Fortinet FortiGate-VM OverviewUNIXBusinessApplication

Fortinet FortiGate-VM is the #9 ranked solution in best firewalls. PeerSpot users give Fortinet FortiGate-VM an average rating of 8.6 out of 10. Fortinet FortiGate-VM is most commonly compared to Azure Firewall: Fortinet FortiGate-VM vs Azure Firewall. Fortinet FortiGate-VM is popular among the large enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 25% of all views.
Fortinet FortiGate-VM Buyer's Guide

Download the Fortinet FortiGate-VM Buyer's Guide including reviews and more. Updated: April 2023

What is Fortinet FortiGate-VM?

FortiGate Virtual Appliances allow you to mitigate blind spots by implementing critical security controls within your virtual infrastructure. They also allow you to rapidly provision security infrastructure whenever and wherever it is needed. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, you can deploy a mix of hardware and virtual appliances, operating together and managed from a common centralized management platform.

Fortinet FortiGate-VM was previously known as FortiGate Virtual Appliance, FortiGate-VM.

Fortinet FortiGate-VM Customers

Security7 Networks, COOPENAE

Fortinet FortiGate-VM Video

Fortinet FortiGate-VM Pricing Advice

What users are saying about Fortinet FortiGate-VM pricing:
  • "Our license is yearly, but we're thinking of going monthly. I think it's somewhere around 100,000 for VM04. Nowadays, everyone wants to be a hacker, so we believe in security. That's why we also have third-party people that we involve to make sure that we're secure. I don't think the costs are too bad. You still want to get advice from people who worked in security for many years, so you add a third party. The third party also said they would give their share like 100K, or 200K or something like that, so I don't think it's too expensive for security. I think it just adds more trust."
  • "The price of the solution is competitive. Fortinet FortiGate-VM had a lot of advantages when it came to pricing. However, the competition has also geared up to a larger extent and it has become comparable now to the other solutions."
  • "The license can be purchased at intervals of one, three, and five years."
  • Fortinet FortiGate-VM Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Owner / Principal Consultant at Stratus Concept LLC
    Consultant
    Flexible with good cloud management and a straightforward user interface
    Pros and Cons
    • "I did like the ability to back up the configuration into the cloud, as opposed to having to store the configurations or just downloading them, the backups, to local devices."
    • "Now they do have the ability to pop up a command line, which is nice, however, the fact that you can't do everything within the GUI is probably a problem."

    What is our primary use case?

    The use case was a bit more complex than other clients, however, the typical usage was for VPNs for end-users to get into the internal network. For a mid-size company, that's a pretty much typical use. 

    The only thing out of the ordinary would be the SIEM for all the network information, all the metadata, that is cloud-based. We had to create a tunnel to it so that the collector, being in the cloud, would be able to access the internal information.

    How has it helped my organization?

    It performs the functions it needs to perform and it's been reliable. It didn't need to be modified and we didn't have problems where things would just crop up. After months configured it's been rock solid, which is good. That's why I haven't touched it in a year and a half.

    What is most valuable?

    I liked its general capabilities.

    Its cloud management is very good.

    I did like the ability to back up the configuration into the cloud, as opposed to having to store the configurations or just downloading them, the backups, to local devices.  When you want to back up the configuration you can download it as a local file and save it to the cloud.   

    That flexibility was very useful. 

    The product had a fairly good user interface. It was well thought out and the controls seem to be in a logical hierarchy. I was able to find stuff without having to configure things. There was just a logical breakdown of how to find things.

    What needs improvement?

    There were a few cases where I had to use the command line interface on it. Now they do have the ability to pop up a command line, which is nice, however, the fact that you can't do everything within the GUI is probably a problem. There's a thing I have for most products that have started out in the command line and have added GUI, and the GUI is always somewhat behind in capability.

    If you have a product you should be able to control the entire product through your user interface. You shouldn't have to drop back into backend command line commands in order to tweak something. There's a couple of cases where we had to do that when we were trying to set up one of the tunnels in particular. We were talking to Check Point or some other company. You've got two different manufacturers with a sort of standard for tunneling with all kinds of encryption methods and stuff like that. You have all these options, and, in order to get the right one, we couldn't discern it from the logs that we were viewing with the user interface. We had to drop down to the command line in order to do that. I would have thought that there should be enough information options made visible in what you can just do from the user interface.

    Buyer's Guide
    Fortinet FortiGate-VM
    April 2023
    Learn what your peers think about Fortinet FortiGate-VM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2023.
    690,226 professionals have used our research since 2012.

    For how long have I used the solution?

    I have been dealing with the solution for three years or so. However, the last time I used it was within the last 12 months or so. The company was restructuring their office due to COVID, and so we had to go in and make changes and set up different connections, That's the last time I was actually in it.

    What do I think about the stability of the solution?

    The stability is rock solid. It's a very good solution. I haven't had to touch it for a year. The last thing I did was a firmware upgrade. That was a year ago, and they haven't requested any more work on that now. It's still operational and solid. There have been no complaints really on it.

    What do I think about the scalability of the solution?

    The product was sized for what the client was doing. I can't really say one way, or the other, whether it's more or less scalable than other solutions. I know we could do things to it - that we didn't do - to increase its capability. However, it didn't need to be done and they didn't have the budget for adding anything to it. It's hard to say. I can't really speak to the scalability of it.

    How are customer service and support?

    Technical support has been great. They really helped us when we had issues with some early problems during setup.

    It ties to the device, so it's pretty easy to see whether or not you have support, however, it was not difficult to get in touch with them. You get someone with knowledge right away. You don't have to go through a filter of people asking you "Is it plugged in?"

    Which solution did I use previously and why did I switch?

    I'm actually reselling a managed service of SonicWall. It's not completely hands-on. Now all I do is get reports from it and I can look at the dashboard, however, I don't actually have to configure it.

    I've also resold Barracuda.

    How was the initial setup?

    The initial setup was straightforward. It got complex when we started adding in requirements for tunneling et cetera. The implementation involved VPNs and the general configuration of the firewall. Then they added in these other requirements that it needed to connect to AWS. First, it was to their remote hosted environment. Then, subsequently, to the AWS environment as well. It grew over time. Over the course of a year, we spent a lot of time on it.

    I'd rate the initial setup experience at a four out of five. Most of the stuff went pretty well. We had one issue and we had to drop down into it. However, their support was very good. We were able to contact support, and they were able to stay online and walk us through that problem, so without any issues. They didn't balk at it. We didn't have to beg them to help us. Some support you get in there and have to say, "I'm sorry, yes I've done all those things. Get me to the next level."

    They had good quality support.

    In terms of deployment, it was there when I got there. They had purchased it out of the box and they hadn't configured it. For six months it just sat there. We had it up and running within a month of me getting there. Then over time, we added more and more requirements to it. It didn't take very long to figure out what they wanted to do with it and get it set up. The actual configuration was very quick. It was just the planning beforehand that took time.

    Besides myself, there were about four other people in the IT department working on the product. However, really, only one person is responsible for the gateways.

    What was our ROI?

    The ROI that they were looking for was an improvement in security for the whole company. It was one of those evolving things, that as new security deployments come up some of them get implemented within the firewall and others are implemented structurally or in other ways. It was able to help them meet their security goals. That was probably the biggest value that they were looking for. It also did not impede their normal operating procedure.

    What's my experience with pricing, setup cost, and licensing?

    The licensing costs are in line with everyone else. It all seems expensive when you're talking about firewalls, however, they're all the same. It's likely in the middle of the pack.

    There are costs involved with FortiTokens. Everyone has different ways of controlling VPN access, however, with the FortiTokens you get a certain amount with the device, and then you have to buy more as you add them on. They're not costly.

    However, it's something you have to buy in batches, so if you've got 40 people you're going to buy a bunch of FortiTokens, and each token is an encryption key so that you can have your little app that's multifactor. They charge for that. Everyone else, in terms of competition, charges for that too.

    Which other solutions did I evaluate?

    I can't speak to if the client evaluated another solution prior to choosing this.

    What other advice do I have?

    I primarily work as a consultant. 

    The solution's deployment was on-premises, however, there were VPNs set up for remote access, VPNs set up for site-to-site, and VPNs set up for cloud-based SIEM.

    As with any solution, you need to size it. You need to plan what you're going to do and what your expectations are with it before you choose the pure model. After that, proper planning is needed before you try to deploy it so you don't have to back stuff out.

    I'd rate the solution at an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Senior Security Engineer at a energy/utilities company with 1,001-5,000 employees
    Real User
    Very intuitive with a clean interface and good stability
    Pros and Cons
    • "It's very easy to set up, even for more junior developers."
    • "Their offering for MFA isn't the cleanest."

    What is our primary use case?

    The use case for VMs is if you're going to deploy them like a SaaS edge, to protect your applications or provide deeper visibility into the traffic. Or you could use it in your data centers as well. However, that's not our preference.

    We primarily use the solution for network segmentation at our data centers and remote connectivity to our distributed sites.

    How has it helped my organization?

    We were able to take advantage of their management tool, FortiManager, to get a single pane of glass. FortiManager and FortiAnalyzer do not have a single panel glass. Rather, they are two panes of glasses to manage and monitor the firewalls where previously we were using Cisco. I don't want to call them legacy firewalls, however, with Cisco firewalls, we didn't have that management or logging visibility.

    What is most valuable?

    The product has pretty good logging and reporting capabilities native to the firewall. Then they also use FortiAnalyzer to aggregate that traffic and provide more detailed and aggregated reporting. That's going to help when you're analyzing network traffic for network segmentation initiatives.

    The stability is excellent.

    It's very easy to set up, even for more junior developers.

    The scalability has improved. 

    It's got a clean interface and it's very intuitive. Everything is easy to navigate.

    What needs improvement?

    Their offering for MFA isn't the cleanest. They have a product called FortiAuthenticator. It's not a FortiGate but that is one of their MFA offerings. However, other products that I've used, like Duo, are better from a user experience standpoint. They are easier to configure. 

    For how long have I used the solution?

    I've been using the solution for ten years. It's been a while. 

    What do I think about the stability of the solution?

    Six or seven years ago, they had issues with code versions where they would make changes within the code version and they would have some bugs. That said, over the last six or so years, their releases have been very stable. We've had very few issues with any type of bugs or issues.

    What do I think about the scalability of the solution?

    Scalability has gotten better with their SD-WAN offering. They're able to utilize inexpensive lines such as 4G, 5G, or DSL. It has allowed us to move away from expensive MPLS lines.

    Historically, conventional or Next-Gen firewalls have been utilized at data centers and remote sites. Now, however, a lot of customers are moving towards Zero-Trust access and SASE. I'm currently looking to get a little bit more information on Zero-Trust architecture, as it reduces the overall management and need for physical firewalls in all your locations, which can get expensive.

    Which solution did I use previously and why did I switch?

    We also use the Cisco ASA firewalls. I do find that Fortinet is easier to handle than Cisco as you don't need to handle tasks via the command line, which makes it easier especially for junior-level developers.

    How was the initial setup?

    The initial setup is very straightforward. I started out in the Cisco world with Cisco firewalls and switches. Then we started deploying FortiGate and I found that FortiGate was easier to learn, especially for junior-level engineers. We were able to get junior-level engineers up to speed quicker than if it was a Cisco platform, especially if they haven't used the command line before.

    Deployment usually takes a day, depending on the complexity of the firewall. It might be a day to two, depends on if we are using multiple IPSec tunnels if it's at a data center or a remote site. 

    In terms of deployment and maintenance, in my experience, by a rough order of magnitude, a company would need one technician per 30 firewalls. For our company, we had a team of three network engineers and we had a fleet of about 120 firewalls.

    What about the implementation team?

    I handed the implementation myself with my team. We didn't need any integrators or consultants.

    What's my experience with pricing, setup cost, and licensing?

    For our entire fleet of 120 firewalls, we're paying about $100,000 per year. The licensing fees give you support and the capability to download updated definitions of threat intelligence from Fortinet.

    What other advice do I have?

    I was previously a customer. now I am a reseller and Fortinet partner.

    We primarily use hardware-based appliances, including the 100 D/E series, 100F, 190 D/E's, ADCs, 600 E's. They are similar to VMs.

    We're using the most recent code level at this time. We're one version behind the latest version. We tend to use one version behind the most recent for safety reasons so that we can avoid troublesome bugs or glitches.

    Anyone looking to deploy Next-Gen firewalls, in general, should really define their use cases to be able to decide on the proper technology to deploy within the environment. If you're looking to deploy Next-Gen firewalls at all your locations and create point-to-point VPN tunnels, they can get cumbersome and difficult to manage policies. It is also difficult to do network segmentation. With some of the Zero-Trust offerings, you're able to actually move your clients outside of your corporate perimeter, and then isolate those applications based on the user per application, instead of requiring them to dial back via traditional VPN to your data centers, which sometimes isn't the best user experience for your end-users.

    I'd rate the solution at an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Buyer's Guide
    Fortinet FortiGate-VM
    April 2023
    Learn what your peers think about Fortinet FortiGate-VM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2023.
    690,226 professionals have used our research since 2012.
    Network Administrator Team Lead at a financial services firm with 51-200 employees
    Real User
    Top 20
    A full-featured virtual appliance with valuable monitoring and visibility features
    Pros and Cons
    • "I like the visibility and monitoring features because they're easy to use to monitor traffic. Features like geo-blocking and more have AI, and we're currently using all of it. But for now, we're only using geo-blocking, and we're able to block traffic from different countries. I also like that it's highly responsive. VM04 is also very powerful."
    • "It would be better if it could provide you with options before completely blocking anything through the web filter. If you are doing a deep SSL inspection on the site if it says it's expired, it doesn't give you the option to continue at your own risk. I can't say that it's bad, but SSL internally isn't really a requirement. However, its security features can help. Right now, we have people going out and spending on purchasing the SSL certificates for internal sites."

    What is our primary use case?

    We use Fortinet FortiGate-VM for managing inbound and outbound internet traffic through our environment. Sometimes, we also use it for managing the site's internet outbound and routing. We also use it for IPSec on Azure. We also have an on-premises environment, and we're using it for IPSec on that environment. 

    All the routing happens through it because we're swinging all the traffic on the Azure side through a firewall which is basically the gateway. It acts as the gateway and manages outbound traffic in that environment. We have also set up the SSL VPN for users. We do have FortiGate on-premise, and we set up the SSL VPN connection for users.

    How has it helped my organization?

    It made the routing of traffic seamless and it helped us with SD-WAN as well as load balancing.

    What is most valuable?

    I like the visibility and monitoring features because they're easy to use to monitor traffic. Features like geo-blocking and more have AI, and we're currently using all of it. But for now, we're only using geo-blocking, and we're able to block traffic from different countries. I also like that it's highly responsive. VM04 is also very powerful.

    What needs improvement?

    It would be better if it could provide you with options before completely blocking anything through the web filter. If you are doing a deep SSL inspection on the site if it says it's expired, it doesn't give you the option to continue at your own risk. I can't say that it's bad, but SSL internally isn't really a requirement. However, its security features can help. Right now, we have people going out and spending on purchasing the SSL certificates for internal sites. 

    For how long have I used the solution?

    I have been using this solution for three years.

    What do I think about the stability of the solution?

    Fortinet FortiGate-VM is a stable and very reliable solution.

    What do I think about the scalability of the solution?

    Fortinet FortiGate-VM is a scalable solution. It's very powerful, and I've never seen that machine running out of resources. It always worked.

    How are customer service and support?

    Tech support is okay, but we do a lot of management by ourselves. We have a third party that we use when we do implementations, and I haven't contacted Fortinet even though I have access to it. The local support that we use costs much less. 

    Which solution did I use previously and why did I switch?

    I still remember using Check Point, and it took a long time to apply a policy. To install the policy, you had to wait for ten to 20 minutes or even 30 minutes. Fortinet FortiGate-VM instantly applies the policy on the FortiGate itself.

    How was the initial setup?

    The initial setup was difficult because we were all new when it came to the Azure environment. It was a little difficult to create space and understand that you have to have more than one interface. But once you get used to it. It's pretty straightforward.

    It's straightforward if you have all that is required when you're clearing your traffic. If you're clearing your traffic already into your internal length to communicate with the firewall range, and you have information and understand it before the implementation, it will be very seamless. It will be stress-free when you understand the environment where you're going to implement it.

    What's my experience with pricing, setup cost, and licensing?

    Our license is yearly, but we're thinking of going monthly. I think it's somewhere around 100,000 for VM04. Nowadays, everyone wants to be a hacker, so we believe in security. That's why we also have third-party people that we involve to make sure that we're secure. 

    I don't think the costs are too bad. You still want to get advice from people who worked in security for many years, so you add a third party. The third party also said they would give their share like 100K, or 200K or something like that, so I don't think it's too expensive for security. I think it just adds more trust. 

    Which other solutions did I evaluate?

    We have been using Check Point Firewall so it was easy to identity the difference.

    What other advice do I have?

    I will recommend the solution. If it's a first-time deployment in Azure, they need to understand a couple of things, like the interfaces we need to create. The good thing about FortiGate is that they don't hide how their devices work. You can go to their website and get every instruction that you need at any time. It's straightforward and even has pictures showing you what you should expect. I've done a few changes for the first time, and I didn't have to stress. But you must know the infrastructure well.

    On a scale from one to ten, I would five Fortinet FortiGate-VM a ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    General Manager at a comms service provider with 10,001+ employees
    Real User
    Top 5
    Highly versatile, suitable for all size companies, and excellent support
    Pros and Cons
    • "The most valuable features of Fortinet FortiGate-VM are its flexibility and scalability. This solution is available as a license, which allows us to activate it based on the specific needs of the customer. This gives us and the customer a great deal of versatility and customization options."
    • "There is always room for improvement in any solutions, including Fortinet's FortiGate-VM. Although the solution claims to have a superior throughput compared to other OEMs, upon closer examination and comparison, there is potential for significant improvement in this area. In today's rapidly evolving technology world, it is important to continuously strive for enhancement and development, and I believe Fortinet can make significant strides in this direction for the FortiGate-VM."

    What is our primary use case?

    The use case of FortiGate-VM is primarily for securing the perimeter of private clouds in the dedicated environment created for customers. This can be achieved through a virtual appliance or physical hardware solution. Beyond only perimeter security, some customers also require DDoS services, and FortiGate-VM can provide this through its own solutions that can be combined and offered as a bundle to meet the specific needs of the customer.

    The solution can be deployed on-premise and on the cloud too.

    What is most valuable?

    The most valuable features of Fortinet FortiGate-VM are its flexibility and scalability. This solution is available as a license, which allows us to activate it based on the specific needs of the customer. This gives us and the customer a great deal of versatility and customization options. 

    What needs improvement?

    There is always room for improvement in any solutions, including Fortinet's FortiGate-VM. Although the solution claims to have a superior throughput compared to other OEMs, upon closer examination and comparison, there is potential for significant improvement in this area. In today's rapidly evolving technology world, it is important to continuously strive for enhancement and development, and I believe Fortinet can make significant strides in this direction for the FortiGate-VM.

    For how long have I used the solution?

    I have been using Fortinet FortiGate-VM for approximately 18 years.

    What do I think about the stability of the solution?

    The solution is stable.

    I rate the stability of Fortinet FortiGate-VM an eight out of ten.

    What do I think about the scalability of the solution?

    The solution is scalable, it can be easily and effectively expanded as the customer's requirements grow and change. This makes it an incredibly agile solution that can be tailored to meet even the most demanding demands. There is some room for improvement in this area.

    The solution is suitable for small to enterprise-sized companies.

    I rate the scalability of Fortinet FortiGate-VM an eight out of ten.

    How are customer service and support?

    The support from Fortinet FortiGate-VM is excellent, it is one of their strongest points.

    I rate the support from Fortinet FortiGate-VM a nine out of ten.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The initial setup of the solution is simple because everything comes with GUI. The entire infrastructure for the customer is simple to set up with the GUI.

    The choice between an on-premise or cloud solution is a decision that ultimately depends on the specific needs and requirements of the customer. Currently, there is a trend towards utilizing cloud-based products as they offer a wider selection and can be easily deployed. On the other hand, some customers may prefer an on-premise setup, which involves deploying physical equipment on the customer's premises or a virtual machine from an OEM. The cloud solution offers greater agility, flexibility, and speed but can also present challenges, especially in the semiconductor industry where delivery times may be longer due to stress in the market. In conclusion, both options have their own advantages and disadvantages, and the decision between them should be based on the specific requirements of the customer.

    Taking into consideration the magnitude of the entire implementation, the deployment process could potentially take approximately three weeks, assuming all necessary components are readily available for the physical setup. After this stage, the User Acceptance Testing (UAT) phase commences, which may last for an additional week. Subsequently, before the final implementation into production, the customer would conduct a final UAT to ensure all elements have been successfully deployed and functioning as intended.

    I rate the initial setup of Fortinet FortiGate-VM an eight out of ten.

    What's my experience with pricing, setup cost, and licensing?

    The price of the solution is competitive. Fortinet FortiGate-VM had a lot of advantages when it came to pricing. However, the competition has also geared up to a larger extent and it has become comparable now to the other solutions.

    In terms of security, it is crucial to understand that the cost of security measures should not be the sole determining factor. The security of your overall infrastructure and setup must be a top priority, regardless of the price of security appliances or OEMs. However, when considering the entire solution, including the security infrastructure, the cost will play a crucial role in the final decision-making process.

    It is imperative to choose the best available options, but the cost of the entire solution should not be exorbitant and prevent it from gaining approval from clients.

    I rate the price of Fortinet FortiGate-VM an eight out of ten.

    What other advice do I have?

    When evaluating the overall solution, it is important to consider both the benefits and drawbacks. Fortinet FortiGate-VM presents a multitude of advantages that make it a fantastic product choice. It offers exceptional stability, a scalable design, and unparalleled support from the manufacturer. It is with great confidence that I wholeheartedly recommend Fortinet as a reliable and valuable solution.

    I would recommend this solution to others as long as it's fulfilling the requirements of the customer.

    I rate Fortinet FortiGate-VM an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: MSP
    Flag as inappropriate
    PeerSpot user
    Engineering Manager at Primatel Communication Snd Bhd
    Real User
    Top 10
    More scalable than the hardware version
    Pros and Cons
    • "Fortinet-VM is more scalable than the hardware version. If you're using an appliance, there are limitations in terms of hardware specs. So if you want a more scalable firewall, you can get a VM and install it on a high-end server."
    • "To improve FortiGate-VM, Fortinet needs to harden it more. For example, if you are using Hyper-V, then you need guidelines for hardening FortiGate-VM that are specific to the Hyper-V environment. If it's VMware, there should be at least a guideline on how to harden the firewall."

    What is our primary use case?

    We're using FortiGate-VM on-prem for our firewalls. The Fortinet component in the cloud is FortiGuard. We get our virus definitions regularly updated from the cloud, but the FortiGate firewalls are all on-prem. While the virtual firewalls are created inside the physical firewall, there is an option for a virtual machine firewall where we'll give you the VHD file, and you can install it to a server.

    Virtual machines aren't widely used in Brunei because the Brunei government isn't ready for these things yet. They're more confident in hardware, but everything is slowly starting to head in this direction. Others are watching what will happen when people use the apps before they try them.

    How has it helped my organization?

    Some customers prefer VM, especially those customers already leveraging the virtual machine environment. Typically, they don't want to spend on the hardware because they already have all these VMs, so they choose the VM option. But in most deployments, they still prefer the hardware for their firewall because it's already hard-coded.

    What needs improvement?

    To improve FortiGate-VM, Fortinet needs to harden it more. For example, if you are using Hyper-V, then you need guidelines for hardening FortiGate-VM that are specific to the Hyper-V environment. If it's VMware, there should be at least a guideline on how to harden the firewall.

    For how long have I used the solution?

    We've been working with FortiGate-VM since 2010.

    What do I think about the scalability of the solution?

    Fortinet-VM is more scalable than the hardware version. If you're using an appliance, there are limitations in terms of hardware specs. So if you want a more scalable firewall, you can get a VM and install it on a high-end server. From there, you have more leverage on how many virtual firewalls you want to create based on that VM. In other words, it's already fixed hardware in the appliance — it's already hard-coded in the appliance. So if you are using a VM and installing it on a high-specs server, then your machine has much higher performance in packaging all these policies and all these hardware security features. 

    How are customer service and support?

    We proved the frontline support for our client organizations or customers. So far we are satisfied with Fortinet support. We have currently have Fortinet-certified engineers in our company, so we don't have to contact support unless it's a complex issue. We have an NSE7-certified engineer, so we are quite confident with our deployment now.

    How was the initial setup?

    FortiGate-VM setup is pretty straightforward. It depends on the implementation size, but it takes a week for an organization of around 100 users. Normally Fortinet helps their customers with deployment and post-deployment adjustments, so you don't have any problems. If anything goes wrong, Fortinet is there to support you. 

    What's my experience with pricing, setup cost, and licensing?

    Like most similar products in the market, Fortinet's enterprise customers need to pay for annual support. They call it FortiCare, and it's direct support from Fortinet. FortiCare is renewed annually and covers support for new releases, purchases, and updates. 

    What other advice do I have?

    I rate Fortinet FortiGate-VM eight out of 10. However, based on experience, we usually don't recommend using VM firewalls. We still prefer using a hardware-based firewall when that's appropriate. It depends on your needs and the size of your user base. With FortiGate-VM, you can control the size of your firewall if you're using VMs. But on the other hand, if you are using Microsoft Hyper-V, you need to address all these vulnerabilities of Microsoft. And if you're using VMware, then you need to deal with VMware's vulnerabilities. The hardware version of FortiGate has already been hardened based on FortiGate standards. That's the main difference between the FortiGate appliance and FortiGate-VM.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Head of IT at a mining and metals company with 10,001+ employees
    Real User
    Easy to maintain, simple to set up, and offers good stability
    Pros and Cons
    • "The solution can scale well."
    • "Price-wise, it could be slightly better, however, if you compared it to other makes and models of equal category, it is generally cheaper."

    What is our primary use case?

    We primarily use the solution for our internal worldwide corporate network.

    How has it helped my organization?

    It's allowed us to have fewer personnel requirements in relation to maintenance. 

    What is most valuable?

    The maintenance part is definitely quite easy. We do not require any additional manpower to maintain this. It's quite simple and it has the least required manpower over it based on an individual unit.

    The initial setup is pretty simple. 

    The solution can scale well.

    The stability is quite good.

    What needs improvement?

    Right now, we are totally satisfied with this solution. There are several units worldwide. We have only one unit at our Kolkata location, and we are satisfied as of now in terms of its capabilities.

    Price-wise, it could be slightly better, however, if you compared it to other makes and models of equal category, it is generally cheaper.

    For how long have I used the solution?

    I've used the solution over the last seven months. 

    What do I think about the stability of the solution?

    The stability has been good. Its performance is reliable. There are no bugs or glitches. it doesn't crash or freeze. 

    What do I think about the scalability of the solution?

    The scalability is there. When taking into consideration our business environment right now, I find that this is capable of handling all the requirements until the end of 2022.

    Right now in the Kolkata office, we are around a hundred people - and that is in the Kolkata office only. If you talk about India, then we have around 250.

    We do not plan to increase usage at this time. However, in the future, scaling may be required. 

    How are customer service and support?

    I've never directly dealt with technical support and therefore cannot speak to how helpful or responsive they are.

    Which solution did I use previously and why did I switch?

    We did previously use a different solution, however, the main office makes the decisions around product changes. They may have chosen this product as it is less expensive. 

    We had been using a British Telecom hybrid VPN solution. In April, we stopped that and migrated to this new SD-WAN connectivity solution based on the Fortinet firewall. 

    How was the initial setup?

    The implementation process was not complex or difficult. It was straightforward. 

    The deployment takes around two to three hours.

    Maintenance aspects are handled by the vendor. 

    What about the implementation team?

    The implementation was done by our vendor as well as our internal team.

    What was our ROI?

    We won't have a sense of an ROI until we've used the solution for another year and a half. 

    What's my experience with pricing, setup cost, and licensing?

    The pricing is pretty reasonable when compared to other solutions of the same caliber.

    We pay a yearly licensing fee. I do not know the exact costs, however, as that is handled by the team in Luxembourg.

    Which other solutions did I evaluate?

    We don't make product decisions. Decisions of that scale come from Luxembourg. 

    What other advice do I have?

    We are a customer and an end-user.

    I'm not sure which version of the solution we're using.

    I'd rate the solution at a nine out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Solution Architect at Ambsan
    Real User
    Top 20
    Feature rich, responsive support, and quick remote implementation
    Pros and Cons
    • "The most valuable features of Fortinet FortiGate-VM are the ease of use, IPS system, application filter, web filtering, and email security. Additionally, there is a migration tool that other vendors do not provide. We only need to upload the configuration file to the tool, and it converts everything, except the passwords, and gives us the new configuration, which we can directly upload on the firewall. This migration process takes a maximum of 15 minutes."
    • "The solution can improve by adding separate interfaces for proxy and flow-based usage."

    What is our primary use case?

    We are using Fortinet FortiGate-VM for network-level security.

    There is a cloud and on-premise version of the solution available.

    Our company deploys this solution to many companies.

    What is most valuable?

    The most valuable features of Fortinet FortiGate-VM are the ease of use, IPS system, application filter, web filtering, and email security. Additionally, there is a migration tool that other vendors do not provide. We only need to upload the configuration file to the tool, and it converts everything, except the passwords, and gives us the new configuration, which we can directly upload on the firewall. This migration process takes a maximum of 15 minutes.

    What needs improvement?

    The solution can improve by adding separate interfaces for proxy and flow-based usage.

    In the next release, the web application firewall should be integrated into the hardware. There is separate hardware for the web application firewall and for  FortiGate.

    For how long have I used the solution?

    I have been using Fortinet FortiGate-VM for approximately seven years.

    What do I think about the stability of the solution?

    I rate the stability of Fortinet FortiGate-VM an eight out of ten.

    What do I think about the scalability of the solution?

    We have approximately 30 users and 30,000 users.

    This is a scalable solution.

    I rate the scalability of Fortinet FortiGate-VM an eight out of ten.

    How are customer service and support?

    The support from Fortinet FortiGate-VM exhibits high responsiveness. Whenever I raise a ticket on their portal, they typically respond within 15 to 20 minutes. In urgent cases, we can contact them via a ticket, and an engineer will be promptly assigned to assist.

    I rate the support from Fortinet FortiGate-VM an eight out of ten.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    I have used multiple types of firewalls and vendors, such as Cisco Firepower. Palo Alto, and Sophos.

    Palo Alto is a great solution but it is expensive. I would choose them over Fortinet FortiGate-VM but they are too expensive. For my use case, Fortinet FortiGate-VM is the best for the environment.

    Fortinet FortiGate-VM has discounts for generalized partners.

    How was the initial setup?

    The initial setup time of Fortinet FortiGate-VM depends on the policies and filters that need to be applied to different users. The time can vary a lot on the environment. Its time ranges from minutes to a month. However, we can do the process remotely and it takes approximately 10 minutes.

    What about the implementation team?

    We do the implementation of the solution.

    What's my experience with pricing, setup cost, and licensing?

    The license can be purchased at intervals of one, three, and five years.

    The price of the solution is in the middle range compared to the other vendors. However, the vendor is increasing the price gradually.

    What other advice do I have?

    One person is suitable in a 24-hour period for the maintenance of the solution. A three to five administrator maintenance team would be sufficient to cover all the maintenance shifts per week.

    I highly recommend Fortinet FortiGate-VM to others.

    I rate Fortinet FortiGate-VM a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer:
    Flag as inappropriate
    PeerSpot user
    Independent Consultant at a educational organization with 201-500 employees
    Reseller
    A good brand that integrates well with other Fortigate products and decent pricing
    Pros and Cons
    • "The solution integrates well with other Fortinet products."
    • "his is not a good solution for enterprises. It's better for smaller companies."

    What is our primary use case?

    I primarily use the solution as a firewall. It's used for security. I use it for the DMZ. It's related to architecture and is strategically positioned in the network. 

    What is most valuable?

    Based on its position, it offers good control over the communication between users and the data center. It's a good unified solution, and you can manage everything from the Fortigate portal.

    It's a familiar solution to our clients. We don't spend time selling it. The brand is very popular and recognizable. 

    The solution integrates well with other Fortinet products.

    The pricing is fine. 

    It's a good solution for small to medium-sized companies. 

    What needs improvement?

    The integration can be a bit easier. You need to maintain the integrations. You shouldn't have to. For example, in Cisco, you don't have to maintain integration that same way.

    The support could be a bit better.

    There are no missing features or items we would like to see in the future.

    This is not a good solution for enterprises. It's better for smaller companies. 

    For how long have I used the solution?

    I've used the solution for the last six years. 

    What do I think about the stability of the solution?

    The solution is mostly stable. I'd rate it six out of ten. The updates and availability, however, are not so smooth. 

    What do I think about the scalability of the solution?

    The solution is not so scalable. It's not necessarily difficult to scale. However, it is not easy either. 

    I'd rate the scalability seven out of ten overall. 

    Typically, my clients are small to medium-sized entities. 

    How are customer service and support?

    I'd like to see better support. They are okay. They could be better.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    I also have experience with Cisco solutions.

    At the perimeter, we also use Palo Alto. 

    How was the initial setup?

    The initial setup is very easy. It's not complex. I'd rate the ease o setup eight out of ten. 

    The deployment might take two to three days. It's pretty fast to get everything up and running. 

    I did not handle the deployment in a hands-on way, so I don't have information on the technicalities in terms of what steps were taken.

    What's my experience with pricing, setup cost, and licensing?

    The pricing is okay. I'd rate it eight out of ten in terms of affordability.

    What other advice do I have?

    I'm a Fortinet reseller. I'm not sure which version of the solution we're using. We're likely using version seven or six. 

    We use cloud and on-premises deployments. 

    I'd recommend the solution to other small or medium-sized companies. I would not recommend it to enterprises. 

    I would rate the solution eight out of ten. It is unified, and it is easy to integrate into other Fortinet products. 

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer:
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Fortinet FortiGate-VM Report and get advice and tips from experienced pros sharing their opinions.
    Updated: April 2023
    Product Categories
    Firewalls
    Buyer's Guide
    Download our free Fortinet FortiGate-VM Report and get advice and tips from experienced pros sharing their opinions.