Fortinet FortiGate-VM Reviews

We primarily use the solution as a public cloud for Microsoft Azure. 

My experience with the solution has been very positive and Fortinet provides a great layer of security when it comes to SD-WAN and other security capabilities. There are many models available to suit a host of environments. 

The solution is extremely easy and friendly. The configuration, graphical interface and command line are easy to use.

The price is problematic. 

An interesting feature of the vendor license involves SD-WAN orchestrator and this should be addressed in the part which deals with feature licensing. 

I have been working with FortiGate products for the past five years and with Fortinet FortiGate-VM for the past year. 

The technical support varies with the product in question. The support for FortiGate appliances is relatively good compared with the more complicated support afforded other products. 

I like the comparative use of the SD-WAN feature of the solution. 

The solution could be better priced. 

My sole experience with the solution is in the Azure environments. 

As a Fortinet partner, I make use of many of its products. 

As I feel Fortinet FortiGate-VM to be a good solution, I rate it as a ten out of ten. 

We use FortiGate-VM to access clients' networks. These are generally Azure cloud environments in which we set up resources for clients to use.

The most valuable FortiGate-VM features are the ease of use and setup. 

Sometimes, FortiGate-VM is a little different to set up than other firewalls that I've managed. It would be better if it was just a little more mainstream. Some more documentation would be nice as well. Documentation has always kind of been our problem with FortiGate-VM. 

There's a lot of stuff I like about FortiGate-VM, but like I said, we still do a lot more Palo Alto firewalls than anything because they have true layer-seven attack prevention. FortiGate-VM does have that too, but it doesn't work as well. I would like to see more layer-seven functionality and expect to realistically block things at the top level.

We have been using this solution for two years. 

FortiGate-VM is stable. They have been okay for everything that I have done with them.

I have worked on some of the largest and smallest solutions that Fortinet sells and they all scale really well.

The initial setup is straightforward and only takes hours to deploy. 

We implemented FortiGate-VM in-house. 

Make sure that you're on the latest stable versions when you update code and stuff like that. That's one of the things that we've had some issues with in the past. 

The majority of the government sector prefers using the solution as an external firewall and most of the customers prefer that it be one layer. It's good for use as a preemptive firewall.

I find the simplicity to be most valuable. The solution is very simple to manage and to use effectively. It has a very fast response time. There is no need to make improvements to it whatsoever. 

The graphical user interface should be enhanced. While the antivirus profile can be implemented very easily with the graphic user interface, there are many important features that cannot be undertaken without the CLI command like signature, such as extending a  database. One cannot do a graphical user interface for this and CLI command must be employed instead. 

All hidden features related to CLI should appear as a graphical user interface.

I have been an integrator for Fortinet FortiGate-VM for a couple of years. 

The solution is really stable and the connection with FortiGate is very good, as is the solution. 

The solution is scalable. 

Fortigate has its own systems and provides the services that are related to the priority of the ticket. They provide the tickets for groups, say... one through four and have their own metrics for how they manage these tickets. As such, I consider Palo Alto to be faster and more professional. 

Template or marketplace on Azure can be employed. The credentials one will select while doing the deployment can be used in respect of VM with Fortigate. 

Similar to Palo Alto, we have our own license and we're working on this. The customer must buy his own license. 

Just like with Palo Alto, all products are deployed on the cloud.

We have a large number of customers who are making use of the solution, south of 30. Those in Qatar opt for the solution because of its comparative cost effectiveness. It is not only cheaper but also good.

I rate Fortinet FortiGate-VM as an eight out of ten. 

We primarily provide the solution to our clients. We typically use it in the financial services industry.

The solution is very easy to set up. It doesn't take a lot of time and offers a quick deployment, so you can start using it almost right away.

It's a very secure product. The security provided is excellent and an organization can feel very safe while using it.

The scalability of the solution needs to be improved.

The price model is not transparent by any means and should be made more clear. What's included in the packages is often not very obvious.

I've been using the solution for two years at this point.

The stability of the solution is pretty good. We don't have any blocks and we don't have problems with the solution in terms of bugs or crashes. We have a monitor. We have an aux for many services. It really is problem-free.

The solution has some issues with scalability. I wouldn't say it's easy to scale at all.

Also, with the pricing model being so confusing, companies can't really wrap their arms around what the final pricing would be when they scale up, which makes it difficult for budgeting purposes. 

We don't use technical support from Fortinet. Rather, we get it from a local company. They are okay. They aren't terrible, however, they could be better. Their service is average at best.

The initial setup is straightforward. We didn't find it to be complex at all. 

Deployment is quick and easy. It takes a maximum of two hours to handle everything.

The pricing of the solution is strange. We don't understand exactly how it's calculated or how it works.

We recommend this firewall often and we've actually used many solutions previously. Since we chose this one, we've been overall quite happy with the results. We recommend it largely due to the fact that we use the solution ourselves. 

I'd rate the solution eight out of ten. If it wasn't for the pricing model and the scalability issues, I would rate it higher.

In terms of what features should be improved with Fortinet, I feel it should give better reports. They provide some basic reports in the entry-level and middleware products but I would love this product if they gave more reports, including more MIS from the traffic because they capture everything in the UTM. They don't produce a team value report. They don't produce a usable report where the IT manager, IT head or CTO can analyze where the attack happened or figure out where the bridge is down, etc. The reports are basic. There are engines which make everything on the GUI. All the user can potentially access for the risky function in the Fortinet but it should be on the GUI, it should not be behind the command line. They could definitely provide the FortiAnalyzer with the basic UTM in a bundle pack.

People should not have to ask for another FortiAnalyzer. It's an entry-level product. I understand that FortiAnalyzer is an expert level product but the functionality should be available at the entry-level as well. Fortinet should think about the entry-level and give it managing capabilities. That's why I selected Sophos because, for a small or medium office, all the reports are available there.

Secondly, Sophos is cost-effective. It is comparatively much cheaper. Sophos is available for a much cheaper price than Fortinet. Also, they have some other functions like sandboxing and others. FortiGate should be more customer-friendly and budgeted better. If I am a buyer, I do not want multiple appliances to manage. It should be one box, one appliance. One mobile should do everything. Multiple products require IT to create a workaround. You have to buy two products and then there is actually another one with that, one plus one, and then there is multiple management, so the product is definitely cumbersome. The beauty of the product is implementation and maintenance without it.

I have my own team to maintain this product. We are very happy as a Sophos user, as we get whatever we want from the reporting point of view. There are no glitches. There is no one issue in particular. When I ask, or my team asks, how the network is working and why there is network latency there are reports about where the traffic is going and I do not have the input after moving or switching to Sophos. I can get the support regarding which IP is working where and which IPs are making traffic, and more.

I have been personally using FortiGate-VM for two years.

We already procured Sophos. I already ordered two devices from our Indian partner.

We are now partners with Sophos. We were partners with FortiGate for the last year.

The first reason that we switched is because of our work use cases. We moved 80% of our infrastructure to AWS outsource. So we do not require a big firewall anymore. We are a 50 to 70 employee organization so a different firewall is required. We have a 310 exchange enterprise-level firewall. So we moved to 83210 Sophos. The reason why we are changing to different technologies is the comprehensive reports that Sophos provides at the very basic entry-level firewall. In the FortiGate, we have to also have another plan for data analyzer.

The second thing which I believe is that FortiGate has some special functions in the CLI (command-line interface) mode. Sophos does not support that and all its functions are on the UI. So it's easier management in Sophos compared to FortiGate. 

In terms of ease of use, if you implement FortiGate in your organization, you must have a FortiGate person who knows FortiGate and then three, four, or five years to learn to maintain the FortiGate device. Whereas Sophos doesn't require that much because all the things are on the UI. So anybody can understand it from the UI.

I can give you an example of the issue with UI. This is a basic thing. In the UI, you could go to the FortiGate console and work directly in the command. You can manage it from the command but you must have command line experience to manage the FortiGate device. If I want to see the traffic and where it goes and where it's from or any attack, in case of an attack, you need FortiAnalyzer to analyze, to track the packet, to protect the traffic. So that's easily available in other products like Sophos 83210. 

The cost of Sophos and other players is better compared to the FortiGate. FortiGate is a more important product in the industry. It is recommended, but the cost is also a major point in evaluating Fortinet's firewall solutions in our niche.

On a scale of 1 to 10, I'd give it a 9. 

FortiGate is a nice and very good product but the implementation and post-implementation of the product are cumbersome. You have to manage four devices instead of two devices if I go for FortiAnalyzer. For a small, entry-level business, Fortinet should give the entire reporting on the UI so that end to end engineers can manage efficiently. So as technology is concerned, I give eight out of 10, but because of reporting, I would give five out of 10. I am just giving an example: if I know everything or you know everything but if you can't explain it, how do other people come to know that you know everything? FortiGate clearly captures each and everything for the backup capture and everything but it doesn't show what it is acquiring. Analytical reports are missing from there.

We use Fortinet FortiGate-VM as a firewall, for intrusion detection and prevention to protect our Azure data center, principal operation sites, and our mobile users. 

Together with the FortiAnalizer we have a better grasp of our security position and understand the type of adversary attacks our installations.

The thing that I like the most is that they're very willing to work with us to resolve issues that they haven't taken care of before in their product. 

The end-user protection suite is very good, including the log analysis feature that they now have.

The Fortinet solution has resolved the issues with Microsoft Azure active directory.  This integration allows us to build rules based on Grupo membership for access to data center assets on individual bases.

We have used the Fortigate and Forticlient solutions for three years and they have proven to be very stable solutions.  

Fortinet FortiGate-VM is very stable.

The solution has proven to be scalable to all our requirements. In the years using Fortinet, we have had no cases of scalability due to Fortinet. We have had to increase the firewall resources to deal with a large increase in Forticlient connections.

The technical support is very good.

Positive

We previously used Check Point. Though it is a good solution, the license costs became too high for our organization and obliged us to look for another option.

The initial setup was a little complicated due to our engineers working on knowledge of Checkpoint and trying to replicate the same configurations.  Hindsight finds it may have been less complicated to build the rules from the ground up rather than importing them.

Mostly through a vendor team at first, however, the process was plagued by miscommunications and inadequate scope definitions.

Be very clear with your security consultant who is proposing Fortinet as a solution regarding all the features and integrations you expect to achieve with the solution.

We reviewed Palo Alto, Barracuda, and Sophos.

Overall, on a scale from one to ten, I would give this solution a rating of eight.

We have many Fortinet use cases in Brazil. One particular use case could happen at a high school; they want a new firewall and high availability to their students to access the internet. They want a secure way to connect to the internet. We are proposing FortiGate 200TF. 

One of the most important features is web filtering. They can block certain types of websites. This is good for in-school security. I believe this is the most important but all of the other filters are also very important, including the antivirus and antispam inspection. 

The user interface could be improved, but as a firewall, it's the best product we have.

It's almost perfect. It's very stable. We don't have many hardware issues.

It is a scalable solution. For example, in one use case, we have 500 students using the solution. Two technicians are managing the solution, which one software person designed. On the customer end, they need a person overseeing the security. 

Their tech support is very good. We always get good answers from Fortinet tech support.

We recommend that the FortiGate logs be analyzed using FortiAnalyzer, which is a Fortinet tool for generating reports. We also advise customers to implement user passwords for all students so they can track which student accessed which website, or which student has been on their email. It's a form of protection for the school. If the school has any issues, they can prove the origin of it.

We primarily use the solution for the firewall capabilities and security.

The solution is easy to use. It's not overly difficult.

The product is quite stable. We didn't have any issues related to stability at all.

The performance overall is very good.

The installation process is straightforward.

The pricing is okay.

We've found the scalability to be good.

There should be a bit more automation.

There could be more integration capabilities.

Technical support could be better.

The solution needs more features surrounding event log management.

We used the solution for three or four years.

The solution is very stable. It's reliable and the performance is good. There are no bugs or glitches. It doesn't crash or freeze.

The solution is quite scalable. If a company needs to expand the solution, it has the capabilities to do so.

We have about 500 people on the solution currently.

We've since moved away from the solution to a cloud-based product. We don't intent to increase usage for that reason.

We would like the technical support to be slightly improved. We aren't completely satisfied with it at this time.

The initial setup is not complex at all. It's very straightforward. It's simple.

I can't recall exactly how long the deployment process took.

We had two technicians that handled the implementation. It doesn't take a lot of people.

We found the pricing to be okay. It's reasonable and not too expensive.

We were customers and end-users of the product. That is no longer the case.

We've moved off of the product recently. We wanted a cloud-based option and therefore we switched. 

Overall, I would recommend the solution. I would rate it at a ten out of ten.