One drawback of Fortinet FortiGate is that they provide two types of models: one with a hard disk and another without. The model without a hard disk has very low ROM where you can store very few logs, after which you need to upload it to the cloud or purchase a firewall with SSD. That's the only drawback.

View full review »

In terms of improvements for Fortinet FortiGate, they could offer evaluation licenses, as compared to Meraki, which provides a 90-day evaluation. In Fortinet FortiGate, they do not provide standard evaluation licenses; instead, we need to request them from the OEM through the account manager for POCs. If we want to conduct a demo, we need to work with real hardware. 

In comparison to Cisco, we have DCloud, which helps with providing demos to customers, but in Meraki, I need to reach out to them, book a lab, and they need to provide all the hardware. I need remote access and L3 engineers to program it; only then can I offer a real-time demo to the customer.

View full review »

We haven't tapped into most of the functionalities that Fortinet FortiGate offers because we're using it just for gateway security. One of the things that I would prefer is a more expansive use of their analyzer. They could do more work on FortiAnalyzer in terms of the data and the information coming from it. I'm not sure if it is because the team managing our analyzer isn't giving us all the information that's required. It could be something based on our own usage of the platform. As we continue to use the appliance, we may learn more about the utility and functionalities that are offered.

View full review »

From a support perspective, I had more issues that I didn't think the person on my case handled the way I was expecting. We called them for a geolocation issue and we didn't get any proper assistance.

View full review »

Fortinet FortiGate is a very good device overall, though it can be improved in certain areas regarding the licenses, particularly the big one called unified threat management, which has many capabilities. The big license options have web filtering, IDS, and a lot of other things, but it's not like they are all good. That's the only thing I would change because the rest is very good.

View full review »

Whenever I perform a firmware upgrade or any upgrade on a VM, there are instances where the routing gets lost in the configuration itself on the running VM. 

They have recently acquired a CNAP solution which should be integrated into FortiGate boxes natively for protection at any application layer. Since Fortinet FortiGate has Layer 7 protection, they should integrate that as soon as they can for threat detection and network detection. At the moment, if you don't integrate any third-party solution with a simple Fortinet FortiGate box, the box would not function as expected for superb protection. Compared to others, Palo Alto has more integration. 

I'm waiting for Fortinet FortiGate to be more mature in terms of integrating AI. They already have AI automation in the configuration, but that's just the configuration. They need to address AI in threat intelligence and how they integrate with threat intelligence sources to protect customers using their Fortinet FortiGate boxes or Fortinet FortiGate VM instances.

View full review »

If you want to conduct some statistics or generate a report to understand the status of your configuration or filtering, you need FortiGate Analyzer for long-term data retention. FortiGate can only retain logs for 24 hours or 7 days. I'm not sure if it holds them for a longer period, such as for a month. It will be useful for assessing our strategy and monitoring our environment without investing in FortiGate Analyzer. It would be beneficial if Fortinet could enhance the FortiGate by providing more statistical and monitoring views for a longer timeframe, rather than requiring access to FortiGate Analyzer. Without Fortinet Analyzer, currently, I cannot see past events.

View full review »

For Fortinet FortiGate, their code development would definitely be something they need to improve on to reduce vulnerabilities that need to be patched. 

Additionally, if I were to suggest another improvement, it would be their competitive pricing.

View full review »

The AI with Fortinet FortiGate is not very well integrated on their devices, and their cloud infrastructure is not as good as Cisco's. 

The support is inadequate. The support staff I have dealt with lately are very rude. Some support staff are not up-to-speed with the technology. They basically read a script. If they don't know how to fix an issue, they send me to another engineer. 

View full review »

I wish that they could integrate zero-trust technology into Fortinet FortiGate. I am not sure whether it has been done already, but if they could implement that, it would help significantly.

View full review »

The CPU spikes sometimes go up to 40 percent occur during background IPS updates, but there’s no visibility into which subsystem is responsible. Current Gap: Despite scheduling daily signature downloads, updates sometimes run outside the configured window triggering unplanned performance hits.

View full review »

Fortinet FortiGate has started implementing AI, however, it hasn't reached full maturity. Their AI solution doesn't compare to solutions such as Microsoft Copilot and SharePoint, primarily since AI relies on data, and Fortinet FortiGate focuses on perimeter defense and security rather than internal network data.

One notable limitation is the absence of honeypot capabilities, which competitors such as Palo Alto offer. These capabilities entice and trap attackers, allowing analysis of attack vectors. Fortinet FortiGate focuses purely on defense mechanisms without actively gathering intelligence about potential threats. This approach aligns with their mid-market focus, where such advanced threat intelligence features might be less critical than in enterprise environments.

View full review »

I'm not completely sure how Fortinet can improve the FortiGate Next Generation Firewall (NGFW), however, there were situations of availability related to their switching solutions due to box errors. Fixing the bugs in their switching solutions is necessary because I have faced several situations where we lost connectivity because of their firmware.

View full review »

It's one of the more expensive brands.

FortiManager has not been my favorite. I don't use it and cannot say I really care for FortiManager for managing the firewalls. I primarily just access and manage the firewalls individually. Nothing else particularly comes to mind, as it has been a pretty good experience.

View full review »

The licensing is a little confusing and a bit too granular for Fortinet FortiGate. I would like to see a more streamlined set of options. 

The hardware is not terribly expensive, but the software license and support can be quite expensive. Some improvements could be made regarding cost considerations and complexity around their licensing.

View full review »

I believe there is room for improvement in machine learning and AI in Fortinet FortiGate. I would like to see more automation regarding AI and machine learning in Fortinet FortiGate.

View full review »

As of now, I haven't identified areas for improvement. However, once the firewall is in production and all traffic is shifted, I might be able to provide more feedback. The configuration part was challenging, especially converting configurations from another OEM to FortiGate.

View full review »

Some features in Fortinet FortiGate need improvement as we discover when calling support that certain actions must be done from the command line. Not all features are available in the web UI. Features such as enabling multiple MPLS circuits can only be accomplished through the command line, so these need to be made available in the web UI.

Fortinet needs to improve customer support and documentation.

View full review »

They should do a better job in testing when they put out a new release because when a new software version is released, it is not always stable or does not always have all the previous features working correctly. They should do more testing or launch a new version later when they have tested it more thoroughly. 

They already did a good job in their GUI, but they can make more features available in the GUI that are still only accessible through the command line.

View full review »

Its pricing can be better. I cannot think of anything else because it pretty much satisfies our requirements. I am comfortable with this product. 

The only issue that I have is with FortiNAC. The firewall is fine, but the FortiNAC interface is a little bit too jumbled or too complicated, not as straightforward as it is on the Fortinet FortiGate firewall and FortiAnalyzer. 

View full review »

There should be some open-source training or free training for decision makers, or some webinars should be available. These would help understand the new product line and the existing product line features. 

Additionally, it would be helpful to have comparisons between competitors such as Cisco, Juniper, and others with Fortinet FortiGate.

View full review »

Their support's response time can be better. In the past six months, they took quite a long time to respond to the support tickets. I don't know if they are overwhelmed with too much activity, but for the last six months, the support has not been very good. Previously, it was very good.

View full review »

They could simplify their deployment process, especially when customers have existing devices. The configuration approach depends on whether customers need to start from scratch or can utilize existing backups and rules. 

I would seek to improve Fortinet FortiGate by exploring additional features, such as SASE solutions that we are currently studying and implementing. The configuration could be made easier, particularly during initial setup. We need to ensure comprehensive utilization of all device features and learn best practices from other cases.

View full review »

From my experience, I see that the datasheets of the Fortinet FortiGate portfolio need to be more accurate because correct sizing is essential. The datasheets should provide clear information when deploying features. 

When comparing Fortinet to all other vendors, I believe most features are available in Fortinet. I'm not sure if the DNS security license is available in Fortinet; if not, it is important to add Fortinet DNS security and sandboxing licenses. I know Fortinet has a separate sandbox solution, but I am unsure about sandbox features in the firewall. In contrast, Palo Alto has a DNS security license, email security, and WildFire license that serves as a sandbox solution.

View full review »

I do not utilize the intrusion prevention and web filtering features of FortiGate Next Generation Firewall (NGFW).

The ability of FortiGate Next Generation Firewall (NGFW) to inspect SSL encrypted traffic is not applicable in the current position, but in previous companies, it was really seamless whenever we used it. It just worked seamlessly.

I don't recall if we use a centralized management console for FortiGate Next Generation Firewall (NGFW) in maintaining oversight across distributed networks.

In my opinion, FortiGate Next Generation Firewall (NGFW) could be better by having specific models for home usage. I'd wish to have a FortiGate in my home, but the licensing isn't something that I want to purchase for home usage.

View full review »

For the future, one improvement area is the complexity of SD-WAN configuration. When managing a large number of sites, the GUI is user-friendly, but when scaling deployments, it sometimes requires more manual fine-tuning or scripting. 

Another concern is reporting. FortiAnalyzer is powerful, but generating customized reports can be cumbersome compared to some other tools. Additionally, seeing deeper automation and API integrations would be beneficial so that policy updates and SD-WAN changes can be pushed faster across large environments.

View full review »

Fortinet FortiGate can be improved, specifically in the user interface and UX enhancement. The GUI, especially in older FortiOS versions, can be cluttered or slow. Improvements could make the UI more modern and responsive with a quick dashboard, real-time visibility, health checks, and improved policy editing with bulk changes and better search filters.

Policy management in a large environment becomes complex when managing dozens or hundreds of policies. This could be improved by introducing better policy grouping and tagging for more intelligent policy optimization suggestions, such as unused rules or shadow rules.

The built-in logging and reporting is limited without FortiAnalyzer. Internal reporting tools should be enhanced with graphs, trends, PDF exports, alert-based thresholds, and real-time traffic summaries without requiring FortiAnalyzer, which requires additional payment.

User identity integration with LDAP, AD, and user-based rules can be tricky or limited. Additionally, SSL users cannot change their passwords themselves, which should be included in the OS functionality.

View full review »

We faced difficulties with the configuration because there are many features we could optimize using Fortinet FortiGate, but our reseller didn't have a good understanding of it. So, we just use it on a basic level, not with the best practice for using FortiGate.

View full review »

I prefer Palo Alto over Fortinet FortiGate. Its IPS engine is not better than the Palo Alto version. The monitoring tool needs improvement, and the syslog configuration needs enhancement.

The management plane and control plane are not separated as they are in the same hardware devices, whereas in Palo Alto, everything is separated. So, if the CPU and GPU usage gets higher in the data plane, the admin also becomes unreachable.

The web filter in Fortinet FortiGate is not very useful. While you can add web filters in security policies, it is difficult to understand and not flexible to use.

Fortinet FortiGate frequently experiences IPS engine problems. 

View full review »

We are pretty happy with it. If anything, I believe the web interface could be simpler, especially for someone who has limited networking experience. I mostly do administration, and I found Cisco to be the hardest major firewall manufacturer to deal with, with Fortinet FortiGate being the second hardest for me. In comparison, there's a bit of an easier and more user-friendly interface with WatchGuard.

View full review »

We are not utilizing Fortinet FortiGate to its full capacity because we have to pay for every small feature. It is also something I would replace once it starts to fail. Fortinet FortiGate appears very old, and everything we use requires additional payment.

View full review »

Their support can be better, and there should be better policies for immediate replacement in critical situations. Their replacement policy varies depending on the type of support subscription. With the standard support subscription, if the device goes down, the customer has to first ship the box, and then Fortinet sends the replacement. With the higher support, the customer has to ship the device after they have the replacement. It would be better for customers to get immediate replacements even with a standard subscription.

View full review »

With the web filter, when I go to post some websites under certain categories and open these categories, I experience some problems. 

Additionally, I face difficulties integrating Fortinet FortiGate with Active Directory. When I set preferences to use Active Directory users, it sometimes works and sometimes does not work. When I integrate Fortinet FortiGate with Active Directory and use this integration to make a web filter policy, the functionality is inconsistent. I have tried restarting the Active Directory domain controller and the firewall, but the problem persists. As a workaround, I use the MAC address of the user to define the settings.

View full review »

Areas of improvement for Fortinet FortiGate include the need for more training and certification, especially when dealing with distributors globally, which presents challenges in product availability and delivery timelines.

There should also be more training and certification.

View full review »

FortiGate Next Generation Firewall (NGFW) could be improved by including more templates for setting rules or regular jobs. I do not recall if the software includes any AI features. View full review »

There could be improvements in the mathematical algorithms used for behavior analytics of traffic. More advanced AI capabilities would be beneficial in future updates.

View full review »

One area for improvement for Fortinet FortiGate could be the price, as my clients here are small companies, and they might not have the resources or money to always buy a Fortinet FortiGate solution or FortiGate products.

View full review »

One of the most important areas for improvement for Fortinet FortiGate is the limited resources for tests. I was limited to a few interfaces for one month, and it would be great if Fortinet could improve these features in their test versions.

View full review »

We understand that FortiGate cannot be standalone without others, such as FortiManager, so for small businesses, if FortiGate can provide something similar to FortiManager, it will be better.

View full review »

In terms of pricing, Fortinet needs to do more to compete effectively. We gained a lot of traction from Fortinet in Nigeria, however, the battle is currently intensifying. Companies such as Palo Alto are making a strong impact. Fortinet was able to gain more attraction than Cisco in Nigeria for the past ten years, however, going forward, I'm not sure that trajectory will be maintained if Fortinet doesn't strategize regarding pricing and partnerships.

Regarding maintaining skilled personnel for Fortinet solutions, if they can address the pricing for certification exams, that would help. Sometimes it's a barrier for people here, especially for companies to train people to get certified. We train people in many other solutions we deploy, however, for Fortinet, though we intend to do that, it would be beneficial if there were more incentives for people pursuing certifications.

View full review »

From my perspective, every day is a new opportunity for improvement. I believe that the continual improvement is Fortinet’s best feature. I’m very happy with their ability to consistently improve.

View full review »

Since everyone is talking about AI, they should consider having AI embedded or working with developers in terms of AI to improve Fortinet FortiGate. 

The issue lies with features available in GUI versus CLI during configuration. When using GUI, I want to accomplish everything there, but sometimes it requires using CLI to ensure proper configuration.

View full review »

Performance on the box and technical support are areas where Fortinet FortiGate can be improved. In their datasheet, they put the throughput as huge, but once you enable all the features of the box, the performance is impacted dramatically. In reality, it will be 20% to 30% of what they have mentioned in the datasheet.

View full review »

Fortinet should improve its software, as we are seeing lots of firmware versions generated for each vulnerability issue. It becomes difficult for us to keep updating the firmware frequently due to bugs. 

We would like to see the SSL VPN feature included again in Fortinet FortiGate since it was removed from version 7.6.3 onwards. 

For DDoS protection, there can be more features in Fortinet FortiGate.

View full review »

The room for improvement for Fortinet FortiGate is related to prices; the renewal prices have to be aligned with the customer's pockets, as at times they are very aggressive, leading to the possibility of changing vendors.

View full review »

The anti-malware engine could use an upgrade. It should automatically classify and sandbox malicious packets with more granular controls, including providing details like TV numbers.

View full review »

They can add automation for monitoring and policy optimization on the firewall. I think using AI to do some optimization on the policies would be beneficial, such as providing alerts about policies that haven't been used for a long time or identifying overlapping policies.

View full review »

They could continuously focus their improvements on network perimeter security, as that's what they're best at.

View full review »

In my opinion, Fortinet FortiGate could be improved by making the appliance smaller than what we have here, as it is pretty big.

View full review »

The main area needing improvement is the user-friendliness of FortiGate's integration with other Fortinet tools like FortiAuthenticator and VPN services. Configuring these services is quite complex and not very user-friendly, requiring technical steps that are difficult for normal users to understand. Fortinet support's resolution of issues is slow, and the research on making the solution user-friendly needs to progress further.

View full review »

The issue with Fortinet FortiGate is the many security CVEs around; I have read there are probably multiple critical CVEs above 9.0 in Fortinet FortiGate products. There appear to be fewer issues with other brands such as Palo Alto or Check Point, but especially with Fortinet FortiGate, there are many vulnerabilities that can be found. The way we manage this is by applying updates whenever new ones are available, but the high critical CVEs generate concern, as we buy security products for our safety and when we find that attackers can easily breach them, it makes us question the safety of the product itself. 

I hope we can deploy the product in an active-active configuration since we currently have two units in an active and passive setup. There are limitations when trying to install it with active-active, but we hope to run it that way.

View full review »

It contains every feature that is required. The things we require are already sorted out, so there isn't any scope for improvement as far as our requirements go. However, its price can be better.

View full review »

Areas that have room for improvement in Fortinet FortiGate include support and GUI enhancement. While the GUI is already simple, further improvements would greatly benefit them.

View full review »

More improvement in AI would be a good edge. We would like the VPN to act as a web filtering solution because users outside the company don't have web filtering. It supports web filtering with an additional license. View full review »

The pricing of Fortinet FortiGate IPS could always be improved. View full review »

Overall, we are satisfied with the product. However, we encounter occasional capacity issues. The FortiAnalyzer, being a hardware appliance, has limited expansion capabilities. As our organization has grown, we've outpaced the FortiAnalyzer's performance. The inability to scale the FortiAnalyzer to match our growth necessitates the purchase of new hardware. This is an area that could be improved. If we anticipate reaching the size of six countries within the next five years, investing in a solution that can accommodate such growth would be more cost-effective than repeatedly purchasing new hardware. The ability to scale the FortiAnalyzer in tandem with our growth would be a significant improvement.

View full review »

I would like to see improvements in Fortinet FortiGate regarding the active-active scenario. The active-active scenario is supported but not recommended, whereas other vendors are implementing active-active without issues. Perhaps in the future, we could effectively use both firewalls to increase the throughput. If there are two boxes, they both should be able to work.

Other than that, I don't have anything. I'm very happy with the features.

View full review »

Regarding improvements for Fortinet FortiGate, there is always room for improvement in any product. In information technology, things fade away quickly, and new technologies come in. It is how quickly each of these companies adapts to that and brings in more value to the customer.

View full review »

I just don't like giving products ten out of ten. There's always something new that can be added or fixed.

View full review »

A disadvantage exists when we are collecting the logs, as it sometimes becomes very difficult to interpret the logs that are generated from the firewall. The main challenge is finding out which IP is generating what kind of traffic.

View full review »

I would like to see the licensing aspect improved because there is a feature we were yearning to use, the bandwidth monitoring feature, but it's licensed separately. It's not bundled with the enterprise bundle, and since we normally buy the advanced hardware support annually, we found out that the license is licensed separately. If they could bundle it together, it could really be helpful to us.

We've been using it for the last seven years, and it has been helpful. We are looking forward to upgrading as the one we are having is at the end of life already. We are planning to upgrade to the latest one, and we are looking forward to the features it will offer.

View full review »

The FortiGate Next Generation Firewall (NGFW) could be improved in application control if they can have a bigger baseline of applications that they can identify, because this is something that is always growing. I know that Fortinet with the team is updating this database, but it's something that grows at a pace that is very difficult sometimes to keep up. This applies to all vendors, not only Fortinet.

View full review »

There's not much to improve except getting rid of more bugs earlier in the software versions so you don't have to be one and a half years behind on software because you're afraid of bugs in the newer releases. I do understand why they have feature releases, which are the newer software releases, but when Fortinet themselves say, don't use feature releases if you don't need the features in production environments, I would really prefer to have more stable software releases, so you don't have to be scared when upgrading.

View full review »

I don't have any areas for improvement in terms of features. With the introduction of AI/ML, they are performing behavioral pattern checks in terms of security. They have removed the SSL web-based and tunnel-based features, and they are improving in many aspects including the UI. However, throughout this year, their support has been very poor.

View full review »

During a recent upgrade from old devices to the latest ones, corporate IT faced challenges as there was no straightforward migration process, requiring many manual steps. I've completed upgrades with Cisco before where the process was simple, but this time it wasn't the case for corporate IT. I also heard that SSL-based VPN will be discontinued, which could be concerning.

View full review »

The only issue is their renewal pricing. For more than 10 years, we have been customers of multiple Fortinet FortiGate security devices, and every time, it's at a high price. It is very difficult for small companies, especially in India. If Fortinet can reduce the renewal price a little bit, it can expand and target small businesses as well. Currently, only medium and large-scale organizations can afford it. Startups and small companies cannot afford it. The renewal cost is very high. When we get the equipment along with the license, it's acceptable, but the next renewal after one or three years is very expensive compared to other firewalls.

View full review »

The main thing they have to improve in Fortinet FortiGate is the technical support; the rest of the features are good enough. We can handle them, but sometimes you really need support, and in that case, we are not getting it at the proper time. I have been mentioning this for the last two years.

There is a migration issue from 600D to 600E, as we are not able to export the configuration file to 600E. It should be like export and import in all variants.

View full review »

I find the management console not very straightforward, so that's an area where Fortinet FortiGate can improve. They should simplify it and make it more user-friendly. In the next release, I would prefer a more simplified GUI; that's one area I would want to see a quick change.

View full review »

Fortinet FortiGate could be improved in terms of user friendliness at the policy level and assigning URL based and keyword based features.

View full review »

I want some additional features. For example, I want something to ensure that when we are using Google email or Microsoft email, or Google Workspace, emails can only be accessed on designated machines given to our employees. I would like them to access data from designated machines, not from any machine. It should work for designated mobiles and laptops. I don't know if Fortinet provides something like that out of the box.

View full review »

The firmware in Fortinet FortiGate needs improvement. Some firmwares have many bugs, such as filter issues and VPN connectivity problems. Last month, with version 7.4.6, we experienced web filter issues. They need to fix the bugs before releasing firmware.

View full review »

Fortinet FortiGate could improve by enhancing FortiManager, which is the centralized management system. It has many inconsistencies and errors with respect to pushing policies, especially when we have a large network team that needs to push different rules. Improving the consistency and allowing proper stability with many users managing hundreds of firewalls would be beneficial. Regarding cloud deployment in public cloud, it is less flexible and scalable, and customers need to provide and take care of resiliency, scalability, and redundancy. This could be a future improvement for Fortinet FortiGate to better adhere to cloud philosophies.

View full review »

The area that Fortinet may improve is customer support. When you have an incident, situation, or open a case, the support is not as good as Cisco or other platforms I have tested. There are many opportunities for improvement.

View full review »

It would be better if there was more transparency regarding what the automatic rules do. When a site is blocked, it is necessary for me to consult the logs to understand what the Next Generation Firewall policy has blocked. There is usually no information about what is included or not included in these automatic rules. View full review »

They could improve the response time and quality of support.

I'm not sure what additional features they need to have in the future to make it better. For the purpose that we use it, it is doing the job, but I haven't explored some of the features.

View full review »

The AI part needs improvement to enhance its functionality.

View full review »

We'd like to see what they will do when AI attacks are generated. They will need to ensure their prevention continues to be exceptional. 

The solution isn't missing any features. Maybe they could make some features more accessible, such as a way to translate directions between two networks that share the same subnets.

View full review »

To improve Fortinet FortiGate, I think they need to improve the software and make updates more quickly, rather than taking a long time to update the software or firmware.

View full review »

They are already making improvements with the integration of AI and machine learning (ML). While I haven't personally used these features yet, I see that the focus is primarily on AI operations that fall under the umbrella of AI and ML. Additionally, they offer FortiManager with a signal dashboard that allows for the monitoring and configuration of multiple FortiGate firewalls, which is quite impressive. Moreover, they now provide a SaaS offering for FortiManager, which I believe is a good development overall.

If they can come up with a feature that allows scalability within the firewall itself, such as 'scale as you grow,' that would be a valuable improvement. Fortinet is already implementing AI and ML, although I haven't used it personally. AI ops are covered under it, and they also have FortiManager, which allows for monitoring and configuring multiple Fortinet FortiGate firewalls through a single dashboard.

View full review »

There are too many updates coming for VPN, and the VPN keeps disconnecting frequently, which I find problematic. It does what it's supposed to do, but I practically face reconnection issues with the VPN. 

Regarding the Fortinet FortiGate firewall, I don't have any input. My scope is limited.

View full review »

My experience integrating SD-WAN capabilities with Fortinet FortiGate is in the middle ground. Fortinet FortiGate, as a security-centric fabric, can implement an SD-WAN solution. It can be somewhat manual in some cases, but using other tools that Fortinet has, such as FortiManager, makes implementing an SD-WAN network easier with less effort.

The implementation depends more on the engineer's skill when integrating SD-WAN with Fortinet FortiGate. If you don't have extensive skills in implementing Fortinet FortiGate, it can be difficult, but with more experience, it becomes easier.

View full review »

I believe one area that could be improved in Fortinet FortiGate is posturing, specifically for remote VPN users, as there are OS-based limitations I encountered with only Windows; adding domain restrictions for VPN access would make it more competitive and useful.

View full review »

In terms of improvement for Fortinet FortiGate, I don't find any needed improvements regarding hardware because it is very good. The operating system has most of the features. 

At this moment, I'm not finding any other improvements in this case. They are advanced in this segment. Fortinet FortiGate has in-built automation features and cyber risk assessment.

One suggestion might be to increase the storage size in the hardware for local reporting.

View full review »

Fortinet FortiGate can be improved because we have some smaller customers, and with the SMB or small customer solutions with the two letters, 50, 70, 90, they sometimes cause problems. They could improve the smaller devices. One issue is that they have retired SSL VPN for existing devices. This causes significant effort for us to change customer setups. Additionally, they changed features when we only make a patch update and not only a major update. This is really a problem.

View full review »

I cannot think of many improvements needed for Fortinet FortiGate. However, the pricing compared to competitors is quite high, though you get value for what you pay with Fortinet FortiGate.

With FortiSIEM, I have experienced some challenges. It has been suspended and is not available for utilization now. They should work on improving FortiSIEM.

View full review »

In an incident, after a restart, Fortinet FortiGate did not connect to FortiGuard servers. Due to that reason, on the customer end, all websites got blocked. I don't know why this happened. The firewall of a bank in Sri Lanka rebooted yesterday, and after that, FortiGuard servers did not connect properly, blocking all customer environment websites.

View full review »

The good things aside, there are improvements needed in the Fortinet FortiGate. My customers requested specific features to be included in the Fortinet FortiGate.

View full review »

The user interface of the Fortinet FortiGate management console could be more intuitive and user-friendly, and the log analysis and reporting features could be enhanced to provide more flexibility and customizable insights.

View full review »

The solution could be improved by addressing limited local reporting. It requires obtaining the FortiAnalyzer for proper visibility because you can't do much from a reporting perspective with just the firewall alone.

In terms of convergence, it is a good solution, but it can be better. FortiGate has the capability to support their switching and wireless platforms. They are quite excellent on their wireless side, but I found a couple of gaps in terms of how FortiGate integrates with their own switching platform. There are some gaps there.

View full review »

Fortinet FortiGate could improve their documentation on forward error correction and failover technologies. 

Additionally, better documentation and applications for SD WAN setups, especially for satellite-based internet like Starlink, would be beneficial. This area is vital, and they have not capitalized on it compared to competitors like Peplink.

View full review »

Ideally, I'd like to see most CLI configuration options exposed in the GUI to avoid manual command typing. However, there should be a more user-friendly approach than simply replicating everything in the GUI. Alternatively, some users might prefer scheduling tasks through commands for automation.

View full review »

The log analyzer, for instance, is a product being developed as a common solution for multiple FortiGate devices. Consequently, the log analyzer's functionalities are not fully integrated into the individual FortiGate products. I would prefer to have more detailed logs within the FortiGate products themselves rather than relying on a separate tool.

While Fortinet claims to offer a comprehensive network solution, it falls short in addressing computer application issues, particularly server security. Fortinet's capabilities are primarily focused on network security.

View full review »

Their user interface could be improved from a configuration perspective.

View full review »

The operational logic is not as straightforward as a Sophos XGS device. When creating rules in the Sophos firewall, they are more intuitive than in the Fortinet FortiGate IPS device. The Fortinet FortiGate IPS device is more complicated.

The solution needs to be simplified.

View full review »

Without a license, it becomes difficult to implement static DNS. The FortiDDNS.com functionality is particularly challenging to access without a license.

View full review »

Improvements for Fortinet FortiGate could be made by making it easier to implement on networks and simpler to add users and accounts that utilize this solution. That's basically the only challenge that I see.

View full review »

There should be more testing before releasing software since it can be a little buggy sometimes when new features come out after updates.

View full review »

The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces. This functionality should be improved.

View full review »

As we are trying FortiNAC right now, there is some improvement needed on the product. For the rest, perhaps having more packages would be beneficial. We do not use FortiManager for our own usage. We have developed some scripts using Ansible and we automate everything.

View full review »

Fortinet FortiGate can be improved by being more stable because when we look for logs or open a case, we always find a bug and then we have to upgrade it. However, since it's a cost-effective solution, we are satisfied.

View full review »

They can improve the backend functionality of Fortinet FortiGate, particularly how the policies work in a real-time environment. Improving this aspect can ensure that policies work effectively.

View full review »

I would like to see more AI features included in future updates, as that would add significant value. Additionally, the pricing of FortiGate is relatively high compared to other products like Cisco and SonicWall. An area for improvement is in their support services, which could be more responsive and quicker to resolve issues.

View full review »

Regarding challenges, customers initially faced issues like internet dropping, but after firmware upgrades, everything worked well.

I believe Fortinet should offer short and frequent training sessions, preferably in video format, whenever they introduce new features. These sessions should be around five to ten minutes long, allowing users and partners to quickly grasp the information without disrupting their daily tasks.

Long training sessions spanning one or two full days can lead to distractions and reduced focus due to continuous support calls. Therefore, providing brief and focused training snippets would be more beneficial for users.

View full review »

We'd like to see the product offer higher discounts to users. They should offer special pricing to premium partners and customers. 

View full review »

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets.

For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line.

The stability has room for improvement.

When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

View full review »

In Fortinet FortiGate, they've already improved many areas and built in new features. When considering what can be improved in Fortinet FortiGate, more competitive pricing is needed more than anything else. Fortinet FortiGate is a very good product, but when we look at the South African market, they just need to relook at the pricing because it's a bit pricey for some of the local government organizations.

View full review »

One area for improvement involves FortiAnalyzer, specifically regarding the SOC part and log interpretation. Sometimes interpretation is very difficult. They send an extensive amount of logs, and when putting that in a SOC or SIEM, payment is based on gigabytes sent. We send many unnecessary items, resulting in unnecessary costs.

We decided to reduce the logs and now send only half of what we had before after determining what was unnecessary. They should improve what needs to be sent to the SIEM. The logs should be lighter. In the log structure, there are many unnecessary columns, resulting in a large amount of redundant data. They should improve the way logs are sent to the SIEM.

View full review »

In FortiGate Next Generation Firewall (NGFW), my concern regarding improvements is the licensing model. In the latest versions, everything moves to licensing only, and to work from SSL VPNs and integrate those features, it is similar across all vendors, but my main concern is the DLP part, which has not advanced significantly.Regarding the AI capabilities of FortiGate Next Generation Firewall (NGFW), these AI features are not present in the latest versions, which is why we are working on those versions. They aren't suitable in a live environment, and while AI features exist, I don't have details about their availability in versions after 7.0, as I believe only versions 6.0 and below have those features.For future improvements in FortiGate Next Generation Firewall (NGFW), features-wise, SD-WAN enhancements are expected, especially in configuration or viewing SD-WAN monitoring, as some minor enhancements would be beneficial.The complexity in configuring the policies needs improvement, and the SD-WAN template should be available in the tunnel. When we create the tunnel, we need to add in SD-WAN, allowing the creation of VPN tunnels from SD-WAN, which requires technical expertise to configure. Automating that would strongly enhance it, as SD-WAN is number one now with FortiGate, and going forward, more customers will move to FortiGate. View full review »

Improvements could be made when companies expand and need better equipment and more licenses. Additionally, a way to upgrade equipment when increasing Internet bandwidth is necessary. Companies often have to quickly close negotiations due to exchange rate changes affecting budgets.

View full review »

The SD-WAN functionality is a bit overly complicated and not fully documented.

View full review »

The documentation available for Fortinet FortiGate should be improved. Often, I find documentation of older models and not the latest version of Fortinet FortiGate. I have to often utilize the older documentation and reengineer the information for the latest model of Fortinet FortiGate. 

There are competitor products in the market that can monitor all logs, which are referred to as SOC; Fortinet FortiGate should have such in-built features. The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection. 

View full review »

Pricing is one of the factors that need improvement. Maybe they can offer a smaller scope for a cheaper price for smaller organizations.

View full review »

FortiGate can improve its token system, as it requires a purchase before use. Additionally, the VPN system could be more efficient, especially regarding VLAN passing through, which is currently a limitation. Another suggestion for improvement would be better timezone coordination for customer support. Currently, there are issues with calls coming at inconvenient times due to timezone differences. Another area for enhancement could be the response time for support tickets, as there is a delay of at least twelve hours, even for urgent tickets, which can be frustrating.

View full review »

What happens in FortiGate is that a lot of bugs come on a system-by-system basis, like when Fortinet launches new firmware in FortiGate. Most software launches with known or unknown bugs. When we go for upgradation, even after running a bug scoping exam, we don't know whether the BIOS for which we are upgrading would affect the end user. We don't know how the FortiGate firmware will behave in your environment. Whatever the known bug, FortiGate lists it in their documents, but you never know how the problem will impact your environment. That's a major disadvantage of FortiGate because, somewhere, it's very unstable.

Another issue is how deduplication services don't work reliably after enabling deduplication on Fortinet. When they launch any new firmware in the future, they have to ensure firmware functions.

View full review »

Palo Alto has a feature called WildFire Analysis that is unavailable in FortiGate. WildFire is better than a sandbox because it can address zero-day threats and vulnerabilities. It can immediately identify zero-day threats from the cloud. 

Fortinet uses a separate solution called FortiSandbox. It needs to download signatures to identify malware, which takes significantly longer. WildFire is a cloud-based platform that collects threat information from users worldwide. 

View full review »

The ease of use related to Fortinet FortiGate and FortiNAC is a bit complex when implementing and supporting cases related to a FortiGate firewall. The software contains bugs, particularly in SSL VPN from all the firmware starting from version 7.6.3; the SSL VPN is not found in this version. If customers update the firewall firmware to 7.6.3, they might experience issues with the SSL VPN. In FortiNAC, there are issues with the passive agent on an endpoint. I currently conduct lab tests in my company to apply the FortiNAC agent on my endpoint, but I encounter issues with this application.

View full review »

There are no areas that need improvement at this point in time.

View full review »

Fortinet technical support is lacking, as OEM support is slightly better. Improvement in their technical support could include response time as well as having more technically sound people in tech support.

View full review »

The firmware updates are sometimes not stable. The stability issues can vary, sometimes happening once a month or quarterly. New firmware updates can occasionally introduce bugs, causing some policies to fail. We then have to raise a ticket, and Fortinet usually provides a fix within a few days.

View full review »

The advanced models are expensive.

View full review »

The process of configuring firewall rules appears excessively complex. While FortiGate offers greater functionality than other firewall solutions, its user interface could benefit from simplification.

I would like the log viewing process to be improved to provide a clearer understanding of the logs.

View full review »

I was not looking after the operations part, but sometimes, I did get engaged in some critical activities related to operations. There are some caveats in every product. Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem. There were tunnel issues where there was already established connectivity, but at the kernel level, there were some issues. For example, there's a feature for auto-site connectivity wherein whenever it automatically creates a new tunnel, at the kernel level, it also creates an interface. Sometimes, that interface crashes and a new interface could not be created, which results in connectivity loss. 

Fortinet has established itself in the SMB market segment. It's doing pretty well in that space, but when it comes to the enterprise segment, they are lagging a little bit. It all boils down to the performance of the hardware. If I enable all of the security features available on my device, the throughput degrades quite a lot. If I have put 10 GBPS of throughput on a firewall and I enable all of these features available, such as IPS or UTM functionalities, the throughput comes down to 1 GBPS.

View full review »

Though the tool's GUI is user-friendly, it can be considered as an area with certain shortcomings where improvements are required.

View full review »

There is room for improvement related to the logging and reporting aspect. It was somewhat challenging as I delved into the logs during an incident. Navigating through the logs to trace the specific information we needed, as well as generating the corresponding report, proved to be less intuitive. In comparison, when considering Sophos XG, which we also use, the logging and reporting functionality is notably more efficient.

View full review »

The graphical user interface of Fortinet FortiGate SWG is an area of concern where improvements are required.

View full review »

From a reporting perspective, there's room for improvement. They provide FortiAnalyzer through which one can get some enhancements, but the visibility and reporting still need slight improvement. Recently, a customer had a requirement of getting some reports on their internet usage. Palo Alto has a bit better reporting than the Cisco and Fortinet firewalls, but we cannot get granular details about the user-level security, usage, etc.

Their support also needs improvement.

View full review »

When we first started, Fortinet was using a single appliance with a firewall module in the region. They later came up with many different solutions. I have also used FortiDB, but it has been discontinued. We have since removed it. We are looking forward to Fortinet considering a sandboxing solution. This would allow us to secure our database at that layer. I see the database area as being weaker. I would suggest that Fortinet add sandboxing to their solution.

View full review »

In their IPS Web Security Gateway, the reporting functions need to be a little bit more user-friendly for how to get the reports from it. That's one of the reasons why we don't use that function.

With the reports, you can see it, and you can get good feelings so upper management can go, "Oh, wow. That looks pretty." However, it's very basic.

View full review »

The main issue we have dealt with in the last few months is the number of vulnerabilities, which has caused concerns for both customers and integrators regarding whether Fortinet is a secure product; this has affected my rating, as it is why I do not give a ten, instead rating it an eight. The feature set works, but the excessive vulnerabilities bring risks, necessitating upgrades and patches, which complicate matters.

View full review »

When they release security updates, functionality needs to be cross-checked thoroughly. The firmware updates and patch updates for particular issues can affect other features. Patch testing should be more comprehensive before deployment. The solution could be improved compared to higher-end products in the Fortinet FortiGate line.

View full review »

For Fortinet FortiGate, I am not sure yet what can be improved or enhanced because currently, I am comfortable with this solution.

View full review »

I believe Fortinet can make Fortinet FortiGate better with reduced costs, free certification, and improved security.

View full review »

There is always room for improvement. They could enhance their support in different ways, such as having technical support available during night hours.

View full review »

I would rate the technical support of Fortinet a six or seven out of ten. It is not very helpful. I would like to see improvements in their support.

View full review »

When the SD-WAN is integrated with solutions like Citrix, it can appear complicated, which only tech professionals can implement. The solution should allow more user-friendly integrations or deployment. 

View full review »

They should consider making some improvements regarding the pricing. It could be more competitive and cost-effective. I would also like to know more about Fortinet's XDR offering, understand how it operates, and how we can effectively implement it in our network.

View full review »

There is some development gap. We had experienced bugs in their operating system. When we were planning to upgrade it, there was no patch available for a bug, and the support team was saying that they need to work on that. That's the part they should work on.

There are some complex administration tasks in their administration portal. That needs to be improved.

View full review »

There are mainly two areas of improvement in Fortinet FortiGate— the licensing cost and the timing of upgrading licenses for boxes. FortiGate's renewal cost is quite high, and our customer care team also receives complaints about it. The renewal part of the firewall is expensive. If a customer pays for the license in advance, they may lose their privileges.

For example, if the license of a box expires in one or two months, and the customer wants to upgrade, there are three to four months between the operation and the end of the current license. If I purchase a new license, it will only take effect from that date. So, it fails in the backward fetch, and I am currently busy setting it up. But if the customer is not processing the card for six months, they will not benefit from the system.

View full review »

Fortinet needs to continue to improve network traceability. Other than that, we haven't run into anything that would give me any concern. Their support team has been fantastic. One went down, and they immediately sent me a replacement. Everything that they've done has been great.

View full review »

The solution's real-time connection with the cloud could be improved.

View full review »

The pricing of the solution should be more affordable. 

View full review »

Integrating with the SD-WAN functionality on Fortinet devices makes a compelling story for customers to choose a Fortinet-based solution, which the Fortinet Security Fabric further reinforces.

Fortinet FortiGate SWG should be localised to specific regions to comply with local data privacy regulations because of the data privacy rules in the countries. In the Middle East, data organisation and KFA requirements are stringent.

View full review »

There is a potential for enhanced protection. It is essential to leverage its capabilities more professionally to achieve an even higher level of security. I believe that if the cost were lower, it would be highly beneficial. While the gateway serves as a primary solution for the entire network, attention should also be given to endpoint devices.

View full review »

They could provide bandwidth concentrators and traffic filtering features. They should make the product user-friendly and enhance the security features.

View full review »

In some cases, its initial setup could be hard for customers.

View full review »

The support we receive when we need to upgrade is not satisfactory and has room for improvement.

View full review »

The price of licensing could be better. The security of the FortiOS needs improvement, and features are available only in CLI. They could be available also in GUI.

Features like forward traffic capture or NAC in the VPN should take into consideration both Linux devices and Apple devices.

View full review »

We sometimes have issues with FortiGate's routing table in the latest firmware update. We had to downgrade the device because our customers complained about bugs. 

View full review »

At the moment, the main concern is the pricing and the type of licensing. Fortinet offers different types of licensing, and my idea is that the best approach is to have only one, two, or a maximum of three types of licensing.

View full review »

I would like to see improvements in some of the hard drive features on FortiGate so that we can generate reporting within a single box.

View full review »

One area for improvement is the licensing policy. If support licenses are not renewed, the product's functionality ceases, which can be disruptive. 

Integrating more advanced threat detection capabilities utilizing artificial intelligence would be highly beneficial in future releases.

View full review »

Zero trust could be added. Nowadays, solutions like Zscaler, Netskope, and even SecureWorks combine multiple features into a single product.

View full review »

More SD-WAN features can be integrated into the FortiGate Next Generation Firewall. The vendor can make efforts to make the solution more budget-friendly. 

View full review »

FortiGate has been solid for us, but I see room to explore its integration with Secure Service Automation for a more comprehensive security view. The initial migration had some challenges, but they were manageable. Now, my focus is on automating responses to alerts, especially during nighttime attacks. I want to investigate how FortiGate can connect with other solutions, like SIEM, to enhance our security measures while offline.

View full review »

The improvement that I would like to see is in the licensing. The licensing process is a bit high. 

Additionally, there have been several vulnerabilities in the firewall. It is hackable, some of the images are hackable. So, upgrading to the latest patch, but these improvements would be more profitable for companies like ours.

I would like to see improvements in license costs and the handling of vulnerabilities.

View full review »

The Fortinet FortiGate 60D Series poses a problem by causing a bottleneck when several users access their emails simultaneously, as the device consistently consumes 90 percent of the CPU resources.

The reporting could be improved. Currently, without the additional reporting module, we only have access to basic reporting. However, reporting is crucial for network security, and it should be included as a standard feature.

The price and technical support have room for improvement.

View full review »

The pricing could always be better. It is very expensive. 

We'd like to see Fortgate include WAF services.

The maintenance of the product can be a bit difficult. 

View full review »

We do not need any other features.

We'd like more management across other integrations. It would be ideal if it could centralize the management, and we could therefore manage all solutions under Fortinet instead of managing everything individually.

In some cases, depending on the module and the age, performance could be better.

View full review »

I haven't had a single issue since using Fortinet. 

View full review »

Improvements depend on your specific needs. Currently, it meets my requirements. Whenever I need something, Fortinet improves and updates the software for me.

View full review »

My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint.

View full review »

I can't think of an area of the product that needs improvement. Even the cost is okay. I have no real complaints. 

It would be good if they had fewer updates. Almost every update has bots that are either critical or something small yet valuable. Whenever I try to do an update, I always fear that something will break.

View full review »

I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself.

View full review »

Some websites or proxies are not embedded in the correct category, and we need to update the Fortinet FortiGate database because numerous websites are appearing every day. Some websites are embedded in the wrong category which we can block, resulting in everything being blocked, so this database needs improvement.

The licensing cost should be more affordable than it is currently. The SD-WAN of Fortinet FortiGate needs improvement; when we create a group address, sometimes the rule doesn't work properly.

Regarding the Fortinet FortiGate database issues, some websites or categories that should be classified as proxy are in different categories. When we open that category due to some other website that needs to be accessed, some proxies are also opened. The FortiGate web filter categories need to improve their database for better control.

View full review »

The solution's pricing could be improved.

View full review »

The updates Fortinet provides are sometimes unstable. We have to check everything thoroughly before any upgrade.

View full review »

The solution is not scalable.

The solution is expensive.

View full review »

We sometimes have issues when carrying out inspections because the system slows down and our clients complain about it. The only other drawback is that we have to manually insert certificates for our clients. Most social networking sites have dependencies and to completely block them requires a deep inspection profile. For protection, we need to put the certificates in for all of our clients. It's a major drawback not having it embedded in the system. I would very much like to see Forticlient's new TNA technology included with the original license for Fortigate. It currently requires an additional license which is quite costly for us as a middle-size organization. We could include it with VPN for our clients. 

View full review »

Fortinet FortiGate needs to improve the logging and reporting. Additionally, the next-generation application's policies should be improved. When they were released they had bugs.

View full review »

With the addition of some features, it is possible that FortiGate can be used in all verticals.

View full review »

At the moment, I cannot think of any areas where Fortinet FortiGate could be improved. In future updates, I would like to see more RAM and lower prices.

View full review »

There is room for improvement in being proactive about identifying and integrating new signatures.

View full review »

Support for courses available on the platform

View full review »

Fortinet FortiGate SWG's costs need improvement. Also, there could be an efficient feature for solution consulting to answer queries related to architecture design.

View full review »

The solution is expensive.

View full review »

Support could be improved like Sophos. Some clients don't have the expertise to manage their environment. If they have a problem with Fortinet, they should have easy access to support. Secondly, the process of evaluation as a partner with Cisco should give you the ability to deploy access as a partner. You can do team labs and a lot of things.

View full review »

If someone doesn't have a certified or skilled technician/engineer, certain configurations, like setting up VLANs and SD-WANs, might not be difficult but can be simplified within FortiGate. The areas that might require more expertise are related to setting up VLANs and configuring SD-WANs, among others.

Therefore, the setup process could be made simpler. 

View full review »

FortiGate Next Generation Firewall could be made a little less expensive.

View full review »

Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer. Currently, these multiple products often confuse users and clients. It would be beneficial if Fortinet could offer a comprehensive integrated solution instead of separate products that cause user confusion. By providing an integrated solution, users would have access to all features and functionalities within a single window, eliminating the need to navigate through multiple windows. This approach would greatly improve the user experience.

View full review »

The non-error conserve mode has room for improvement.

View full review »

While FortiGate is cheaper than most other solutions, we're seeing increased license renewal costs. Most of our clients are asking for more significant discounts because the price is going up. 

View full review »

It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls. 

View full review »

The product runs out of memory. The web process often has a memory leak. The support cost could be improved.

View full review »

One of the weaknesses of the solution is something we noticed, especially after comparing the tool with SD-WAN features, since, unfortunately, in a massive scale size environment, the solution is not good. It cannot be recommended for massive scaling in terms of size, especially for businesses with more than 1,000 branches.

Cisco is very stable, especially on the larger scale side, and it's very important for SD-WAN features. If you try Next Generation Firewall for a big company, then it is good to purchase a Cisco product. However, Cisco's price is a little high and more than Fortinet's prices. But for small companies, it is better to choose Fortinet and FortiGate products, which is important.

A company needs a tool for accounting. Unfortunately, now we don't have any accounting, especially for the quarter and control side. We don't have any solution in FortiGate. However, Sophos Firewall has it, so it is good for Fortinet's next version.

View full review »

The routing capability on the FortiGate devices has room for improvement.

View full review »

The dashboard is not user friendly so is a bit complicated. Training is important or you will suffer when completing tasks.

We would like the ability to divide users by position and assign different rules to each position. For example, managers are allowed to browse YouTube but employees are not allowed. 

View full review »

One of the features that I would like to have is endpoint protection, this should be integrated. For example, the firewall gets notified of any kind of forensic event that needs to be done, such as if there is a ransomware attack and how it originated, all those records have to be available from the firewall, which is not.

View full review »

I don't see any area of improvement at this moment. I'm responsible for the IT infrastructure. I'm not a security specialist. The IT security is being managed by the CSO in our company. 

We had some issues in the beginning while setting it up, but after doing the firmware update, it is working fine.

View full review »

Usually, we sell the bundle with the UTM or threat management piece with IPS, IDS. Other providers, such as Palo Alto, are ahead in terms of safe functionality. So, for me, delivering truly safe service is probably something that still needs to be improved.

Anything they can bring around safe service would be brilliant. At the end of the day, when we talk to customers about deploying, split tunneling, and looking at endpoint security, remote access or safe type of features would be useful.

View full review »

What I'd like to be improved in Fortinet FortiGate is for it to have advanced WAF functionality. Even in FortiADC, WAF functionality is not supported for advanced attacks, e.g. mobile bot attacks. Fortinet FortiGate needs to improve its WAF function.

SD-WAN is also good in this product, but it still needs improvement, particularly in security. We saw some attacks last year, so they need to improve on that.

View full review »

Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing. 

View full review »

The renewal price and the availability could be improved. We faced a lot of delivery issues because of the pandemic situation. We are a customer, but sometimes we have sister companies, so we deliver or order a few extra boxes. In these cases we are facing some delays, like three or four months. There are a massive delays in deliveries and they're saying that it's from the vendor itself. I don't know how long this will last or if it's just temporary.

View full review »

Currently, FortiGate is providing SSL VPN. But they're missing some features that are available in Palo Alto's SSL VPN. Palo Alto provides a compliance check along with the VPN, and they have a very broad checklist. So Palo Alto's global protection can scan and check multiple things, and we can choose what access users can have based on compliance with policies. So I think this is one area where FortiGate can improve. Also, multi-factor authentication isn't native to FortiGate. If you want to incorporate multi-factor authentication, you have to add a secondary or third-party solution. 

View full review »

We have never encountered any issues with it. The price and deployment part of Fortinet FortiGate is good, but it can always be better.

View full review »

The platform's compatibility with Wi-Fi equipment needs improvement. Sometimes, the Wi-Fi units don't work, or one of the networks stops working, and we have to reboot the FortiGate client's endpoint.

View full review »

We are in an era of cloud-based things, so most need a simpler pay-as-you-go model. That might be effective for SMBs, where small organizations can afford features. FortiGate needs to be elastic to the market's trends. It should be easy for SMBs to get the solution. A cloud or SaaS model would be effective. FortiGate should bring a solution that allows smaller companies to use firewalls. Very small or medium companies do not focus on security, but it is the major concern of every organization. To tap that market, FortiGate must bring an innovative product everyone can adopt.

View full review »

They should provide us with a CSV number for patch updates. It will help us block specific signatures as well.

View full review »

FortiGate's connectivity for small businesses is not as strong as it can be. If Fortinet includes more information and marketing to small businesses, their presence will be improved.

View full review »

In version 7.2.0, the product offers built-in automation to its users. Earlier, there was no automation offered for the product. Nowadays, the product sends automatic emails to users as a part of its offering to let the users know whenever there is a need for automatic backup when the ISP goes down and the interface status. The automation can be further improved.

Fortinet's support team consists of a huge networking team, because of which there is a delay in response at times. Fortinet's support team needs to improve their time management skills.

View full review »

The solution's GUI is not very appealing. When using a tool from another vendor, we found the GUI of that tool to be quite appealing. FortiGate Next Generation Firewall uses a very old type of GUI, which is not very appealing. The GUI can be improved.

View full review »

There are times when we would want to set an IP address on a physical interface and then attach secondary IPs or sub-interfaces on that. I'd like to have as many as possible. There's a limitation wherein you can only have about 30 virtual or secondary IPs on a particular interface. I would like that to be expanded to 254 or 256 secondary IPs.

View full review »

Vulnerabilities owing to viruses in the OS need to be reduced in FortiGate Next Generation Firewall from an improvement perspective.

Some vulnerabilities get added to the system every two months, which may be code execution or backend and backdoor issues.

In the future, the product should be able to tackle vulnerabilities. Research and development to increase the product's security capabilities is needed.

View full review »

FortiGate NGFW can improve technical support. The engineer who answers the technical support call, email, or phone call, whatever the medium may be. The response time is very bad.

View full review »

The improvement is related to logs. Instead of the CLI, we should be able to have more insights into the logs of the firewall in the GUI.

I faced a lot of issues when I was trying to deploy the firewall through FortiManager. The firewall is stable, but FortiManager is too buggy, and it doesn't work properly. It gives too many errors.

There are some issues with Fortinet SD-WAN. It's quite complex.

View full review »

In the next release, the tool can have more features in a single box that can be multi-applied to integrate everything.

View full review »

I would like to see improvements in the product's application rules. 

View full review »

They can improve in the area of creating daily, monthly, and item-wise reporting. I think they should focus on including IP-controlling functions. 

I would like for Fortinet to add a ransomware protection feature in the next release.

View full review »

The customization is a little bit difficult because we have to customize everything. Typically, we will enable everything.

View full review »

Fortinet FortiGate IPS could improve the VPN. There are times it is slow.

View full review »

Fortinet FortiGate could improve the user interface. There should be more functionality and options through the GUI.

View full review »

The biggest problem we have is the way they handle virtual IPs. It's not handled well at all and even pfSense handles that better. There are three different ways to configure it, depending on whether it is an internal or a through process, and it's just unnecessarily complicated. It would be nice if everybody got together and agreed on some language in their CLIs, but that's not going to happen. If you only dealt with one product on a regular basis, then the problem wouldn't be as evident.

View full review »

Fortinet FortiGate can be integrated with different platforms. They have integrations in place, but I can't say they're 100%.

View full review »

It is quite new for us, and we need to go more in-depth into the monitoring tools. It provides different features that we need to do what we want. So far, it is okay for us. In terms of improvement, in the future, they can provide a faster implementation of features. Some of the features are first available in other solutions. Fortinet sometimes takes a little bit longer than other solutions, such as Check Point, to implement new features.

View full review »

Their support can be improved in terms of the response time and the quality of support.

There are some tiny bugs that sometimes affect the operations. In the past revision of it, there was a bug. Because of the bug, we had to downgrade the version. It happened only with the last revision.

View full review »

Price, of course, can always be more competitive or better.

If a customer has a requirement for firewall, security, WiFi, and analytics, it is good if we can propose a solution from the same vendor, but we have found that no distributor in Hong Kong has sufficient knowledge to deploy Network Access Control (NAC) solutions. They have a wide range of products, but apart from the popular ones, such as a firewall or an AP,  there is not sufficient support here in Hong Kong for NAC solutions.

View full review »

Fortinet FortiGate could improve if it had a cloud-managed solution.

View full review »

Fortinet FortiGate could improve by adding FortiAnalyzer to its solution, we should not have to use another solution. FortiAnalyzer can provide more detailed information.

I hope that Fortinet FortiGate provides a software define network(SDN) solution.  and provide the interface for the user. If we have the SDN interface we can develop our system to manage Fortinet devices.

View full review »

I'm not sure if it's something that they already have or are developing something, however, we need some dedicated features for container security. Other vendors have developed some kind of specific product to protection. Containers now are very common, especially in the cloud. It's an area that needs to be addressed.

View full review »

The solution could improve by being more secure.

View full review »

The logging details need to be improved.

View full review »

Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why.

In terms of additional features, I don't have any requirements. It is okay for me. I do lots of things, and I still don't know everything about FortiGate. If I need something, it might already be there in FortiGate. 

View full review »

The solution overall is quite good. It works how we need it to. I can't recall seeing any features that are lacking.

We haven't had any breaches in our organization, however, I have read in journals that there have been some issues.

There may have been some bugs after an update, however, that has since been resolved. We saw a few bugs in the web field and when we ran an update it was resolved in the new version. 

Some resources must be accessed via web fields. We were not able to access them at first. However, it was a simple task to fix it and that has since been resolved.

The pricing could be a bit better, especially when you consider how they have the most basic offering priced.

View full review »

FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works.

Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware.

The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack.

View full review »

The commercial side of things can be improved a bit. They have such a good product, and when you disable some features, it has to be commercialized for you to enjoy those features. Therefore, you are actually buying half a product. You have hardware there, and yet, your features are not enabled. The primary things, such as the antivirus, web filter, DNS filter, application intrusion, file filter, and email filter come with the general license. There are other things that you want to also enjoy in this system and you can't. 

There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering. That's one of the drawbacks they could look at. 

Sometimes the firmware automatically updates itself. Then it corrupts the configuration and you have to roll back or you have to do amendments to the configurations. That, however, has happened only once with us. We have put in controls for automatic updates to stop them and now we do manual allowance or we allow the manual update.

Most of the features are good. They give you pricing and you get a VPN for about 10 users where you can test it. For us, we feel that we need to buy extra licenses due to COVID, as people are working from home. Under the current conditions, we are not getting the best out of the firewall. 

They could just maybe put better graphics or better reporting into the solution. I want to know who is the user and what is the exact website they're visiting. Something like that would help. They should do more like what the GFI is doing.

View full review »

The only thing is sometimes you have to learn with CLI. For those not familiar with CLI it can be an issue. It would be ideal if we could avoid using CLI. If you make a mistake in the command line, it's harder to detect. It would be much better if they had a user-friendly GUI.

The initial setup is complex.

View full review »

I don't know how Fortinet FortiGate can be improved; I find it comfortable and appreciate it as it is.

View full review »

Fortinet FortiGate SWG can't be used on its own, and you have to get FortiAnalyzer.

View full review »

Our customers have a specific application for two-way inspection. Two-way inspections are not possible in FortiGate. It is usually available in load-balancing solutions like F5. It would be a good improvement if the product provides two-way inspection features in the next release.

View full review »

Fortinet has serious vulnerabilities. Some of their interfaces are exposed to attacks. Since they are more prevalent, they may attract more attacks and have more vulnerabilities discovered.

View full review »

There's room for improvement in the interface, especially following their upgrade to version nineteen. The issue arises from the increased complexity, where tasks like defining the NAS require navigating a separate window, and regular policy configurations are done in a different window.

View full review »

The solution could add API protection.

View full review »

It is complicated to manage different kinds of on-premise boxes.

View full review »

Fortinet FortiGate SWG's SSL offloading features need improvement.

View full review »

One area for improvement is the IPS engine, which is something that needs to be improved on. I've had so many issues whereby I have high CPU usage, and when I check, I see it's being consumed by the IPS engine. I have to upgrade the IPS engine firmware and all that. That has been the main pain point with FortiGate. Likewise, customer support could improve.

View full review »

The solution’s stability could be improved because we sometimes face some drops. It was not due to the box, but it was due to some misconfiguration on our end.

View full review »

In terms of solutions, for now, we don't have any SD-WAN. Yeah. We are planning to implement SD-WAN due to some failures we experienced last year. For our high availability design, this would be beneficial.

So I would like to have SD-WAN as a part of the Next Generation Firewall. It would enhance high availability.

View full review »

I cannot say anything about the product's price, and the tool does not need any customizations.

A firewall has different levels of productivity that its customers can use in their official branches, which can be small offices, big offices, or enterprise-sized organizations. The vendors offer models with different levels of productivity of the product to its users, which is not possible in FortiGate Next Generation Firewall (NGFW). It lacks integration options. I would like the tool to offer its users more integration options. Most of the vendors of NGFW offer integrations open with different solutions. FortiGate is able to integrate with Cisco or Microsoft. FortiGate has a lot of possibilities in terms of integration with other vendors, so the integration capabilities of the tool need improvement. FortiGate Next Generation Firewall (NGFW) has OpenAPI, which gives customers an option to integrate the tool into their custom software.

View full review »

Web security solutions can be improved.

View full review »

Fortigate is always innovating. I'm not sure if any improvements are needed.

We'd like to have multi-factor authentication via fiber.

View full review »

FortiGate IPS is somewhat pricey compared to other solutions. There is also room for improvement in terms of the radio signals. The FortiGate WiFi has a relatively short range. I've found there is a lag in its zero-day malware response that could be better, and FortiGate could integrate better with other brands of equipment or identity management solutions.

View full review »

We also have FortiAnalyzer deployed here, so we want to enable the soft functionality of FortiGate and built-in compression for a firewall VPN use case. We want the ability to deploy a gateway for HTTPS enabled on this firewall. It is currently only for use in our headquarters.

View full review »

It's a bit more complex to configure in comparison to Cisco.

The learning curve is a bit higher. 

It's not the least expensive solution on the market. 

View full review »

The speed of the detection could be improved. The prevention mechanisms and implementation are not easy and could be better. In addition, filtering and IDS could be added.

View full review »

So far, everything has been good for us. We haven't had any issues. 

While the security is good, we'd always prefer if it was even better to ensure protection.

View full review »

It would be helpful to have a better tool for migrating all policy rules using an automatic script. The current tool does not place entire configurations in their desired locations. It takes time to manually configure for compatibility across different platforms or vendors. 

View full review »

Fortinet FortiGate can improve performance. There was a huge challenge in terms of CPU and memory where the IPS engine would keep triggering. There were random spikes of overutilization in the CPU and memory resources. They have to work on CPU and memory stability considering these IPS engines. A few versions were very unstable.

The current Fortinet FortiGate IPS package has only standard options. If they could work around optimizing those packages for different needs it would be better. There might be a media company, or banking organization, which needs a different set of signatures and different bundles on priority. If they could segregate that in terms of organization and needs, or at least institutional-wise segregation, that could be great. 

View full review »

FortGate's IPS reporting could be made better by giving more details regarding the source and destination of network traffic when it comes to the overview section. This would allow me to more easily follow the flow of traffic based on IP addresses, without having to integrate the IPS with other products that perform more sophisticated traffic analysis.

Another improvement, that may only tangentially relate to the IPS, would be to include more functionality and details regarding SD-WAN (such as the ISDB), in order to make it more secure.

View full review »

It is very complex. 

There are a variety of improvements that can be made. 

The reporting was limited. I had to use FortiAnalyzer to obtain a complete solution. The reports are very limited with the solution, basically. Once you implement FortiAnalyzer, you can create very, very detailed reports for all the networks.

View full review »

The interface could be better.

We would like the initial setup to be a bit easier.

It isn’t missing any features. We’re pretty happy with it.

View full review »

Fortinet FortiGate needs to improve the protection, it did not prevent us from being attacked. Additionally, Fortinet FortiGate could provide more features for WAF devices. I should not have to purchase two solutions, it would be a benefit to combine these features into one solution.

The main challenge to IT is hacking, and damaging the network software. Anything that can make a threat to our servers,  accounts, VC, from an email or internet connection. We need all companies to make investments to improve the facilities of these devices in order to provide a one-package solution to protect our servers, and systems from any hacking, ransomware, virus, any command, or any other threats. They need to improve all the security features.

View full review »

It can be a little bit more user-friendly in terms of policy definition and implementation. It seems a little bit complicated, and it could be simplified.

When there is a change in the IP address from the ISP, there is some disruption in the service. So, we try to do it when we have the least number of people working, which means very late at night. So, for the time being, it is working fine.

View full review »

The firmware needs improvement because there are bugs when a new release comes through. Sometimes, the configuration changes, and it's a bit harder to see where the fail is. The first time that you have the firmware, it tends to have some issues, and it's better to wait a bit to update the equipment.

All the development of the firmware should be fixed before the update at the page level.

API tokens need to be improved, particularly with regard to integration with other cloud solutions. In other words, proxy flow and API integration need improvement.

View full review »

There could be more modifications. Some features are enabled, however, compared to Fortinet, some features are not easy. 

Sometimes the dashboard does not open properly. When we add more options, SD-WAN features, and user control features, the opening is very slow. It does not sync properly.

View full review »

The product needs to drastically improve its reporting capability. Right now, that is what is lacking. They need to offer monitoring dashboards.

The product should be more user-friendly and attractive. The interface doesn't look as nice as it could. 

View full review »

The configuration option availability is not 100% from the website of the FortiGate web management site. When we log on to the web interface on FortiGate, we do not have everything under this web solution. If we need some specific configuration or need to do some specific configuration, we need to do additional things on the CLI. 

The stability could be a bit better.

View full review »

I would like to see better pricing in the next release, as well as a simplification of the installation.

View full review »

I would like Fortinet to add more automation to FortiGate.

View full review »

There are limited features.

Scalability could be improved.

The issues with the IOS are that they occasionally hang. They are not as reliable as they once were. 

When there is an issue with IOS, new updates are introduced, but the updates also have a lot of issues.

Performance and technical support are the main issues with this solution.

When compared to Cisco ISE, the device administration is not very good.

Fortinet is not very good at firewalls when compared to Cisco. Cisco offers full administration control, TripleA, SQT, they use TACACS security protocols, and they have much more control. Cisco's approach is superior.

View full review »

Fortinet FortiGate could improve by having better visibility. Palo Alto has better visibility.

When using Fortinet FortiGate you sometimes have to use the CLI to do some configurations which can be sometimes more difficult than using a GUI that other solutions can use, such as Palo Alto.

View full review »

The solution could be more secure and stable.

View full review »

I'm satisfied with the product more or less. If we are presenting Fortinet and proposing Palo Alto also, Fortinet is not able to develop the kinds of features available right now in the market. Even with the sandboxing feature, which is an advanced synchronized security, right now most customers are asking for a complete solution like EDR, XTR, or a kind of firewall. It should get synced, and there should be a type of URL filtering application that filters all kinds of visibility.

The feature which gives us a lot of pain is ASIC architecture. The firewall architecture is a kind of an operating system in the chip. We have our kind of base operating system in raw mode, so nobody is able to hack it out. The problem is that every time your base operating system gets an upgrade, customers need to upgrade the firewall. It means you have to replace the older firewall. That's a pain area. It should not be that kind of ASIC base. It should be based like Check Point and Palo Alto so if there is a major update coming in, they can be updated on the same firewalls.

View full review »

A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer.

Its initial setup could be simpler.

View full review »

Fortinet FortiGate could improve by adding enhancements to FortiMail, FortiSOAR, and FortiDeceptor. 

View full review »

Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit.

View full review »

FortiGate should have a better way of detecting and managing the system memory because otherwise if the memory is too low, a system restart is required.

View full review »

The scalability could be better.

View full review »

Its reporting and pricing need improvement.

View full review »

The integration with third-party tools may be something that they should work on. We haven't actually tried to implement that, however.

View full review »

In terms of what can be improved, they do have certain features that you can only configure through a CLI and there's no GUI interface for it. That's a pain. But it's nice that the user can do everything one way or the other.

They sometimes hide some features and if you want to enable them, you have to go in the CLI, enable the feature and configure it through the CLI. Customers, typically, like everything to be done by the GUI.

View full review »

The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall. 

If I wanted a unified console, I have to pay extra. And that's the downfall. That's the only needed improvement that I would say for the Fortinet solution, is that they should have it web-based from the get-go. You should not have to buy an extra bundle or an extra device.

If I have to make an update to a web filter, and I have 12 devices, I've got to do it in 12 places. If I don't want to do that the client can pay for a pretty expensive device or virtual appliance that does that for them. It's like an expensive centralized management tool. That's the big downfall of Fortinet. It doesn't come included, you have to pay for it. Their web-based one, that's sort of just like an inventory manager. It's not really good for distributing roles. With Cisco, you don't have to do anything. The one from Aruba HD has one too. Fortinet should try to be similar to those options.

In the next release, it would be amazing if they could give a better tool for upgrading, so that if I upgrade from an older version to the other, it can read the configuration and processes it for me so that I don't have to rewrite it from scratch. In FortiConverter, they have a tool like this, however, it doesn't work well. It's really more for bringing items in from other vendors, not from one version to the other.

That was my last experience where they operated from version five to six. However, that's really the only big thing. The main thing is to include the FortiManager cloud software like Cisco does. To have one solution. If you paid $150 a year for the support, you might as well get that too so I could manage all the devices at one spot. They do have FortiCloud, however, it's not the same as the way Cisco does it. They are selling another product called FortiManager. FortiManager should be included with the support, and that would make it more of a business solution, rather than a feature request.

View full review »

A shorter response time when we have questions could improve Fortinet's first-level support quality. The knowledge base is comprehensive, so that is okay. For additional features that could make Fortinet FortiGate even better in the future, they have the SD-WAN, but I do not know if they have quantum VPN. 

I saw one brand that has a quantum random number generator, so maybe that could enhance security, along with a smaller version of their product to fit into the budgets of smaller departments.

View full review »

The product’s price is high. It is charging more compared to other solutions.

View full review »

The UI/UX experience can be a little better.

View full review »

The price could be improved.

View full review »

The product's data guard feature should support a USB port when the internet connection is unavailable.

View full review »

I see problems with the licensing. If I have to add a new feature, we need to add a license. There may then be extra costs for our maintenance budget.

View full review »

The management consoles can be improved. I have used them before, and they are not so good.

View full review »

FortiGate Next Generation Firewall's performance and threat intelligence could be improved.

View full review »

There are multiple firewalls, and I mainly worked with Sophos and FortiGate. To weigh the pros and cons, different types and aspects should be considered in different firewalls.

The support for FortiGate in the Indian region can be improved along with the scalability. The pricing of the solution is expensive, so it could be cheaper.

View full review »

Maybe the room for improvement is to have more flexibility on the virtual machines of their next-generation platforms. 

So far, FortiGate is really pricey and comes with some restrictions. FortiGate NGFW can enhances that to make it easier to be deployed.

View full review »

There is room for improvement in pricing. 

View full review »

In order to make it even better in the future, improved integration with other vendors' solutions could be beneficial.

FortiGate is compatible enough with other infrastructures, but I encountered difficulties when attempting integration with other infrastructures. So, better compatibility could be an area for improvement.

Another area of improvement could be in terms of changing passwords. For instance, when using FortiGate firewall, you can have the option to set up SSL VPN, allowing users to connect to the network externally. It's like using FortiClient software. But here's the thing, when you have a local account on FortiGate, and you use it to access the network, there is no option to change your password, and that becomes a problem. Especially when you are not using Active Directory and instead relying on the local FortiGate database to create accounts. 

The admin creates the account for you with credentials and a password. But when you try to access using the VPN client software, you have the ability to change your password, and that's not ideal. It's quite challenging. So, if you need to change your password, you have to contact the administrator to change it on the equipment, and that's not convenient, especially in large environments. So, that could be the only solution.

View full review »

The solution's after-sales service needs improvement.

View full review »

They need to improve features related to mobiles with more and more customers adopting that as their way to manage things. They need to look to the future with their features and meet filtering requirements which the solution cannot currently do. 

View full review »

Price is a major competitor in the market for solutions. When we compare solutions, it's important to consider the pricing. To stay ahead of the competition Fortinet FortiGate IPS needs to think about how to adjust pricing. Most people prefer to use Apollo setpoint.

View full review »

Fortinet can add some Machine Learning and AI to improve its accuracy and give it an edge on IPS detection and protection. They have some machine language learning but can still improve using AI.

View full review »

Whitelisting could be better. We'd like to be able to automate more so we can whitelist in bulk. It would be ideal to have the ability in this tool or to have a tool that could plug in and allow us to do whitelisting in batches. 

View full review »

We'd like more integration with the analyzer so we can track down any problem and have a correlation to try to find the root cause.

The solution could maybe use more integration with artificial intelligence to be more proactive.

View full review »

It takes a long time to install the solution.

It could always be more secure. 

View full review »

What could be improved in Fortinet FortiGate SWG is its pricing because it's a bit higher. If it's cheaper, my company could pitch it to customers and engage with customers better about it.

What I'd like to see in the next release of Fortinet FortiGate SWG is an improvement in its dashboard or GUI. I'd like it to be more user-friendly.

View full review »

Fortinet Fortigate could benefit by simplifying some of their processes. For example, if you are using Cisco, and you want to find a source and a destination, you type the IP of the source and then the IP of the destination. Cisco will find any denied packet by highlighting it in yellow.  To access it with Cisco, all you need to do is right click. FortiGate is not that simple.

View full review »

Overall, the integration could be better. The FortiManager is likely not good. I can't use it as it is unstable most of the time. We'd like to have an SD-WAN for a sandbox, for the Fortinet perimeter. We'd like to be able to manage different boxes.

View full review »

The solution is very expensive.

View full review »

Fortinet FortiGate should improve the VPN tokens. 

The upgrades should be reviewed more frequently, such as daily, to avoid any corruption or issues that can happen, without losing my VPN client. We should not need to downgrade the solution to fix the problems until the Fortinet FortiGate support solves it.

View full review »

Fortinet FortiGate could improve by having a frequent ask questions(FAQ) area for people to receive quick answers to popular questions. Additionally, it would be beneficial to have an SMS notification feature. For example, if you cannot access your email you could receive an SMS message.

View full review »

An additional feature I'm expecting from Fortinet FortiGate is for it to have an analysis feature, rather than having the analysis done via integration with a different product.

View full review »

They have to just improve its performance when we enable all UTM features. When you enable all the features, the performance of FortiGate, as well as of Sophos and SonicWall, goes down.

View full review »

The cloud management and automation capability could be improved.

View full review »

I'd like to see training provided for new features and upgrades, it's not currently available. They really need to work on their support. There's a huge market for enterprise business right now and Pakistan is focusing on network security. Fortinet lacks local premium support.

View full review »

Fortinet FortiGate needs to improve to be on par with its competitors, such as Palo Alto and Sophos. They are the market leaders. Fortinet FortiGate needs to improve its capabilities. However, we are happy with Fortinet FortiGate.

Fortinet FortiGate should provide firewall certifications training for NSE 1, 2, and 3. 

View full review »

Bandwidth usage in reporting could be improved. There's an aspect in reporting that I'm trying, but what I noticed is if you logged into the VPN, there's an effect on the reporting in terms of bandwidth, that needs improvement.

View full review »

The platform's interface could improve.

The client and the Fortinet FortiGate have good integration, but there are times it doesn't work as it should. The union with the two technologies, endpoint, and firewall, doesn't work well. There are some things that do not work.

View full review »

We require troubleshooting and those kinds of things. We have to worry about debugging. It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics. That would be much better. FortiGate has only CLI-based diagnostic capabilities. Sometimes it's become very difficult to do all this troubleshooting.

View full review »

Fortinet FortiGate could improve by having more storage in the hardware for log data.

View full review »

I would like to be able to generate reports about the protections that we have. I would like a report feature.

For example, I would like to see that in VPN and FortiGate, that the equipment that connects to the network is evaluated. Right now, FortiGate validates the users in the active directory and the users have the right permissions to connect. I would also add the user and the computers that are allowed in the active directory. It evaluates the actual active directory, and some computers are allowed but not all. Only the computers that are in the active directory. Right now, when you connect to the VPN, FortiGate checks the active directory. They have the check feature but it should be improved.

This solution has records but I would like to see that in IPS you could define your rules - we have almost 10 or 15 rules, and see if these rules provided protections over the month. For example, to track a specific rule across the IPS solution.

View full review »

When everything is taken into account, the migration is quite painless. I believe that improvements will continue to come from the fact that as threat vectors get more complex around the world, advanced threat protection and deep packet inspection will become increasingly vital. That is where technology needs to advance much more quickly.

The most important feature to have is zero trust, which is lacking in Fortinet FortiGate IPS.

Zero trust is something that has to be embedded and I would still like to see how Fortinet approaches it.

View full review »

The Wi-Fi controller feature needs a lot of improvement. The function itself is not as stable as it should be in our use case which might be a problem in either the APs or the controller.

Would like to see more wizards and automation for more features such as virtual servers, SSL VPN, and others where policies, rules entries are created automatically form wizard input.

Some of the features related to load-balancing and traffic shaping are not as straightforward as they need to be. 

The VPN functionality needs low-level debugging get what really going on. Log level is too detailed and requires someone who is quite experienced to analyze and solve those issues. 

Zero-trust base features are lagging behind the other competition, based on what I have read. Would like to see those features in a clearly in the UI.

View full review »

The logs need to be better. They need to be more visible and easier to access.

The VPN features could use some improvement.

View full review »

Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements.

They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security.

View full review »

The only problem that we have here in China is that the whole subscription process on Fortinet is a little bit difficult if you are doing it from China. China has kind of a firewall around the country, and we sometimes have complications due to that aspect.

As a whole, I don't think that the product is actually missing any features.

You do need some IT knowledge in order to effectively work with the solution.

View full review »

In our environment, we need multiple virtual firewalls to facilitate end users and customers. Fortinet doesn't provide that but they really should include that feature. 

View full review »

The support costs and licensing are sometimes so expensive. They should work on their pricing model.

View full review »

They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. 

They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company. 

View full review »

The solution isn't really lacking features per se.

The product does need better support in the cloud environment. It's not exactly cloud-native right now.

The solution needs to do more on the deployment in the multi-cloud. For example, clients have GCP and AWS. How do we deploy FortiGate in a cloud environment? Right now, there's no solution for that.

We're worried that the scalability isn't as good as it could be.

View full review »

The only challenge that we are facing is that a good internet connection is required for VPN stability.

Some of the web policy reports could be improved. There are reports generated that show exactly which user is using how much bandwidth, and which sites they have been browsing. We should have a way to show that on a single screen. As it is now, when I click on a user, the information shows on another tab.

View full review »

They are doing good, but they can improve the distributor assignment. The availability of the product and the timeline of delivery are the main things. The distribution should be swift, and the distributor should not reach out to end customers directly. They should work as a distributor. There should also be one more local distributor. Currently, there is only one distributor in Pakistan, and the rest of them are in UAE. It is difficult to work with only one distributor. Sometimes, you don't get along with the same distributor, and that's why they should have one more distributor. 

Their licensing should also be improved. The activation or renewal of the product should be done from the date of renewal, not from the date on which the license expired.

View full review »

The ease of use could be improved. 

View full review »

The product has enterprise capabilities, which means there are a ton of configurations possible.  What I'd like to see in the product is more of a branch in the box wizard deployment for those that are not as well versed in firewall and routing.  For a small business, the firewall should be able to self-configure for a Unified Threat Management configuration with 2 SSIDs for protected wireless network for internal gear and a guest wireless network for employee cell phones and guests.  I'd like to open the box, plug in the router behind the cable modem, and check a few boxes, and the rest is done automatically.  I don't want to have to build a configure VLANs, SSIDs, security protocols for each port, and try to figure out and understand all the layers in an effort to deploy a solution.  It's great to have those capabilities in case you need them, but for most of the offices I am trying to deploy these into--it should be a branch in a box.

View full review »

I'm not sure if the solution is really lacking anything major. For us, it works okay.

They seem to have made a lot of improvements since the last release.

Technical support could be better. You don't always get the level of help you need right away.

View full review »

I don't like that anything more than very basic reporting is not included. You have to buy their cloud module that's an add-on for getting more customized reporting.

It has just about everything that we are looking for and the customer is needing. It's just the reporting part that is lacking in the base application.

Technical support could be improved.

View full review »

The cloud management should improve. There are other manufacturers that have better management cloud solutions. Aruba, for example, is very good at this aspect. Fortinet could look to them as a model of how to do something interesting with management solutions.

Fortinet across the board needs to improve the LAN aspect of their products.

The solution lacks multi-language support.

They could offer access points to small companies and firewalls at those access points. Aruba, in that sense, is much better for smaller organizations as they provide this possibility.

View full review »

Fortinet is a very big product. It has FortiGate, FortiWiFi, FortiSwitch, email security, etc. Due to this, they have some weaknesses in the ISPs, the services. They could improve these aspects. Hotspot services especially could be a lot better. 

There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs.

View full review »

Fortinet is good in terms of security and threat prevention, but they are not leading. For example, the signature database can be improved.

If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement. Customers that have ISE implemented are able to provide inputs based on malicious traffic, and then ISE will automatically block it.

View full review »

If it would integrate everything in one place then it would be an improvement.

I wanted to buy some switches and integrate them into the system, but we couldn't find anyone here in Israel to provide them or to provide support. Also, we could not get a replacement if something needed to be replaced. 

We wanted to use one vendor to do everything from one managed central management point. It may be something they offer now, but I am not sure.  

It would be helpful if we can have one easy place to manage, or from the cloud to all the devices that are at the client's location. This is the backbone, the switches, the access points, FortiGate, everything. 

Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it. 

So, if you could do everything without that, it would be much easier when you do V-LANs.

View full review »

The performance and speed are aspects of the solution that could always be improved upon.

View full review »

In the enterprise proprietary world, Fortinet, in my experience, considering its cost and reliability (maybe they could bring the price down or maybe they could make more plans), I honestly don't think that there is much room for improvement. I think it's a pretty good solution for anyone who is looking for a proprietary solution. I wouldn't look anywhere else.

Cisco, for example, is probably way overpriced. Fortinet on the other hand, one of their strong sides is that they have an all-encompassing solution with a very reasonable price point. Cisco and other brands are a little bit more modular — to get everything you'd have to buy a lot of different packages.

An automated guide feature or templates that you could pick and choose would be a nice addition.

It's definitely not as easy to look at traffic as I would like. Sometimes when I'm trying to see what traffic has been blocked or what traffic has been passed, it's not as easy as I would like to filter it out or to monitor bandwidth.

The monitoring is not as good as it could be. It could be a lot easier to understand. For example, I was trying to figure out, in a given timeframe, how much was downloaded off of a certain interface and I didn't really understand how I could get that information or if it was even available. I was searching the documentation online and I couldn't even figure it out. Monitoring and reporting could be better; It's very good, but there's definitely a lot of ways to improve it.

View full review »

I would like to see a more intuitive dashboard.

Technical support can improve in knowledge sharing and they can implement better.

The dashboard appearance needs to be more refined. It has to be smoother and more customer-friendly.

As the cloud is more prominent and more are moving towards the cloud, people are used to certain ease of doing things, and less complicated.

I understand that a firewall is a technical product, but we can try to make it a better customer experience which will increase usability with good results.

View full review »

FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. 

Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and their presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate.

View full review »

FortiGate may include AI capabilities and integrate external threat intelligence. However, version management and backup/restore operations could be improved.

View full review »

The performance can be improved.

View full review »

The solution’s stability could be improved.

View full review »

The solution doesn't cover all aspects of protection. There should be better customization in the IPS. The Intrusion Prevention System (IPS) and FortiGuard could benefit from enhancement. 

So, in future releases, I want to see improvements in IPS, particularly in terms of customization.

View full review »

Being a great product, some changes in the pricing would make it a great choice for even more organizations.

View full review »

One area of improvement I've noticed is the lack of built-in monitoring capabilities in the firewall. Currently, we rely on third-party solutions for monitoring purposes. However, I believe the firewall itself has the potential to do a better job in this aspect.

Another aspect of Fortinet that concerns me is related to redundancy. We have a setup with two firewalls working in parallel, which requires a highly adaptable configuration. However, it feels unfair that clients need to purchase two licenses, especially when one of the firewalls serves as a backup. We have noticed that other manufacturers have different policies on this matter.

View full review »

The solution must improve the support provided for customers around the globe, considering the time differences in different places. The product could add some functionalities and features provided by its competitors to stay ahead in the market.

View full review »

Fortigate's hardware capacities could be improved. In the next release, Fortigate should include SSL decryption.

View full review »

We can't identify which users are causing challenges when we have issues. For example, we may know we have a challenge with our network, but many want to know where it is and the particular user. That would help us to blacklist the user if needed and manage the user data.

View full review »

The interface and product support could use improvement. 

View full review »

We have experienced a number of failures when trying to upgrade firmware and the process takes a long time. We only experienced this when doing major upgrades between versions. We have not experienced this challenge with other solutions. 

Fortinet has a policy of pushing all logs into the cloud but the log management is sluggish and slow. The problem is on the site or application where the cloud is hosted.

View full review »

The cloud features and integration could be improved. There are also sometimes problems connecting the endpoint protection to the firewall.

View full review »

The security of Fortinet FortiGate could improve.

View full review »

At the moment, we are having some problems with IP multicast. 

We would like to have the ability to disable some of the security functionalities. 

View full review »

Fortinet FortiGate can improve the integration with Active Directory. Additionally, I would like to have a Cloud Controller, such as they do in the Cisco Meraki solution.

View full review »

Fortinet FortiGate could improve by having more capabilities for troubleshooting VPN connections. For example, I do get some feedback about the current status, but I could use some history and logging of important events. The information is logged in our Syslog server, but I could use that information from the device. If they could provide a GUI to have some more insight on what's going with my VPN would be useful.

The way Fortinet FortiGate handles the phase two connection of a VPN setup could be better. For example, if I have to make a phase two traffic selector input, I cannot add more ports. For example, on a specific IP address pair, if I have an IP address pair source and destination, then I can only add one port. I'm not sure if I can do that through the command line, but on the GUI, I cannot, and this is a problem. I have to select another IP address pair to allow another port and this means new traffic selectors and a new set of tunnels. This causes more tunnels to need troubleshooting. 

I would like to be able to pass more diverse information through the same tunnel, and it doesn't seem to be possible if you want to limit the traffic through the tunnel and not allow all protocols between the same IP address pair. If we want to limit the ports, then I find there is a problem.

View full review »

I would like to see integration into other systems. That would be really great for me. The fabric works well only if you're using other Fortinet devices, but they're not exactly the best in terms of switching or access points. If they could extend their fabric towards other vendor environments for integration, that would be great.

View full review »

The solution's framework needs to be frequently updated in order to have a stable solution.

View full review »

The reporting in Fortinet FortiGate could improve. Customers are having to purchase additional reporting components. in  Fortinet FortiGate you have to use additional tools to have the features needed.

We need to use FortiAuthenticator to have additional bandwidth. Fortinet should include more features in the solution instead of having separate tools.

View full review »

An area for improvement for Fortinet FortiGate is that their support needs to be more customer friendly.

View full review »

Fortinet FortiGate is not very easy to use. The navigation could be improved to make it easier to use. Instead of double clicking the items FortiGate needs to click the "details" button to get the configurations or record details

View full review »

Its reporting can be improved. Sometimes, I don't get proper reports.

View full review »

There are some limitations to the solution such as publishing multiple servers with a single IP. I'd also like to see some improvement in the support system. 

View full review »

The solution is quite expensive and I'd like to see the cost reduced. I think Fortinet could raise their level of security. Their VPN service for users gives them the ability to direct remote users to exactly where they're supposed to go. It's good but some other solutions don't give access for remote users to come on to the network. Rather the cloud platform relays or reflects the application that the remote user would've wanted to get access to on the network. It means that remote users don't get to the physical network of the company and that's good for security. 

View full review »

FortiGate's reporting features could provide a better picture of what is happening in the box.

View full review »

We are managing FortiGate using a FortiManager and it needs improvement with respect to the ease of administration tasks.

There is a lot of improvement needed with SSL-VPN.

Technical support could be improved.

View full review »

It would be a benefit if Fortinet would release a one-stop solution that is better integrated with other products and has an automated emergency response system.

View full review »

We aren't really missing any features. 

The solution isn't lacking anything. We've been overall very please with the experience we've had. There aren't really any negative aspects to discuss.

View full review »

The solution could have licensing fees reduced in the future.

View full review »

We currently have two on-premise data centers with several separate firewall units and unfortunately they don't connect with each other. We'll likely migrate to Azure in the next two years because of that. 

View full review »

The price could be improved.

In the next release, I would like to see the interface simplified to be more user-friendly.

View full review »

In terms of what could be improved, the SD-WAN is quite difficult, because if you install in the new box, 15 is okay, but if you change from an old configuration, if there is already a configuration and a policy when you change to SD-WAN, you must change the whole policy that you see in the interface.

View full review »

We would like to see an upgrade to the VPN feature, we are using the VPN from outside of our office and there is a limitation to 10 connections, more connections would be suitable. Also, the security could improve on some features that are available.

View full review »

The feedback that I have received is that the performance could be better, and the user experience is not as good compared to a previous solution we used. It could be more user-friendly. Of course, it still works fine for our operations.

View full review »

It's good, and I feel that there is nothing more that can be added.

The pricing could be reduced or include the first year warranty.

View full review »

In terms of the product, we don't have anything to improve. But I have a concern about the FortiGate team here in Egypt, because there is an opportunity that we are working on and when we opened it and did the deal installation, it was rejected. When I talked to the FortiGate team here in Egypt, they told me they know about the deal, but they rejected it.

Additionally, they could make some modifications in the license. There are some license issues. Not every feature must have a separate license. There must be some kind of synergy between the license so we don't have to pay for every individual license that we would like to have.

View full review »

There is room for improvement. When it comes to email spam detection, Baracuda is the highest or the best, Cisco is the lowest, and Fortinet FortiGate is in the middle. Application management can be improved. Analysis and sandbox can also be improved in the next release. 

View full review »

The customization could be improved. Cisco, for example, is much better at this. They need to work to be at least as good as they are.

View full review »

I would like the deployment and integration of this product to be easier. We should be able to deploy the features more easily and have different types of access. It should be easier to integrate. Currently, we need to develop APIs to use this interface. 

View full review »

We have an issue with the license when it expires because we're unable to use the computers. We are in the hotel industry and there's an issue with vouchers when guests come in wanting to use them. 

View full review »

Its reporting capabilities can be improved. Some out-of-the-box reports needs to be able to provide usable data for example for web monitoring and reporting or browsing patterns and details.  Some customers does not require any forensic type reporting and may not want to invest in all the features offered by the FortiAnalyzer.

View full review »

A feature for bandwidth monitoring and the ability to have more bandwidth testing would be useful to include in future releases.

View full review »

I think some improvements could be made in vulnerability scanning. I'd also like to see additional features in the authentication. They support RADIUS, LDAP  but the solution doesn't have API integration with other solutions. They have API in FortiAuthenticator, but not in the firewall and not all customers want to buy another solution. 

View full review »

It's difficult to add or define, and it's not that easy to configure and manage. We're looking for something more flexible for the long term. I also find that the performance is limited in comparison to other solutions. 

View full review »

The price of FortiGate should be reduced because there are some other leading products that are cheaper.

View full review »

In terms of what could be improved, the FortiGate support could do some improvements on their IPv6 configuration. Right now it's still in the very early stage for utilizing in an enterprise level network environment

In terms of the FortiGate IPS, we haven't gotten additional tools because they are not free, and we have to purchase them to maximize this IPS feature. As long as they can perform some basic functions to meet our business needs, that is okay. I'm okay with this feature right now, so far.

In the next release of FortiGate the price could be better.

View full review »

Fortinet currently has many products bundled with FortiGate including the basic firewall and load balancer, and I think that that they need to have separate product portfolios for each of these specialized services. When it comes to large deployments, I don't think it's a good plan to have all of these services in a single box.

I think that they should introduce in-line security at the packet level, where they can do filtering and other firewall functions. It should not comes down to the infrastructure level but rather, offer services at the ISP level.

View full review »

If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox.

View full review »

The support could be improved upon somewhat.

The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work.

The command line operation is a bit out of our depth.

View full review »

The solution needs to improve its integration with cybersecurity. While in general, it's pretty good, this is always a concern as the landscape shifts constantly. They need to ensure they stay on top of things so that their security and integrations stay constantly up to date in order to protect our company. 

View full review »

It should have a better pricing plan. It is too expensive. 

It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server.

View full review »

The PPPoE server protocol with a connection to a Radius server is used a lot by ISPs and not so much by the end user. I think it would be great to see this solution with the protocol developed for ISPs.

View full review »

The search tool needs improvement. It's very difficult to search for policies right now.

When we need to engage with the endpoint or our customer during an investigation, there should be a way to investigate the issues without the need for the customer to be present. It would make it much easier.

View full review »

It is stable, but its stability can be improved. 

View full review »

Fortinet is huge in today's market and they've become quite expensive. I think there are products at the same level as Fortinet, but with better prices. They've changed their subscription plan and are now forcing companies to subscribe 24/7. 

View full review »

It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can.

View full review »

Their technical support could be improved a little bit in terms of responsiveness.

View full review »

The visibility of the network can be better. The GUI can be improved for better visibility of the network flow. Other solutions have better GUI in terms of network visibility.

View full review »

There are a lot of known issues in some newer versions of the FortiGate operating system, so there is room for improvement with that. One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support.

Having the newer features work in the older, more stable versions of the product would be great. Some of the new features might really help a lot, but there are problems with stability.

View full review »

I'm from the sales side and therefore I wouldn't really know if there are features that are lacking.

It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example.

View full review »

There are some cloud-based features that could be much more flexible than they currently are.

It's my understanding that they are currently working on improving the cloud solution quite substantially.

View full review »

Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs.

I would like the licensing price to be better. It would be nice if it were less than 25 percent of the hardware costs.

View full review »

For me, this solution has nothing to improve and it meets the needs that I have. I don't see any way to improve, at least from my point of view on regular use.

In the next release, maybe the documentation on how to use this solution could be improved.

What I have noticed is that when we have done some configurations directly from the command line, there is not a lot of information regarding splitting.

View full review »

They can probably improve the reporting feature. Reporting and report alerting are the main key features of this solution. They can always find ways to improve these.

View full review »

To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution. Fortinet claims to do everything Zscaler is capable of and I'm looking for a comparison between the supported features.

Fortinet VPN and DDoS capabilities are great, yet we need to provide a solution that enables CASB and integration to the cloud.

View full review »

Fortinet needs more memory to save the log files (like in the 101E, the old product). We need it to save the logs on the hardware and not in the cloud. 

I know this feature is available in FortiCloud, but if we need to log locally, it is not available. Also, the log only records a little time and needs to be longer.

View full review »

A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve.

My only solution would be please don't make it as a closed source. Don't make it as
a closed source. Give some kind of a power to the user so that they can consider it
according to their determine that it should have some flexibility on concurrent
connections not be restricted. I agree that to some concurrent connections the CPU and
the box may be a lower model and it need some higher scale level with this. But, there
should be a provision. There should be a provision to go to at least to 60-70% onto the
threshold to go beyond the designed capacity of something. Like we call it as a design
capacity, and since 70% addition to the 100% of it.

View full review »

WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead. There are lots of options for routing traffic over a specific path when you have WAN load-balancing enabled, but they are not as clear and consistent as they could be, and most can only be set at the CLI.

Some configuration elements cannot be easily altered once created.  For instance, there is no way to rename an interface (say, for a VPN tunnel), unless you create an entirely new one and perform a little gymnastics to switch from one to the other. Or, you export the config, rename the elements in question, then re-import the entire config.

Creating a meshed VPN connection (Office A with two WAN links connecting to Office B with two WAN links) requires a massive bundle of four IPsec interfaces, with two policies. It would be nice to have a cleaner, simpler config for that functionality, something not very uncommon today.

I have found that if you have a console cable in the device when you reboot it for a disk check, it will boot to the device firmware. This will not happen for a regular reboot.

If you have more than a very basic environment, you quickly have to escalate past the first level of support. The initial level is so-so.  The next level up has been stellar for me, and quick to figure out issues and resolve them.

View full review »

The tool is expensive for small businesses, making it an area where the tool can improve the product by making it available at a cheaper rate.

View full review »

The solution's stability should be improved because it is extremely unstable.

View full review »

When considering the policy of the vendors, they do not offer much of a discount policy, making the licensing model an area that needs improvement.

View full review »

The licensing model and pricing need improvement.

View full review »

The solution's technical support could be better. Also, its hardware features need improvement as well.

View full review »

The solution's load balancing feature could be easy to configure in terms of interface.

View full review »

There is an area of improvement in the pricing model and vulnerability management. 

In future releases, I would like to see partnering with cloud suppliers. 

View full review »

The solution should have more security features and come with VPN authentication and multi-virus authentication.

View full review »

I would like some automated custom reporting.

View full review »

The price of the solution could be cheaper. 

View full review »

Fortinet FortiGate SWG could improve the price, it is expensive.

View full review »

The graphical interface could be improved.

View full review »

Fortinet FortiGate IPS could improve the configuration. In some use cases, there can be some configuration conflicts.

View full review »

The security features are good but I'd like to see additional security options. 

View full review »

In an upcoming release, Fortinet FortiGate should add an SD-WAN feature.

View full review »

In Brazil, the main problem that we have is related to the protection from various attacks and ransomware in the public sector and the commercial sector. The main focus in Brazil is to deploy a solution to counter-attack ransomware and other attacks.

There can be more security in hybrid implementations. When a customer has a hybrid environment where some parts are in the cloud, we need a consistent security solution for such scenarios. 

View full review »

I would like reporting to be improved and should offer a lot more tools to monitor the products.

View full review »

I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive.

View full review »

It is very expensive, and their support is not very good. I hope that their technical support will be better in the future.

In terms of new features, it is a complete product. I don't expect any new features.

View full review »

Its price could be better.

View full review »

I would like to see improvements with the antivirus and IPS as they are not working properly all the time.

View full review »

I would like to be able to see more log details.

View full review »

The solution could improve the integration.

View full review »

The web filtering categories could improve in Fortinet FortiGate IPS. There are too many websites under the category of Unknown and the other categories are not featuring all the necessary sites.

View full review »

I can't speak to coming across any missing features. 

The solution has limited scalability. The sizing is based don't eh scale of the hardware. 

View full review »

The IPS monitoring can be improved. 

The price could be better. 

The installation was comparatively on the complex side when the solution's ease of use is stacked up against such products as Palo Alto. 

View full review »

The solution could improve the configuration, there are times the configuration is missing.

View full review »

The solution could improve by having some additional features, such as IBS and better cloud administration. Additionally, the web and DMC features are not very good. 

View full review »

The solution has many heightened points which we cannot get to without working on CLI. There are many features but these are hidden. 

View full review »

There are a lot of bugs I have found in the solution and it is difficult to upgrade. These areas need improvement.

View full review »

It would be better if they had a dashboard where we could see what attacks were happening. It would be good to see who's trying to get into our network.

View full review »

Its performance can be better. We have had performance issues in the past, but we sometimes tend to find that it is more related to what we do in our network than anything else. It is quite a good product, and there isn't much to improve.

View full review »

The initial setup and configuration are not intuitive and require training.

View full review »

I think they could improve the monitoring. 

View full review »

The cloud features can be improved. The sandboxing part is only available in limited parts of the cloud. If they could expand that, customers would find it slightly better. The price can always be cheaper as well.

View full review »

In the balance between links feature normally you can just choose one option to balance. It would be better for the solution to have more than one option, preferably three.

View full review »

We would like to see better pricing.

View full review »

The way everything is set up could be easier. Currently, people need a lot of experience and knowledge to administer it and to link it to devices.

View full review »

Need to Improvement in Reporting

View full review »

The solution could be more user friendly.

View full review »

The Fortinet support needs improvement and also the quality control of the firmware (there are a lot of bugs)

View full review »

The sniffing packets or packet captures can be simplified and improved because it's a little confusing. The automation feature has some limitations and could be better. 

View full review »

Technical support needs to be improved.

View full review »

Technical support is good but the response time could be faster.

When it's overloaded, it works slower and overheats.

The data analysis could be improved.

View full review »

The support structure needs to be improved because every time we contact them, there is a delay in the response.

View full review »

The support is the main thing that needs to be improved.

View full review »

I would like to see the product updated more frequently.

In the future, I would like to see improvements made to cloud-based management. They already have some features for this, but it's very basic.

View full review »

The solution could be more evenly structured and I'd like to see orchestration in the calls included. The solution currently lacks that feature. 

View full review »

It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier.

View full review »

The captive portal could be improved.

View full review »

The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and the security policy. They should also improve the SD-WAN function.

View full review »

The command line is complicated, and the interface could be better.

View full review »

The user interface could be improved.

View full review »

It could be more stable and secure. They can improve the ability to make changes, change requests, and provide more rounded monitoring in terms of security and potential threats.

View full review »

The user interface needs a bit of upgrading.

Pricing could be better. 

Customers are looking for 24/7 protection, but it's not as critical in the end. The pricing is preventing them for adopting it so they should be competitive.

View full review »

The license renewal process, annual renewal price, and the web application firewall features should be improved.

View full review »

Some of the features in the graphical user interface do not work, which requires that we used the command-line-interface. We have problems with that.

Log retention should be greater than 24 hours.

View full review »

I think there could be more QoS features in GUI. FortiGate has Traffic Shaping feature that is enough in most cases when shaping egressing packets, but sometimes I just need 802.1p prioritizing (Class of Service) of incoming packets and manual ingress queue assignment. This is what would be nice to have, but I realize that such a job is more efficiently done by L4 switch standing before firewall. Fortinet has a FortiSwitch that can do it, and it also can be controlled by FortiGate via FortiLink protocol.

[Firmware version FortiOS 6.2 update]: There are a lot of improved and newly added things, so it is very hard to imagine any additional features.

View full review »

From my point of view, I think Fortinet has to extend the solution into the cloud and provide all the security features from the cloud and not be dependent on the firewall appliances. It would be much easier for them and for the customers. I'd like to see all the security features on the cloud in the next release. 

View full review »

We would like to see a better training platform implemented.

View full review »

We had a minor problem where there was a major system upgrade on the hardware platform and the Apple Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a Apple Mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved.

View full review »

The user interface could be improved to make it less confusing and easier to set up. There are too many pull-down menus.

View full review »

Improvement is needed in the Web Filter quotas to restrict users with allocated quotas.

It would be an improvement to add a feature for active users to change/reset their own passwords.

Fortinet renewal prices for all models are too high, so they should offer discounts for customers on renewal. 

View full review »

FortiWAN was supposed to help in doing intersite linking, but we've realized that most of the ISPs use BGP. FortiWAN supports OSPF but does not support the BGP protocol. This is a problem for us because without BGP they are not doing anything, and we've had to pack them up. I would like to see the BGP protocol supported on FortiWAN.

Technical support for this solution can be improved.

View full review »

I would like to have logs, monitoring, and reporting for a month without extra fees.

View full review »

The Web-filter in this solution is not very good. Perhaps because Fortinet does not want to compete with its own dedicated solution.

View full review »

FortiOS is not simple. Too many people think it should be simple to use, but the complexity of the product makes that impossible.

View full review »

This product could be improved with active directory integration and better handling in IPsec and GRE Tunnels. There are not enough recent online materials to assist in integration with Cisco for VPN, GRE, and IPSec.

View full review »