Fortinet FortiGate Reviews

My main use case for Fortinet FortiGate is controlling our incoming and outgoing traffic as it's installed in our data center. We're managing all the VPNs, IPsec VPNs, over 48 VPNs with our Fortinet FortiGate. We are also controlling network attacks and threats using IPS/IDS, using web filter, and URL filtering. We are bounding users to access the relevant sites only by using the URL.

Fortinet FortiGate has positively impacted our organization by providing stronger network security as it's a next-generation firewall. The IPS we have blocks known threats and vulnerabilities in real-time. Application control detects and controls thousands of applications, blocks P2P, and limits social media.

SSL inspection scans encrypted traffic, even TLS 1.3 for hidden threats, advanced web filtering, antivirus, and anti-malware. The result is fewer breaches, blocked attacks, better compliance, and simplified and secure WAN connectivity, intelligent link selection based on latency, load balancing across multiple ISPs, and automated failover.

We can run routing protocols very easily, such as BGP. We are using BGP over IPsec VPN for our multiple branches and different stations. We are using BGP over Fortinet FortiGate so it's automated. If one ISP goes down, it will shift automatically without requiring human or network administration involvement. It improves VPN and remote access, including SSL VPN and IPsec VPN as well.

The best features Fortinet FortiGate offers include the SD-WAN, which really stands out, and the comfortable GUI. The IPsec VPN configuration is very user-friendly. Compared to Huawei firewall, Fortinet FortiGate offers more features and is more user-friendly.

In terms of security features, Fortinet FortiGate has Deep SSL/TLS inspection, which is very limited in Huawei NGFW firewall. The AI-powered features in Fortinet FortiGate are more advanced compared to Huawei's basic filtering. The SD-WAN is built-in and mature, while Huawei's support is less feature-rich.

Application control is very granular with signatures, while Huawei is less extensive. The management and usability of Fortinet FortiGate is clean and user-friendly, compared to Huawei's more complex user interface. FortiOS CLI is popular and well-documented, while Huawei, Cisco, and Juniper differ from standards. Fortinet FortiGate offers centralized management through FortiManager and FortiAnalyzer. The reporting, logs, and firmware updates are excellent and stable in Fortinet FortiGate.

Fortinet FortiGate can be improved, specifically in the user interface and UX enhancement. The GUI, especially in older FortiOS versions, can be cluttered or slow. Improvements could make the UI more modern and responsive with a quick dashboard, real-time visibility, health checks, and improved policy editing with bulk changes and better search filters.

Policy management in a large environment becomes complex when managing dozens or hundreds of policies. This could be improved by introducing better policy grouping and tagging for more intelligent policy optimization suggestions, such as unused rules or shadow rules.

The built-in logging and reporting is limited without FortiAnalyzer. Internal reporting tools should be enhanced with graphs, trends, PDF exports, alert-based thresholds, and real-time traffic summaries without requiring FortiAnalyzer, which requires additional payment.

User identity integration with LDAP, AD, and user-based rules can be tricky or limited. Additionally, SSL users cannot change their passwords themselves, which should be included in the OS functionality.

I have been using Fortinet FortiGate for six years.

Fortinet FortiGate's scalability is good, and it can handle our organization's growth and needs as it's expanding.

When choosing Fortinet FortiGate, you must know your network size and use case. Choose a FortiGate model that fits your current network and allows for future growth. For small offices and branches, you can use 40, 48, 40F, and 60F series. For medium offices, 80F and 100F are suitable. For large enterprises, you need 200F, 400F, 600F. For data centers, 1000F is recommended.

It's advisable not to buy a model that barely fits; choose one with headroom for future expansion. Always check key specs based on your needs, such as firewall throughput, threat protection throughput, VPN throughput, maximum concurrent sessions, and ports. Check if you need SFP, PoE, or 10G ports.

Consider the features you actually need, such as SD-WAN, SSL VPN, application IPS, AV scanning, Wi-Fi AP support, or central management. If you need central management, you can use FortiManager. Look for FortiOS version compatibility as the F-series offers clear advantages. Make sure your team can operate and manage it with experienced Fortinet engineers.

My review rating for Fortinet FortiGate is three out of ten.

Fortinet FortiGate is among the best firewall solutions, having a significant market share in Egypt. Fortinet FortiGate has a very simple configuration, is easy to set up, and includes SD-WAN features at no additional cost. I recommend Fortinet FortiGate to act as an internet or perimeter firewall.

Features such as URL filtering, intrusion detection, and threat prevention make it suitable as a perimeter firewall. It also includes free SD-WAN features. It is recommended when any customer has more than one site, as it can act as an SD-WAN solution without any extra licenses, with SD-WAN being a built-in feature. It is a very easy solution.

From my experience, I see that the datasheets of the Fortinet FortiGate portfolio need to be more accurate because correct sizing is essential. The datasheets should provide clear information when deploying features. 

When comparing Fortinet to all other vendors, I believe most features are available in Fortinet. I'm not sure if the DNS security license is available in Fortinet; if not, it is important to add Fortinet DNS security and sandboxing licenses. I know Fortinet has a separate sandbox solution, but I am unsure about sandbox features in the firewall. In contrast, Palo Alto has a DNS security license, email security, and WildFire license that serves as a sandbox solution.

I have been working with Fortinet FortiGate for around eight years.

I find Fortinet FortiGate to be very stable.

The scalability of Fortinet FortiGate depends on the project. If the project meets accurate sizing, it can be scalable, but if the presales engineer does not accurately size it, Fortinet FortiGate can have limited resources to scale. It depends on the project.

I evaluate Fortinet's technical support as a seven out of ten. They aren't the best support, but when we need assistance with any features or field activities, we can utilize the internal support team of the vendor located in our country.

Neutral

I believe it is cost-effective. With Fortinet FortiGate, we can pay once for every renewal period, and there are no CAPEX expenses because Fortinet FortiGate is easy to configure, easy to manage, and familiar to most engineers. 

It is not the cheapest one, but its price is very competitive.

When comparing Fortinet FortiGate to Palo Alto or other firewalls I've worked with, Fortinet is more stable, easy to configure, easy to manage, and is competitive in price. 

Fortinet offers multiple product sizes suitable for various enterprises, including small, medium, and enterprise customers. Compared to Palo Alto, Fortinet offers a free SD-WAN feature while Palo Alto requires an SD-WAN license with more costs and several licenses. However, Palo Alto does offer more advanced features than Fortinet. A notable difference is that when the Fortinet FortiGate license expires, the box still works until the customer renews the license, while with Palo Alto, the box stops entirely and the customer must renew the license to continue functioning.

My experience in integrating SD-WAN capabilities with Fortinet FortiGate in the network shows that the integration is very simple and has a straightforward configuration.

The Fortinet SD-WAN solution consists of multiple products. To create or set up a full SD-WAN solution, it needs two products from Fortinet: FortiGate and FortiManager, which is a centralized management solution, and FortiAnalyzer, which is a log management solution. SD-WAN connects more than one site. It centralizes management and logs. Fortinet FortiGate with SD-WAN does not require any extra license, but to have the full SD-WAN solution, it is required to have FortiManager and FortiAnalyzer for several reasons. Fortinet products can be VM or hardware.

I have worked with the hardware-assisted DDoS protection in the Fortinet FortiGate, and I think it's good.

I recommend the Fortinet FortiGate when acting as a perimeter firewall, and some customers use it in the data center. I recommend another vendor in the data center, but our customers are very satisfied with Fortinet FortiGate when acting as a data center firewall.

I have limited experience with the AI and machine learning enhanced FortiGuard services, but I know that Fortinet is leading this trend. 

Fortinet FortiGate provides SD-WAN and SASE solutions to secure any type of user and any type of traffic. It has many features, including a secure web gateway and secure service edge, helping users access the internet and applications, whether inside or outside.

I would rate Fortinet FortiGate an eight out of ten.

For FortiGate Next Generation Firewall (NGFW), I use it primarily to connect with other companies through IPsec VPN. Any other security measures are on AWS itself, not on FortiGate. I'm someone who's familiar with FortiGate from previous jobs, so I use that, but it's how we're using it right now.

The IPsec feature of FortiGate Next Generation Firewall (NGFW) is valuable to our company because we need to connect quickly VPN connections with other companies in our networks, and there are many connections in some cases. We need to keep it as secure as possible, maybe one-way connections or particular ports. FortiGate is the best option, at least that I'm familiar with, that can answer all of that in one product that is mostly easy to use.

In our case, the deployment options of FortiGate Next Generation Firewall (NGFW) are not scalable, but in terms of connectivity to other companies, that's exactly what we needed, and that's exactly what it does perfectly, what is needed.

The most valuable feature for our company using FortiGate Next Generation Firewall (NGFW) is the IPsec feature, but actually FortiGate is known for good UTM products such as application filter and web filtering. We don't use it here, but in previous companies I used it on a daily basis.

One of the benefits I've realized from using FortiGate Next Generation Firewall (NGFW) is that it's secure and allows functions such as VPN. You can control Wi-Fi and other things from within, if you have FortiNet devices. It's an easy to use product, yet it allows you all that is needed, or at least all that you can do. Whenever there is a security breach, FortiGate is known to patch it very quickly from what I've seen.

Since FortiGate Next Generation Firewall (NGFW) was implemented, there was a thought in the company about using the VPN that AWS itself provides, but it's far from being as good as FortiGate.

The process can be improved in terms of explaining exactly how the installation should be done step-by-step on AWS, because there are network considerations such as security groups. From what I could find, I didn't do extensive research, but it didn't seem obvious enough in that case.

I do not utilize the intrusion prevention and web filtering features of FortiGate Next Generation Firewall (NGFW).

The ability of FortiGate Next Generation Firewall (NGFW) to inspect SSL encrypted traffic is not applicable in the current position, but in previous companies, it was really seamless whenever we used it. It just worked seamlessly.

I don't recall if we use a centralized management console for FortiGate Next Generation Firewall (NGFW) in maintaining oversight across distributed networks.

In my opinion, FortiGate Next Generation Firewall (NGFW) could be better by having specific models for home usage. I'd wish to have a FortiGate in my home, but the licensing isn't something that I want to purchase for home usage.

I have been using FortiGate Next Generation Firewall (NGFW) almost since day one at this company, which I have been with for three years and something.

I experienced the stability and availability of FortiGate Next Generation Firewall (NGFW) more in the previous company. In terms of stability, mostly it is okay; however, in some cases, there are features, especially the UI, that tend to have issues. In some cases, you need to restart it, but mostly, it's working flawlessly, especially if you have an HA environment, high availability.

In our case, the deployment options of FortiGate Next Generation Firewall (NGFW) are not scalable, but in terms of connectivity to other companies, that's exactly what we needed, and that's exactly what it does perfectly, what is needed.

I'm certain that what it allows us in terms of connections to other companies is a straightforward solution that you don't have to use something else. It's easy to configure a new connection, and it works in a few minutes if everything works fine.

In this company, I may have worked with FortiGate Next Generation Firewall (NGFW) support one time, but in my previous company, I actually worked with them extensively. We had multiple FortiGate devices across multiple offices around the world, and we needed to switch them from one account to another sometimes. So I encountered FortiGate support quite frequently.

I would evaluate the level of support for FortiGate Next Generation Firewall (NGFW) somewhere between seven and eight. My experience might be outdated because lately, I haven't had much experience with that. In some cases, you need to come prepared because the people there work by the book and ask for particular things. If you don't have them, you cannot proceed, but if you know what they need, after some time, it's pretty easy to get support or whatever you need.

Neutral

I don't have enough information on other products that I can tell the pros and cons of FortiGate Next Generation Firewall (NGFW) versus its competitors.

The setup was already done, but from what I read, we considered putting it in another environment that we have, yet we didn't because we didn't actually need the environment at all.

I don't know if my company has seen return on the investment from FortiGate Next Generation Firewall (NGFW), but I'm certain that what it allows us in terms of connections to other companies is a straightforward solution that you don't have to use something else. It's easy to configure a new connection, and it works in a few minutes if everything works fine.

Pricing isn't something applicable for me regarding FortiGate Next Generation Firewall (NGFW) because it was already set up once I came to this company.

Since FortiGate Next Generation Firewall (NGFW) was implemented, there was a thought that crossed in the company about using the VPN that AWS itself provides, but it's far from being as good as FortiGate.

I would rate FortiGate Next Generation Firewall (NGFW) as a solution a 10 out of 10. I do love FortiGate.

I give it a 10 because, in my experience, FortiGate Next Generation Firewall (NGFW) is a product that allows you to do many things very easily. If you don't appreciate something about the way it works, you have enough playground to change it to suit your needs.

For someone considering FortiGate Next Generation Firewall (NGFW) for their company, there was a demo online version that they have on their website that is easy to access. You can play with it and see almost all the features in action. That's an easy thing to actually test. Obviously, you cannot connect it to your network and see things live in your case, but it is still a good example of how things work.

Me and my team have been managing site-to-site and remote access VPNs. We have been doing centralized logging through FortiManager and applying security policies, such as web filtering and application control across distributed branch locations. 

I have also handled firmware upgrades, security patching, and integrating the Fortinet FortiGate logs within SIEM tools, such as Splunk, for threat monitoring.

I have integrated SD-WAN capabilities with Fortinet FortiGate by configuring multiple WAN links for dynamic path selection, load balancing, and failover based on performance metrics. I have used application-aware routing to prioritize critical traffic, such as VoIP or business apps, over high-quality links, while sending less critical traffic over backup circuits. We have managed and monitored these through FortiManager and FortiAnalyzer, ensuring visibility and automated alerts if link performance degrades.

The network performance has shown a significant positive impact. By utilizing features such as dynamic path selection and application-aware routing, we've been able to reduce latency for critical applications such as VoIP and video by 20-30% during peak times. Additionally, we’ve minimized downtime through automatic failover between links. This approach has also allowed us to cut costs by routing non-critical traffic over lower-cost circuits while keeping high-priority applications on premium links.

I have used the unified SASE feature a little bit, and it is very effective because it consolidates firewall, IPS, and other features such as sandbox into a single platform. It simplifies the management since we do not have to rely on separate appliances. It also helps with faster threat detection and response, especially when paired with FortiAnalyzer and SIEM tools, such as QRadar. The logs and events are correlated automatically, which makes a significant difference.

Something that stood out for me once I started using Fortinet FortiGate was the centralized management through FortiManager and how easily I could deploy consistent policies across multiple sites. The VPN configuration was also very straightforward compared to some other platforms. The integration with SIEM tools makes monitoring and incident response much smoother, which stood out to me. 

For the future, one improvement area is the complexity of SD-WAN configuration. When managing a large number of sites, the GUI is user-friendly, but when scaling deployments, it sometimes requires more manual fine-tuning or scripting. 

Another concern is reporting. FortiAnalyzer is powerful, but generating customized reports can be cumbersome compared to some other tools. Additionally, seeing deeper automation and API integrations would be beneficial so that policy updates and SD-WAN changes can be pushed faster across large environments.

I have been using FortiGate for about four to five years in various settings. My experience includes working with Fortinet FortiGate and other firewalls and Panorama across multiple roles. I have been involved in designing as well as managing policies. Additionally, I have handled upgrades and migrations.

The performance and stability of Fortinet FortiGate has been strong in both small and large environments. The throughput and latencies are very good, even with multiple security features such as IPS, antivirus, or SSL inspection enabled simultaneously. I have found them to be reliable with minimum downtime. The Fortinet high availability features work effectively to ensure continuous network availability.

Scalability is quite straightforward. They can scale from small branch offices to large enterprise environments. Their model hardware options and virtual firewall instances allow flexible deployment. For larger data centers or higher complex environments, sometimes Palo Alto or Cisco solutions offer more advanced scaling options, but Fortinet FortiGate is definitely competitive for enterprise needs.

I have worked with them a bit, and we usually start by opening a support ticket through the Fortinet support portal. I also remember calling their TAC hotline directly for priority one issues, particularly for major VPN outages or SD-WAN failures.

I typically provide the necessary diagnostics upfront, such as logs, packet captures, and debug outputs, so we can move quickly towards a resolution. Most cases are resolved fairly quickly, but for more complex bugs, they may suggest fixes or recommend firmware updates. In such cases, it just takes a bit more time.

I would rate their support an eight out of ten. They are generally very responsive and knowledgeable, especially regarding firewall and VPN issues. While resolutions can take longer for complex problems or new features, overall, the support team is very helpful and proactive in providing patches and workarounds.

Positive

I have used many alternatives to Fortinet FortiGate, including Palo Alto Networks firewalls and Cisco ASA Firepower. Palo Alto has strong application visibility and threat prevention, while Cisco excels in routing and integration. I have also worked with Juniper, which is great for scalability, and Check Point. I am comfortable adapting to different firewall ecosystems depending on the environment and requirements.

It wasn't that hard. Overall, it was pretty straightforward. For smaller sites or branch offices, the GUI is intuitive and clear. FortiManager helped streamline policy pushes across multiple devices, which made it easy to manage. However, for more complex deployments that involved SD-WAN or advanced features, there was some initial complexity in fine-tuning configurations and integrating with our existing infrastructure. Despite this, it was manageable with good planning and testing. Overall, the process was relatively easy.

Maintenance is definitely a part of my role. I am responsible for applying firmware updates, security patches, and configuration backups on FortiGate devices to ensure stability and security. While Fortinet provides regular updates and technical support, the day-to-day maintenance, monitoring, and troubleshooting are handled internally by our network team.

I haven't looked into that directly, as I am not involved in the purchasing or budgeting aspects. However, I believe Fortinet offers competitive pricing compared to other enterprise firewall vendors. Their licensing model is straightforward, especially regarding security features like anti-filtering, IPS, and web filtering.

The choice really depends on the specific features needed, such as advanced SD-WAN capabilities, which can increase costs. Therefore, it is important for organizations to plan their licensing effectively to optimize value.

I have used FortiClient as part of the Fortinet SASE deployment, primarily for remote users, providing secure access via VPN and ZTNA, along with endpoint protection such as web filtering and threat detection. I have also deployed it to integrate with Fortinet FortiGate and the cloud so users can get consistent policies whether they are on-site or remote. It is useful because it centralizes management and policy enforcement, but I have noticed it can use more system resources on endpoints, so tuning the profiles is important for performance.

I would rate Fortinet FortiGate an eight out of ten. It offers a great balance of performance, security features, and ease of management. However, there is room for improvement in areas such as scalability for extremely large environments and deeper automation. Nonetheless, it is a solid platform that fits well in most enterprise networks. Therefore, I would give it an eight out of ten.

We don't have any issues regarding security, and our web server is running fine with protection from all threats.

The best features of Fortinet FortiGate are that it does the job effectively and protects our environment. It has a VPN and can create a virtual IP for a web server and functions as a standard firewall.

We faced difficulties with the configuration because there are many features we could optimize using Fortinet FortiGate, but our reseller didn't have a good understanding of it. So, we just use it on a basic level, not with the best practice for using FortiGate.

We have been using Fortinet FortiGate for around five years.

Overall, I find Fortinet FortiGate to be very stable. Fortinet FortiGate demonstrates consistent stability.

In my case, the 101F is not scalable. I faced problems with scalability related to memory. When we hit 100% memory usage, it stops the internet connection, so we need to control the traffic. We cannot increase the memory.

We have about 350 users and only one admin.

My experience with Fortinet's technical support is good and helpful. The response time and overall competence meet our expectations. I would rate their support a seven out of ten.

Neutral

We used Juniper before Fortinet FortiGate. We switched because it was an old one and reached the end of support. We had to change.

We were supported by a third party and the reseller. During deployment, it was not a good experience because of the reseller. We had challenges with the optimized configuration. 

The deployment took around three months.

The reseller helped us with the implementation. It has been a long time since the implementation, so I don't remember the name of the company that helped us.

Our IT has six people for deployment, and we used two staff members.

We have seen a return on investment with Fortinet FortiGate. The ROI calculation is based on potential loss prevention rather than traditional ROI metrics.

Its pricing is good. The advantages of Fortinet FortiGate over its competitors include good pricing and meeting our requirements at a lower cost. Palo Alto's features are superior, but too expensive.

I compared other brands, such as Palo Alto and Sophos, and chose Fortinet FortiGate. Palo Alto is the best, but it is significantly more expensive. Palo Alto has better capabilities than Fortinet FortiGate. Their protection is much more secure, and they excel in detecting intrusion and reading information. 

I would rate Fortinet FortiGate an eight out of ten.

There is a tool called FSSO, which is a single sign-on user ID agent that works perfectly. You can configure anything on it, and it is better than Palo Alto's version.

The GUI is written in JavaScript, so when you move any object or policy to another one, it becomes easy to use. It is user-friendly and not complex for network configuration.

Run Script is the best tool to use in Fortinet FortiGate with multiple environments. You can perform multiple tasks at once with the script functionality. It is available through the GUI, whereas in Palo Alto, you need to run it in a separate tool, such as Python.

I prefer Palo Alto over Fortinet FortiGate. Its IPS engine is not better than the Palo Alto version. The monitoring tool needs improvement, and the syslog configuration needs enhancement.

The management plane and control plane are not separated as they are in the same hardware devices, whereas in Palo Alto, everything is separated. So, if the CPU and GPU usage gets higher in the data plane, the admin also becomes unreachable.

The web filter in Fortinet FortiGate is not very useful. While you can add web filters in security policies, it is difficult to understand and not flexible to use.

Fortinet FortiGate frequently experiences IPS engine problems. 

I have been working with it for four to five years.

In most cases, the IPS engine uses too many resources, which makes Fortinet FortiGate devices unstable. When clients encounter different issues, the IPS engine is usually the problem because it consumes excessive resources.

I have not worked directly with technical support, but I am familiar with the distributor, partner, and vendor. People who work with Fortinet provide adequate service.

Positive

I mostly migrate from Fortinet FortiGate, Check Point, and other solutions to Palo Alto. For migrations from various solutions to Fortinet FortiGate, it takes a few days, depending on the environment.

Fortinet FortiGate is cheaper than Palo Alto. It is about 20% cheaper. 

I prefer Palo Alto over Fortinet FortiGate. Fortinet FortiGate is not the best firewall, but it is acceptable. If you have a budget to buy a firewall and Palo Alto is too expensive, then Fortinet FortiGate can be usable. As an instructor in Palo Alto Networks who knows all the techniques, I naturally prefer Palo Alto.

For a small company or branch, I would choose Fortinet FortiGate because it is cheaper and the features are sufficient. However, for more critical environments, such as government institutions or banks, where privacy and security are paramount, I would opt for Palo Alto.

In a hamburger topology setup with the internet side and internal side, I prefer using Palo Alto Networks on the internet side and Fortinet FortiGate on the internal side. This creates a multi-vendor environment, avoiding dependency on a single vendor. The internet side requires more security, hence I would go for Palo Alto, whereas the internal side would benefit from Fortinet FortiGate's flexibility and ease of use.

I would rate Fortinet FortiGate an eight out of ten.

It is our security gateway that performs website checks and related security functions.

Fortinet FortiGate is stable. I am told that Fortinet FortiGate is one of the best solutions available, and I believe it. We rarely have any issues with it. My only concern is that they charge separately for every option that is available. It has not improved anything; it simply maintains and keeps operations going.

We are not utilizing Fortinet FortiGate to its full capacity because we have to pay for every small feature. It is also something I would replace once it starts to fail. Fortinet FortiGate appears very old, and everything we use requires additional payment.

Fortinet FortiGate has been with us as long as the switches we've had. It was already here when I came on board, and it was implemented when we started up the school facilities about 10 years ago.

I would rate it low because we rarely ever have to call support. When I call in, I do not have any issues to report.

Positive

We used to have a router, but we have since replaced them all.

It has not improved anything; it simply maintains and keeps operations going. Every year we pay close to $2,000 for this security, and we only use it for web filtering.

The unified security gateway would be my first option. I think it does not charge separately for every product we need to use.

We have Cisco products at our site, including Cisco switches deployed among our campus. We have Cisco WSC-3850 24-port switches, SG 300 28-port switches, and some old WSC-2960 48-port switches.

We use a Fortinet FortiGate 300e for our medium-sized organization. We have approximately 600 students, 200 staff, faculty, and office workers, totaling about 1,000 users going through it. It serves one location with three buildings.

We are planning to move away from Cisco switches as they have become quite expensive. Our strategy is to transition to Ubiquiti enterprise solutions.

This review has a rating of 5 out of 10.

We use Fortinet FortiGate 100F, which is one of two firewalls that we have, one at the entrance of the DMZ and one just outside. One is facing the internet, and the other is at the entrance of the DMZ. We use the one outside to essentially work as a VPN.

As compared to our previous firewall, WatchGuard, which is a good firewall, the successful hacking attempts were far fewer and further with the Fortinet FortiGate, but at the same time, I don't know if the credit goes to only FortiGate, as we have two firewalls versus one in the second implementation. Overall, it is more secure. The VPN is also more stable than the offering from WatchGuard at that time.

Fortinet FortiGate is one of the most solid and secure firewalls as long as you keep it up to date. The price is right; it's not very expensive. 

It's quite feature-rich. While we've mostly used the VPN, we've also utilized it to create high availability. 

We are pretty happy with it. If anything, I believe the web interface could be simpler, especially for someone who has limited networking experience. I mostly do administration, and I found Cisco to be the hardest major firewall manufacturer to deal with, with Fortinet FortiGate being the second hardest for me. In comparison, there's a bit of an easier and more user-friendly interface with WatchGuard.

I have about three years of experience with the Fortinet FortiGate firewall. We also use FortiClient VPN.

The VPN was more stable than the offering from WatchGuard at that time.

I would evaluate the service and technical support of Fortinet FortiGate as pretty good. Whenever we needed them, they would be there for us. I would rate them a nine out of ten. We had no complaints, although they were sometimes extremely busy.

Positive

Before using Fortinet FortiGate, we were using WatchGuard, which is another good firewall.

The initial setup process was efficient, as it took us less than an hour to set up both firewalls.

I was involved in the deployment of the Fortinet FortiGate, handling the physical deployment myself while our vendor managed the initial setup.

We got the Fortinet FortiGate from Telus, which is a Canadian phone company. Our experience was excellent. They're a major phone company, so the services are never less than stellar.

The maintenance for Fortinet FortiGate involves just the occasional patch update. We have software that informs us whenever there's a new patch, and if it's critical, we run the patch update immediately; if not, we usually run it at the end of the month after it's released.

We had uninterrupted service. If one firewall failed, we still had a secure infrastructure. I believe we essentially had a great VPN compared to the alternative offerings, so that's a good return on investment.

It's good. I would rate the price of the Fortinet FortiGate as an eight out of ten. It's not the cheapest, but it's value for money. Given everything we've got out of it: the DMZ port, the VPN, and the high availability, it's a pretty reasonable price.

I would advise others considering or evaluating the Fortinet FortiGate to buy it. It's one of the best products for the price. 

I would rate Fortinet FortiGate a nine out of ten.