Fortinet FortiGate-VM Reviews

The use case was a bit more complex than other clients, however, the typical usage was for VPNs for end-users to get into the internal network. For a mid-size company, that's a pretty much typical use. 

The only thing out of the ordinary would be the SIEM for all the network information, all the metadata, that is cloud-based. We had to create a tunnel to it so that the collector, being in the cloud, would be able to access the internal information.

It performs the functions it needs to perform and it's been reliable. It didn't need to be modified and we didn't have problems where things would just crop up. After months configured it's been rock solid, which is good. That's why I haven't touched it in a year and a half.

I liked its general capabilities.

Its cloud management is very good.

I did like the ability to back up the configuration into the cloud, as opposed to having to store the configurations or just downloading them, the backups, to local devices.  When you want to back up the configuration you can download it as a local file and save it to the cloud.   

That flexibility was very useful. 

The product had a fairly good user interface. It was well thought out and the controls seem to be in a logical hierarchy. I was able to find stuff without having to configure things. There was just a logical breakdown of how to find things.

There were a few cases where I had to use the command line interface on it. Now they do have the ability to pop up a command line, which is nice, however, the fact that you can't do everything within the GUI is probably a problem. There's a thing I have for most products that have started out in the command line and have added GUI, and the GUI is always somewhat behind in capability.

If you have a product you should be able to control the entire product through your user interface. You shouldn't have to drop back into backend command line commands in order to tweak something. There's a couple of cases where we had to do that when we were trying to set up one of the tunnels in particular. We were talking to Check Point or some other company. You've got two different manufacturers with a sort of standard for tunneling with all kinds of encryption methods and stuff like that. You have all these options, and, in order to get the right one, we couldn't discern it from the logs that we were viewing with the user interface. We had to drop down to the command line in order to do that. I would have thought that there should be enough information options made visible in what you can just do from the user interface.

I have been dealing with the solution for three years or so. However, the last time I used it was within the last 12 months or so. The company was restructuring their office due to COVID, and so we had to go in and make changes and set up different connections, That's the last time I was actually in it.

The stability is rock solid. It's a very good solution. I haven't had to touch it for a year. The last thing I did was a firmware upgrade. That was a year ago, and they haven't requested any more work on that now. It's still operational and solid. There have been no complaints really on it.

The product was sized for what the client was doing. I can't really say one way, or the other, whether it's more or less scalable than other solutions. I know we could do things to it - that we didn't do - to increase its capability. However, it didn't need to be done and they didn't have the budget for adding anything to it. It's hard to say. I can't really speak to the scalability of it.

Technical support has been great. They really helped us when we had issues with some early problems during setup.

It ties to the device, so it's pretty easy to see whether or not you have support, however, it was not difficult to get in touch with them. You get someone with knowledge right away. You don't have to go through a filter of people asking you "Is it plugged in?"

I'm actually reselling a managed service of SonicWall. It's not completely hands-on. Now all I do is get reports from it and I can look at the dashboard, however, I don't actually have to configure it.

I've also resold Barracuda.

The initial setup was straightforward. It got complex when we started adding in requirements for tunneling et cetera. The implementation involved VPNs and the general configuration of the firewall. Then they added in these other requirements that it needed to connect to AWS. First, it was to their remote hosted environment. Then, subsequently, to the AWS environment as well. It grew over time. Over the course of a year, we spent a lot of time on it.

I'd rate the initial setup experience at a four out of five. Most of the stuff went pretty well. We had one issue and we had to drop down into it. However, their support was very good. We were able to contact support, and they were able to stay online and walk us through that problem, so without any issues. They didn't balk at it. We didn't have to beg them to help us. Some support you get in there and have to say, "I'm sorry, yes I've done all those things. Get me to the next level."

They had good quality support.

In terms of deployment, it was there when I got there. They had purchased it out of the box and they hadn't configured it. For six months it just sat there. We had it up and running within a month of me getting there. Then over time, we added more and more requirements to it. It didn't take very long to figure out what they wanted to do with it and get it set up. The actual configuration was very quick. It was just the planning beforehand that took time.

Besides myself, there were about four other people in the IT department working on the product. However, really, only one person is responsible for the gateways.

The ROI that they were looking for was an improvement in security for the whole company. It was one of those evolving things, that as new security deployments come up some of them get implemented within the firewall and others are implemented structurally or in other ways. It was able to help them meet their security goals. That was probably the biggest value that they were looking for. It also did not impede their normal operating procedure.

The licensing costs are in line with everyone else. It all seems expensive when you're talking about firewalls, however, they're all the same. It's likely in the middle of the pack.

There are costs involved with FortiTokens. Everyone has different ways of controlling VPN access, however, with the FortiTokens you get a certain amount with the device, and then you have to buy more as you add them on. They're not costly.

However, it's something you have to buy in batches, so if you've got 40 people you're going to buy a bunch of FortiTokens, and each token is an encryption key so that you can have your little app that's multifactor. They charge for that. Everyone else, in terms of competition, charges for that too.

I can't speak to if the client evaluated another solution prior to choosing this.

I primarily work as a consultant. 

The solution's deployment was on-premises, however, there were VPNs set up for remote access, VPNs set up for site-to-site, and VPNs set up for cloud-based SIEM.

As with any solution, you need to size it. You need to plan what you're going to do and what your expectations are with it before you choose the pure model. After that, proper planning is needed before you try to deploy it so you don't have to back stuff out.

I'd rate the solution at an eight out of ten.

Fortinet FortiGate-VM is used for the firewall. Some clients would like to go for the solution because of pricing. They feel they can run it on their own hardware, cut down costs, and manage it.

I can vouch for the security aspect of Fortinet FortiGate-VM. It's a value-for-money appliance. Fortinet has always been our number one firewall appliance regarding recommendations to customers. The solution is very secure, and its technical support is on point.

I like Fortinet FortiGate-VM for tutorial purposes. You can set up the solution on your personal computer for apps and teaching.

Fortinet FortiGate-VM should improve its asset identification, wherein the device can identify assets on the network, like computers. We should be able to identify a device and the user account used to log on to that device.

I have been using Fortinet FortiGate-VM for more than five to six years.

Since it is a VM, the solution runs on a client-provided host machine. Most of the time, the host machine gives issues that affect the VM.

I rate the solution a five out of ten for stability.

Around 20 users are using Fortinet FortiGate-VM in our organization.

I rate the solution an eight out of ten for scalability.

The solution's technical support is responsive, but the only issue is you need to be specific with your problem. If you are not specific with your problem, it will take longer to resolve the issue because of time zone differences. All the engineers would like to know exactly the problem before they offer solutions.

Positive

We previously worked with pfSense. We switched to Fortinet FortiGate-VM because pfSense was giving us issues.

Fortinet FortiGate-VM is easy to implement, provided you know your network architecture and the basics.

On a scale from one to ten, where one is complex and ten is easy, I rate the solution's initial setup a nine out of ten.

The solution can be deployed in less than ten minutes.

Fortinet FortiGate-VM is a very expensive solution. It's a value-for-money appliance. You don't have every client going in for the solution unless there are some specific points.

You need to know exactly what you need at the point of purchase. That will guide you in purchasing the required license. If you miss and purchase the wrong license, you can wait and purchase another license during renewal. You can also negotiate with Fortinet to have your license changed to get the feature you want.

On a scale from one to ten, where one is expensive and ten is cheap, I rate the solution's pricing a three out of ten.

We used to troubleshoot for Fortinet FortiGate-VM, but now the new firmware doesn't really give issues. We do maintain the solution by checking on devices and updating the firmware. We have seven engineers in our technical team to deploy and maintain the solution.

I would not recommend Fortinet FortiGate-VM to other users because most users don't have the infrastructure. They will tell you they want to cut down costs. You get them the solution, and at the end of the day, as a technical person, you will be bothered by the solution.

Regarding the upgrade, the only time we've had an issue is when the customer gave the wrong information. The utilization exceeded what they actually needed. Aside from that, Fortinet FortiGate-VM is a good appliance for us.

Overall, I rate the solution an eight out of ten.

It's crucial for protecting my internet network. It works well internally.

Fortinet FortiGate-VM improved security within our virtualized environment.

However, I would rate the ease of management a seven out of ten, with ten being the best. 

The policies are very valuable. They allow me to secure and manage future traffic effectively.

The biggest area for improvement is storage configuration. It could be smoother.

I have been using it for four years. 

When it comes to stability, various factors are involved, including partners, configurations, and third-party integrations. 

However, we do use it, and it seems reliable and secure for most situations.

The company that acquired us already had similar technology in place, so there wasn't a significant change when they integrated FortiGate-VM.

We have around 60 end users in our company using this solution. It is a very scalable solution.

It's a new technology, and we're still learning. Support is crucial.

Neutral

The initial setup is straightforward and quick.  

We moved the equipment to the site, connected it to the internet, and configured it through the console.

I took a consultant's help.  

It improved security a lot.

My recommendation is: If you use FortiGate-VM, make sure your infrastructure is good first and that power generation is very stable. 

We use Fortinet FortiGate-VM for a constrained firewall and comprehensible security solution. Currently, I'm involved in implementing FortiGate and FortiManager for a customer project over the past month, and Fortinet has proven to be quite effective in this regard.

Regarding specific features, I appreciate the option for external selection, where you can choose either to use a default or create a self-description. This simplifies the process compared to other vendors that require creating a test extension profile and then applying it to the installation. With FortiGate, there is a streamlined approach. From the benefits perspective, clients mainly see cost reduction, especially with FortiGate VM Firewall, as it eliminates the need for additional hardware.      

The product is satisfactory. I haven't identified any features to improve, and based on the number of deployments I've handled with FortiGate-VM, there haven't been any complaints from the customer's side.

I have been using Fortinet FortiGate-VM for the past five years. 

Fortinet is a stable and user-friendly solution. The configuration is straightforward, and it provides a secure environment. I recall a challenge where a customer was using VDOM to segment their networks, but faced issues with communication between firewalls. Through online research, I discovered a tool to replace Fortinet, and it resolved the issue. During a critical migration for a large customer with six hardware firewalls, Fortinet proved reliable and prevented the possibility of mistakes. The GUI interface is well-organized, especially the security tab, making it easy to navigate. Fortinet simplifies network and security tasks, making it accessible for those with a basic understanding of networking and security concepts. Overall, as a vendor, Fortinet stands out for its streamlined approach, avoiding the need to navigate between multiple locations for configuration.

I haven't personally tried Fortinet's technical support, but according to my colleague who has used it, the experience was not positive. He mentioned that the support process is not as direct and efficient as Cisco's. In Cisco, when there's an issue, you can call, initiate a case, and the support engineer can join you directly for troubleshooting. However, with Fortinet, it seems the process involves working on the case independently, and the support requests are assigned to different engineers. 

When advising the team for cost reduction, I suggest going with the VM if there's no budget. However, if there is a budget, I recommend purchasing the hardware. For all vendors, technically speaking, hardware is considered better than VM. However, for Fortinet, the difference between VM and hardware is mainly budget-related. If the customer has a budget, it's advisable to purchase the hardware. When recommending from the sales team's perspective, if the customer has a budget, they will suggest going with hardware. If there's no budget, the recommendation is to opt for VM, especially if the customer is working with Azure or AWS. The difference between VM and hardware lies primarily in patches, and overall, everything is satisfactory. One aspect worth noting is that during VM deployment, checking connectivity between the hypervisor, distribution switch, and network firewall is required. In contrast, for hardware, once the configuration is complete, connectivity is straightforward.

As for my overall rating of the FortiGate VM solution on a scale from one to ten, with one being the worst and ten being the best, I would rate it as a ten.

I use the solution in my company mostly as a firewall product.

The strong point of the solution is that Fortinet FortiGate-VM is a good tool to spend money on, as its price is not as high as the ones offered by Palo Alto. Compared to Palo Alto's performance, most people like Fortinet FortiGate-VM. In general, Fortinet FortiGate-VM is a tool that is available for a good price, and its performance is comparable to that of Palo Alto and Check Point.

I believe that Fortinet FortiGate-VM makes improvements on a quarterly or yearly basis.

In Fortinet FortiGate-VM, the area around the configuration, performance monitoring, and GUI are not as easy as in Palo Alto. Fortinet FortiGate-VM's configuration part, performance monitoring, and GUI are areas where improvements are required.

The scalability feature of the solution has certain shortcomings, making it an area where improvements are required.

I have been using Fortinet FortiGate-VM for more than ten years. I work as the solution's system integrator. I use the solution's latest version.

It is a very stable solution. Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a six or seven out of ten.

My company deals with customers with various ranges regarding the number of users who use the solution. Some of the customers I deal with and who use the solution have around 500 users.

My company plans to increase the number of users of the solution in our company.

I am not about the online support services offered by Fortinet FortiGate-VM, but our company deals with local support for the solution, which is very good.

I rate the technical support a ten out of ten.

Positive

As a system integrator, my company not only provides services for Fortinet FortiGate-VM but also for products like Palo Alto and Check Point.

The product's initial setup phase was easy.

The solution is deployed on an on-premises model.

The product's installation phase takes three hours if our company's customers provide us with all the prerequisites required for the deployment.

Cost-wise, I would describe Fortinet FortiGate-VM as a tool that is available for a good price.

Two years ago, the price for the license of the product was affordable, but I think that in the present time, there has been an increase in the price of the product by around 30 percent, making it an expensive tool in the process. I rate the product price a three on a scale of one to ten, where one is a high price, and ten is a low price.

My team consists of around 15 engineers who help me take care of the technical aspects of the product.

I recommend the product to those who plan to use it. I rate the overall tool an eight and a half to nine out of ten.

I occasionally implement Fortinet for clients. 

In the most recent instance, we had a cloud implemented and I was driving the infrastructure. The client had separate areas inside it purposely. They needed to implement a FortiGate solution in the same client, with different VMs, for different clients, to make different areas for these clients. 

It's great that we can have separate services for the same client. 

It's a complete solution. You only need to deploy it once. You can have many clients and many services for these clients in the same VM. It's a solution that works very well for companies that may need separated sections.

It makes things less expensive for clients. The pricing is good.

The interface is decent.

Technical support has a lot of knowledge.

The initial setup is simple. 

The solution is stable.

It can scale well.

The solution could use very well-defined support for resellers. There isn't necessarily 24/7 support and resolution.

The interface could be improved. 

The product could have more protocol routing options. 

I'd rate the solution at a seven out of ten.

The stability is good. There are no bugs or glitches. It doesn't crash or freeze. 

If you need to scale, this is a good option.

The technical support is pretty good. We are quite satisfied with the level of service on offer. 

The initial setup process is very easy and straightforward. It's not difficult or complex. 

We only need three people for deployment and maintenance. It's not a solution that requires a big team. You might need one or two field engineers. 

I'm working in a Fortinet partner company. I'm a reseller.

I'm dealing with the latest version of the product.

I like the 100F version, and it may be a good option for most clients, however, it might not be right for every company. It's a good idea to figure out what you need before you decide to avoid purchasing something that's not right for your company's needs.

It is primarily for VPN access and restricting access into the network. One of our clients has a shared system between multiple counties, and it is used to keep the right traffic flowing between counties and blocking the rest.

Each client has a specific version. We're trying to get them all current. Our number one client has the current version.

It provides greater security and flexibility. Instead of just opening it all up, it allows access to only those people who should have access. The network itself is pretty open, and with FortiGate, we can lock down exactly what they have access to.

Primarily, the VPN solution is most valuable. It allows you to have more flexibility in terms of what is there on the end-user device, and what is not there. You can check and make sure that they're current. It has more flexibility than just a straight VPN solution.

It works really well. It has the features that 99% of people need. 

They should keep us up to date about the latest version. That's the biggest thing. Currently, we have to go looking for the latest version. We should get notified about what's going on with the versions.

I would like to see easier dual-factor authentication.

Our clients have been using it for several years, and we've been helping them with that.

It is rock solid.

It is reasonably scalable. It is not as flexible in scalability as Cisco Firepower with their FMC.

Usually, the clients who use it are cost-conscious. They don't want to spend money on a Cisco device, so they go for Fortigate. A large organization usually goes with Cisco. A smaller organization tends to go for Fortigate or some other solution because of the price.

Our clients use it all over the place. It is not just for their internet. It is used for their internal networks and the rest of it.

It was average. I wasn't overly impressed. I was also not disappointed.

There is a little complexity to it but not more than other solutions. I haven't noticed greater complexity.

The deployment duration depends on how detailed you are and what you don't want to get. You can deploy one of these firewalls in half an hour, but if you're going to add a bunch of complexities and things to it, it can take at least a couple of hours to get it all set up the way you want. It ranges from half an hour to four hours.

We help our clients in implementing it. We also manage it. We just have one network support person to take care of things. It is not a job that requires more than one person.

There is no additional cost. Once you get the licensing fee, you're good.

Realize that it is not Cisco, and it doesn't work the same way. You got to pay attention to what you're doing. Those who are super familiar with Cisco got to pay attention to what you're doing because it works differently.

I would rate this solution a nine out of ten. It works well. Except for the dual-factor authentication feature, it has all the next-generation features that you need for a standard user.

We employ Fortinet FortiGate-VM solely for testing purposes, similar to how we employ virtual machines in a virtual lab environment to evaluate solutions. When customers inquire about potential solutions, we typically construct and thoroughly test these solutions in our lab environment before providing confirmation. Once we've successfully conducted a proof of concept, we then extend an offer to the customer.

Both the hardware and virtual versions offer comprehensive capabilities required for perimeter network protection. Positioned at the network perimeter, they provide profiles that can be easily configured, including antivirus, DNS protection, web filtering, IPS, and application awareness for over five thousand applications. This allows for tailored configurations based on specific application usage within our network.

The scalability and flexibility of FortiGate VM have greatly benefited our organization. Its exceptional scalability allows us to adapt and expand according to our evolving needs.

Integrating FortiGate VM with our existing systems was straightforward, as I recall no difficulties during the process. I would rate it a solid ten out of ten for ease of integration.

The performance and availability of FortiGate-VM in our setup vary depending on the specific models chosen. We refer to data sheets and comparison tables to identify devices that meet our specific requirements. This involves considering factors such as performance metrics, encryption and decryption capabilities, and the number of secure connections supported. By comparing different models, we can select the one that best suits our needs.

The GUI of FortiGate is exceptional.

The features of FortiGate VM that we find most effective for network security include its universal operating system, which is the same across both hardware and virtual machine deployments. This consistency ensures that both real boxes and virtual machines run on identical images, accessible via both command line and graphical interfaces for convenience.

SD-WAN could be enhanced to provide a clear division between control and data planes, utilizing controllers to manage tasks within the network.

We have been using it for more than three years.

I am satisfied with its stability. I would rate it ten out of ten.

It provides outstanding scalability capabilities. I would rate it ten out of ten. 
We serve a diverse range of customers, including large government organizations in Ukraine and small businesses. FortiGate is suitable for a variety of customer types, accommodating the needs of both large enterprises and smaller organizations.

We haven't encountered any open trouble tickets in the past three years, so we don't have firsthand experience with how Fortinet handles cases.

The initial setup is straightforward, earning a rating of ten out of ten for ease of use. Compared to other options, it stands out as exceptionally simple, largely due to the extensive documentation provided by Fortinet. Additionally, numerous YouTube tutorials are available online, making it easy to find solutions without necessarily having to consult the documentation.

For deployment, FortiGate can be utilized in both on-premises and cloud environments, offering flexibility in its application. It can serve as a client-side perimeter device within a customer's network or function as a cloud-based service. Our organization predominantly offers cloud-based solutions, leveraging FortiGate installations at our Sentinel node facility. Here, we manage customer traffic by configuring it to pass through FortiGate, allowing us to provide next-generation firewall services to customers who lack their infrastructure. We tailor configurations to suit each customer's specific needs.

Alternatively, if a customer requires an on-premises solution, we may deploy a physical appliance at their site. In such cases, where the customer lacks the expertise to manage the firewall effectively, we offer a managed service option.

Deployment typically takes no more than a few hours, thanks to the straightforward installation process and the clarity of the documentation provided. Especially in simple configurations with uncomplicated topologies, deployment can be completed within minutes.

The price falls somewhere in the middle; it's neither cheap nor expensive. I would rate it five out of ten.

When purchasing an appliance, it's essential to acquire the accompanying subscription. This is crucial because frequent updates to antivirus profiles and other features are necessary, often occurring daily. Operating the device effectively requires a subscription from Fortinet, which we consistently purchase.

Fortinet FortiGate-VM is purpose-built as a next-generation firewall, excelling in its performance of this specific function. Its designated place in the network aligns perfectly with its capabilities, making it an ideal device for its intended purpose. Overall, I would rate it ten out of ten.