Fortinet FortiGate-VM Reviews

We work in the archiving domain where a secure environment is very important. We have some special requirements regarding the security of infrastructure.

The product has issues with integration. I would like to see better integration in future releases of the product. 

I have using the product for five years. 

I would rate the solution's stability a ten out of ten. 

I would rate the product's scalability a ten out of ten. My company's four administrators have access to the solution. 

We required a solution that offered maintenance and support. Hence, we chose this product. 

The product's setup is not complex. The tool's deployment gets completed in a couple of hours. 

The solution's deployment was done in-house. 

We have seen ROI with the product's use. 

I work for a telecommunication company. We are a service provider, and we use it for our internal network and for providing services to our customers.

The firewalling feature is used the most, but we also have a particular use case for the SD-WAN service. 

Its interface is good. It comes with a lot of features, and its performance is also very good. 

It is a very good product, and it is good at standing by itself. It can maybe have a little bit of integration with other products, but it is not that important for most use cases.

I am quite new to this product.

Its stability is very good.

For the SD-WAN use case that I am researching, it seems more suitable for medium-sized customers. It is a little bit difficult to use for a big customer.

Their technical support is good.

I would rate Fortinet FortiGate-VM a 10 out of 10. It tops others in terms of performance.

We primarily use the solution for checking a 250-person defense contracting company with multiple locations.

It's improved our operations by not being overly problematic.

The solution seems to be very reliable. 

It's a relatively simple product that is easy to use. It's not overly complex.

The initial setup is fairly straightforward.

The product does not have a good graphical interface. Their patches and their upgrades are not always compatible with configuration. That means that often you find after you upgrade that there was something else you have to do to the rest of the infrastructure, whether it's a printer or a user or whatever. It doesn't appear to me that their upgrades are well tested. They usually do what they're supposed to do, however, they also usually do some other things that FortiGate doesn't seem to be aware of.

It doesn't maintain legacy capabilities very well.

The stability of the solution isn't ideal.

They don't seem capable of supporting their own product.

The solution needs a better user interface and more intelligent services like spam blocking and auto whitelisting, gray listing, blacklisting, et cetera. It just basically needs better user monitoring.

I've been using the solution for about four years at this point. It's been a while now.

While I wouldn't describe the solution as unstable, there are definitely hiccups. I expect firewalls to be really efficient and very stable and I would say they're only sort of stable. I don't expect to have to figure out how to create a scan-to-email solution every time I upgrade my firewall, for instance.

Of course, they'll blame it on the vendor of the printer and say now how they're not following the standard or something, however, it was working with their product previously and the printer wasn't the item that changed. Their product gets a patch and it no longer works and you're like, "Well, I like your theory, but I don't exactly accept it." I don't think they have the features that a Palo Alto has, let's say.

The solution seems to be scalable. For our purposes, it scales well.

We have about 250 users on the solution currently.

Technical support isn't that great. On a scale from one to ten, they're a five at best. A couple of times where we had a problem, they couldn't solve the problem. We researched the problem on our own, unfortunately, via Google, and we found the solution and the solution was actually written by one of their techs and they didn't even know it.

The initial setup is not too difficult. It's not overly complex. I'd describe it as pretty straightforward. A company shouldn't have any issues with implementation.

For deployment, we did one site and then the other site and it took probably two weeks to deploy it, with maybe 30 days to get it fully configured. Then, once we had one site deployed, configured, and functional, we implemented a copy of that to the other site. We followed this pattern for each of our locations.

In terms of maintenance, it's hard to quantify what you need for the firewall. The firewalls are relatively low in terms of required maintenance. We have one IT administrator that may be a day a month has duties that are firewall-related. It varies, however, it's not significant work to maintain the firewall.

We did not need the assistance of an integrator or consultant. We were able to handle it ourselves.

We haven't really seen an ROI. It does what it's supposed to do, however, I'm not sure that it makes my job easier. It's kind of a sunk cost. It's one of the frustrations I have. I would expect it to be smarter and capable of doing things that it really doesn't do.

We pay a yearly licensing fee. It's probably a couple of thousand dollars per firewall.

On top of that, if you maintain a hardware warranty, so that you own the devices, you still maintain a warranty on them. There's sort-of a service contract, or you can go at risk. I don't know where we are in that. I'd have to go look, but I know at one point in time we talked about again, if we're going to be doing a tech exchange, maybe we don't want to maintain the warranties on them anymore.

The competitors actually have lower prices for more functionality. On the higher side, if you go with Cisco, it's more expensive, however, it's obviously more functional. A Palo Alto is probably a better solution than a FortiGate.

We're currently looking for alternatives to this solution.

We're looking at alternatives. However, the deficiencies that they have are not significant enough that I would like to immediately leave them, however, they're big enough that I'm looking for alternatives. 

When I come to end the life and I do a tech refresh, if we're not going to go 100% virtual, which is certainly another consideration, I am going to look at an alternate product. I'm not sure we're going to go away from them with a timeline right now, however, I'm certainly looking at it.

We don't yet have a shortlist, however, we'll likely look at the top big names in the market.

We're an end-user and a customer.

We have a plug-in with the subscription. We use the current version on their 100Es.

In general, I would advise other users that they need to look at whether they're going to go physical or virtual. I'd advise once they decide that to then look at the maybe lesser known next-generation firewalls that have functionality. The folks that are going to be operating the tool need to look at the user interface to make sure that that it is easy to use. Most users at an enterprise don't even know the firewall's there, let alone what it is, so they're not unique. I think all of the firewalls are pretty decent at not impacting users. The differentiator is which ones are easy to set up, which ones are easy to configure and use and how good they are at reporting.

The other thing I would say is, look at whether or not they integrate into your overall IT management, whether you're using ServiceNow or what you're using for IT management. How do the firewalls integrate with that or not? It's important.

I'd rate the solution at a four out of ten. It does base functions and it's doing that at a pretty high price.

Most of the use cases that we have are SD-WAN and perimeter firewall related.

Our clients are mostly small to medium-sized businesses. We also have large enterprise clients that range from 1,000 to 8,000 users. We haven't planned to increase the usage, but we are currently using Fortinet FortiGate-VM for perimeter firewalls and SD-WAN for our branch offices.

FortiGate-VM is easier to deploy than physical solutions that require you to have an RNE as then you need to wait a couple of days or months for another physical appliance to be delivered. With VM, if we already have available servers in the network, we can just deploy FortiGate.

With FortiGate, we sometimes encounter bugs in various operating systems. Also, sometimes the security policies are hard to apply specifically when it comes to web filtering.

We've been using FortiGate-VM from the moment I began in my company. So that was two years ago.

This solution is very stable.

The technical support for FortiGate-VM is the same for the physical VM — they're very responsive. 

The initial setup is very user-friendly.

For FortiGate-VM, we mostly have UTP Bundle. MA is for three to five years, but we just discovered that VM is cheaper; we found that it actually costs more than a physical appliance excluding the servers for the platform.

Overall, on a scale from one to ten, I would give this solution a rating of eight.

The primary use case for Fortinet FortiGate-VM involves formulating policies and services within the environment.

They could provide more integration options with different platforms.

We have been using Fortinet FortiGate-VM for six months.

I rate the platform's stability an eight out of ten.

We have 200 Fortinet FortiGate-VM users in our organization. I rate the scalability a ten out of ten.

The initial setup process is simple. It involves defining the parameters for deployment, such as the number of sites, PCs, and Wi-Fi users.

We don't have to pay for the licenses. But we might purchase licenses in the future.

FortiGate improved security within our virtualized environment by providing robust first-line defense capabilities and optimized cost-effectiveness.

It provides an ease of management and configuration as well. I rate it a nine out of ten.

We are a reseller of FortiGate, but also a customer. I have configured it in my office. Our primary case use includes equipment installed with customers.

We have Fabric Security that integrates with other FortiGate family products like firewalls and switches. This means that we don't need to buy other licenses and it's easy to configure.

With every new version, there are issues and new parts due to the improvements. But the improvements are not always easy for the customer, especially when making a big configuration. Rather than being an improvement, it becomes more complicated.

We have been using FortiGate for almost 12 years.

The support is fine now, however, our last purchase was not as good. They have changed their situation and improved support again.

I had used Sophos UTM, the Endpoints, Access Points, and XG for two years in my office. We switched because of FortiGate's service and because it is a more flexible solution.

Installation does not require another license so it is inexpensive and easy to configure. 

Sophos has a nice interface and is easy to configure. The XG products are good and so are the endpoints. Sophos access points and on-premise are not good.  Sophos also doesn't have enough support to get into the console. Sophos has a Linux box, which is easy to try to resolve most issues, but Sophos support is not good.

Fortinet FortiGate-VM is easy to use.

The performance could be better. Some features need to have quality control when the switch is working. The dedicated bandwidth for some users is not reliable.

I have been using Fortinet FortiGate-VM for approximately one year.

I have found Fortinet FortiGate-VM to be stable.

We have approximately 150 people using the solution.

The technical support could improve. They took approximately one month to solve a firewire issue to update. I would not recommend it.

I have used Sophos previously and I could it to be better. However, we have found the performance to be the same as Fortinet FortiGate-VM.

The company that provided the solution that was installing it took approximately three days.

I can do the implementation by myself. I do the maintenance and support of the solution.

There is an annual license required to use the solution.

I rate Fortinet FortiGate-VM a seven out of ten.

It's an edge firewall that provides failover and redundancy management with the SD-WAN. We also use it for its traffic shaping capabilities and visibility through a central orchestrator.

It improves an organization because it's a single vendor solution for edge management.

It allows us to handle multiple types of connections at the edge and provide the proper routing and firewall services.

I really like that it's internationally deployable.

There should be more options to use lower-end models in a high availability configuration.

They should continue to improve the traffic shaping; they should add some AI to the traffic shaping. They should also consider learning from other organizations as opposed to just internally. They should follow patterns instead of everyone having to recognize patterns and make adjustments on their own. Instead, they should add some form of intelligence to guide administrators in best practices with traffic shaping. I think this will become very important as we move more toward a SaaS-type world. 

I have been using Fortinet FortiGate-VM for the past three years.

Stability is also high to very high. 

I'd say scalability is somewhere between high to very high.

The initial setup depends on the types of connections that you're bringing into it and the complexity of the business requirements for individual networks. It depends on how you want to route across the company. Overall, I'd say it's less complex than Cisco but it really depends on who's doing it. 

My advice would be to look to the anticipated growth of the network before starting the implementation so that you are appropriately sizing the scope and size of the equipment.

Overall, on a scale from one to ten, I would give this solution a rating of seven — it's a solid product. Depending on the solution you need, some of the appliances can be a little cost-prohibitive at the high end, but at the low end, they're very cost-effective. Plus, the interface is simple to use. For the right customer, I think it's a solid play.