Fortinet FortiGate-VM Reviews

We are using FortiGate-VM for the protection of our internal network and also for VPN services. Right now, there are about 200 end users in our main office and in other business units we have an additional 100-200 end users. We have about five different firewalls, yet almost all of our units are using FortiGate-VM. So, in total, we have about 500-600 users. 

The best part about FortiGate-VM is its strong security. Besides that, it's nice that there are different models for different sizes of businesses. For example, there are models tailored to enterprise companies and small organizations, and the model that we are using is perfectly suitable for our usage.

One thing that can be better is added automation. And, on top of that, enhanced security when it comes to the automation itself.

I have been using Fortinet FortiGate-VM for five years.

I think it is stable. 

I am impressed by its scalability, given that we are already using it for over 500 users. And, in future, we plan to increase usage even more. 

We have used Palo Alto before, but we switched because at that time Fortinet was more scalable and there were more options available.

I also use Sophos Firewall, though not within the organization, but rather just for small business or personal use.

Currently, we only require the services of three engineers and administrators on our technical team when it comes to deployment and maintenance.

The license we pay is a yearly fee. I can't say it's very expensive; it is a good price and is highly suitable for our usage.

FortiGate-VM is a good solution, and I would say one of the best solutions on the market.

I would rate it an eight out of ten. 

My primary use case of this solution is for advanced security in the cloud, as well as SD-WAN and branch connectivity. We use version 6.4 and are just now moving to 7.0. 

FortiGate-VM has many valuable features: it's easy to use, it's intuitive, it's got very good traffic inspection features, it's got comprehensive filtering categories, and it has an extensive threat database, using FortiGuard. 

FortiGate-VM could be improved by making it cloud-based. I'd like it to be a cloud-based management solution instead of just a dedicated management orchestration tool. 

I have been using FortiGate-VM for five years. 

Personally, I like Fortinet support. I know other colleagues and people think it's slow, but I don't.

I used FortiGate for 10 years. I also have experience with Azure Firewall Premium, Cisco ASA, and Cisco Firepower. 

The installation is really easy. There's HA deployment in the marketplace involving Azure and AWS. I handle the installation myself. 

I implement this solution myself for customers. 

There are yearly or monthly licenses which you can choose from. 

I rate FortiGate-VM an eight out of ten. I recommend this solution to others. There's a use case, like any cloud-based firewall. 

We're an MSP, so we sell, configure, and manage these solutions for customers. 

My primary use case is for controlling the internet in our organization, as well as for our VPN for those working from home. I also use it for routing the connection to stores so we can access them.

This solution allows us to easily access the stores from where we are. It also blocks a lot of websites that we don't want to allow access to during working hours. It has also made our network more secure, and it's now much harder for people to intrude into our network.

The most valuable feature is that its IPsec works perfectly. The work filter also works perfectly - it's able to detect anything coming in that is not supposed to be on the network.

We have had some issues with connecting to the VPN from home after firmware updates, which could be an area for improvement.

I have been using this solution for about five years.

I think the product's stability is very good.

The scalability depends on what you want to use it for - previously, we were using 60D, and it wasn't accommodating some features we wanted, so we had to go to 100D.

The technical support is very helpful.

I previously used pfSense but found it was a bit complicated in terms of configuration and didn't give periodic updates. I switched to FortiGate because they were very consistent in giving updates on outbreaks and what they were doing to resolve them.

The setup was straightforward because of the integrator's help. Deployment took about two days, and only my assistant and I were required for deployment and maintenance.

I implemented through an integrator.

Our main ROI has been the extra stability on our network - since we implemented this solution, we haven't had any major attacks.

The cost of this product is too high on a yearly license. The license can be renewed on a monthly or yearly basis. There are additional costs for extra features.

To me, this is one of the best firewalls I've ever used. I would rate this solution as nine out of ten.

We primarily use the solution for our internal worldwide corporate network.

It's allowed us to have fewer personnel requirements in relation to maintenance. 

The maintenance part is definitely quite easy. We do not require any additional manpower to maintain this. It's quite simple and it has the least required manpower over it based on an individual unit.

The initial setup is pretty simple. 

The solution can scale well.

The stability is quite good.

Right now, we are totally satisfied with this solution. There are several units worldwide. We have only one unit at our Kolkata location, and we are satisfied as of now in terms of its capabilities.

Price-wise, it could be slightly better, however, if you compared it to other makes and models of equal category, it is generally cheaper.

I've used the solution over the last seven months. 

The stability has been good. Its performance is reliable. There are no bugs or glitches. it doesn't crash or freeze. 

The scalability is there. When taking into consideration our business environment right now, I find that this is capable of handling all the requirements until the end of 2022.

Right now in the Kolkata office, we are around a hundred people - and that is in the Kolkata office only. If you talk about India, then we have around 250.

We do not plan to increase usage at this time. However, in the future, scaling may be required. 

I've never directly dealt with technical support and therefore cannot speak to how helpful or responsive they are.

We did previously use a different solution, however, the main office makes the decisions around product changes. They may have chosen this product as it is less expensive. 

We had been using a British Telecom hybrid VPN solution. In April, we stopped that and migrated to this new SD-WAN connectivity solution based on the Fortinet firewall. 

The implementation process was not complex or difficult. It was straightforward. 

The deployment takes around two to three hours.

Maintenance aspects are handled by the vendor. 

The implementation was done by our vendor as well as our internal team.

We won't have a sense of an ROI until we've used the solution for another year and a half. 

The pricing is pretty reasonable when compared to other solutions of the same caliber.

We pay a yearly licensing fee. I do not know the exact costs, however, as that is handled by the team in Luxembourg.

We don't make product decisions. Decisions of that scale come from Luxembourg. 

We are a customer and an end-user.

I'm not sure which version of the solution we're using.

I'd rate the solution at a nine out of ten.

The use case for VMs is if you're going to deploy them like a SaaS edge, to protect your applications or provide deeper visibility into the traffic. Or you could use it in your data centers as well. However, that's not our preference.

We primarily use the solution for network segmentation at our data centers and remote connectivity to our distributed sites.

We were able to take advantage of their management tool, FortiManager, to get a single pane of glass. FortiManager and FortiAnalyzer do not have a single panel glass. Rather, they are two panes of glasses to manage and monitor the firewalls where previously we were using Cisco. I don't want to call them legacy firewalls, however, with Cisco firewalls, we didn't have that management or logging visibility.

The product has pretty good logging and reporting capabilities native to the firewall. Then they also use FortiAnalyzer to aggregate that traffic and provide more detailed and aggregated reporting. That's going to help when you're analyzing network traffic for network segmentation initiatives.

The stability is excellent.

It's very easy to set up, even for more junior developers.

The scalability has improved. 

It's got a clean interface and it's very intuitive. Everything is easy to navigate.

Their offering for MFA isn't the cleanest. They have a product called FortiAuthenticator. It's not a FortiGate but that is one of their MFA offerings. However, other products that I've used, like Duo, are better from a user experience standpoint. They are easier to configure. 

I've been using the solution for ten years. It's been a while. 

Six or seven years ago, they had issues with code versions where they would make changes within the code version and they would have some bugs. That said, over the last six or so years, their releases have been very stable. We've had very few issues with any type of bugs or issues.

Scalability has gotten better with their SD-WAN offering. They're able to utilize inexpensive lines such as 4G, 5G, or DSL. It has allowed us to move away from expensive MPLS lines.

Historically, conventional or Next-Gen firewalls have been utilized at data centers and remote sites. Now, however, a lot of customers are moving towards Zero-Trust access and SASE. I'm currently looking to get a little bit more information on Zero-Trust architecture, as it reduces the overall management and need for physical firewalls in all your locations, which can get expensive.

We also use the Cisco ASA firewalls. I do find that Fortinet is easier to handle than Cisco as you don't need to handle tasks via the command line, which makes it easier especially for junior-level developers.

The initial setup is very straightforward. I started out in the Cisco world with Cisco firewalls and switches. Then we started deploying FortiGate and I found that FortiGate was easier to learn, especially for junior-level engineers. We were able to get junior-level engineers up to speed quicker than if it was a Cisco platform, especially if they haven't used the command line before.

Deployment usually takes a day, depending on the complexity of the firewall. It might be a day to two, depends on if we are using multiple IPSec tunnels if it's at a data center or a remote site. 

In terms of deployment and maintenance, in my experience, by a rough order of magnitude, a company would need one technician per 30 firewalls. For our company, we had a team of three network engineers and we had a fleet of about 120 firewalls.

I handed the implementation myself with my team. We didn't need any integrators or consultants.

For our entire fleet of 120 firewalls, we're paying about $100,000 per year. The licensing fees give you support and the capability to download updated definitions of threat intelligence from Fortinet.

I was previously a customer. now I am a reseller and Fortinet partner.

We primarily use hardware-based appliances, including the 100 D/E series, 100F, 190 D/E's, ADCs, 600 E's. They are similar to VMs.

We're using the most recent code level at this time. We're one version behind the latest version. We tend to use one version behind the most recent for safety reasons so that we can avoid troublesome bugs or glitches.

Anyone looking to deploy Next-Gen firewalls, in general, should really define their use cases to be able to decide on the proper technology to deploy within the environment. If you're looking to deploy Next-Gen firewalls at all your locations and create point-to-point VPN tunnels, they can get cumbersome and difficult to manage policies. It is also difficult to do network segmentation. With some of the Zero-Trust offerings, you're able to actually move your clients outside of your corporate perimeter, and then isolate those applications based on the user per application, instead of requiring them to dial back via traditional VPN to your data centers, which sometimes isn't the best user experience for your end-users.

I'd rate the solution at an eight out of ten.

We use FortiGate as an edge security device. We are system integrators and we use this product ourselves, as well as implement it for our clients.

The geofencing and blocking capabilities for all non-domestic countries lower the attack surface by approximately 85%.

The most valuable feature is geofencing, where we can block all access from all non-domestic locations.

In the next releases, it would be nice to see central cloud management.

They have an on-premises solution that you can deploy for fleet management or for multiple site management, but it seems like a cloud solution would be a little bit easier.

We have been using FortiGate for the past two years.

We are using the latest version.

This is a very stable solution.

So far, this product has scaled very well. We have approximately 100 deployed, as edge devices. Currently, it is our only edge device and we plan to continue rolling it out in the future.

Their technical support is great.

We used Cisco ASAs exclusively before changing exclusively to FortiGate.

We decided to change to FortiGate because the entitlement was too difficult on Cisco.

The initial setup is straightforward and it takes approximately two hours to deploy.

Licensing is pretty standard. It's approximately 15% of the total cost per year as a subscription cost.

The subscription cost also includes support for entitlement, which was not the case with Cisco. That was the deciding factor. We changed our whole install base because of that.

There are no additional costs other than the standard licensing fees.

I would recommend stopping waiting to use Fortinet Fortigate. It's really a great solution and their support is very good. SonicWall has awful support. I can't say more strongly how bad SonicWall has ever been.

With the engineers, everything is difficult to phrase. They don't understand what you're trying to do. They should understand. Their first-level support is terrible. They really don't understand. You can't get to the next level without going through level one. 

Level one is terrible. It's frustrating enough that we just do it ourselves with Google articles because of this.

I would rate this solution a nine out of ten.

The primary use case of this product is as a firewall. We are partners of Fortinet and I'm a security engineer. 

In our organization, Fortinet is one of the trusted partners. We have offered the solution for a medium-size entrepreneur 

The dashboards are a good feature and the deployment is simple. 

The technical support could be improved. I'd like to see the security platform upgraded.

I have Started learning and deploying FortiGate for 12 months.

The solution is looking stable as per knowledge

This solution is flexible and scalable. 

They need to improve the technical support. 

I have worked with checkpoint. And that solution is also good. 

It is straightforward for deployment

Fortinet is competitively priced, it's cheaper than Palo Alto and Check Point. 

We are the technologies partner so we have recommended the solution by customer dependence upon their use cases

I recommend this solution and would rate it a seven out of 10. 

In a recent scenario, a manufacturing company, was in need of migrating its services, specifically their ERP SAP application, to a cloud-native environment. They chose to migrate their servers to GCP for hosting. Since they required a firewall, they opted for cloud-native firewall solutions. They acquired two firewalls, one for internal usage and another from the GCP marketplace. Both firewall vendors provided yearly subscriptions. Following this, we proceeded with the configuration.

They established a VPN connection via the internal Forti firewall. Simultaneously, an external firewall from Palo Alto was set up. This external firewall, positioned at the perimeter, handled incoming traffic from Internet users. Our configuration focused on enabling ECPs for the Internet-based cloud network.

The ease of access and user-friendly setup is a valuable feature. Fortinet proves to be particularly straightforward to configure, offering simplicity without complexity. Moreover, visibility is easily attainable due to certain factors. Price, implementation, and budget considerations play a role. When it comes to Cisco implementation, the process tends to be more intricate, which many customers find unfavourable for their business needs.

Fortinet devices are acknowledged as highly potent and come with a notable cost. These devices offer extensive visibility, an array of configurations, and a range of security features. However, there's room for enhancement in their routing and switching security aspects, akin to Cisco's offerings.

A noteworthy aspect here is Meraki, which offers cloud controllers. If FortiGate were to introduce a similar cloud management solution, it could strongly compete with both Meraki and Cisco products. Cisco operates in two sectors: enterprise and SMB. Particularly in the SMB market, they hold sway due to their convenient cloud management features. For instance, Meraki's cameras and wireless access points can be easily controlled through their cloud management portal. If FortiGate were to provide cloud-based management solutions for SMB customers, it could cater to a significant portion of the market, considering that a substantial number of customers fall within the SMB and mid-level enterprise categories.

I have experience with Fortinet FortiGate-VM.

Hardware performance is a determining factor. A recent case made me notice that in comparison to the other vendors, Fortinet exhibited superior scalability. This was mainly due to their package-oriented approach, which involved scaling the VM version based on the number of customers. They offered various packages, and depending on the package, the VM version would be adjusted.I would rate it an eight out of ten.

I would rate scalability an eight out of ten.

The customer service and support is good. Within this domain, we have local support in place. They are primarily responsible for initial support. However, if a situation exceeds their capabilities, they escalate it to level two support. This setup is highly satisfactory.

Positive

FortiGate offers straightforward planning and a user-friendly interface. This simplicity is seen through graphical user interfaces (GUIs), enhanced visibility and effective troubleshooting. I would rate it eight out of ten. 

In the industry landscape, approximately seventy per cent of businesses predominantly rely on on-premise solutions. Specifically, our focus is directed towards banking clients, who are aligned with the guidelines of the Central Bank due to their emphasis on security, governance, and compliance protocols. However, the manufacturing sector and telecommunications companies are more inclined towards cloud adoption. This inclination is rooted in factors such as cost efficiency and power savings, internal infrastructure maintenance and resource allocation, including power and human resources.

In Sri Lanka, the banking and finance sector still prefers on-premise solutions. This choice is aligned with their security compliance needs and regulatory considerations.

In our proposals involving FortiGate, it's common practice to include FortiManager and FortiAnalyzer. Over the past two years, many clients have adopted FortiManager for cloud-based management. We've facilitated this by providing cloud subscriptions, allowing them to manage their FortiManager through the cloud. This approach is well-received, and it's worth noting that even in the banking sector, some customers prefer on-premise setups for their FortiManager.

It would be beneficial for Forti to expand its cybersecurity solutions even further. While solutions like FortiSolor exist, there's room to enhance feature sets in line with the increasing requirements of compliance and private security needs. These can effectively address client-side security needs. Comparing Forti's offerings to competitors, certain strengths stand out. There are notable visibility and flexible configuration options. The client-side experience benefits from robust management capabilities accessible through this solution and the troubleshooting becomes seamless because of good visibility and an effective controller. I would rate it an eight out of ten.