used the Fortinet FortiGate support a long time ago. There was a small feature that was not functioning as per the documentation. When they released the latest firmware and the issue was resolved. They provide prompt support.

I would rate the support from Fortinet FortiGate a five out of five.

Positive

The initial setup of Fortinet FortiGate is straightforward we had an right person in-house for deploying it. Moreover, If required, Fortinet has its support extended to us. We can approach them anytime and they can assist us with any kind of complicated configuration.

We implemented the Fortinet using an in-house Technical support team.

There is a subscription-based model to use Fortinet FortiGate. We pay annually for the solution along with the support. If you want to have all the updates, and security patches you will need to renew your support.

The price of Fortinet FortiGate is reasonable compared to other solutions.

I have evaluated many other solutions, such as Sophos. If you look at Sophos, it has its own endpoint protection. It keeps a record of each client, what are the threats that have happened on each client level, and if there is a ransomware attack. It blocks it and notifies the firewall. I would be able to see a single dashboard view of what kind of threat has happened and how to mitigate them all.

Fortinet FortiGate is a good solution overall. It is very user-friendly and all the policies are very easy to deploy. I would recommend Fortinet FortiGate to any new users who want to have a secure infrastructure.

I rate Fortinet FortiGate an eight out of ten.

There are some better industry-standard solutions out there in the market, and compared to them, Fortinet FortiGate has to be more flexible enough with their solution to be more competitive.

We primarily use the solution for security. I've deployed it for some customers for protection. It is used for firewalls. I have experience with the secure SD-WAN version.

Our customers are happy, and when they are happy, it means they are happy with us. It helps our organization. Many customers are migrating to this solution as it increases efficiency.

The security fabric is excellent. It's great on Fortinet, generally. 

It is easy to deploy.

Our impression of a unified view of NetOps and SecOps is positive. It has a single pane of glass. It's excellent and very effective. We've been quite impressed with the visibility on the devices. We've been happy with it.

The integrated application protection provided by the solution is good. It's worth the investment. However, it does depend on how you apply it. It can help save on costs, depending on the setup. If you have it in a bank environment, each individual bank would have its own devices, and you can optimize everything. You can have some of the connections go direct from one customer to another. You can save a lot of money with a specific setup.

It's helped out operational efficiency. It helps us waste less time. A typical scenario helps us save time. Having a good connection at the head office allows other offices to maintain a good connection as well. It also has normal security features and more to help keep us safe while staying connected. 

We can remediate threats more quickly. We have a single pane of glass that helps simplify the protection and visibility. We can monitor other components, even Macs or data centers. We can address items automatically, no matter where they are located. Visibility really helps. 

It is helped us to reduce the mean time to detect. It can reduce the time to locate and detect effectively. It is remarkably shorter when using Fortinet. It's also reduced the time it takes to resolve problems. 

The solution has helped us reduce Help Desk tickets. 

We have been able to future-proof businesses with branches. We don't have branches in our office. However, we have seen benefits ourselves in terms such as load balancing, et cetera. A fiber connection helps ensure backups are seamless. We can run a backup at less cost, and knowing that we have a backup help with peace of mind. Accessing a secure network ensures this. 

I haven't had a single issue since using Fortinet. 

I've been using the solution since 2018.

The solution is very stable. 

It is a scalable product.

Technical support is always top-notch. I always get good support.

Positive

The initial setup was pretty easy. It was not difficult. 

Everything I did was in one day. If I have to do some fine-tuning, that takes a little bit longer. Typically, one day is enough to deploy. 

The pricing is moderate. You get good value for money. Of course, any solution could be less expensive. For a company like ours, we'd always like to pay less. 

We are partners with Fortinet. We also use the solution ourselves.

Assessing the secure SD-WAN with its interoperability with other systems is hard to say. I've not deployed it with other OEMS as of yet. We haven't consolidated any tools or applications as of yet.

I'd rate the solution nine out of ten overall.

I'd recommend the solution to others.