Fortinet FortiGate Reviews

1. The prompt and knowledgeable support behind them. 
2. Their reliability and their policy of pre-shipping replacements when a unit has failed.
3. The simplicity and clarity of their user interface and documentation.
4. Their 'cookbooks' that walk you through the most common installation scenarios.

I am a one-man show, so there is not much that can be done to improve the way that I function. However, these products provide best-in-class security at reasonable prices. 

One of the most helpful features is their VPN, the client could not be any simpler to set up and use.

I can't think of too much which they can improve upon. I just have not come across any situation where they have fallen short of expectations.

I am a consultant who supports these units for my clients who use them. I have had over 10 years of experience with Fortinet products.

The products are extremely stable. I have only had one instance where a unit did not function as expected, and Fortinet replaced the unit, despite the fact that it was still operational.

Scalability is the one area where there is room for some improvement. Currently, customers need to purchase more powerful units as their network traffic and requirements grow. Fortinet will occasionally offer trade-in credits in such situations, but this is not always the case. Their product line allows customers to scale from SoHo through enterprise-level requirements, which is what I like about them so much.

Their tech support is outstanding.

I have sold and supported other solutions in the past. Fortinet is not always the least-cost solution available, but from a value standpoint, I find them hard to beat.

Initial setup complexity will vary with the complexity of the installation. It is relatively straightforward and simple to set up basic configurations. More complex requirements entail reading through a lot of documentation in order to complete the firewall configuration because of the myriad of features and options that are available in their O/S. The 'cookbooks' are a big help in these instances.

Pricing and licensing have to be taken in context with value. Fortinet is usually not the least expensive alternative when considering an upfront investment, but if you take into account the support costs over several years, they are often as cost-effective as the 'cheaper' solutions.

In this particular instance, Fortinet was evaluated against an equivalent solution sourced from D-Link. I also evaluated a solution from Xirrus (now Riverbed) which promised better signal strength. However, when I ran the various WiFi planning tools from each supplier, the coverage differences did not merit the more expensive Xirrus solution.

Anyone evaluating this product should consult the documentation available and plan out their solution before making a decision. From personal experience, I find that I am able to save hours of planning and implementation time because Fortinet's documentation is so helpful.

Simplifies administration and upgrades overall security.

UTM/NGFW features and FortiCloud for logs and backups are awesome.

MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA.

No.

No.

Great support. It's quite good in Mexico.

Straightforward.

Great product with too many features at the right price.

The solution improved the security posture and overall management's TCO.

One of the valuable features is a standardized OS.

It claims it does DLP, but the degree and level of controls are very basic. We recommend that our clients supplement it with other products.

There were no issues with stability.

There were no issues with scalability.

Customer Service:

Customer service is excellent.

Technical Support:

Technical support is excellent.

We did not use a previous solution.

We implemented in-house.

Work through partners for the best pricing.

We evaluated Palo Alto, Check Point, and Cisco.

I highly recommend Fortinet as a leader in integrated suite information security capabilities.

These devices allowed my organization to connect a network of gas stations and convenience stores nationwide. The VPN capabilities provide a reliable connection to our corporate network over very low cost internet services (basically, any Internet service locally available can be used for this connections).

We also leverage the NGFW, UTM and WLAN controller features to provide security for corporate network traffic, and secure, content-filtered guest internet access for customers in the convenience stores. All this at a relative low cost.

• LinkGreat firewall capabilities
• Great IPS and web filter for small remote locations, with VPNs for tunneling to the corporate network, makes this device a solid choice for many sites.

Stability and technical support are the two major issues I have found with Fortinet.

We’ve had cases of unexplained bugs that go away with a simple device reboot. Software updates usually help with these issues.

I have personally found that Fortinet advertising can be misleading. The devices will usually fail way before reaching the capacity advertised in the data sheets, especially when you activate several of the features the device can handle. This is not a dealbreaker for me, especially because of the cost. But I would advise care when dimensioning the devices you’ll need.

Customer Service:

Customer service in Fortinet is OK. Lately they've been making efforts in this area. They actually call you when licenses are about to expire which is a nice touch on their part.

Technical Support:

I would say technical support is 6/10. I’ve found tech support to vary, sometimes being decent, sometimes painfully inefficient. Much room for improvement here IMHO.

We still use Cisco for some cases. However, where we need the advanced security and UTM features, Cisco’s prices can be very restrictive. Fortinet is a much more cost-effective choice for those cases.

Initial setup was very straightforward. Interface is very friendly and easy to comprehend.

Before choosing this product, we also evaluated Cisco.

Be careful with dimensioning. Don’t expect the device to handle ALL the features. Usually firewall, Web Filter and the WLAN controller work well. But if you need IPS, app control and AV, I would advise over-dimensioning the device a bit (taking Fortinet data sheets as the reference).

We have secured our LAN IP subnets with VLAN segregation.

Layer-3 firewall and routing are the most valuable features. We use it as an internal firewall for VLAN segmentation.

When we need to enable Netflow on the firewall, there is a high CPU and memory usage that occurs. They should improve that high CPU and memory usage that occurs.

There were no stability issues.

There were no scalability issues.

Technical support is good.

We were previously using the Check Point and Palo Alto software. The price and user-friendly GUI are the reasons that we switched to this solution.

It is an easy setup and configuration.

It's a user-friendly and stable firewall. You can safely use it for all small and big LAN networks.

It has given us improved security over the internet.

Ease of use, single console, Unified Threat Management (UTM) features.

NGN, reporting and controls.

We had some stability issues but we upgraded.

There was a hardware limitation, affecting scalability.

I would rate the technical support as 8/10.

We had a different solution in the organization arising from different OEMs and this solution was chosen with consideration of requirements and costs.

The initial setup was simple but the DC was complex.

Go for long term pricing negotiated at the time of purchase.

We evaluated Check Point, Cisco ASA.

You should be clear concerning the scope and outcome you are looking for.

• Flexible enough to handle everything we could want
• Configuration layout is easily understandable
• Allows for firewall rules to be programmed and named in a way that makes it “readable”
• VPN support and some anti-virus protection.

It would be nice if backups could more easily migrate between different models.

I did not encounter any issues with stability.

No scalability issues, but communications is severely limited in our case by design.

They were our first firewalls on site.

It does require someone knowledgeable in routing, firewall rules, and these firewalls in particular. Once it is set up, they are easy to modify and maintain.

It is difficult as an end-user to setup continuing license contracts. It is possible to do between emails and their website, but it is practically impossible to find a phone number to call anyone directly.

We considered SonicWall .

It is an excellent product and works extremely well. If it is set up in a logical way, it is very easy to understand and modify. It is highly recommended to have a service “expert” familiar with these to set it up initially with customer direction.

• Complete and cost-effective next-generation firewall features with app identification, and IPS and URL filtering with SSL inspection.

• Better manageability
• Straightforward deployments
• Streamlined and reliable upgrades

Customers have more time to focus on security because maintaining the firewalls is completely hassle-free.

Grouping/tabbing (not only by interface) in the policy table of the web GUI would be a great addition.

I have used it for two years.

We have not encountered any deployment issues.

We have not encountered any stability issues. Stability has dramatically improved over the previous main version branch of FortiOS; 5.2.x and 5.4.x are stable enough for critical environments.

We have not encountered any scalability issues; proven that you properly sized the FortiGate model that fits your environment.

Customer service is sufficient.

The tech support is not excellent; this is where Fortinet saves money compared to others... But plenty of free, clear and public documentation is available and this compensates for the most part the tech support shortcomings.

We previously used Cisco ASA. We switched because the old ASA has no next-generation features.

IMHO It is the most straightforward enterprise-level next generation firewall.

All implementations were done in-house.

ROI is very high, it has hands-down the best price/performance/features ratio in the market...

The licensing model is straightforward, easy to understand and purchase; prices are fairly low compared to other vendors.

Before choosing this product, we also evaluated Check Point and Palo Alto Networks.

In version 5.4, they added a WAF feature that is absolutely unique for this kind of product; no other NGFW product can also be a WAF and this is a great added value...