Fortinet FortiGate Reviews

The solution improved the security posture and overall management's TCO.

One of the valuable features is a standardized OS.

It claims it does DLP, but the degree and level of controls are very basic. We recommend that our clients supplement it with other products.

There were no issues with stability.

There were no issues with scalability.

Customer Service:

Customer service is excellent.

Technical Support:

Technical support is excellent.

We did not use a previous solution.

We implemented in-house.

Work through partners for the best pricing.

We evaluated Palo Alto, Check Point, and Cisco.

I highly recommend Fortinet as a leader in integrated suite information security capabilities.

• Flexibility
• Flow tracking
• B2B VPN

It's good for what it is. I could achieve the same results with a pfSense firewall. This one just comes in a nice hardware package.

Better documentation about usage of the CLI. I learned most of what I know in diagnostic functionality through saving SSH sessions with the customer support staff while in WebEx sessions.

I have tried looking up the manuals. They are OK in some respects, but I feel exhaustive documentation about the CLI "with examples" should be there, and I feel it's not.

I'm saying, hey lets consolidate some of the primary real world scenarios like:
Section A: - Troubeshooting B2B VPN peering with a business partner or client when initially setting up the VPN tunnel.

Inevitably, there are always quirks and nuances between the fortigate vendor versus peering with a Palo Alto or an ASA firewall or even a Juniper SSG.

Imagine providing all steps, command line syntax, and GUI (if available) and how to take steps to debug the flow and see what's failing.
Sometimes it's super hard to figure out what's wrong with a fortigate VPN unless you know the commands on the CLI to see the flow and how to interpret it.

If they had all the methods / syntax and the "how's and why's" for a scenario; even possibly an instructional video showing how via the CLI and gui alongside the documentation. It would be like the pearly gates had opened and I had gone to heaven.

I have used it for three years.

I never encountered any stability issues. It is a very stable product.

Scalability's not been an issue for my org. We only utilize it for certain applications.

Technical support is excellent, although it can be a bit difficult to understand the tech. As with most support staff from almost all vendors now, the support comes from somewhere across the pond.

On the site where the FortiGate is stationed, it's never been changed out.

Initial setup was straightforward.

Buy the support package! Upgrades, advice about upgrade paths, and troubleshooting help is paramount. There have been some times where, without it, I'd have been dead in the water.

This was an in-place firewall when I integrated the site to my org.

Figure out what features you want, and what policies you want. Look up how to do it in advance, and create an implementation plan.

Plan for policies, routing, NATting, etc. Create a step-by-step process in advance, possibly create the environment in a DEV sandbox, test it, then implement.

It has a good feature set. However, sometimes you are forced to solicit technical support to get it working.

Also, I find the web interfaces sometimes do not display things properly.

• Performances
• VDOM
• UTM
• Consolidated Management
• FortiGuard

• Endpoint control of mobile devices with Security Profiles compliancy checking, captive portal redirection, Antivirus, IPS and Web Filtering enabled on outgoing traffic (coupled to FortiClient solution)
• Identity-based policies used to authenticated and profile users and guests whatever the media used to access the network (ie. Wired and WiFi)
• Dynamic BGP routes injections to divert traffic requiring UTM inspection or DDOS mitigation
• Two-Factor Authentication VPN SSL for itinerant users (coupled to FortiToken solution)
• Active/Active cluster load-balancing http/https traffic
• GTP tunnels inspections over GPRS backbones for pure-player telco operators
• Distributed WiFi infrastructure with UTM enabled and managed from the central console like signatures and firmware updates
• Classical IP/IPv6 Firewall with consolidated-management

• Fix all pending bugs present in 5.0.x branch
• Improve the testing process of newly published firmware like using real and representative configurations submitted to consequent traffic load during a while
• Support SNMPv3 INFORM requests
• Uniform the scheduled backup between FortiGate, FortiManager and FortiAnalyzer
• Integrate graphical troubleshoot tools for policies based on devices or user identities

4.5 years

Some few non-blocking bugs present in the latest release and which are now solved. In the past I encountered serious bug regarding SCTP and GTP supports. Fortinet helped me to qualify the bug, implement a temporary workaround and then published appropriate patches rapidly.

No. I always used the latest qualified-stable firmware recommended by Fortinet and check by own testing methods the stability of HW and SW before deploying anything into customer premises.

With design and dimensioning parts well achieved I never encountered scalability issue. However it happened I had to troubleshoot some slowness and latency issues on existing projects already running live. Most of the time they were due to some design issues and non-optimized configurations like for instance “in” and “out” ports not handled by the same NP, policy rules non-optimized and non-used features enabled.

Very good.

Very good.

• CISCO ASA: Too expensive, performances issues, non-consolidated management between traditional ASA and inspection ASA CX, not the best security engines
• Checkpoint: Very expensive but good solutions, not the leader in UTM segment
• Juniper: Expensive but good solutions, not the leader in UTM segment
• Cyrberoam: Attractive prices but not yet tested, looks like promising
• Arkoon/Netasq: Obsoletes (Stormshield not yet tested)

It was quite simple if you have at least a minimum of experiment with Firewalls integration. It is now even simpler thanks to the FortiExplorer application.

In-house.

Taking into account the price criteria, nowadays Fortinet always wins offers in front of competitors like CISCO and Checkpoint. Mixing this key-point with other success keys like UTM features and performances.

Contact Fortinet or Fortinet’s partner and ask for a POC.

It offers a proxy and a firewall.

It has a better processor than CheckPoint.

It's not intuitive, as the rules will be in the last place you look. You can look for a report for an hour, eventually getting a blank page. User experience for the administrator is basically not good as it needs to be more proficient.

I've used it for two years.

I have five ISPs, and it was hard to connect the LAN to the WAN. It did not go well and I had do to a roll-back.

The product is so stable I don't need to have a cluster.

I use a service given by the integrator and it's better than Fortigate’s. The integrator gives me a guarantee that they will immediately replace my machine if a problem occurs.

I use a service given by the integrator and it's better than Fortigate’s. The integrator gives me a guarantee that they will immediately replace my machine if a problem occurs.

I used an open-source product name Squid.

It's straightforward, and was transparent for the users.

We did it in-house.

It costs $200,000 and is only a bit better than the open source solution, which was free.

You don’t have to buy the Fortigate analyzer, as you can also get the reports using Fortinet.

It's fine as a firewall and as a proxy. You need to configure the rules right or else it will be hard to keep up with the logs.

We use Fortinet FortiGate as a network firewall.

The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. in  Fortinet FortiGate you have to use additional tools to have the features needed.

We need to use FortiAuthenticator to have additional bandwidth. Fortinet should include more features in the solution instead of having separate tools.

I have been using Fortinet FortiGate for approximately three years.

Fortinet FortiGate is a stable solution from my experience.

The scalability of Fortinet FortiGate is good.

The technical support from Fortinet FortiGate is 24 hours a day seven days a week, and 365 days a year. The support is good from Fortinet, and local distributor partner support has been helpful, we highly recommend them.

I have previously used pfSense, Sophos Firewall, and other endpoint solutions.

The initial implementation of Fortinet FortiGate is not complex because the GUI environment is easy to use. We can do a lot of things in the GUI. If the configurations engineer, network administrator, or network engineer has knowledge about firewalls, the process will not be complex. It can easily be managed.

The price of Fortinet FortiGate when compared to other solutions is high. However, my knowledge of the price is from third parties and I am not sure how accurate it is. I typically work in the technical area of my organization.

I rate Fortinet FortiGate a nine out of ten.

I am primarily using FortiGate to provide a hardware VPN or an equipment base of VPN to a central office. I am only using a small fraction of its capabilities, so I'm not pushing it at the edges.

Using this product makes the VPN seamless and almost invisible to me in the sense that I don't have to think about it.

Once it is in use, it is intuitive to use. Once it's in place, it doesn't require any further interaction.

The initial setup and configuration are not intuitive and require training.

I have been using Fortinet FortiGate for approximately four months.

The stability has been rock-solid, and I haven't seen any glitches or bugs at all.

With only two people in the company, we haven't needed to scale. Our roles include software development and providing technical support for various clients.

I have not needed to contact technical support.

This is the first firewall product that I have used.

The initial setup is fairly technical and it's not something the untrained person would want to do. You need to know what you're doing in order to set it up.

The price of FortiGate is reasonable. In terms of the market, it's not a cheap product, but it's cost-effective.

I purchased this product because this is the one that the central office supports.

In summary, this is a good product, it works, it doesn't need any attention, and I'm satisfied with it. Although the initial setup is slightly complex, security is a complex question and I'm not sure that it can be simplified.

I would rate this solution a ten out of ten.

VPN Over 3 Location Across India and We Get SD-Wan + UTM from Fortinet and Final got Solution SDWAN as well as UTM for Every Location 

• Single pane of glass management
• Easy GUI for monitors
• Logical Network Diagram from GUI
• Physical Network Diagram from GUI
•  

FortiGate is really strong in the following:

• UTM
• IPS
• Antivirus
• App control
• AntiBotnet
• Anti-Spam 
• Web content filtering
• IOC (indicator of Compromise)
• Web Application Firewall
• Vulnebarity Management 
• FortiView
• L3 routing

Need to Improvement in Reporting

We have been using it for the last nine years.

Stability is fine. I rebooted after 755 Days from the date of installation.

Scalability is Fine.

Customer Service:

Partner support is very good.

Technical Support:

FortiGuard Service is also good with the push method update.

We were previously using SOPHOS.

Easy by WebGUI and also mobile app.

We have implemented in-house.

Excellent ROI, due to virus spambot intrusion free network.

It's a little bit higher than Cyberoam but the security is More higher compared to the other vendor.

Sophos, Check Point, and SonicWall.

Buy FortiGate for a hassle free network management and excellent ROI.

The features that I have found most valuable are the SD-WAN and their IP4 policy.

In terms of what could be improved, the SD-WAN is quite difficult, because if you install in the new box, 15 is okay, but if you change from an old configuration, if there is already a configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface.

I have been using Fortinet FortiGate for about two years.

Fortinet FortiGate is stable so far. We had a difficulty, but after we opened the support, we found out that it was only from having the wrong config. But so far, it is stable.

So far our biggest client is only FortiGate 400, a small-medium business.

Their technical support is very helpful, although they only have it for their in-the-box and sometimes we have difficulty with the out of box, with the ISP or other things. So we must find a solution for the customer. But if it is the wrong product or if there is a configuration issue in the product, yes, they're very helpful.

I have also worked with the Hillstone network, with Palo Alto and with Barracuda.

In terms of support, so far FortiGate is helpful whereas with Barracuda I didn't get the support like FortiGate.

The initial setup and new configuration are very easy. It is very user-friendly. It's only three clicks from the menu, two or three sub-menus and we already have it configured. It's not difficult because we have experience with the SonicWall, Palo Alto, etc.., but Fortinet is user-friendly.

In terms of price, FortiGate's price is reasonable. Most of the customers stand by it, and are aware that the price is worth it for the performance.

In terms of advice for anyone looking to use FortiGate, you need to learn about trouble-shooting, because sometimes you find out you have the wrong configuration, not because of a FortiGate problem or FortiGate config, so you are responsible to handle the trouble-shooting.

On a scale of one to ten, I would give Fortinet FortiGate a nine.

One thing they could offer is a version that already has the configuration. This would make it easier. This is something that I would request. I worked with Barracuda, I worked with Palo Alto. If you want it easy. It's very easy. But FortiGate needs to have something more like that, to do it faster.