Fortinet FortiGate OverviewUNIXBusinessApplication

Fortinet FortiGate is the #1 ranked solution in best firewalls, SD-WAN tools, and top WAN Edge tools. PeerSpot users give Fortinet FortiGate an average rating of 8.4 out of 10. Fortinet FortiGate is most commonly compared to Cisco Secure Firewall: Fortinet FortiGate vs Cisco Secure Firewall. Fortinet FortiGate is popular among the large enterprise segment, accounting for 50% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 23% of all views.
Fortinet FortiGate Buyer's Guide

Download the Fortinet FortiGate Buyer's Guide including reviews and more. Updated: December 2022

What is Fortinet FortiGate?

Fortinet FortiGate is an innovative line of firewalls that aim to protect organizations from all types of web-based network threats. They come in a wide variety of product types. Fortinet FortiGate’s solutions are available in a large range of sizes and form factors and are key components of the Fortinet Security Fabric, which enables immediate, intelligent defense against known and new threats throughout the entire network.

Fortinet FortiGate provides users with next-generation firewall solutions that provide proven protection with unmatched performance across the network, from internal segments to data centers to cloud environments. You can protect every part of your network without exception. Additionally, your protections can be managed from a single central location. This ensures that the task of protecting your network is infinitely easier to accomplish.

Benefits of Fortinet FortiGate

Some of the benefits of using Fortinet FortiGate include:

  • The ability to manage your firewalls from a centralized automated control console. Fortinet FortiGate’s FortiManager enables administrators to exercise control of their firewalls in a streamlined manner. Administrators have full visibility and control over their system from a single location. It utilizes automation that collects information in real time, which greatly simplifies and reduces the cost of running various types of workflows. Administrators can free up resources by automating the most basic tasks.
  • The ability to produce uniform, appropriate, and coordinated responses to threats across networks. Fortinet FortiGate’s FortiGuard feature generates system protections in near real time. This allows administrators to address threats to the system with custom-made solutions that can be uniformly enforced.
  • The ability to scale up your security to fit your changing security needs. Fortinet FortiGate’s design allows users to accelerate the transfer of data between users and escalate the number of users that are covered without compromising security of performance. This means that users can grow their networks and continue to collaborate without worrying about the system slowing down or coming under attack.

Reviews from Real Users

Fortinet FortiGate’s firewall solutions are cutting edge. They stand out from competitors for a number of reasons. Two major ones are the robustness and power of their firewalls. Fortinet FortiGate’s firewall provides users with many valuable features that allow them to maximize what they can do with the solution. These firewalls enable users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software.

PeerSpot user Eric S., a Solutions Engineer and Consultant at a tech-services company, notes the robustness of this solution when he writes, "One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent. One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface.”

PeerSpot user Jim M., a network admin at Penobscot Valley Hospital, notes the power of Fortinet FortiGate’s security software when he writes, "It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall.”

Fortinet FortiGate was previously known as FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate.

Fortinet FortiGate Customers

Pittsburgh Steelers, LUSH Cosmetics, NASDAQ, Verizon, Arizona State University, Levi Strauss & Co.

Whitepaper and case studies here

Fortinet FortiGate Video

Archived Fortinet FortiGate Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Security Systems Analyst at a retailer with 5,001-10,000 employees
Real User
Top 10
It works and does its job and has good stability and scalability
Pros and Cons
  • "I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job."
  • "If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox."

What is our primary use case?

We have some that are doing IPS, and we have some that are for AV. That's basically their main role. We are using one version below the current release.

What is most valuable?

I only deal with it from a security analyst's point of view. I don't really get into the features of the actual FortiGate. From the security point of view, it works, and it does its job. 

What needs improvement?

If I had any criticism that I would give FortiGate, it would be that they need to stop changing their logging format. Every time we do a firmware upgrade, it is a massive issue on the SIM. Parsers have to be rebuilt. Even the FortiGate guys came in and said that they don't play well in the sandbox.

For how long have I used the solution?

I have been using this solution for probably 20 years.

Buyer's Guide
Fortinet FortiGate
December 2022
Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
656,862 professionals have used our research since 2012.

What do I think about the stability of the solution?

They are pretty stable. We never had any real issues with them.

What do I think about the scalability of the solution?

Their scalability is pretty good. We have upgraded and changed them, and we have been running them for 20 years. They run for a long time. We are not replacing them every couple of years, and we have scaled up a lot. We have over 10,000 users behind it. We have three people for maintenance and deployment. 

How are customer service and support?

I never had to deal with technical support directly, but I've never heard the guys complain about it.

How was the initial setup?

I never set them up.

What other advice do I have?

We are using FortiGate, but we are switching to Palo Alto. We are just moving over to the new next-gen and do an extra layer or higher layer filtering. Being a government organization, it was RFP, and basically, Palo Alto won the RFP. I wasn't part of the RFP review, so I can't tell which features pushed Palo Alto over the edge or not. For all I know, it could just be price.

I would rate Fortinet FortiGate an eight out of ten. I would also rate Palo Alto the same.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
JackTrantham - PeerSpot reviewer
Technical Account Manager at DSM Technology Consultants, LLC
MSP
Full-featured and priced well, with good bandwidth traffic reporting
Pros and Cons
  • "The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point."
  • "I don't like that anything more than very basic reporting is not included."

What is our primary use case?

We are an IT service provider. We provide solutions to our customers based on what their needs are.

How has it helped my organization?

I don't know that it changes the way the organization functions. I think it gives customers more peace of mind knowing that they have this in place, that they have it set up properly, that they can run reports to get the information they need of who is using it, and who the top five users are.

Different areas in reporting that they can get information that they need to know. That it's blocking what needs to be blocked, it's allowing what needs to be allowed, it's doing what it needs to do based on the specific requirements and I don't have to worry about it.

What is most valuable?

There is an enormous amount but it also depends on the customer. Some have to do with the tracking of bandwidth to ensure that the students are not using too much or too little bandwidth. 

There is also reporting. The reporting is valuable.

The next-gen features, the unified threat management capabilities are something that just about everybody is interested in at this point.

What needs improvement?

I don't like that anything more than very basic reporting is not included. You have to buy their cloud module that's an add-on for getting more customized reporting.

It has just about everything that we are looking for and the customer is needing. It's just the reporting part that is lacking in the base application.

Technical support could be improved.

For how long have I used the solution?

I have been using this solution for approximately four years.

What do I think about the stability of the solution?

I am sure there are bugs or glitches from time to time, but it's not anything that's been problematic or had multiples where it's been an issue.

What do I think about the scalability of the solution?

Our clients are small to medium-sized businesses. 

How are customer service and technical support?

Technical support is okay. They are not exceptional or awful, they're in the middle.

It's hit or miss on their technical capabilities and who you get and who you talk to.

I would rate them a six or a seven out of ten.

Which solution did I use previously and why did I switch?

We didn't deploy a variety of solutions. Cisco is one we have deployed as well. It's just not as easy to setup. It's all command line, there is not a user interface, it's more expensive, and It doesn't have as much capability.

How was the initial setup?

The initial setup is straightforward.

There's a lot to it, but it's very easy. It's a web interface and very easy to walk through it.

What other advice do I have?

We deploy both on cloud and on-premises, depending on what the customer's requirements are.

Fortinet solution has received great feedback. It compares well to Palo Alto. It's a lot more expensive.

It's very full-featured solution and it's priced well.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Fortinet FortiGate
December 2022
Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
656,862 professionals have used our research since 2012.
Firewall Engineer at a marketing services firm with 1-10 employees
MSP
Top 5Leaderboard
Good security, easy to install, and offers good performance
Pros and Cons
  • "The product offers very good security."
  • "The solution lacks multi-language support."

What is our primary use case?

We primarily use the solution for its security features and performance. We enable features that assist with web filtering, application consoles, and IPS.

What is most valuable?

The performance of the solution is very good.

The product offers very good security.

It's pretty easy to install the solution.

What needs improvement?

The cloud management should improve. There are other manufacturers that have better management cloud solutions. Aruba, for example, is very good at this aspect. Fortinet could look to them as a model of how to do something interesting with management solutions.

Fortinet across the board needs to improve the LAN aspect of their products.

The solution lacks multi-language support.

They could offer access points to small companies and firewalls at those access points. Aruba, in that sense, is much better for smaller organizations as they provide this possibility.

For how long have I used the solution?

We've been using the solution for a few years at this point.

What do I think about the stability of the solution?

The solution is quite stable. You don't have to deal with bugs or glitches. You don't have it freezing on you. It's reliable.

What do I think about the scalability of the solution?

The solution is pretty scalable. It's flexible. It works with the organization and allows you to expand it as necessary.

In my company, we use FortiGate across several locations. The location with the most number of users has maybe 400 to 500 employees. That said, there is another FortiGate that manages the traffic that goes to the internet for all of the users across locations. We must have around 900 users.

We do plan to continue to use it going forward.

How are customer service and technical support?

The solution does have different levels of support. If the problem is critical, you can escalate it quite well and even get telephone support.

That said, in terms of telephone support, they need to have support provided in the Spanish language. Right now, this is not the case.

Which solution did I use previously and why did I switch?

While we concurrently use both Sophos and Fortinet, we're working towards just using Fortinet. I find that the performance of Fortinet is much better than Sophos.

How was the initial setup?

The solution's initial setup is not complex. It's pretty straightforward. In my case, I have many years of expertise working with FortiGate and therefore it was not difficult. It's quite good and easy to manage.

How long it takes to deploy the solution, depends on what the customers ask you to do. More or less, however, it might take maybe one day to make the initial setup of the unit and the configuration that the customer requests. It may take another day or two to put it on service and check that everything is working properly, once again, based on the requirements of the customer.

What other advice do I have?

I work mostly with firewalls and network equipment including firewalls, switches, and routers. I don't just work with Fortinet. I also work with Sophos, Cisco, and Aruba.

We're using the latest version of the product currently.

Overall, I would rate the solution ten out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Systems Engineer at a tech services company with 501-1,000 employees
Real User
Top 20
Very stable, easily customizable, and simple to install
Pros and Cons
  • "The stability of the solution is excellent, as it is with other Fortinet products."
  • "There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs."

What is our primary use case?

I primarily use the solution for network security - especially for the VPN connection, the remote site connection. 

What is most valuable?

The solution is very easy to install.

The services from Fortinet products are very, very good. The WIFI that Fortinet provides for us, for example, is fantastic. 

The VPN tunnel is very stable and there is more than one option for the tunnel, which is helpful. 

We can customize the product well.

There's a very intelligent solution that they gave us in order to make the VPN connection easy. It is a very, very, very useful tool. 

The stability of the solution is excellent, as it is with other Fortinet products.

What needs improvement?

Fortinet is a very big product. It has FortiGate, FortiWiFi, FortiSwitch, email security, etc. Due to this, they have some weaknesses in the ISPs, the services. They could improve these aspects. Hotspot services especially could be a lot better. 

There are just some services that aren't available. For example, the Ethernet or point-to-point protocols. They could add these services to their product offering - especially services for ISPs.

For how long have I used the solution?

I've been using the solution for about three years at this point.

What do I think about the stability of the solution?

The solution is very stable. That's not a problem at all. There aren't bugs or glitches. It doesn't crash or freeze. It's quite reliable.

What do I think about the scalability of the solution?

The solution can scale well. If a company needs to expand it, they can.

I have various clients that use the solution and they have a user base that can range anywhere from five users to over 10,000.

I do plan to continue to use the solution in the future, however, I can't speak as to if my clients will expand their services or not.

How are customer service and technical support?

Technical support, by and large, is very good. Fortinet has a very fast response time for their support tickets. It doesn't matter if the help is coming from the local distributor, or from web support. I don't face any problems with their level of attentiveness. I'm quite satisfied.

Which solution did I use previously and why did I switch?

I use a wide variety of products in my shop. For example, I also work with Sophos UTM, Cisco, HPE, and Aruba products. 

There's a lot of problems in, maybe, let's say, Sophos products. Especially in their support. They have very weak support. Cisco has good support, on the other hand, and a very good product, however, it is too expensive. HPE is a very nice product and has good support, however, it's not a UTM. Therefore, often we end up recommending Fortinet options.

How was the initial setup?

The initial setup was not complex. It was pretty straightforward.

How long it takes to deploy the solution depends on the company and the configurations required. Sometimes I am able to do it in one day, whereas other times it takes more than one month to complete.

What other advice do I have?

I'm just a customer. I'm using the latest version of the solution. I'm using the F-series. Previously, I used the E-series.

We use the on-premises version of the solution as Fortinet does not yet support the cloud.

I am not an organization, I am in IT support. I have my own agency for installing such devices. I use it for some universities which is more than 10,000 students in some cases. I also use it in some factories which have four to five users. It works just as well for small and medium-sized companies as it does for enterprise-level organizations.  

I would recommend the solution to others for sure.

Overall, I would rate Fortinet's solution at a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Anderson Clivati - PeerSpot reviewer
Specialist of IT Solutions at INTERNEXA
Real User
Great anti-malware and web filtering features

What is our primary use case?

We primarily use this solution as a security perimeter and for VPN. We are partners of Fortinet. 

What is most valuable?

I like the anti-malware and web filtering features. 

What needs improvement?

The solution could be more evenly structured and I'd like to see orchestration in the calls included. The solution currently lacks that feature. 

For how long have I used the solution?

I've been using this solution for 12 months. 

What do I think about the stability of the solution?

The stability is great. 

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and technical support?

The technical support is good. We rely a lot on the documentation which is a good standard. 

Which solution did I use previously and why did I switch?

I previously used Meraki but I prefer Fortinet for its value and software capabilities. It's better than any of the other products in this field. 

How was the initial setup?

The initial setup is very easy. Deployment time depends on the complexity of the situation. 

What's my experience with pricing, setup cost, and licensing?

We pay an annual license fee - I get a good price on this product.

What other advice do I have?

I would rate this solution an eight out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Network Engineer at a manufacturing company with 5,001-10,000 employees
Real User
A highly-effective firewall but some evolution is required

What is our primary use case?

Foremost, we mainly used it as a firewall. we also use it for low sharing between circuits.

What is most valuable?

It's great for capturing the traffic and troubleshooting it.

For how long have I used the solution?

We used Fortinet FortiGate for one year.

What do I think about the scalability of the solution?

Fortinet FortiGate is both scalable and stable.

How are customer service and technical support?

We used a different party for support — they were pretty good.

How was the initial setup?

Deployment was very easy.

What's my experience with pricing, setup cost, and licensing?

I think the price of Fortinet FortiGate is very reasonable.

What other advice do I have?

We were not able to build a full-mesh VPN; however, I am not sure if this was the fault of Fortinet FortiGate.

On a scale from one to ten, I would give Fortinet FortiGate a rating of seven. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
GM: Information Systems at a logistics company with 501-1,000 employees
Real User
Top 10
Its stability is the most valuable, and it is also scalable

What is our primary use case?

We use it to create a WAN. We also use it for the UTM firewall.

We don't have the latest versions. We've got the 60Ds and 30E products.

What is most valuable?

Its stability is the most valuable.

What needs improvement?

It should provide better visibility over the network and more information in the form of reports for the end users. Its installation should also be easier.

For how long have I used the solution?

I have been using this solution for about three years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is scalable. We use it at five sites, and all in all, we have around 300 users.

How are customer service and technical support?

We don't deal with Fortinet.

How was the initial setup?

It was complex for me, but it was quick.

What about the implementation team?

We had to use an outside resource to set it up.

What other advice do I have?

We are going to move over to Meraki, so we won't be using this solution. I would recommend this solution to others, but it is a matter of preference.

I would rate Fortinet FortiGate an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Officer / General Manager Software R&D Laboratory at a manufacturing company with 501-1,000 employees
Real User
Easy to use with good GUI and an easy initial setup
Pros and Cons
  • "The usage in general is pretty good."
  • "The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work."

What is our primary use case?

We primarily use the solution for the VPN.

What is most valuable?

The initial setup is pretty easy, at least if you are looking to take advantage of basic functionality.

The usage in general is pretty good.

The GUI is pretty good.

What needs improvement?

The support could be improved upon somewhat.

The performance could be a bit better. Right now, I find it to be lacking. Having good performance is very important for our work.

The command line operation is a bit out of our depth.

For how long have I used the solution?

We've been dealing with the solution for about two years.

What do I think about the stability of the solution?

The solution is quite stable. We don't have issues with bugs or glitches. For us, we haven't had problems with crashing or freezing. It's been working well for the most part.

What do I think about the scalability of the solution?

I can't speak to the scalability. I've never attempted to scale and therefore don't have a sense of how well the solution would take to it.

We have about 30 engineers that work with the solution currently. I'm not sure, however, if there are any plans to increase usage in the future.

How are customer service and technical support?

The support wasn't the best. We weren't too satisfied with the level of service we were given.

How was the initial setup?

The initial setup was very easy and straightforward. It was not complex. We do, however, use the basic functionality and therefore we don't really get into much complexity during the implementation.

The deployment itself is rather quick and we were able to get everything sorted in about one day.

What's my experience with pricing, setup cost, and licensing?

The pricing isn't too bad. Right now, we find the cost to be manageable.

What other advice do I have?

We're just a customer. We don't have a special business relationship with Fortinet.

We're a development company. We sometimes use the cloud, however, we're open to other deployment models as well.

I've found the solution to be very good. Overall, I would rate it nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
NomanSaleem - PeerSpot reviewer
IT & PPN Coordinator at a manufacturing company
Real User
Highly rated, easy to manage, and pretty easy to set up
Pros and Cons
  • "The solution is very easy to understand. It's not overly complex."
  • "The solution needs to improve its integration with cybersecurity."

What is our primary use case?

Our organization has 45 branches. We use the Fortigate 200 models at our data centers and have centralized connectivity between our different branches and our data centers.

What is most valuable?

The solution is very easy to understand. It's not overly complex.

The product is user-friendly and easy to manage.

Fortigate overall has a very high security rating in Gartner. We feel safe under their security features. It has extended options as well, if you would like even more security for your organization.

What needs improvement?

The solution needs to improve its integration with cybersecurity. While in general, it's pretty good, this is always a concern as the landscape shifts constantly. They need to ensure they stay on top of things so that their security and integrations stay constantly up to date in order to protect our company. 

For how long have I used the solution?

We've been using the solution for seven to eight years. It's been quite a while. We have lots of experience with it.

What do I think about the stability of the solution?

The solution is quite stable. We don't have issues with the product freezing or crashing. We don't deal with glitches or bugs or anything of that nature. 

What do I think about the scalability of the solution?

The solution can scale if you need it to. That's not a problem at all.

We do plan on continuing to use the service going forward.

How was the initial setup?

The solution overall is very easy to understand. Therefore, the initial setup is not complex. It's straightforward. Even the configurations are good. An organization shouldn't have too much trouble with it.

How long it takes to deploy depends on  what you want to configure on a firewall. It depends on the policies being implemented. That definitely takes time depending on the company and what is being done. If you are familiar with all features and all the steps regarding how to create a policy and how to implement a policy, it is pretty easy and won't take too long. 

What about the implementation team?

I've handled the initial implementation myself many times. I don't necessarily need any outside assistance.

What other advice do I have?

Overall, I would recommend this solution. I'd rate it ten out of ten. We've enjoyed using the product and we appreciate its security features.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Owner at a consultancy with 1-10 employees
Real User
Top 5Leaderboard
Stable, easy to set up, and offers good ROI
Pros and Cons
  • "The ease of setting the solution up is a valuable aspect for us."
  • "The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."

What is our primary use case?

I specify, configure and deploy firewalls  in organizations with 500 or fewer employees and 15 or fewer sites.  Primarily I choose between Cisco, Sonicwall and Fortigate small and medium sized appliances.  Occasionally I deploy virtual appliances in AWS.   I prefer to use Fortigate firewalls for several reasons- remote access is simple and the included client works with MacOS Windows and IOS devices.  The level of security works well for most clients and the authentication with AD/LDAP makes the solution easier to deploy.  I also find that the clients  appreciate the lower price point than other vendors.

How has it helped my organization?

We have a standard build. We give the client the laptop, and, especially with the pandemic, we send them home with the laptop or FedEx the laptop already configured, and the user is ready to go. 

I don't even need to know the client's password. I can just install the software and create a profile. The client fills the profile in with simple instructions, types in their password instructions, and connects it and they're good. It's really simple. 

That's why we have standardized recommending Fortinet. That doesn't mean that I don't support other solutions as well, however, the device that I like the best is the one that's easy to use for me and it's easy to use for the clients. The price point is not bad as well.

What is most valuable?

The ease of setting the solution up is a valuable aspect for us.

The most valuable aspect that differentiates it from other solutions is that the client (the SSL VPN client or the IP sec VPN client, the same clients) is included in the solution. We don't have to pay extra for the software and the clients. 

I have had some issues, but no more than others and I don't have to buy an expensive add-on license to do it and it's managed and it's updated automatically. That's the key thing, that the client is included and it updates itself so I don't have to do too much to manage it and it's very transparent to the end-user.

What needs improvement?

The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall. 

If I wanted a unified console, I have to pay extra. And that's the downfall. That's the only needed improvement that I would say for the Fortinet solution, is that they should have it web-based from the get-go. You should not have to buy an extra bundle or an extra device.

If I have to make an update to a web filter, and I have 12 devices, I've got to do it in 12 places. If I don't want to do that the client can pay for a pretty expensive device or virtual appliance that does that for them. It's like an expensive centralized management tool. That's the big downfall of Fortinet. It doesn't come included, you have to pay for it. Their web-based one, that's sort of just like an inventory manager. It's not really good for distributing roles. With Cisco, you don't have to do anything. The one from Aruba HD has one too. Fortinet should try to be similar to those options.

In the next release, it would be amazing if they could give a better tool for upgrading, so that if I upgrade from an older version to the other, it can read the configuration and processes it for me so that I don't have to rewrite it from scratch. In FortiConverter, they have a tool like this, however, it doesn't work well. It's really more for bringing items in from other vendors, not from one version to the other.

That was my last experience where they operated from version five to six. However, that's really the only big thing. The main thing is to include the FortiManager cloud software like Cisco does. To have one solution. If you paid $150 a year for the support, you might as well get that too so I could manage all the devices at one spot. They do have FortiCloud, however, it's not the same as the way Cisco does it. They are selling another product called FortiManager. FortiManager should be included with the support, and that would make it more of a business solution, rather than a feature request.

For how long have I used the solution?

I would say that I have been using the solution for over 10 years. It's likely been between 10 and 15 years at this point.

What do I think about the stability of the solution?

Fortigate firewalls are very reliable- in the past 15 years I believe only 2 devices in a 100 have failed.  The failures were due to harsh environments (dust and water will ruin any electronic device).  The input I can give to any technology person or client looking to choose a firewall / threat management device I would highly recommend the stability / reliability of fortigate.  Once installed it will do it's job efficiently and effectively for several years.

What do I think about the scalability of the solution?

I will tell a client not to go with Fortinet if they have no firewall or they have a very, very old firewall. If this is from scratch, I'd say let's not go with Fortinet, let's go with Meraki if you have the money. I always say create the budget for it if you have a lot of sites, as Cisco does a better job if you have a lot of sites. If you have two sites, then it's fine to go with Fortinet. It'll scale to that scale. However, if you want to go over a couple of sites, it's not the best option.

How was the initial setup?

The solution's initial setup is straightforward. It's actually gotten better. I got good at doing it from scratch from the command line, or even from the GUI with all the 50 steps to set up stuff. However, now they're wizards and it's much better. It was the thing that probably a lot of people commented on initially, and they just worked hard to fix it. They updated the software from version four to five to six. They did a good job at making it easier.

What was our ROI?

If the client had a lot of downtime or a lot of issues with older equipment, or they did not like the fact that they had to pay every year just to be able to use the device, then the return on investment of spending $900 for a Fortinet 60E per site for a three-year contract will hands-down beat pretty much anybody. 

It is definitely set it and forget it. There's very little input. You'll save money on consulting. If you were to call me and you're doing Juniper or you're doing Palo Alto, there's a lot more configuring and it's a lot harder to add stuff and therefore, as a consultant, I make more money, and I'm being serious. Once I set up a Fortinet I really don't have to touch it for years.

Maybe I have to log in to check that I need to do an update, however, in that case, they usually send me an email saying hey, your license key is up and maybe you want to buy a new one. I take the old one out and put a new one in, that's when I get paid again. It's boiled down to that. 

What other advice do I have?

I'm not only an authorized reseller. I am a consultant that uses their equipment and recommends them on a routine basis. I am not a Fortinet partner, however.

I use a series of FortiGate products, including the 60, the 90, and the 100. Some of them are E's, some of them are S's; it all depends. However, they have pretty much the same user interface.

If a company is considering the solution, I'd advise that they consider purchasing the FortiManager if they really like the feature set and the way that Fortinet works. For example, a company we work with has these large scale solutions, and they use FortiManager. If you're a very large implementation, definitely look into Fortinet. If you're small, for example, under 20 devices, consider joining Cisco Meraki as it's so much easier. That's what I would tell any client. 

FortiManager and FortiGate are really good. If you like the way the GUI works it's more flexible than Cisco. There are more bells and whistles, however, Cisco is going to be the way to do it if you're going to do 50 sites. If you were to do a lot of sites, consider Cisco. If not, you can do Fortinet.

At the end of the day, the solution is very flexible, and if the client has special business partners that want a special type of nailed up VPN or special configuration for the clients, it offers that. The lesson I learned using the solution was to go with the solution that's most flexible for the client and at the same time is as low touch as possible. That's why I've standardized on FortiGate, as it's low touch for me and I'd rather spend time fixing other stuff or troubleshooting the other problems for clients than this particular solution.

You want to spend less time fighting with your remote access solution or your firewall solution and work on other problems. It should not be a difficult thing, and yet, a lot of people struggle with that. Especially today with the pandemic, they have to be able to have access to their stuff and that's crucial. That's the biggest takeaway. Is it easy to manage it, is it easy to connect? If so, it's worth the investment.

I would rate the solution nine out of ten. If they included FortiManager in their offering, I'd give the product a perfect ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Junior Support Analyst at a pharma/biotech company with 201-500 employees
Real User
A superior solution for endpoint security

What is our primary use case?

We use this solution for marketing and manipulation purposes.

Within our organization, there are roughly 500 people using this solution.

At the moment, we don't have any plans to extend our usage of this solution — currently, we are happy with the way things are.

What is most valuable?

The next-generation firewall is great.

What needs improvement?

The captive portal could be improved.

For how long have I used the solution?

I have been using this solution for four years.

What do I think about the stability of the solution?

This solution is very stable.

How are customer service and technical support?

I have never had to contact customer support. We have a team that handles all of the troubleshooting; however, they do provide excellent documentation.

How was the initial setup?

The initial setup was very easy.

What about the implementation team?

At the moment, we don't have a deployment strategy.

We have a team of three people who handle all maintenance-related issues.

What other advice do I have?

Overall, on a scale from one to ten, I would give Fortinet FortiGate a rating of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Pier Andrea Gabutto - PeerSpot reviewer
Owner at Gabutto MArket
Real User
Stable and useful for intrusion prevention, VPN, and anti-malware purposes
Pros and Cons
  • "We are using the FortiGate 100D series. VPN, firewall, anti-malware, OTM, and intrusion prevention are useful features."
  • "It should have a better pricing plan. It is too expensive. It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server."

What is most valuable?

We are using the FortiGate 100D series. VPN, firewall, anti-malware, OTM, and intrusion prevention are useful features.

What needs improvement?

It should have a better pricing plan. It is too expensive. 

It should also have a more granular view of the attack. I don't have FortiAnalyzer, and it is difficult for me to have a complete view when there is an attack on my server.

For how long have I used the solution?

I have been using this solution for six years.

What do I think about the stability of the solution?

It is stable.

How are customer service and technical support?

I don't have any experience with their technical support. My partner contacts them for me.

How was the initial setup?

Its installation is not easy for me because I handle some other work, but I have two partners. One of them is very skilled at using FortiGate, and it took him a day to deploy it. After that, it took us a week to set all parameters and check all parameters and firewall functions.

What's my experience with pricing, setup cost, and licensing?

It is too expensive for us. My organization is very small, and we have a total of ten users. We have three internal users and seven external users. The FortiGate 100D series is too expensive for renewing the licenses.

What other advice do I have?

I would recommend this solution if you can afford it. I would rate Fortinet FortiGate a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sales engineer/Technical support engineer at Vietnet
Real User
Top 10
Offers SD-WAN functionality with security features in one device
Pros and Cons
  • "The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy."
  • "The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and for the security policy. They should also improve the SD-WAN function."

What is our primary use case?

I deploy SD-WAN and we use it for a next-gen firewall.

What is most valuable?

The SD-WAN function is very developed. It has SD-WAN functionality with security features in one device. We can manage from one single console SD-WAN and the security policy. You don't need to buy two separate devices for two functionalities. 

You don't need to spend your time on both devices for an SD-WAN and a security firewall device. You only need to manage in one console

What needs improvement?

The central management for the FortiGate Fortinet Firewall needs improvement. They have the manager to do the essential management for both SD-WAN and the security policy. They should also improve the SD-WAN function.

For how long have I used the solution?

I have been using FortiGate for five years. 

How are customer service and technical support?

Their support is good. They are experts. 

What's my experience with pricing, setup cost, and licensing?

I think the pricing is fair. 

What other advice do I have?

I would rate FortiGate an eight out of ten. They should improve the SD-WAN and central data management center.

Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
PeerSpot user
Senior Information Technology Auditor at a financial services firm with 1,001-5,000 employees
Real User
User-friendly, easy to operate, reliable, and easy to set up

What is our primary use case?

We use it as an end-server and to block traffic.

What is most valuable?

It's user-friendly and easy to operate.

What needs improvement?

The command line is complicated, and the interface could be better.

For how long have I used the solution?

I have been working with this solution for three years.

We are using the latest version.

What do I think about the stability of the solution?

It's a stable project. We plan to keep using it.

What do I think about the scalability of the solution?

This solution is scalable.

We have 300 users in our organization.

How are customer service and technical support?

Technical support is a local vendor. We are satisfied with the support that we have received.

Which solution did I use previously and why did I switch?

Previously, we used a MikroTik firewall.

How was the initial setup?

The initial setup is not complex, it's easy. It took 30 minutes to deploy.

It only requires one person to deploy and maintain.

What about the implementation team?

We have a vendor to support us.

What other advice do I have?

There is really nothing to complain about with this product. It's a very good product to use, and it has just started to get the top ratings for firewalls.

This is a good product and I would recommend it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
CIO at a manufacturing company with 201-500 employees
Real User
Scalable and stable, fair pricing, and the VPN helps us with global site connectivity

What is our primary use case?

We are using this solution to filter communication to and from the website or our site. 

We also use it to create a VPN connection for all of our sites in the world.

What is most valuable?

I like that they have given me a solution at a fair price.

What needs improvement?

The user interface could be improved.

For how long have I used the solution?

I have been working with FortiGate for more than ten years.

What do I think about the stability of the solution?

It's a stable solution, we have not had any issues. It works.

What do I think about the scalability of the solution?

It's a scalable product. We have 600 users in our organization.

How are customer service and technical support?

We have not contacted technical support. We have been fortunate in that we did not have any issues that needed it.

How was the initial setup?

I am working as a manager, and I am not doing any of the configurations.

We only require one person for the maintenance of this solution.

What's my experience with pricing, setup cost, and licensing?

The pricing is fair.

What other advice do I have?

I would recommend this solution to others who are interested in using it. That said, nothing is perfect and there is always room for improvement.

I would rate Fortinet FortiGate an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Firewall Engineer at a marketing services firm with 1-10 employees
MSP
Top 5Leaderboard
Scalable solution with a straightforward setup

What is our primary use case?

I use the solution primarily for the VPN connections in local area. In some cases, I use it at universities in order to secure the local network in the university, such as servers and backup devices.

I have also used the solution as a load balancer and the EMS functionality, which I use as a controller for wireless devices.

What needs improvement?

The PPPoE server protocol with a connection to a Radius server is used a lot by ISPs and not so much by the end user. I think it would be great to see this solution with the protocol developed for ISPs.

For how long have I used the solution?

I have been using the solution for more than two or three years.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and technical support?

There are some problems that support cannot give you a logical reason as to why it happened. For example, I had a case where I was dealing with a WhatsApp application that was giving issues. Technical support gave more than one reason it could be giving issues, but none of them solved the problem. Eventually I solved the problem, but it was far from the solutions that support had given.

Which solution did I use previously and why did I switch?

Before choosing Fortigate, I was using Cisco and pfSense.

How was the initial setup?

The initial setup was very easy and straightforward.

The time it takes to setup the solution depends on the case. It may take less than a day or more than two months, it depends on the technology that is being used. For example, a hospital I am working with has 20 switches with two firewalls, but there are issues in the physical place and not in Fortinet. In this case, the environment limits the speed of setup.

What other advice do I have?

I would rate FortiGate a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Jeff-S - PeerSpot reviewer
Jeff-SUser at SRPS, LLC
User

How are these are unbiased reviews?  It's Fortinet Fortinet Fortinet.  There is very little concrete details.  I distrust user reviews in general because they can easily be coaxed / paid.  Most of these supposed reviewers demonstrate they aren't actively involved in using / managing the device.  In the "Sonicwall vs Fortinet" under the guy who chose Sonicwall after looking at Fortinet talks more about what is good about Fortinet than he does about Sonicwall!  It will be interesting to see if my comments here stick.

Ariel Lindenfeld - PeerSpot reviewer
Ariel LindenfeldDirector of Community at PeerSpot
Community Manager

@Jeff-S Thanks for commenting. Reviews on IT Central Station are written by users with a varying range of experience, ranging from those who have daily hands-on experience to those that interact with the solution on a less regular basis. We have a strict policy whereby we do not offer gift cards or incentives in return for providing reviews.
Ensuring reviews are only written by real users is a core value of ours. We only publish reviews from users who have used the solution in the past 12 months. We prefer to err on the side of caution and not publish reviews that are suspected of being bogus unless we can confirm that the reviewer has experience with the solution.
You can learn more about our guidelines here: 
www.itcentralstation.com/guidelines

PeerSpot user
Technical Lead at a tech services company with 10,001+ employees
Real User
Top 5
Stable with good technical support and very good UI
Pros and Cons
  • "The user interface (UI) is very, very good."
  • "The search tool needs improvement. It's very difficult to search for policies right now."

What is our primary use case?

We primarily use the solution for the firewall. We use it for a perimeter firewall or access firewall inside the network to allow some zones to be disabled from one zone to another zone. 

What is most valuable?

The stability of the solution is excellent.

The user interface (UI) is very, very good.

What needs improvement?

The search tool needs improvement. It's very difficult to search for policies right now.

When we need to engage with the endpoint or our customer during an investigation, there should be a way to investigate the issues without the need for the customer to be present. It would make it much easier.

For how long have I used the solution?

We've been using the product for the last few years.

What do I think about the stability of the solution?

We find the solution to be quite stable. It's very reliable. We don't have to worry about bugs or glitches on the system. It doesn't crash or freeze.

What do I think about the scalability of the solution?

We have more than 7.000 users on the solution right now.

We do plan to continue to use the solution going forward.

How are customer service and technical support?

The technical support is very good. We're quite satisfied with the level of support we receive. We find them to be knowledgeable and responsive when we have issues. 

Which solution did I use previously and why did I switch?

Before using FortiGate, we used Cisco. However, we found the Cisco solutions to be unstable and we needed to move away from them. We do still have some legacy Cisco solutions, however. We find they work better now, with FortiGate.

How was the initial setup?

We didn't have a problem with the installation. It wasn't complex in any way. We found it to be quite straightforward.

The deployment process was very fast. It took less than a day for us to do everything we needed to do.

In terms of maintenance, we have eight people taking care of the troubleshooting of tickets.

What about the implementation team?

An integrator helped us with the implementation process they were very helpful and extremely knowledgable. We had them in case something we wrong, however, nothing has gone wrong so far.

What other advice do I have?

We're a service provider. We work with clients that use the solution.

We utilize both the 1500 and 3000 series of the product.

I would definitely recommend this solution to other companies to use. We've had a good experience overall.

In general, I would rate the solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Thameem Ansari - PeerSpot reviewer
Senior solution architect at a comms service provider with 51-200 employees
Real User
Top 5Leaderboard
Flexible to use and easy to set up
Pros and Cons
  • "It is very flexible to use."
  • "It is stable, but its stability can be improved."

What is our primary use case?

The typical next-generation firewall use case is to restrict access to the users by using a firewall.

What is most valuable?

It is very flexible to use.

What needs improvement?

It is stable, but its stability can be improved. 

For how long have I used the solution?

I have been using this solution for maybe four or five years.

What do I think about the stability of the solution?

Its stability is just okay. It should be better.

What do I think about the scalability of the solution?

The scalability of the device is limited.

How are customer service and technical support?

Technical support is okay. They could be more knowledgeable and faster.

Which solution did I use previously and why did I switch?

I was using Sophos. We switched because it was very unstable in terms of both software and hardware. I found a lot of vulnerabilities. Even though they provide a lot of features for a minimum cost, these features don't do what they are supposed to do.

How was the initial setup?

The initial setup was easy. The deployment duration depends on the situation. I have done the installation in one to three days.

What about the implementation team?

I installed it myself. You just need one technical guy to maintain and manage the firewall. It is a small product for 200 to 500 users.

What's my experience with pricing, setup cost, and licensing?

It has a competitive price. 

What other advice do I have?

I would recommend this solution. We plan to continue using it. Even though it has a few stability issues, its price is competitive. 

I would rate Fortinet FortiGate an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Chief Information Officer at a analyst firm with 10,001+ employees
Real User
A stable and scalable solution but the setup is pretty complex and not easy to implement

What is our primary use case?

We use it for our paralegal security, our internet operations, and network zone segmentation.

What needs improvement?

It could be more stable and secure. They can improve the ability to make changes, change requests, and provide more rounded monitoring in terms of security and potential threats.

For how long have I used the solution?

My team has been using Fortinet FortiGate for a few years.

What do I think about the stability of the solution?

Fortinet FortiGate appears to be stable. 

What do I think about the scalability of the solution?

Fortinet FortiGate appears to be scalable. 

Which solution did I use previously and why did I switch?

We previously used Palo Alto.

How was the initial setup?

The setup is pretty complex and not easy to implement. 

What about the implementation team?

Implemented by our in-house team. 

What other advice do I have?

I would give Fortinet FortiGate a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Information Security at a financial services firm with 51-200 employees
Real User
Great web tutor and automated rules by schedule features
Pros and Cons
  • "The web tutor and automatic rules by schedule are good features."
  • "They've become quite expensive."

What is our primary use case?

Our primary use case of this solution is for the UTM it offers and the access to VPN. We have branches in Rio, Singapore and the UK. I'm an information security manager and we are customers of Fortinet. 

What is most valuable?

The most valuable features for me are the web tutor and the automated rules by schedule - the VPN itself. 

What needs improvement?

Fortinet is huge in today's market and they've become quite expensive. I think there are products at the same level as Fortinet, but with better prices. They've changed their subscription plan and are now forcing companies to subscribe 24/7. 

For how long have I used the solution?

I've been using the solution for around five years. 

What do I think about the stability of the solution?

We never had any issues or problems related to stability. 

What do I think about the scalability of the solution?

There are other products on the market that are a little better than FortiGate in terms of scalability, but in general it's a good solution. We have about 200 users in the company. 

How are customer service and technical support?

We didn't need to contact technical support very much. We had a local partner and if there were problems we contacted them directly.

How was the initial setup?

The initial setup was straightforward. We were implementing on a large project and it took a weekend to completely deploy with all the features, connections and everything. 

What other advice do I have?

They have very good documentation and if you've had experience with other products I'm pretty sure that you'd be able to deploy just by reading the documentation.

I would rate this solution an eight out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Effort Moyo - PeerSpot reviewer
Technical Services Manager at ProComm technologies
Real User
Top 5Leaderboard
Helpful SD-WAN feature for uptime and privatizing applications, but needs better stability and integration
Pros and Cons
  • "The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network."
  • "It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can."

What is our primary use case?

We're using it as an edge or a perimeter firewall. We have also used it to segment our LAN in terms of the endpoints and the servers, and we're also using it for remote access using SSL VPN. We have two other sites that we connect through FortiGate by using an IPSec, and we have integrated it with FortiAuthenticator for two-factor authentication and FortiAnalyzer to analyze logs and things like that. We are currently using the FortiGate 1200D series and running the latest software.

What is most valuable?

The SD-WAN feature is the most valuable. This feature evolved from link load balancing. It has helped us in terms of our uptime and privatizing applications whenever we experience an outage. The SD-WAN feature has been a plus for us. 

Two-factor authentication has allowed us to add more users in terms of remote working. We have two-factor authentication for remote workers to authenticate them before they get on the network.

What needs improvement?

It should be more stable. There should be full integration within Fortinet products themselves as well as with other third-party products. Especially when you're not dealing with SIEM and the correlation of the security box, we want Fortinet to be able to share that information with as many other products as it can.

For how long have I used the solution?

I have been using Fortinet FortiGate for four years.

What do I think about the stability of the solution?

In terms of stability, I would rate it a seven out of ten. It should be more stable. Sometimes when you do firmware upgrades, a feature that was previously working is broken. There are things like that, but I guess that can be taken care of by reading the release notes and seeing what changed in the firmware upgrades.

What do I think about the scalability of the solution?

It is highly scalable. A customer had about 500 users.

How was the initial setup?

The installation was straightforward.

What about the implementation team?

We deployed it ourselves. You just need one engineer for its deployment and maintenance.

What other advice do I have?

We are skilled in Fortinet and Check Point. For customers who specifically want Fortinet, we will continue to provide this solution. Our first preference is Check Point, but if a customer insists on Fortinet, then we can do a lot of integration there and incorporate other products like FortiNAC, FortiWifi, and so on.

I would recommend this solution to others. I would rate Fortinet FortiGate a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Deputy General Manager Information Technology at a media company with 201-500 employees
Real User
Top 20
Good filtering, ROI, and technical support
Pros and Cons
  • "We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall."
  • "The visibility of the network can be better. The GUI can be improved for better visibility of the network flow. Other solutions have better GUI in terms of network visibility."

What is our primary use case?

We use it for routing and restricting user access.

What is most valuable?

We use the filtering feature the most. It has filtering and inbuilt securities. We can create customized rules to define which users can access a particular type of site. We can create policies inside the firewall.

What needs improvement?

The visibility of the network can be better. The GUI can be improved for better visibility of the network flow. Other solutions have better GUI in terms of network visibility.

For how long have I used the solution?

I have been using this solution for maybe five or six years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

You can have the availability features. All the traffic goes through this firewall for access to the outside world.

How are customer service and technical support?

Their technical support is good.

Which solution did I use previously and why did I switch?

We were using some open-source solutions, and then we directly moved to firewalls.

How was the initial setup?

The initial setup was straightforward. It was completed in a month or so.

What about the implementation team?

We implemented it on our own. We are a small team, so a person with a few other duties also manages this solution.

What's my experience with pricing, setup cost, and licensing?

It is not a very costly product if you compare it with other products. The return on investment is also good. If you compare the return of investment and money that you are spending on this product with Palo Alto, Cisco, Check Point, and other solutions, the investment is very less. We are happy with this solution.

The optional licenses are there, and you can choose which one you want and which one to avoid.

What other advice do I have?

It is a fine solution. We have been using this solution for some years, and we are happy with it. We will continue using it unless the FortiGate solution is running itself in some other ways with new features.

I would recommend this solution. It is working fine for us. 

I would rate Fortinet FortiGate an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Rodolfo Bento Matos - PeerSpot reviewer
CEO e confundador at Infinity Learning
Reseller
Good application control features and very stable and reliable

What is our primary use case?

We use it to protect our or our customers' full environment by using features such as IPS signatures, VPN, endpoint protection, and antivirus.

What is most valuable?

The application control features, such as Facebook blocking and Spotify blocking, are the most valuable.

What needs improvement?

The license renewal process, annual renewal price, and the web application firewall features should be improved.

For how long have I used the solution?

I have been using this solution for two years.

What do I think about the stability of the solution?

It has been very stable and reliable. We are comfortable with its stability.

What do I think about the scalability of the solution?

It is good enough for us. We have about 15 employees who use this solution.

How are customer service and technical support?

I would rate them a nine out of ten.

How was the initial setup?

The set up was a little complex, but the interface and the process are user friendly.

What's my experience with pricing, setup cost, and licensing?

The license is too expensive to renew. The license renewal process is also complex. 

What other advice do I have?

I would advise others to use the documentation. The official documentation is very comprehensive and complete. I use the Cookbook Reference Guide.

I would rate Fortinet FortiGate an eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Solution Architect at a tech services company with 51-200 employees
Reseller
Easy to configure and manage, supports link load balancing, and it has superior throughput
Pros and Cons
  • "The most important feature, normally for small business customers, is link load balancing."
  • "If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement."

What is our primary use case?

We are a system integrator and Fortigate is one of the firewalls that we implement for our clients. I am a solution architect.

Our primary use for this firewall is the IPS.

What is most valuable?

One of the things I like best is the ease of configuration.

Management-wise, it is very good.

The most important feature, normally for small business customers, is link load balancing.

The firewall throughput is very good. Most of the customers in this region use FortiGate for their data center firewalls, and the main reason is because of its high throughput.

What needs improvement?

Fortinet is good in terms of security and threat prevention, but they are not leading. For example, the signature database can be improved.

If they had better integration with security products, such as Cisco ISE or Rapid Threat Containment, then it would be an improvement. Customers that have ISE implemented are able to provide inputs based on malicious traffic, and then ISE will automatically block it.

For how long have I used the solution?

We have been working with Fortinet FortiGate for the past two years.

What do I think about the stability of the solution?

Stability-wise, they are good at the job of a data center firewall. For a perimeter firewall, it is for smaller customers, preferably.

What do I think about the scalability of the solution?

The scalability depends on the design and how it was done. You have to think about the next five years. We get lots of new updates on the older versions and if the product is still in support then the new features will be included.

How are customer service and technical support?

The responsiveness of the support depends on the level of support that you have. If you have premium support then you will get immediate access to them. Otherwise, you have to wait for some time, perhaps an hour, before they get back to you.

On the technical details, there are different levels of access. Once you have engineer access then most of the cases are going to get resolved, or otherwise, they will go to their development team.

Which solution did I use previously and why did I switch?

In addition to FortiGate, we are using Cisco SFR.

How was the initial setup?

The initial setup is straightforward. We have field configuration guides that we follow and you don't need to have much in-depth knowledge to set it up initially. However, performing the fine-tuning requires that you have proper training on the device.

Deploying the firewall for a new customer will be completed within two to three days, or perhaps a week at the most.

What's my experience with pricing, setup cost, and licensing?

Compared to vendors like Cisco and Palo Alto, FortiGate is the cheapest. However, they only have a small segment of the market. Fortinet is trying to appeal to small and medium-sized customers, and I think that their prices should be a little lower for this segment.

On the high-end devices, it is fine. However, the problem is that their subscription price is very high. If you purchase a one-year subscription with the hardware and then you want to renew for the second year, it is very costly. Your whole price ends up being very high.

Which other solutions did I evaluate?

As a system integrator, we sell a lot of similar solutions from a variety of vendors. We have found that the Fortinet firewall has a much better throughput than that of the other vendors.

If a large customer is looking for a perimeter firewall then we suggest another vendor, such as Check Point or Palo Alto.

What other advice do I have?

FortiGate is a product that we recommend and we have migrated many customers from other vendors. FortiGate is a better option, although small customers don't care much about security. They only care about basic security. There are only a very few who are really concerned about it and most of them don't have a proper IT group in their company. 

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
System Administrator at a computer software company with 501-1,000 employees
Real User
Easy to configure and the technical support is good, but the newer versions have issues with stability
Pros and Cons
  • "The most valuable feature is the ease of configuration."
  • "One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support."

What is our primary use case?

We use this firewall as part of our security solution.

What is most valuable?

The most valuable feature is the ease of configuration.

What needs improvement?

There are a lot of known issues in some newer versions of the FortiGate operating system, so there is room for improvement with that. One of the problems I was having was with user mapping, and it is an issue for which I have escalated tickets with Fortinet support.

Having the newer features work in the older, more stable versions of the product would be great. Some of the new features might really help a lot, but there are problems with stability.

For how long have I used the solution?

I have been working with FortiGate for approximately two years.

What do I think about the stability of the solution?

There are a lot of new features built into newer releases, but there are not very stable. 

How are customer service and technical support?

The Fortinet technical support is awesome. They're handling my problem quickly and doing it well.

What's my experience with pricing, setup cost, and licensing?

The price is okay.

Which other solutions did I evaluate?

I have compared solutions from other vendors including Palo Alto.

What other advice do I have?

This is a good product, however, there is always room for improvement.

I would rate this solution a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Director at a tech services company with 51-200 employees
Reseller
Top 20
Good pricing with very good threat and content filtering switches
Pros and Cons
  • "The solution has very good threat and content filtering switches."
  • "It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example."

What is our primary use case?

We have used the solution as a perimeter firewall. We are using it as an anti-ATP solution also.

What is most valuable?

The firewall features are pretty good. 

The solution has very good threat and content filtering switches.

The initial installation is fairly easy.

What needs improvement?

I'm from the sales side and therefore I wouldn't really know if there are features that are lacking.

It's my understanding that more of the current generation features could be brought in. There could be more integration with EDRs, for example.

For how long have I used the solution?

I've been using the solution for two or three years. It hasn't been too long.

What do I think about the stability of the solution?

The solution is stable. It doesn't have any issues with bugs and glitches. It doesn't crash and freeze. It's very reliable.

What do I think about the scalability of the solution?

Since we are integrators, this product gets sold to people who have a minimum 25 and up to 600 users.

At the moment, we don't plan to increase usage.

How are customer service and technical support?

The technical support is very good. We're satisfied with their level of support. They are quite responsive and knowledgeable.

Which solution did I use previously and why did I switch?

We were previously using Sophos and Watchguard.

How was the initial setup?

The initial setup is not complex. It's pretty much a straightforward implementation. There aren't really any surprises.

The length of deployment differs based on the kind of policies a client would like to implement. If they are very simple policies, then there isn't a lot of work to worry about. However, if there are complex policies or multiple policies, it does take some time to get things up and running.

I didn't handle the installation personally, as I am in sales.

We have three or four people in our organization who handle maintenance.

What about the implementation team?

We have a systems integrator in-house that handles the deployment.

What's my experience with pricing, setup cost, and licensing?

The solution isn't too expensive.

What other advice do I have?

We're integrators. We help our clients with this solution.

We're using the latest version of the solution.

I'd recommend this solution to other users. 

Overall, I would rate the solution nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator.
PeerSpot user
Network Security Engineer at a performing arts with 201-500 employees
Real User
Top 10
Good interface with good reporting and useful templates
Pros and Cons
  • "There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth."
  • "There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering."

What is our primary use case?

We primarily use the solution as a firewall.

What is most valuable?

We use the firewall to enforce our company ideologies and principles and policies. The solution has built-in features for web filtering that are great. It categorizes it nicely for you. 

The interface itself is nice to work with. It's a lot better than the initial interface that they used to have around version four. I used to work for FortiGate some time back, and the earlier interfaces were not as good as these latest ones. 

I like that once you open it up, you have a dashboard that can give you a holistic overview of what is happening. You can see, for example, how your resources are doing on your firewall or if you still have disc space for logs and so forth.

The solution gives you an immediate view of what's happening on the hardware itself. What we have done with FortiGate is we have put up a FortiAnalyzer, a FortiGate reporting hardware. We are using it in conjunction with FortiGate. 

The solution offers good reporting. We get our reports from there. We have the opportunity to get real-time reports. 

There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth.

We have access to quite a few features. The web filter and application control are primarily what we are using. Then we also have a VPN feature, which allows for our remote users to connect and get through the firewall. 

What needs improvement?

The commercial side of things can be improved a bit. They have such a good product, and when you disable some features, it has to be commercialized for you to enjoy those features. Therefore, you are actually buying half a product. You have hardware there, and yet, your features are not enabled. The primary things, such as the antivirus, web filter, DNS filter, application intrusion, file filter, and email filter come with the general license. There are other things that you want to also enjoy in this system and you can't. 

There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering. That's one of the drawbacks they could look at. 

Sometimes the firmware automatically updates itself. Then it corrupts the configuration and you have to roll back or you have to do amendments to the configurations. That, however, has happened only once with us. We have put in controls for automatic updates to stop them and now we do manual allowance or we allow the manual update.

Most of the features are good. They give you pricing and you get a VPN for about 10 users where you can test it. For us, we feel that we need to buy extra licenses due to COVID, as people are working from home. Under the current conditions, we are not getting the best out of the firewall. 

They could just maybe put better graphics or better reporting into the solution. I want to know who is the user and what is the exact website they're visiting. Something like that would help. They should do more like what the GFI is doing.

For how long have I used the solution?

We've been using the solution for a bit over a year now.

What do I think about the stability of the solution?

6.4.2 is our current version. The latest is 6.4.3. It's available like I say, however, we have not installed it. We'll wait until around December, then we will then install that one. We like to wait to witness its stability. Once we know it is bug-free, then we allow it to run as the latest platform.

What do I think about the scalability of the solution?

We have a cluster and we have configured it with high availability. What we have done is we have put one primary and one secondary in case it breaks or it gets damaged. We have a third one at our DR site as well, which works in conjunction with Plateau. We have employed the same rules and some stricter rules on the DR site, just to allow traffic between these machines.

We allow certain times for updates on the infrastructure we have at the DR. We are planning some more, however, we don't enjoy all the features yet. We want to bring in an SD-WAN. Maybe that can also help us with scaling our network at different angles and from the cloud or being from an LD device or so forth. We're still working on that.

How are customer service and technical support?

We have a partner that we work with. We have support at another level and I'm the primary person that looks after the firewall. If I have an issue that is urgent and I don't have the time to do the knowledge base to actually turn it around, we usually engage our partner, which has engineers that have the knowledge necessary to deal with it and who are certified in FortiGate. 

We have what is called FortiCare. We have FortiCare support as well for firmware and general updates and all those other things. I normally do updates and so forth myself. It's very little intervention from outside technical support.

How was the initial setup?

Having background knowledge, the initial implementation was not really complex for me. You just need to know your environment and what is needed as well as what is allowed. 

The business input was the only item outstanding as there were issues such as who needs to have social media access at what time and who needs to have full access. Those were business decisions, however, but from the technical side, it was fairly easy.

What's my experience with pricing, setup cost, and licensing?

They have almost all the features embedded in the solution. It's just that some features are not available because you have to pay for it. There are lots of add-ons available, and you need to pay extra for them, so pricing can add up.

What other advice do I have?

We are strictly a government entity. We are a customer.

The model that we are using is the 500E, which is for small and medium enterprises. We are not a big institution. We do not have the latest version. We like to wait about three months before we apply anything new to make sure the early releases aren't flawed. After three months, after we've got a good review, then we will say, "Okay, let's upgrade to that version."

Even though we feel that sometimes they create a new version to take care of a vulnerability or threat, we like to be safe and avoid bugs. The version that we are fitting currently is 6.4.2, which is fairly stable.

Apart from the fact that they should just include everything in their offering, everything else works fine for me. There's a whole lot of Fortinet products that work together, FortiSwitches, FortiAP's, etc. Overall, I would give it eight of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Engineer at a comms service provider with 51-200 employees
Real User
Good performance and web filter capability

What is our primary use case?

This firewall is an antivirus, protects against spam, and is an IPS.

What is most valuable?

The most valuable feature is the web filter.

The performance is fine.

What needs improvement?

Some of the features in the graphical user interface do not work, which requires that we used the command-line-interface. We have problems with that.

Log retention should be greater than 24 hours.

For how long have I used the solution?

I have been using FortiGate for about eight years.

How was the initial setup?

The complexity of the initial setup depends on the implementation. There are some that are very simple, whereas others are complex.

What other advice do I have?

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
CEO at SAYCOM
Reseller
Intuitive, easy to install, with good reporting and support
Pros and Cons
  • "It's quite comfortable to handle the FortiGate firewall."
  • "Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it."

What is our primary use case?

We are resellers. We provide products and services to our customers.

It's not just one product. We have been using and installing different kinds of solutions for more than ten years.

What is most valuable?

I do remember that, of course, the interface was good. It's intuitive, and when we installed it together with access points, we could manage them from one place or from the cloud or from FortiGate itself. 

It's quite comfortable to handle the FortiGate firewall. The fact that we received reports by email, also good. All in all, it's quite a good product, of course, a very good product.

What needs improvement?

If it would integrate everything in one place then it would be an improvement.

I wanted to buy some switches and integrate them into the system, but we couldn't find anyone here in Israel to provide them or to provide support. Also, we could not get a replacement if something needed to be replaced. 

We wanted to use one vendor to do everything from one managed central management point. It may be something they offer now, but I am not sure.  

It would be helpful if we can have one easy place to manage, or from the cloud to all the devices that are at the client's location. This is the backbone, the switches, the access points, FortiGate, everything. 

Sometimes you do need to know some CLI commands, so it's a bit harder for technicians or new people that don't know it. 

So, if you could do everything without that, it would be much easier when you do V-LANs.

For how long have I used the solution?

We have been using this solution for a few years.

We are working with several versions because we install them for our customers.

What do I think about the stability of the solution?

It's a stable product.

What do I think about the scalability of the solution?

It fits for small and medium-sized companies. Regarding the very big ones, I don't know, I'm not in the enterprise market. But for our clients that are offices or companies that are sized between 20 users and 300 users, it's okay. It's good for them.

How are customer service and technical support?

When I contacted technical support a few times, they were good.

Which solution did I use previously and why did I switch?

Previously, we worked with Check Point.

They are both good products that are easy to use and have good support.

They're both good. I use them both, it depends on the customer, and what their requirements are. It also depends on which would give you the best value for the money at the time. I don't know how to say which one is better as a firewall. 

How was the initial setup?

The initial setup is easy.

What's my experience with pricing, setup cost, and licensing?

It's an expensive solution. The price should be lower.

What other advice do I have?

In the beginning, I would be the one who would install them, but later it will be our technicians.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
PeerSpot user
Branch Manager at a tech services company with 201-500 employees
Reseller
Top 5
User-friendly with an easy setup and a good user interface
Pros and Cons
  • "The initial installation is very straightforward."
  • "There are some cloud-based features that could be much more flexible than they currently are."

What is our primary use case?

We primarily use the solution for network security and security next-generation firewalls.

What is most valuable?

The solution is quite user-friendly. 

We find that the system interface is simple to navigate.

The initial installation is very straightforward.

What needs improvement?

There are some cloud-based features that could be much more flexible than they currently are.

It's my understanding that they are currently working on improving the cloud solution quite substantially.

For how long have I used the solution?

I've been using the solution for five years.

What do I think about the stability of the solution?

The solution is very stable. It doesn't have bugs or glitches. It doesn't crash or freeze. It's reliable.

What do I think about the scalability of the solution?

We find the solution to be quite scalable. If your organization needs to expand this solution out, you shouldn't have any problems doing so.

We have two or three different locations and have between 50 to 200 users amongst those locations.

How are customer service and technical support?

The technical support is very good.

Most of the time, whenever a ticket is opened and we reach out to support on behalf of our customers, they offer good advice and are very responsive. We're satisfied with the level of service we're provided. 

How was the initial setup?

The implementation is not complex. It's very straightforward to set up and does not take a lot of time to deploy everything.

That said, I did not handle the implementation myself, so I can't speak to more technical aspects of the job.

We had four or five resources that assist in network security and they all helped with the deployment.

What's my experience with pricing, setup cost, and licensing?

I don't handle the pricing side of the product and therefore can't speak to anything in regards to the licensing or costs.

What other advice do I have?

Although we largely handle on-premises deployment models, we have suggested cloud versions to our clients recently.

We are a solution-providing company, and we are offering products to our customers.

Although we really enjoy the solution, there's a lot of very interesting competition in the market. The competition is huge. As a partner of the product, we get a lot of questions we have to answer, and, to be honest, this solution isn't as strong in some areas as others.

That said, we would recommend the solution to others. 

Overall, I'd rate the solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Project Manager at a tech services company with 51-200 employees
Real User
Good pricing, good technical support, and fairly user-friendly
Pros and Cons
  • "The pricing is excellent. It's much less expensive than Cisco."
  • "The initial setup is complex."

What is our primary use case?

I'm primarily using the solution for security purposes, and also for managing the network for various companies. I am deploying it for uniting management statuses, in order to be able to manage everything inside and to control security policies. It can fight against attacks to the system or for email searches. It is basically a central management security appliance.

What is most valuable?

We find it's good for managing the network and offers good defense against attacks.

Technical support is great. It's really fast.

Overall the solution is pretty user-friendly. It has a good dashboard and is pretty easy to navigate.

The pricing is excellent. It's much less expensive than Cisco.

What needs improvement?

The only thing is sometimes you have to learn with CLI. For those not familiar with CLI it can be an issue. It would be ideal if we could avoid using CLI. If you make a mistake in the command line, it's harder to detect. It would be much better if they had a user-friendly GUI.

The initial setup is complex.

For how long have I used the solution?

I've been using the solution for five years.

What do I think about the stability of the solution?

The solution is very stable. You don't have to worry about bugs or glitches. I tend to wait and not upgrade to the latest version right away to ensure this is the case.

What do I think about the scalability of the solution?

The solution is scalable. If you need to expand it, you can. We have it at a variety of networks and sites with no problem.

We have 120 users that are connected to a minimum of 80 computers and a minimum of 15 servers, which is great. The solution is working and it is still stable even across all of these devices and servers. We have multiple networks inside as well, so we are not only on one network. We set them separately, which is why the initial setup for us was quite complex. We're through with that though.

How are customer service and technical support?

The technical support is pretty good. they're pretty knowledgeable and responsive, especially when you get to the Level 3 techs.

Which solution did I use previously and why did I switch?

We previously used CheckPoint. Unfortunately, they didn't have a very good service, especially in technical support, and therefore we decided to switch.

How was the initial setup?

For our organization, the initial setup was not straightforward. It was pretty complex. That's due to the fact that we had many networks to set up and many sites to take into account.

What about the implementation team?

We set up the solution ourselves, although we did work closely with Fortinet as part of their bundle package.

What's my experience with pricing, setup cost, and licensing?

The licensing is paid on a yearly basis.

Which other solutions did I evaluate?

I evaluated Palo Alto. They didn't have the complete solution we wanted. Neither did Juniper, which we also looked at. We looked into possible having Cisco, however, Cisco is too expensive. 

When we looked at Cisco, we also evaluated Meraki, which is a part of Cisco. It did not have what we needed either. 

What other advice do I have?

We are using the 200E in our environment. We had 200D before.

We're not using the latest version of the solution, which is 6.4. I like to wait on new versions to see if it is stable before deploying it. I like to take my time and avoid headaches where possible.

I would recommend the product to other organizations. It's got great bundle options which make it a very good choice - and it's much cheaper than Cisco.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Enterprise Service Manager at Technology Associates Limited
Real User
Easy to configure and very user-friendly, with a great graphical interface
Pros and Cons
  • "It's very fast and easy to configure."
  • "The performance and speed are aspects of the solution that could always be improved upon."

How has it helped my organization?

Unlike Cisco, which is expensive, or Sophos, which has performance issues, Fortinet offers a good product with no bottlenecks.

What is most valuable?

The UTM and security features are the solution's most valuable aspects.

It's very fast and easy to configure.

The solution is extremely user-friendly.

The graphical interface is great.

Now, we are able to optimize the bandwidth. We have the level of control to be able to block specific sites - like YouTube, Facebook etc.

What needs improvement?

The performance and speed are aspects of the solution that could always be improved upon.

For how long have I used the solution?

We've been using the solution for the last two years.

What do I think about the stability of the solution?

The solution is very stable. We haven't experienced any issues in the last two years. It's reliable. There aren't bugs or glitches. It works well.

What do I think about the scalability of the solution?

We have 400 users covered under the firewall and 50 employees. We've never had issues with scaling. It shouldn't be a problem. However, it's not something we actively measure.

We plan to increase usage and to continue to use the product for another three years. After that we may upgrade to a new Fortinet product or seek out a new solution, depending on the landscape at that time.

How are customer service and technical support?

We haven't really faced any technical challenges. We just install it and it runs perfectly. Therefore we don't really have any experience with technical support.

Which solution did I use previously and why did I switch?

Previously, maybe five to seven years ago, I had Cisco. We moved firewalls due to the fact that the renewal cost on Cisco was so high. At the time, we moved to Sophos. It was very good on the UTM side. However, there were performance challenges. That's why we switched to Fortinet. The internet speed is okay and there are no bottlenecks or major challenges.

How was the initial setup?

The initial setup is not complex. It's pretty straightforward. 

It's pretty simple for us as we're very familiar with the product. Every year we do a minimum one or two million dollars of business with Fortinet. At this point, my team is very experienced. 

It's very easy to migrate from other solutions and we can migrate within one day.

It's pretty plug-and-play. You can handle everything in an hour or two and then you can do the testing. It's very easy.

What about the implementation team?

We handle the implementation for our clients as we're Fortinet partners and well versed in the product.

What's my experience with pricing, setup cost, and licensing?

We received this solution for free because we are one of the leading and exclusive partners for Fortinet in Uganda.

What other advice do I have?

We're partners with Fortinet.

I'm not sure of the exact version of the solution.

Overall, I'd rate the solution nine out of ten. It's offered us a very stable VPN and we can access it from anywhere in the world. We're not facing any challenges whatsoever.

I'd happily recommend Fortinet to other organizations. It's one of the best products out there.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Ted De Vos - PeerSpot reviewer
President at simnet
Real User
Detailed analytics that integrates with SIEM products and has good support

What is our primary use case?

Typically, we use Fortinet FortiGate with edge devices for businesses. 

We also use them to integrate with a SIEM product and we use it for detailed analytics.

What is most valuable?

The most valuable feature of this solution is the analytics.

What needs improvement?

Quality control on their firmware versions needs improvement. When they introduce new firmware, there tend to be bugs.

I would like the licensing price to be better. It would be nice if it were less than 25 percent of the hardware costs.

For how long have I used the solution?

I have been using this solution for fifteen years. We are an MSSP.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

With respect to scalability, it's good.

We have 15 people using this solution in our organization.

How are customer service and technical support?

We contact technical support almost daily. They have good support.

How was the initial setup?

The initial setup was not straightforward but not too complex. It's a bit of both.

What's my experience with pricing, setup cost, and licensing?

For our organization, the licensing costs are approximately $7,000 per year.

Which other solutions did I evaluate?

Before choosing the Fortinet FortiGate, I evaluated other solutions.

What other advice do I have?

I would rate Fortinet FortiGate a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Director of IT with 51-200 employees
Real User
Good reliability and robust solution
Pros and Cons
  • "It's super reliable. I don't think I've ever had a reliability issue with it."
  • "Monitoring and reporting could be better."

What is our primary use case?

We primarily use this solution as a firewall.

It's our main firewall, but we're planning to replace it with a pfSense for reasons I will discuss.

How has it helped my organization?


What is most valuable?

It's super reliable. I don't think I've ever had a reliability issue with it. Within the four years that I've been using it, maybe two or three times, resetting the firewall was what solved the problem. It's been super, super solid. I never have to think twice. If I ever experience a problem, the firewall is the last thing I think about. I never need to check it because it's never the problem. It's just super solid. It's also pretty robust. I know that there are more robust solutions out there, but not by a lot.

What needs improvement?

In the enterprise proprietary world, Fortinet, in my experience, considering its cost and reliability (maybe they could bring the price down or maybe they could make more plans), I honestly don't think that there is much room for improvement. I think it's a pretty good solution for anyone who is looking for a proprietary solution. I wouldn't look anywhere else.

Cisco, for example, is probably way overpriced. Fortinet on the other hand, one of their strong sides is that they have an all-encompassing solution with a very reasonable price point. Cisco and other brands are a little bit more modular — to get everything you'd have to buy a lot of different packages.

An automated guide feature or templates that you could pick and choose would be a nice addition.

It's definitely not as easy to look at traffic as I would like. Sometimes when I'm trying to see what traffic has been blocked or what traffic has been passed, it's not as easy as I would like to filter it out or to monitor bandwidth.

The monitoring is not as good as it could be. It could be a lot easier to understand. For example, I was trying to figure out, in a given timeframe, how much was downloaded off of a certain interface and I didn't really understand how I could get that information or if it was even available. I was searching the documentation online and I couldn't even figure it out. Monitoring and reporting could be better; It's very good, but there's definitely a lot of ways to improve it.

For how long have I used the solution?

I have been using Fortinet FortiGate for four years.

What do I think about the stability of the solution?

Fortinet FortiGate is super stable, one hundred percent. Just works 24/7 without any issues like you would expect from an enterprise product.

What do I think about the scalability of the solution?

I know that it's scalable, but I don't actually have any experience regarding scalability. It's probably not as scalable as pfSense because pfSense is based on open hardware platforms. I definitely know that proprietary platforms usually tend to be less scalable because they're more constrained with licensing. The scalability in my opinion would be decent, satisfactory, but I believe pfSense is probably more scalable. I know that there are a lot of big corporations like Google and others that use pfSense. I don't know the details. I'm just giving my educated guess.

Which solution did I use previously and why did I switch?

I personally prefer pfSense as it's open-source and you only have to pay a minimal fee for support. But for people who want that platform, I think it's a great solution. If I wasn't using pfSense, I would definitely go with FortiGate.

The two products are completely different. If you're using pfSense, you're basically using the entire open-source world — so you're based on FreeBSD, you're using Snorts, everything is open-source. It's very easy to make modifications and to figure out what's going on. You're not dependent on your single company's documentation, there's a huge user base. It's very easy to modify and extend. You can see what's going on — it's very transparent in that sense. It's probably a little bit more manual. With pfSense, You have to put in a little bit more effort to get things done, but, in the end (aside from the huge cost savings), you get all the features that are available in an enterprise firewall for just the price of support, which is also very minimal.

If you need to make any tweaks, you can do it all yourself. If you need to tweak ciphers for SSL for compliance (for PCI, for security compliance) it's not a difficult thing to do; it's a fairly trivial task.

How was the initial setup?

I didn't set it up initially, but I did set up a lot of things from scratch. I think it could be more simple. When you're looking at a proprietary solution, usually it's aimed for end-users and they just want to do point and click. I believe in certain aspects, pfSense was simpler. I think there's maybe just a bit of a learning curve, but I guess you would experience that with any platform.

What's my experience with pricing, setup cost, and licensing?

I think that the pricing is fair.

What other advice do I have?

On a scale from one to ten, I would give Fortinet FortiGate a rating of nine.

Other than the price and the lack of extensibility and transparency (which is inherent in any proprietary platform); if you're going to compare it to pfSense, then I would not give it a nine. I would give it an eight, and I would give pfSense a 10. pfSense has its drawbacks, but not that many, in my opinion. 

Take the time to learn the platform and you won't run into trouble later. That's my advice.

Other than that, it's super solid, super reliable. It does the job.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Lenos Jacob - PeerSpot reviewer
Head of Customer Success at a tech services company with 51-200 employees
Real User
Straightforward to setup, good support, and offers good visability
Pros and Cons
  • "The most valuable features are the possibility of having one fabric for switching on security."
  • "I would like to see a more intuitive dashboard."

What is our primary use case?

We are system integrators, and this is one of the products that we implement for our clients.

The primary use case of this solution is as a firewall, with advanced capability features for sandboxing, for preventing ransomware and other related threats. 

What is most valuable?

The most valuable features are the possibility of having one fabric for switching on security.

They have the feature where the fabric and the security fabric can be extended. That gives us visibility as a single pane of logs for many of the activities.

What needs improvement?

I would like to see a more intuitive dashboard.

Technical support can improve in knowledge sharing and they can implement better.

The dashboard appearance needs to be more refined. It has to be smoother and more customer-friendly.

As the cloud is more prominent and more are moving towards the cloud, people are used to certain ease of doing things, and less complicated.

I understand that a firewall is a technical product, but we can try to make it a better customer experience which will increase usability with good results.

For how long have I used the solution?

I have been working with this solution for three years.

What do I think about the stability of the solution?

Fortinet FortiGate is a stable solution. We have not experienced any issues.

What do I think about the scalability of the solution?

It's a scalable product.

How are customer service and technical support?

Technical support is fairly good. We are able to get our message through, they look into our issues and provide us with a solution without any hassle.

I would rate technical support a seven out of ten.

To be better, they would need responsive pre-set activities to be more refined. They need to be in a position to give more modular solutions or more pre-defined solutions that are present.

How was the initial setup?

We did not have any problems with the implementation. 

The initial setup was straightforward.

What's my experience with pricing, setup cost, and licensing?

The Indian market is different than the European and American markets. When you compare, they need to be a bit more aggressive on pricing.

What other advice do I have?

We would recommend this firewall at any given point in time.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Chingiz Abdukarimov - PeerSpot reviewer
Director at a integrator with 11-50 employees
User
Don't underestimate FortiAnalyzer. It can give you a better understanding of what is going on in your network.
Pros and Cons
  • "Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network."
  • "I think there could be more QoS features"

What is our primary use case?

We used FG-90D as UTM device to protect some users and servers, and also to enable inter-vlan routing with advanced security policies inside our lab zone. Also used FG-500D in transparent mode in front of Cisco ASA for advanced and high performance protection by applying IPS, AV, AntiSpam, App.Control and DoS-protection profiles.

How has it helped my organization?

We have better manageability: opening and closing ports/services, adding addresses is done very quickly (can be done in single page of the web GUI).

It offers outstanding reporting tools when coupled with FortiAnalyzer (Fortinet's log collector and reporting tool) help meet compliance (there are PCIDSS, HIPAA and many more report types).

Better security posture: safe web surfing, less spam and viruses in incoming email messages, very granular AppControl, blocking vulnerability exploitation attempts and traffic anomalies by IPS, preventing DoS attacks by DoS policies.

What is most valuable?

Good VPN, both IPSEC and SSL (web-mode, tunnel-mode). An engineer/network administrator has tools to debug VPN issues that can occur during tunnel setup with other vendors' equipment.

SD-WAN feature at no cost. This is really great feature for remote locations (branch offices) and HQ, application steering between many ISP links becomes a simple task. Steering can be done dynamically by measuring link quality (latency, jitter, packet loss, available bandwidth).

Wi-Fi and Switch controller at no cost. FortiSwitch and FortiAP can become a kind of port extender of the firewall, all its ports can be referenced in firewall policies. When you have such management plane consolidation it gives you a simpler way to operate.

Security Fabric Framework is helping in analyzing sudden and rapid changes in whole infrastructure, and gives the ability to simplify daily operations (e.g. address objects synchronization between all firewalls in Fabric, estimating overall security rating, single-sign-on for admin access and many more)

Single Sign On support with deep LDAP integration (several variants for environments with different scales), RADIUS authentication.

Can work as transparent and explicit web-proxy, the last option supports Kerberos authentication which requires no agents installed on any windows server.

Human readable firewall policies with editable security policies and
addresses in single page. This is very useful and time saving feature.

Firmware upgrade process is very simple, even for cluster configurations it is fully automated by default.

Straightforward SNAT and DNAT; you may work in two ways: with Central NAT rules configuration and by applying translation directly inside firewall policies.

Bulk CLI commands are uploaded via gui in script file (portions of config file).

VDOMs are very useful when you need to grant admin role to clients separately. VDOMs in FortiGate can be represented in FortiAnalyzer's ADOMs (administrative domain), which can have different log storage policies, event handling and alerting configurations. You can create one VDOM working in NAT/Route mode, and another VDOM working in Transparent mode.

If you don't want to create and use second VDOM you can still transparently inspect traffic at layer 2 level while having only one VDOM in NAT/Route mode. This is achived by configuring Virtual Wire Pair ports that work like a separate bridge.

Ability to capture packets going through any interface of device (and VM too). You can set number of packets, filter out packets by IP and port number for particular troubleshooting purposes, then download a .pcap file from web gui and analyze it in your favorite programm.

Advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless and simple integration into a large network.

IPS, AV, Web Filter, AppControl profiles are working very well.

SSL Inspection and CASI (Cloud Access Security Inspection) profiles.

Rich logging options allow you troubleshoot most problems.

Straightforward HA with different redundancy schemas.

IPv6 support.

What needs improvement?

I think there could be more QoS features in GUI. FortiGate has Traffic Shaping feature that is enough in most cases when shaping egressing packets, but sometimes I just need 802.1p prioritizing (Class of Service) of incoming packets and manual ingress queue assignment. This is what would be nice to have, but I realize that such a job is more efficiently done by L4 switch standing before firewall. Fortinet has a FortiSwitch that can do it, and it also can be controlled by FortiGate via FortiLink protocol.

[Firmware version FortiOS 6.2 update]: There are a lot of improved and newly added things, so it is very hard to imagine any additional features.

For how long have I used the solution?

Four years.

What do I think about the stability of the solution?

Small models (up to FG-90) are build on SoC (System on a Chip), so they need to be mounted in places with enough airflow and right temperature, otherwise they could hang, slow down traffic processing, but more often you just can't log in to the device's web-interface (reboot won't help you until it cools down). Actually, that's not an issue. It is a technical requirement for operating environment to be 5-40 degrees (but at 35 degrees with poor airflow there may be issues mentioned above).

What do I think about the scalability of the solution?

For large scale deployment I would suggest to look at FortiManager, a central management point for large amount of FortiGates. I have tested the solution and found it quite useful. I could download configuration from any device and install edited list of policies to several devices simultaneously through a couple of clicks. Also I liked functionality of clearing out Address objects list from unused entries. It can be configured to be a central repository of firmware and updates, and a local rating server (url and antispam rating services) which can improve rating lookup latency value.

How are customer service and technical support?

Technical support is good (in average).

Which solution did I use previously and why did I switch?

We used an old IPS from Cisco. We switched because of End-of-Support on that device.

How was the initial setup?

Initial setup in plain networks is very straightforward. For large environment you should prepare beforehand, because FortiGate is a highly-tunable and feature rich product, so you must have a plan with many considered details.

What about the implementation team?

We did not engage a vendor team. Documentation is good enough to implement with an in-house team.

What's my experience with pricing, setup cost, and licensing?

Setup cost may be not so low, as you expect, because it depends on different factors, but TCO for 5 years may pleasantly surprise you.

Which other solutions did I evaluate?

Palo Alto, Cisco ASA, CheckPoint

What other advice do I have?

Many interesting things are hidden in CLI, they can help you in different situations. Web-interface (GUI) is primarily intended for day-to-day routine.

Don't underestimate FortiAnalyzer. It can give you a better understanding of what is going on in your network. When FortiGate sends logs to FortiAnalyzer, FortiAnalyzer inserts received log data into database. Predefined and customizable data queries, charts and reports can significantly help you by visualizing problem points, so you can thoroughly investigate security events and traffic behavior anomalies.

FortiGate is a constantly evolving product, so pay attention to FortiOS version it runs.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Lead Program Manager at a computer software company with 10,001+ employees
Real User
Top 5
A stable and easy-to-use virtual firewall solution
Pros and Cons
  • "The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that."
  • "FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and that presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate."

What is our primary use case?

We have both on-premises as well as virtual firewall servers. We have quite a few FortiGate firewalls as part of our infrastructure. We are using Check Point more from the perimeter perspective. It is only there on the perimeter.

What is most valuable?

The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. 

FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that.

What needs improvement?

FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. 

Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and their presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate.

For how long have I used the solution?

I have been using FortiGate for the last four to five years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

I currently have about 36 to 40 devices that are being used. We use a certain number of devices from business to business.

How are customer service and technical support?

We were not getting proper support from Fortinet. That's the reason we had to phase out FortiGate.

What about the implementation team?

We implemented it on our own. It took around one hour. We have one or two engineers for its deployment and maintenance. 

What other advice do I have?

We installed FortiGate four or five years ago. We are just phasing out FortiGate and not doing new installations of FortiGate. Whichever model is getting end of life, we're just replacing it with a Palo Alto device. We can use it in the future, but I don't see any presence of Fortinet in my company at this time. I see a lot of push from Palo Alto, Check Point, and other vendors, but I don't see Fortinet around at all.

With the current COVID situation, I don't know how FortiGate behaves when working from home, which is an entirely different concept. In other firewalls, we create HIP profiles and similar stuff, but I am not sure how FortiGate works in such an environment.

I would definitely recommend this solution, but I think Fortinet has to first create a presence. That is more important. Nobody says anything bad about the product. The product is still widely being used.

I would rate Fortinet FortiGate an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
System Administrator at a financial services firm with 5,001-10,000 employees
Real User
Affordable, simple, effective, and has good support
Pros and Cons
  • "The most valuable features are that it is very simple to configure and to manage."
  • "In the next release, maybe the documentation on how to use this solution could be improved."

What is our primary use case?

The primary use case of this solution is as a firewall.

How has it helped my organization?

The way the rules are created and set up on our firewall is very quick, very simple, and does not take a lot of time. It allows us to spend more time in other areas.

What is most valuable?

The most valuable features are that it is very simple to configure and to manage.

What needs improvement?

For me, this solution has nothing to improve and it meets the needs that I have. I don't see any way to improve, at least from my point of view on regular use.

In the next release, maybe the documentation on how to use this solution could be improved.

What I have noticed is that when we have done some configurations directly from the command line, there is not a lot of information regarding splitting.

For how long have I used the solution?

I have been using this solution for six years.

We are using the latest version.

What do I think about the stability of the solution?

This is a stable product.

What do I think about the scalability of the solution?

Fortinet FortiGate is very scalable.

How are customer service and technical support?

We are satisfied with technical support. We have not had any issues.

How was the initial setup?

The initial setup is very straightforward.

What about the implementation team?

We used a reseller to help us with the implementation.

What's my experience with pricing, setup cost, and licensing?

Pricing is very competitive. It's cheap for what it offers and for what it does.

It's very affordable.

What other advice do I have?

I would recommend this solution to others who are interested in using it.

Fortinet FortiGate is simple and effective.

I would rate Fortinet Fortigate a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Manager - IT at a computer software company with 201-500 employees
Real User
Top 20
Provides zero-day protection against undiscovered malware and vulnerabilities

What is our primary use case?

We are dealing in the payment business where we provide services to end-users, and FortiGate is part of our security solution.

The customers swipe their cards into our product, which transmits the data through another server to the acquirer or bank. The server is hosted behind the FortiGate firewall, so all of the traffic that comes in and out goes through the firewall policies, intrusion detection, and instruction prevention systems.

What is most valuable?

We use the FortiGate Sandbox to detect zero-day vulnerabilities, such as anomalies or malware, that are unknown and have not yet been discovered.

What needs improvement?

We would like to see a better training platform implemented.

For how long have I used the solution?

We have been using Fortinet FortiGate for the past five years.

What do I think about the scalability of the solution?

This is a scalable solution. We are able to integrate new products and different payment options. As new projects come in, we are looking for a hybrid setup that will incorporate the cloud.

How are customer service and technical support?

We have been in contact with technical support and I find them to be good. We've had no issues with them.

Which solution did I use previously and why did I switch?

We are continuing to use FortiGate but we are in the process of upgrading to the 200E and 300E enterprise firewall.

How was the initial setup?

The initial setup was complex. We had to connect it and set up the PCI DSS compliance. To maintain this, there are a lot of things that have to be done on a regular basis. This includes scanning and hardening the servers, then rescanning. Initially, it is very complex.

We have the FortiGate firewall in our environment, and we are using network segmentation. Based on the segmentation, there are policies. Based on the policies, the traffic to the critical components is monitored and goes through the IDS/IPS antivirus profile. We also have hosted applications, so a basic DDoS and WAP are configured.

What other advice do I have?

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
System Administrator at a media company with 11-50 employees
Real User
Provides a high standard of security for our clients
Pros and Cons
  • "We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days."
  • "We had a minor problem where there was a major system upgrade on the hardware platfrom and the Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved."

What is our primary use case?

I primarily use this solution for external security of our network.

How has it helped my organization?

We are a visual effects company, and there have been a number of high profile security issues in our industry. This has brought us to a higher standard of security, which our clients are very keen on these days. 

What needs improvement?

We had a minor problem where there was a major system upgrade on the hardware platform and the Apple Mac client was not available as soon as it might have been. The PC client was available immediately, but we had to wait a month or so, before there was a Apple Mac client. I was slightly irritated that it was not ready on time, but it was eventually resolved.

For how long have I used the solution?

Almost two years.

What do I think about the scalability of the solution?

Fortigate has more than adequate capability to cope with everything we require for the foreseeable future. 

How are customer service and technical support?

The support is very good, and we have had no issues. 

Which solution did I use previously and why did I switch?

Previously had a SonicWall. Even allowing for an upgrade discount on the SonicWall, the FortiGate was a more compelling purchase.

How was the initial setup?

It was fairly straightforward. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Miguel Ortiz - PeerSpot reviewer
Security Solutions Architect at Verizon Communications
Real User
Good VPN and DDoS capabilities with a low total cost of ownership
Pros and Cons
  • "Virtual Domains (VDOMs) are a feature that we found valuable."
  • "To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution."

What is our primary use case?

We are currently using manual router failover that can be configured on the Fortinet security appliance’s second network interface to provide network edge redundancy if the primary managed router fails. If the edge router fails, traffic can be moved to the security appliance with a simple cable swap.

We are looking for a fully redundant solution with automatic failover between both Fortinet Security appliances. I am currently looking at battle card information between Fortinet and Zscaler. I have to do a competitive analysis.

How has it helped my organization?

The low cost of ownership was a benefit with all of the features we wanted.    

Preconfigured images have been developed for quick deployment. However, if we need a custom policy or have to include an existing policy then that can be accommodated as well. 

What is most valuable?

Virtual Domains (VDOMs) are a feature that we found valuable.

We found the Firewall, VPN, Application Control, IPS, Fortiguard Web filtering, anti-botnet, FortiGuard, Anti Spam Wireless LAN controller, WAN optimization, vulnerability assessment, and endpoint control all to be valuable.

Fortinet certifications include NSS Labs for NGFW, firewall, IPS, SSL, antivirus, and antispam.

Fortinet provides a consolidated security platform for the market place and certifications with NSS labs prove their security assurance.

What needs improvement?

To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution. Fortinet claims to do everything Zscaler is capable of and I'm looking for a comparison between the supported features.

Fortinet VPN and DDoS capabilities are great, yet we need to provide a solution that enables CASB and integration to the cloud.

For how long have I used the solution?

We have been using FortiGate for three years.

How was the initial setup?

Fortinet is very easy to service and set up.

What's my experience with pricing, setup cost, and licensing?

Fortinet is the least expensive solution.

Which other solutions did I evaluate?

We are comparing the features of Zscaler vs. Fortinet. We are trying to determine what features Zscaler has over Fortinet and vice versa.

What other advice do I have?

Fortinet was initially scoped as 25 rules for small, 50 for medium, and 100 for large. We need to incorporate more rules but there would be additional professional services or staging services. We are looking to incorporate the cloud access with the Fortinet UTM solution.

Disclosure: My company has a business relationship with this vendor other than being a customer: Verizon is a reseller of both Zscaler and Fortinet.
PeerSpot user
it_user1296954 - PeerSpot reviewer
Senior Scientist at Ats, iNC.
Real User
Good SSL-VPN, anti-virus, and anti-malware protection

What is our primary use case?

FortiGate is used as the primary firewall and malware detection device for the company.

How has it helped my organization?

This solution allows solid VPN service for access from the field, and the anti-virus/anti-malware detection works well.

What is most valuable?

SSL-VPN is very useful for us and has been very reliable.

What needs improvement?

The user interface could be improved to make it less confusing and easier to set up. There are too many pull-down menus.

For how long have I used the solution?

I have been using FortiGate for five years.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Narendra Singh - PeerSpot reviewer
Solution Architect at Brillbean Ventures Pvt ltd
Real User
Good security, performance, and traffic inspection
Pros and Cons
  • "The most valuable feature is the VDOM, which allows the customer to have multiple firewalls in a single campus."
  • "Improvement is needed in the Web Filter quotas to restrict users with allocated quotas."

What is our primary use case?

I have deployed FortiGate with multiple organizations such as universities, government institutions, healthcare, and ISP providers. I have worked with FortiGate models 30-500 series and I have deployed the 3200D model for one of the broadband service providers located in India, Namely Sikka Broadband. 

How has it helped my organization?

I have installed the FortiGate 500 and 400D to replace a Sophos firewall in a main corporate office. This implementation provided improved network performance.

This solution made it easier to connect all of the branches together via an IPsec VPN and remote users with SSL VPN.

What is most valuable?

The most valuable feature is the VDOM, which allows the customer to have multiple firewalls in a single campus.

Using the FortiGate security solution provides comprehensive visibility and advanced layer 7 security, including threat protection, intrusion prevention, web filtering, and application control. They face a major complexity hurdle managing these point products with no integration and lack of visibility.

Thie solution provides a high-performance inspection of clear-text and encrypted traffic.

The FortiOS Operating system is robust, and the WAN load-balancing very much transparent.

What needs improvement?

Improvement is needed in the Web Filter quotas to restrict users with allocated quotas.

It would be an improvement to add a feature for active users to change/reset their own passwords.

Fortinet renewal prices for all models are too high, so they should offer discounts for customers on renewal. 

For how long have I used the solution?

I have been using this solution for almost seven years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Consultant at WorldNet ICT Solutions Limited
Consultant
Provides good security features, and generating FortiCloud reports is helpful to us
Pros and Cons
  • "The security features are about the best that I've seen anywhere."
  • "Technical support for this solution can be improved."

What is our primary use case?

We use this solution for our company firewall.

What is most valuable?

This solution has many good features. The security features are about the best that I've seen anywhere.

I really like the fact that I am able to generate FortiCloud reports.

What needs improvement?

FortiWAN was supposed to help in doing intersite linking, but we've realized that most of the ISPs use BGP. FortiWAN supports OSPF but does not support the BGP protocol. This is a problem for us because without BGP they are not doing anything, and we've had to pack them up. I would like to see the BGP protocol supported on FortiWAN.

Technical support for this solution can be improved.

For how long have I used the solution?

We have been using this solution since 2017.

What do I think about the stability of the solution?

The stability is very good.

What do I think about the scalability of the solution?

The scalability of this solution is fantastic.

How are customer service and technical support?

I've been in contact with technical support a few times and it is good. It might be better, but as far as I'm concerned, it's good.

How was the initial setup?

The challenge for the initial setup was at the ISP level. We have the Fortinet firewall running, but between the various sites, we wanted to implement FortiWAN. It didn't work because of the BGP issue.

What's my experience with pricing, setup cost, and licensing?

The pricing for this solution is good.

What other advice do I have?

This is a product that I recommend.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ibrahim El Sayed - PeerSpot reviewer
Network & Hardware Administrator at Nile Projects & Trading Co.
Real User
SD-WAN allows me to better manage and load balance our traffic

What is our primary use case?

We use this solution for securing and controlling our company, as well as to improve VPN services.

How has it helped my organization?

This solution has helped us by controlling our incoming and outgoing traffic. It blocks the vulnerabilities that can negatively impact us.

What is most valuable?

The most valuable feature is the SD-WAN because I can manage many lines and load balance them all.

What needs improvement?

I would like to have logs, monitoring, and reporting for a month without extra fees.

For how long have I used the solution?

We have been using this solution for more than eight years.
Disclosure: My company has a business relationship with this vendor other than being a customer: Fortigate
PeerSpot user
Network Engineer at Concentus
Real User
An intuitive user interface for our SOHO edge protection solution

What is our primary use case?

We use this solution for edge protection in SOHO and K-12 environments.

How has it helped my organization?

FortiOS has a very good, intuitive GUI.

What is most valuable?

This solution has solid UTM features combined with a nice GUI.

What needs improvement?

The Web-filter in this solution is not very good. Perhaps because Fortinet does not want to compete with its own dedicated solution.

For how long have I used the solution?

Three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
President at a tech services company with 1-10 employees
Reseller
A solution that impresses our customers and saves them money in the long run

What is our primary use case?

Our primary use for this solution is as an SMB boundary firewall, and we now use their Security Fabric.

How has it helped my organization?

This is a quality product with ok support, and it is better than the competition we've tried.

What is most valuable?

Security Fabric makes VLANs a breeze. It impresses customers, as well as saves them money over the long run when comparing apples to apples.

What needs improvement?

FortiOS is not simple. Too many people think it should be simple to use, but the complexity of the product makes that impossible.

For how long have I used the solution?

Seventeen years.

How are customer service and technical support?

The support for this solution is ok.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
User at GOldair Handling
Real User
Has a friendly GUI and CLI to access its many features

What is our primary use case?

We primarily use this solution for our firewall, Application Control, QoS, IPSec, and SSL VPN.

How has it helped my organization?

This solution has a very friendly GUI and CLI as compared to other vendors.

What is most valuable?

The features that we have found most valuable are the SSL VPN and the user Portal.

What needs improvement?

This product could be improved with active directory integration and better handling in IPsec and GRE Tunnels. There are not enough recent online materials to assist in integration with Cisco for VPN, GRE, and IPSec.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Our experience with this solution is that it is stable and reliable.

Which other solutions did I evaluate?

We found the user interface to be better than what is found in other products.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Fernando Neto - PeerSpot reviewer
Network Analyst at Aloo Telecom
Real User
A stable product that allows us to offer several services in a single box
Pros and Cons
  • "We have been able to offer several services to customers in a single box."
  • "I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity."

What is our primary use case?

Our primary use case for this solution is the provision of services to our customers, the end users.

How has it helped my organization?

This solution has improved our organization a lot. We have been able to offer several services to customers in a single box.

What is most valuable?

The firewall is a valuable feature because it offers more security for end customers. The HA function is fantastic, as the link switching time is almost imperceptible. It also offers dedicated IP, all in one box.

What needs improvement?

I use the FortiGate 60D model and realized the 300Mbps bandwidth limitation. Because it is a product that offers many services, I think it could have greater bandwidth capacity.

For how long have I used the solution?

Trial/evaluations only.

What do I think about the stability of the solution?

My impression of the stability is very good. It is very difficult to have to replace the equipment due to lack of resources.

What do I think about the scalability of the solution?

I found this product to be good for scalability. It offers several features, among them I can mention Application Control, Antispam, QoS and others.

How are customer service and technical support?

I found the technical support team to be careful and committed to delivering what we needed.

Which solution did I use previously and why did I switch?

Prior to using the FortiGate solution, I used the MikroTik RB1100AHx2e. I found that the FortiGate 60D offered more security.

How was the initial setup?

The setup was straightforward and easy, and the equipment has a good command line interface.

What about the implementation team?

We were given all the support that we needed for implementation. The vendors were fantastic.

What was our ROI?

The return is inevitable when you have equipment that offers stability and quality in services.

What's my experience with pricing, setup cost, and licensing?

Before choosing a piece of equipment you have to take into account the cost-benefit offered by each one. Sometimes it is not worth paying a very cheap price to have a minimum level of security.

Which other solutions did I evaluate?

Our evaluation of the MikroTik RB1100AHx2e revealed that it lacks antivirus software and has no lock for botnet control centers.

What other advice do I have?

There is a VOIP feature that by default is enabled on the Fortigate 60D. This greatly increases the CPU usage, which causes bad behavior in the equipment. This feature should be disabled and if necessary, the user can re-enable it.

The FortiGate 60D is a fantastic piece of equipment.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1000680 - PeerSpot reviewer
it_user1000680Finance And IT at Galfar Aspire Readymix LLC
Real User

Good performance.

See all 2 comments
Vineeth Babu P - PeerSpot reviewer
IT System Administrator at emirates hospital
Real User
Enables us to control our internet usage with the web filter for application features
Pros and Cons
  • "The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes."
  • "Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server."

What is our primary use case?

We use Fortinet FortiGate mainly for web filtering and site-to-site VPN connectivity. We establish filters based on the type of application for filtering purposes.

How has it helped my organization?

With Fortinet FortiGate I can do over forty enlaces. We give all of the log-based runtime support to every user and the web traffic coming in. Also, we can enlace all of the security projects from our two servers with the other forty enlaces.

What is most valuable?

The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes. All branch FortiGate devices are integrated with FortiAnalyzer and easy to download and monitor the logs from all other locations. It's easy to change the configurations using CMD-SSH. FSSO is also another good feature. 

What needs improvement?

It is mainly our own application of FortiGate that we need to improve. If you compare FortiGate to any other products, all of the other products have more signatures. I couldn't find that many signatures available in the application.

Some features of Fortinet FortiGate are actually fee enabled that are inconvenient for deploying in production. Other issues relate to isolation with Cisco products and your server.

Fortinet should make it so that we are not able to use analytics from Cisco at the same time that FortiGate is installed. We are not able to do real-time network monitoring.

For the next release, FortiGate should be improved to support these issues. For the setup, you need to prepare a lot for that before engaging the deployment. 

I learned a lot about FortiGate from books. That should be important in preparation. Fortinet should implement these changes, then we would be able to do more.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

Stability is good. The only issue is that in the VPN, I have seen many times that there is no stability in the VPN configuration and VPN connectivity. That is our only issue.

What do I think about the scalability of the solution?

If we implement Fortinet to Fortinet connections, then the solution works fine and there are no issues. If we connect with any other vendor like Cisco, Palo Alto, or these kinds of devices, I can see sometimes that the connectivity issue is there.

From IIS, the I/O packet works and connectivity is ideal. Connectivity is fine, but the title clock unnecessarily comes in and sometimes it doesn't reach the destination.

We use Fortinet FortiGate in twenty to twenty-five locations at the time, although we are basically focused on healthcare industry requirements.

For the deployment and maintenance, we have two people we are using right now. Regarding maintenance and deployment, we employ experts in network and security support. 

We don't have any plans to increase usage of Fortinet FortiGate. We only use it in 25 locations.

How are customer service and technical support?

We have evaluated Fortinet FortiGate's technical support and it is good.

How was the initial setup?

The initial setup is straightforward. The normal VLAN interface configuration with the LAN configuration is fine. There is no problem with that. 

Our deployment took a maximum of half an hour to forty-five minutes. It only took this much time for the entire configuration including the LAN and policy configuration.

What about the implementation team?

We did not use an integrator or consultant. Our security engineers completed the configuration.

What other advice do I have?

In terms of rating, Fortinet FortiGate will come in with an eight out of ten. We are satisfied with the product overall. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Directorate at a wholesaler/distributor with 51-200 employees
Real User
A user friendly solution that helps protect us against spam
Pros and Cons
  • "It is user friendly, and has all the features you need."
  • "I feel that the reporting needs to be improved."

What is our primary use case?

Our primary use case for this solution is to protect ourselves against email spam.

How has it helped my organization?

This solution helps to protect us against spam and offers features like intrusion prevention.

What is most valuable?

The most important feature is that it's easy to use. It is user-friendly and has all the features you need. You can have IDS (Intrusion detection systems) and IPS (Intrusion prevention systems) in just one device. You don't need multiples. 

What needs improvement?

The reporting needs to be improved. Also, the VPN (Virtual private network) monitoring needs improvement.

Beyond these improvements, I cannot think of any additional features that I would like.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It is a stable solution. We rarely have problems.

What do I think about the scalability of the solution?

Regarding scalability, we have bought a very large box, so it meets all of our requirements.

We have a big company, with fifteen hundred end points.

How are customer service and technical support?

The technical support is excellent.

How was the initial setup?

I was not there when the initial setup was done.

Currently, we have five staff in charge of maintenance.

What's my experience with pricing, setup cost, and licensing?

Each feature costs money, so it is important to study your needs.

What other advice do I have?

Before implementing this solution, you have to study your network first, and then consider your needs. Decide what features you need and what features you don't need.

It is important to know what is required from the device because they come in very different models. There are different features and each feature costs money, so you need to be prepared so that you can optimize your cost. You don't want to end up buying something that you won't use in the future.

I would rate this solution eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Assistant Manager IT at Urmi Garments Ltd
Real User
Excellent Bandwith Agility from Webstie to Website
Pros and Cons
  • "We are very happy with the general bandwidth agility we have seen from one website to another website."
  • "I have to say that the initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run."

What is our primary use case?

Our primary use case is providing cybersecurity applications to internet (IT) clients throughout India. 

How has it helped my organization?

Since we are still in the implementation period we still need more time to evaluate how this solution can add value to our organization.

What is most valuable?

We are very happy with the general bandwidth agility we have seen from one website to another website.

What needs improvement?

Since we are in the initial stages of implementation I can't suggest any additional features for the next release. At this point, I really need more time to evaluate the tool. The only thing I can recommend at this time is to make improvements for the user end when the user website is running slowly; the speed can definitely be improved. There is room to include IP wise and net-wise and bandwidth settings.

For how long have I used the solution?

Still implementing.

What do I think about the scalability of the solution?

Currently, we have more than 600 employees using this product. Our users range from IT staff, management, and senior executives. We are all using it. And we plan on increasing the number of users to more than what we are currently at.

How are customer service and technical support?

My technical support experience has been very poor. I think the technical support personnel isn't experienced in Bangladesh. They have much less technical experience and aren't as able to handle the work, as I am.

Which solution did I use previously and why did I switch?

Initially, we were using an IPVanish. We switched to this tool because we believed it would be easier to set up and use but it turns out it wasn't easier.

How was the initial setup?

The initial setup was complex. The deployment took a few days to get set up. Initially, we were using an IPVanish. We switched to this tool since we thought it would be easier. But it turns out it wasn't easier to set up and run.

What about the implementation team?

Our vendor team implemented the tool for us; the vendor team is based here in Bangladesh.    

What other advice do I have?

Maintenance only requires two or three people. At the moment both a Senior Executive and an IT manager are in charge of maintenance.

Besides wanting to see a faster connection speed I would like to see the expanded bandwidth, IP, and proprietary net settings feature included within the tool. 

I rate this product an 8 out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Gamal Al-Hamzah - PeerSpot reviewer
Network Engineer at LinkTech
Real User
Improves internet speed and improves network security
Pros and Cons
  • "The most important features of Fortinet FortiGate are the Intrusion Prevention System (IPS) and firewall control applications."
  • "The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."

What is our primary use case?

We are a reseller of Fortinet products. We use FortiGate for Intrusion Prevention System (IPS) support. This is the most important reason that we use Fortinet FortiGate.

How has it helped my organization?

We required our network to be more secure. We also use FortiGate for improving the speed of the internet because the network here does not perform as we would like it to.

What is most valuable?

The most important features of Fortinet FortiGate are the Intrusion Prevention System (IPS) and firewall control applications.

What needs improvement?

The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing.

The network routing with Fortinet FortiGate can be an issue, but it generally depends on the size of the company.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

FortiGate is a wonderful appliance.

What do I think about the scalability of the solution?

We have knowledge of other firewall products but FortiGate is the best.

How are customer service and technical support?

We like the Fortinet technical support and how they have responded in the past.

How was the initial setup?

The initial setup was easy and not complex at all.

What's my experience with pricing, setup cost, and licensing?

There is only one issue with Fortinet FortiGate: It's the price. If the company makes its products cheaper then we can convince our clients to buy more.

What other advice do I have?

I would rate Fortinet FortiGate a nine out of ten because I don't know all of the features of the platform personally.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Manager systems at HOCL
Real User
Offers good threat protection and stability
Pros and Cons
  • "Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough."
  • "One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at the peak time when the number of contracts and users are at maximum."

What is our primary use case?

We use Fortinet FortiGate as a firewall. On some particular days, when our network traffic is very busy, we use a separate debit line. We need additional monitoring to know whether our production was cut by peak rates or not.

How has it helped my organization?

It satisfies all of our requirements.

What is most valuable?

The most valuable feature is the threat protection. With many users, I've found an issue where sometimes I need to monitor the traffic that I need to filter.

What needs improvement?

We have many users currently with this solution. One issue that I have had is that sometimes I need to monitor the traffic, so I need to filter it according to the user and which user is using it the most. I experience a bottleneck most of the time, particularly at peak time when the number of contracts and users are at maximum. We feel a kind of bottleneck.

When I first entered the log section, I could not find any results. I did not find any proof, i.e. reporting and analytics on the speed and network availability were not optimized. I could not find any such log from the server, maybe Fortinet could improve this service.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

Fortinet FortiGate is stable.

What do I think about the scalability of the solution?

Fortinet FortiGate is scalable for our users. Right now, we have almost 70 users. We do not have any plan to increase our usage of FortiGate. For maintaining the firewall solution, one staff member is enough.

How are customer service and technical support?

We are very well satisfied with the Fortinet technical support.

Which solution did I use previously and why did I switch?

We had been using another solution for approximately ten years. The product was not up to date, so we were not getting any support for it.

How was the initial setup?

The initial setup is straightforward. The total amount of deployment time required depends upon the number of users. Fortinet FortiGate automatically corrects any mistakes you make in the installation process.

What other advice do I have?

I cannot find anything lacking in Fortinet FortiGate. I would rate it a nine out of ten. We advise other users to go for Fortinet.

There is a back-up service that needs to be included with the firewall support.

I have the requirement to filter what information goes to the user to see which user require the most bandwidth and other resources. When there is a disconnection, that should be shown somewhere in the reports.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
VeerSharma - PeerSpot reviewer
Branch Manager at a tech services company with 51-200 employees
Consultant
Effective bandwidth management saves us money and keeps our customers happy
Pros and Cons
  • "This solution made it very easy to manage our bandwidth."
  • "Compared to some other products, the DLP is not at par for the moment."

What is our primary use case?

Our primary use case for this solution is to manage bandwidth for our customers. This is done by setting the appropriate firewall rules and policies.

How has it helped my organization?

This solution made it very easy to manage our bandwidth. It is important because we do not have to buy additional bandwidth from our ISPs. The rules and policies are set such that our users are happy, and we can maintain our current cost of bandwidth.

What is most valuable?

One of the most valuable features for us is that it is easy to configure. It is also very easy to manage. One of the things we were looking at was a product that is user friendly, and this helps us to generate and analyze the reports we need.

What needs improvement?

I recently saw the new updates that are coming, such as the ability to quarantine a user's machine. Once done, you have the ability to connect to it from the FortiManager Console and you can bring it back online, out of quarantine. This is all very good news.

One of the areas that I feel need improvement is on the DLP (Data Leak Prevention) side of things. Compared to some other products, the DLP is not at par for the moment.

Also, if in the next few years this solution can be made to support HE between models, it would be better.

I feel that improvements can be made on the security side. Sometimes the product does a good job, but sometimes not.

For how long have I used the solution?

More than five years.

What do I think about the scalability of the solution?

The scalability is good, although I see that some brands are now coming up with an important advancement. Currently, when you want to do HE (High-end), you have to have the same model or a similar model. Some competing solutions are now able to do HE between mixed models.

How are customer service and technical support?

I hardly ever use their technical support, but when I do they are pretty good.

Which solution did I use previously and why did I switch?

Previously we were using SonicWall, and we had no trouble after switching to FortiGate. One of the reasons that we switched is because we needed something that is easy to configure and manage.

One of the problems we had is that we could not get SonicWall to print out a comment. The documentation says that it should be able to, but it was not printing. The currently solution meets this requirement.

How was the initial setup?

The initial setup is straightforward and it is easy to configure.

What's my experience with pricing, setup cost, and licensing?

In terms of pricing, the cost of the product is important because we do not want to pay for something that is too expensive. At the same time, however, pricing is not as important as manageability and support. I would say that all things considered, the pricing is pretty good.

Which other solutions did I evaluate?

After switching from SonicWall, we did not evaluate options other than the current solution.

What other advice do I have?

We look for a couple of things when selecting a vendor or product. First, we look at the user interface and figure out whether it is easy to manage. We also consider the price because we do not want to overpay. That said, price is not our number one priority; user manageability is. 

We have been using a pretty wide range of products. We have used models such as the Fortinet FortiGate-30E, 51E, 90D, and 200D. They are all pretty good at doing the job that they are configured for. Obviously, the firewall sizing has to be done right, but if the product sizing is done correctly then they will never go wrong.

I have not yet used the cloud access capability, but we do plan on testing it.

After we purchased FortiGate we grew by forty percent, and it was able to continue to perform as it had before.

Overall it is user-friendly, easy to configure, easy to manage, the support is pretty good, they are priced low, and they do the job that you require.

I would rate this solution nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Principal Mining Consultant at senhwabio
Consultant
Auto-scans for viruses, worms, and malware
Pros and Cons
  • "The features that prevent internet connections, the filtering are the most valuable because we did not have any internet protection before."
  • "Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions."

What is our primary use case?

We use Fortinet FortiGate out of fear for malware on the internet, to protect our users from malware. We also use FortiGate to prevent connections to the internet.

How has it helped my organization?

We mainly use Fortinet FortiGate to prevent infections of technology on our network devices. We use it to auto-scan for viruses, worms, and malware.

What is most valuable?

The feature that prevents internet connections, the filtering, is the most valuable feature because we did not have any internet protection before.

What needs improvement?

Fortinet could improve the windows opener or the virtual IP solutions for opening windows. The virtual IP settings need improvement as firewalls are trending in new development directions.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Fortinet FortiGate is very stable. We use it for 20 hours a day only. It is a firewall so it cannot be shut down.

What do I think about the scalability of the solution?

Fortinet FortiGate is scalable, but it is not a requirement for us. We only have 25 users. They are general users, not engineers. I am the only engineer needed to maintain FortiGate.

How are customer service and technical support?

We didn't need Fortinet customer support because FortiGate was already configured.

Which solution did I use previously and why did I switch?

We started with Fortinet FortiGate. We weren't previously using another solution. 

How was the initial setup?

The initial setup of Fortinet FortiGate is not so difficult. We got the instructions for the installation from Fortinet online.

The majority of the work was implemented by our vendor. The deployment took about two days to complete.

What about the implementation team?

The installation of Fortinet FortiGate was implemented by our vendor. They are a third-party selling company, not the original manufacturer.

What's my experience with pricing, setup cost, and licensing?

Fortinet is reasonable in pricing and licensing. Overall, FortiGate is affordable. The licensing fee can be a little high, depending on the budget for your project.

Which other solutions did I evaluate?

Other products are not so popular in Taiwan, but the IBM IPM solution is a major competitor to Fortinet FortiGate for firewalls.

What other advice do I have?

Fortinet FortiGate is a stable and affordable product. I would rate Fortinet FortiGate an 8/10. So far, Fortinet FortiGate has been enough for our business requirements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Emmanuel  Salamat - PeerSpot reviewer
Solutions Architect at UAS
Reseller
Optimizes security on the network and protects the company from attacks from outside
Pros and Cons
  • "Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. With FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access."
  • "Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites."

What is our primary use case?

We use Fortinet FortiGate as the firewall for our networks and as a security device. Fortinet FortiGate is used in our organization for:

  • making policies
  • security profiles
  • identity management
  • blocking applications on websites
  • making objects
  • future groups
  • user management
  • network reports
  • data analytics
  • other stuff

FortiGate is not just a security solution, but also a network solution, because it can do SD-WAN which provides innovation to security.

How has it helped my organization?

Originally, I used Fortinet FortiGate for SD-WAN. There is actually a feature for the SD-WAN. I could find a port and use it for SD-WAN. Then I also used FortiGate for security rules.

We implement solutions categorizing the insurers by Fortinet, i.e. what are the network users that are allowed in this particular instance or for these particular policies.

We program every port you can set the policies on with Fortinet FortiGate. You can actually see the users that access the particular website and govern the rules for web traffic.

What is most valuable?

First and foremost, Fortinet FortiGate is a security device. It can optimize security on the networks of a company. It actually protects the company from attacks from outside. 

With Fortinet FortiGate, you can categorize the users. You can create a group of users that can access all of the websites for their work. You can limit other users' access. 

It can also do detailed reporting and analytics that comprise information from recorded events on the network by traffic location, device, IP address, etc.

What needs improvement?

Flexibility is questionable when it comes to the hardware parts. If Fortinet can make FortiGate modular so that you can actually upgrade it without changing the parts, I would prefer it. 

If Fortinet FortiGate could actually integrate with the hybrid cloud architecture without changing the storage parts, i.e. the hardware, it would be better.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The Fortinet FortiGate solution is 81% stable. I would say it is very flexible. I would grade it an eight or nine.

What do I think about the scalability of the solution?

Scalability is one of the disadvantages. When it comes to scalability, you have to actually change the box. If you want to upgrade it, you need to actually change the existing box and probably you take the system off to other sites.

With FortiGate, if you want to upgrade, it is physical and you have to buy a bigger box. You have to replace it with a bigger one. The boxes of Fortinet are not modular, so you have to replace the entire box. That's one of the bad sides of Fortinet. 

When it comes to security, it's not really possible if the other solution is actually plausible. 

How was the initial setup?

The deployment of Fortinet FortiGate is complex. It depends on how long you are going to maintain the network of the client. For us, it would only take a day or two.

What about the implementation team?

We are resellers of Fortinet products.

What other advice do I have?

The Fortinet FortiGate solution has to have a system-wide update for improvements. First and foremost, you need to have a patch. You have to continually improve FortiGate by having continuously updated patches applied. 

Then always check for the admin reports from Fortinet that the patch was applied. When it comes to the features of this device, I would rate Fortinet FortiGate an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Amgad Soliman - PeerSpot reviewer
Senior System & Security Administrator at a legal firm with 51-200 employees
Real User
Top 5Leaderboard
Offers side-to-Side VPN Support for Secure Networking
Pros and Cons
  • "Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E."
  • "Fortinet needs more memory to save the log files. We need it to save the logs on the hardware and not in the cloud. I know this feature is available in FortiCloud, but if we need this log locally, it is not available."

What is our primary use case?

We use Fortinet FortiGate 100E for a VPN. We also use the solution for word filtering. These are our primary business requirements.

How has it helped my organization?

We were not fully operational previously. Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. 

In Egypt, to make this possible, we built connections for everything between the two sides through the internet using the VPN side-to-side with Fortinet. 

We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E.

What is most valuable?

The main feature that Fortinet FortiGate has that is very useful for me, is that I can connect two sides of the network to each other with Fortinet. 

I can make two VPNs run side-to-side. VPN is very simple and so easy with FortiGate.

What needs improvement?

Fortinet needs more memory to save the log files (like in the 101E, the old product). We need it to save the logs on the hardware and not in the cloud. 

I know this feature is available in FortiCloud, but if we need to log locally, it is not available. Also, the log only records a little time and needs to be longer.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Fortinet FortiGate offers good stability. I have been using it for around two years.

What do I think about the scalability of the solution?

FortiGate is a very scalable tool. They have an app to manage the access points, switches, and other solutions. 

For our project, now we're over a hundred users at the headquarters. The other branch supports about 20 persons.

How are customer service and technical support?

Fortinet tech support is very helpful. I have not faced any trouble with their technical support. 

Which solution did I use previously and why did I switch?

The other product I was previously using was ForgeRock but did not have the experience of integrating it with Fortinet FortiGate.

How was the initial setup?

For the Fortinet installation, our initial setup was for word filtering. It was very easy and did not take a lot of time. The deployment took about three days. 

FortiGate is very easy. The entire solution setup processes took about three days. I can make many of the rules for most users as we need it configured easily.

What about the implementation team?

I am the integrator for Fortinet FortiGate solutions at our company.

What's my experience with pricing, setup cost, and licensing?

The licensing price for the Fortinet products is approximately a thousand of dollars per year for the FortiGate 100E and $200 per year for the FortiGate 50E. 

I don't use additional licensing, just the yearly subscription.

Which other solutions did I evaluate?

We did not evaluate any other options for this purchase.

What other advice do I have?

If anyone asks me for my experience with Fortinet solutions, I would recommend FortiGate, especially if they need to use it for security. 

I would recommend the FortiGate series for integration with any hardware or software product. I am very satisfied with Fortinet. I would rate it a 9 out of 10 overall.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Director, CFO at IT Green Public Company Ltd.
Real User
Securely Protects Databases in Business Operations
Pros and Cons
  • "Fortigate is very scalable to serve our customers' needs. We have scaled already from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers."
  • "Fortinet already improved FortiGate, but in the current market, many brands of security devices have improved together. Fortinet still needs to catch up with market standards. Fortinet is lacking in features in comparison to competitors."

What is our primary use case?

Fortinet FortiGate has many use cases: firewall, security, and wifi controller. We use the solution for our project's internet gateway.

How has it helped my organization?

My company operates a large data center with many useful applications, sections, and databases. We have to put the security function into FortiGate to protect the databases in the organization.

What is most valuable?

Fortinet FortiGate has many excellent functions and good security. The firewall is the most common function that we have used for a long time.

What needs improvement?

The Fortinet FortiGate firewall has been improved with many new functions. Fortinet is working to develop a new generation of firewalls with better security.

Fortinet already improved FortiGate, but in the current market, many brands of security devices have improved together. Fortinet still needs to catch up with market standards. 

Fortinet is lacking in features in comparison to competitors.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Fortinet FortiGate is very stable.

What do I think about the scalability of the solution?

Our experience with Fortinet FortiGate depends more on the sizing of the customer. Fortigate is very scalable to serve our customers' needs.

We have scaled from fifty to more than a hundred instances of Fortinet FortiGate. Around 20 staff are required for deployment and maintenance, mostly engineers. 

We are not a distributor for Fortinet, so we will not actively promote it as a solution.

How are customer service and technical support?

The technical support with Fortinet is good. We have our engineers required to have certification in Fortinet products. We provide training classes for our engineers.

Which solution did I use previously and why did I switch?

We also implement solutions with Palo Alto Networks and WatchGuard.

How was the initial setup?

Fortinet FortiGate is user-friendly to set up. The UI is fine. We still have concerns about security with Fortinet. 

The security could be improved compared with Palo Alto Networks equipment. Palo Alto Networks products have more technical issues than Fortinet.

Overall, Fortinet FortiGate is not complicated to set up. 

What about the implementation team?

We had a team for implementing Fortinet FortiGate on these projects. We also have many business partners for service work as integrators. 

Our partner for the Fortinet FortiGate installation was one of the few consultancies that have exceptionally good service in the market currently.

We have begun Fortinet FortiGate training through the consultant company and now have many partners for service contracts. 

What's my experience with pricing, setup cost, and licensing?

The pricing and licensing of Fortinet FortiGate are good if they stay the same. The price is not too high now, but license pricing still changes too much. 

Fortinet FortiGate is comparable with the other products in the current market.

Which other solutions did I evaluate?

We are not sole-distributors of Fortinet products currently. It is part of a portfolio of solutions that we offer our business clients.

What other advice do I have?

The policy for integration and for configuring Fortinet FortiGate should be friendlier than in the version we are using now. Because Fortinet has been in the market for a really long time, and we are very experienced with Fortinet products, I would rate FortiGate with an eight or nine out of 10. I would rate it this score because of the experience that Fortinet has as a market leader for such a long time.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user819147 - PeerSpot reviewer
Head of IT at CGP
Real User
Next-Generation Advanced Firewall Protection
Pros and Cons
  • "Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others."

    What is our primary use case?

    Our primary use of Fortinet FortiGate is for a firewall. I use it as the firewall system and protection from spam. I mainly use Fortinet FortiGate for protection and security.

    How has it helped my organization?

    Mainly the FortiGate reporting system is very good. It guides us through all the expectations of security. Fortinet provides us all that we need for security. Also, Fortinet FortiGate is a next-generation firewall. It is much more advanced than others.

    What is most valuable?

    I like all of FortiGate's features. 

    What needs improvement?

    The FortiGate reporting system needs to be more detailed about files. Palo Alto Networks is more detailed in the reporting system than Fortinet.

    Currently, as for our security, we don't need more. The main reporting in Palo Alto Networks is much more developed than Fortinet, especially in the part of the file exchange.

    As a security lead, I think Fortinet FortiGate is much more reliable than Palo Alto Networks.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    The Fortinet FortiGate solution is very stable for our installations.

    What do I think about the scalability of the solution?

    The scalability of Fortinet FortiGate is sufficient. What we bought was sufficient for what we need. I don't know if we're going to need to upgrade it or not, it depends on if we need to increase or lessen it. 

    Since we built Fortinet FortiGate we didn't need to do anything more for it. Over 200 users are currently using this solution and only one staff is required for maintaining it.

    How are customer service and technical support?

    The Fortinet technical support is very good.

    How was the initial setup?

    Setup and installation of Fortinet FortiGate were very straightforward. The deployment stage took five days. We used an integrator company and they were very good.

    What about the implementation team?

    We implemented Fortinet through a third-party integrator company.

    What's my experience with pricing, setup cost, and licensing?

    With Fortinet licensing, you have to buy a license for every product: for the stamp, for the email, for the firewall, for everything. This is all the same for all vendors. You have to buy a license for each service. 

    In terms of pricing, they are reasonable compared to Palo Alto Networks. FortiGate is much cheaper than Palo Alto Networks with more efficiency in operations.

    Which other solutions did I evaluate?

    We talked to several vendors like Cisco and Palo Alto Networks. There was another system and they gave us a test drive for a week running it on their premises to see how reliable it is.

    We tested Cisco, a next-generation firewall, two years ago. We also tested the Palo Alto Networks equipment.

    What other advice do I have?

    We may increase our usage of Fortinet next year. 

    I would recommend to anyone to buy Fortinet FortiGate. I would rate the product ten out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Mohamed Abdullah - PeerSpot reviewer
    Senior Security Engineer at crystal networks
    Real User
    Enables us to load balance more than six internet lines but they should develop better visibility, monitoring, and reporting

    What is our primary use case?

    Our primary use case is as a firewall. 

    How has it helped my organization?

    Customers want to load balance more than six internet lines. FortiGate is the only solution that can accomplish this. 

    What needs improvement?

    The monitoring and the visibility, in this proxy, is very weak. I would for them to develop better visibility, monitoring, and reporting.  

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It's not always stable. When there's heavy traffic, we get hardware problems. 

    How are customer service and technical support?

    Their technical support is very good. 

    How was the initial setup?

    The configuration was very easy. I didn't have any problems with it.

     It depends on the project, but I don't need a lot of resources to maintain it. One or two staff are enough to deploy and maintain it.

    What about the implementation team?

    I integrated it myself. 

    What's my experience with pricing, setup cost, and licensing?

    Our licensing costs are on a yearly basis. 

    What other advice do I have?

    I would rate it a seven out of ten. Not a ten because of the monitoring and the stability issues. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    PeerSpot user
    Derrick Slaton - PeerSpot reviewer
    IT Specialist 3 at a financial services firm with 51-200 employees
    Real User
    Enables us to to set up remote systems and has good stability
    Pros and Cons
    • "The ability to set up remote systems is the most valuable feature."
    • "They should improve the interface to make it more user-friendly."

    What is our primary use case?

    We use this solution as our firewall. 

    How has it helped my organization?

    We have branches that we use for the net clients to VPN back into our network.

    What is most valuable?

    The ability to set up remote systems is the most valuable feature. 

    What needs improvement?

    They should improve the interface to make it more user-friendly. 

    I would like to see some sort of reporting if there was an issue with the connecting network sources or connections.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It's definitely stable. We haven't had any issues with it. 

    What do I think about the scalability of the solution?

    I would rate the scalability an eight out of ten. We have just over 100 users using this solution.  

    How was the initial setup?

    The initial setup was complex. The user interface was a little bit difficult so it made actually setting it up a little bit complicated. The deployment took a week to roll out four branches.

    What about the implementation team?

    We used an integrator for the deployment and had a good experience with them. They made it easier to get everything set up.

    What's my experience with pricing, setup cost, and licensing?

    There are no additional costs aside for the standard licensing fees.

    What other advice do I have?

    FortiGate is very good if you're thinking of expanding where you have remote offices, then it's a good solution.

    I would rate this solution an eight out of ten. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    IT Manager at Soporte Antivirus Ltda
    Real User
    Enables us to check our sites and emails for threats

    What is our primary use case?

    Our primary use case is for checking sites, threat prevention, ransomware, and email check.  

    How has it helped my organization?

    We can use our devices to check all of the perimeters. It secures email websites. 

    What needs improvement?

    They need to improve their technical support. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    The stability is good. 

    What do I think about the scalability of the solution?

    It's scalable. We have 22 users. 

    Which solution did I use previously and why did I switch?

    We were previously using Sophos XG. 

    How was the initial setup?

    The initial setup was easy. The implementation took around two hours. 

    What other advice do I have?

    I would rate it an eight out of ten. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    PeerSpot user
    ICT Administrator at a mining and metals company with 11-50 employees
    Real User
    Enables us to bring security into compliance with our policies
    Pros and Cons
    • "I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good."
    • "Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area."

    What is our primary use case?

    Our primary use case is for our company firewall. We use it for intrusion prevention and anti-virus.

    How has it helped my organization?

    The internet filtering feature has really benefited my organization because we have a lot of things that go on illegal sites like auto torrents sites and a lot of streaming and downloads. We've been able to minimize the impact of bandwidth by filtering out media sites. This solution has also benefited us by bringing security into compliance with our policies.

    What is most valuable?

    I really like the captive portal feature for our guest network. It has nice VLAN features in terms of separating our network. The anti-virus is also good. 

    What needs improvement?

    Some of the filtering is not robust, you can escape it with a VPN. Some of the users bypass some of the filters. It catches some but it also misses some, that area could be improved. It's functioning reasonably but there's room for improvement in that area.

    There is a feature that Palo Alto has called Traps. It helps to prevent attacks on the system. A feature similar to this would be worth adding.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It's very much stable.

    What do I think about the scalability of the solution?

    It is very scalable. We have around 200 users. 

    How was the initial setup?

    The initial setup was not complex. 

    What about the implementation team?

    We have had experience with enterprise firewalls and notably, we had experience with Fortinet, so the deployment was done in-house. We require four people for deployment and maintenance. 

    What's my experience with pricing, setup cost, and licensing?

    Compared to Palo Alto, which we have used in the past, pricing and licensing are okay.

    What other advice do I have?

    I would advise someone considering this solution to learn the product. You have to get to know the product, don't just look at it from outside. Get to know the product, the ins and outs and see how you can actually use it for your scenario.

    I would rate it an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    System Administrator at Udenar
    Real User
    A complete solution, but it is very expensive compared with other solutions

    What is our primary use case?

    We use FortiGate for edge protection by avoiding attacks to the servers of the institution, also, by protecting the LAN network.

    How has it helped my organization?

    Having FortiGate allowed for easy management of the network, protection from threats by having a very intuitive administration console.

    What is most valuable?

    The most important feature for me apart from the administrator is the UTM module because it protects the equipment of the entity in a very efficient way.

    What needs improvement?

    FortiGate is a complete solution, but it is very expensive compared with other solutions. Then actually, we are analyzing other solutions.

    For how long have I used the solution?

    More than five years.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user755889 - PeerSpot reviewer
    Consultant at MT Pockets Computers
    Consultant
    The reporting that automatically comes off the unit makes it much easier to meet compliance standards
    Pros and Cons
    • "We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best feature."
    • "They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."

    What is our primary use case?

    Our primary use case of this solution is for intrusion detection and prevention.

    How has it helped my organization?

    We use a southern institution that's audited for IT security and the reporting that automatically comes off the unit makes it much easier to meet compliance standards and makes it easier as far as the amount of time that has to be spent to compile that information. If you get your reporting set up correctly when you initially set it up, you just select the one you want and hit print. The auditing trail on it is the best features.

    What is most valuable?

    There's an all-inclusive appliance where all of the logs, registers, and everything is customizable as far as the way reporting comes back.

    What needs improvement?

    They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much so when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to their remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that.

    There's a link off of the reports that you can click and make suggestions, which is pretty awesome because it seems like somebody is reading those and doing something about it. If I could save reports on a format where I could save space and not have to reprint them and move information down from letterheads and that sort of stuff that would be great. Formatting reports is the only thing I would change about that product right now.

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    It's solid. It's a rock solid solution.

    What do I think about the scalability of the solution?

    Scalability is excellent. Across three locations we have 120 users.

    How are customer service and technical support?

    Their technical support is excellent.

    Which solution did I use previously and why did I switch?

    We did use a different solution. We switched primarily because of the audit trails because the user interface, what you saw on the screen and the options you were presented with were difficult to configure and we ended up spending a lot of time trying to get the information that we wanted. 

    How was the initial setup?

    For the product that it is, the initial setup was straight forward but not so simple. The Dell EMC product is simple, this is more complicated than that but it wasn't incredibly difficult. We rolled that out on a test network initially and to try to get our rule sets correct so that we didn't run into issues and did testing for about a week. The initial set up time took around an hour and a half, and it was on a virtual network with a bunch of virtual machines. We just tested it for about a week just to make sure that we weren't going to run into a lot of issues switching from the old IDS to the new one.

    What about the implementation team?

    I installed it. I did the product research and was involved in the purchase decision but I did not purchase the product, I was not a vendor of the product, and I did not make any money on it.

    What's my experience with pricing, setup cost, and licensing?

    As far as the licensing goes for the small product that we have, the pricing was pretty competitive. It wasn't as simple and as cheap as a SonicWall but for the service we would get it was a good price.

    What other advice do I have?

    There's a setup guide on the Fortigate website that is a video that is far better than the written manual that is provided. If you've set up other products before, that may get you through, but the training on their website was far more useful to me than the user manual.

    I would rate this solution a nine out of ten. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user678567 - PeerSpot reviewer
    Solutions Architect at Focus
    Reseller
    It is a good product from a price perspective versus functionality
    Pros and Cons
    • "It is easy to use and performs very well."
    • "There could be more integration between the logging and analytical platforms to make it more seamless and integrated."

    What is our primary use case?

    My primary use is for border protection for connectivity out onto the Internet. This product has performed exceptionally well.

    How has it helped my organization?

    It just runs. We have had very few issues with the solution.

    What is most valuable?

    It is a good product from a price perspective versus functionality. It is easy to use and performs very well.

    What needs improvement?

    There could be more integration between the logging and analytical platforms to make it more seamless and integrated.

    For how long have I used the solution?

    More than five years.

    What do I think about the scalability of the solution?

    It is a very secure, easily managed product. It keeps up-to-date with all the variabilities.

    What's my experience with pricing, setup cost, and licensing?

    Price-wise, it's at a good price point for our market.

    What other advice do I have?

    If someone is considering this solution, they should do their homework to learn about the product. A user should make sure they compare between a short list of products. The choice should be made after considering price, support, ease of access, and evaluation of integration with other products the organization still uses. Due diligence is the key to integrating a solution.

    Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
    PeerSpot user
    PTL Network Administrator at a non-profit with 1,001-5,000 employees
    Real User
    A cost-efficient product that is very user friendly
    Pros and Cons
    • "It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user friendly."
    • "The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade should be returned. It was a very valuable feature for us."

    What is our primary use case?

    It's a firewall that secures our internal network. I have been using it since 2013, and I find that most of the features are advanced, and very user-friendly.

    What is most valuable?

    It gives priority to certain applications compared to others as well because internally all our applications are web based.  We use FortiGate to prioritize certain applications to be accessed much faster than the others. For end users, it enables access to the applications and web filtering, as well. That's where we block off most of the sites and we can do scheduling, as well as access to certain sites within certain periods of time.

    What needs improvement?

    The web-cache feature which was previously on the FortiGate device, but was deleted with the recent upgrade, should be returned. It was a very valuable feature for us.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    The stability of the product is consistent with our needs.

    What do I think about the scalability of the solution?

    In terms of usage, I have a main branch and then we have smaller branches throughout the country. Connecting to each site through FortiGate is much easier.

    What's my experience with pricing, setup cost, and licensing?

    It is cost-effective, and provides a good value for your money. The pricing, and license renewal, is very reasonable for us. The bottom-line is that it all comes down to the pricing of the solution.

    Which other solutions did I evaluate?

    I looked at Cisco, and I think that FortiGate is more reliable, consistent and stable.

    What other advice do I have?

    When choosing a new solution, I suggest seriously researching the pricing and the features. It must be a solution that fits your particular requirements and specifications. 

    I think FortiGate is more reliable, consistent, and easy to learn. It is robust and more secure than other solutions on the market.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Engineering Manager at Primatel Communication Snd Bhd
    Real User
    Top 10
    Prevents outside attacks to our network

    What is our primary use case?

    Our primary use is for firewall protection. 

    How has it helped my organization?

    It provides security purposes, and it makes our network safe from outside attacks.

    What is most valuable?

    The most valuable feature is the bundled subscription, which is IPS, TV and web filtering. I also like the application control.

    What needs improvement?

    I think they need to improve more in order to be a competitor with the leaders of the field. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It is stable, there is not too much downtime.

    What's my experience with pricing, setup cost, and licensing?

    They need to be competitive with other solutions.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    IT Management at a marketing services firm with 501-1,000 employees
    Real User
    Top 5
    An inexpensive answer for firewall protection

    What is our primary use case?

    I primarily use this product as a firewall protection. 

    How has it helped my organization?

    With Fortigate, I find fewer attacks. The console easily alerts me about possible attacks so I can prevent the malware attacks.

    What is most valuable?

    It is easy to use.

    What needs improvement?

    The UTM filtering control could be improved. 

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    I do not have problems with the stability of the solution. It works well.

    How is customer service and technical support?

    We do not use a lot of tech support. It is not readily available in our area.

    What's my experience with pricing, setup cost, and licensing?

    The price of the solution is not expensive. It is affordable.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    CTO at a comms service provider with 501-1,000 employees
    Real User
    Valuable option for security although unstable at times

    How has it helped my organization?

    It has improved our security capabilities. 

    What is most valuable?

    We find the most valuable aspect of this solution is the price. It is affordable and cheaper than other firewalls.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    There were quite a few problems with the stability of the system but now it's working fine. I think it had to do with the complex environment, not because of the product itself.

    What's my experience with pricing, setup cost, and licensing?

    It is an inexpensive solution.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    PeerSpot user
    Network Architect at Finastra
    Vendor
    The option of using the GUI and CLI interchangeably is invaluable

    What is our primary use case?

    Needed to get off of EOL Cisco ASA platform and we evaluated Checkpoint, Palo Alto, and FortiGate 1500 and 3000D. We chose FortiGate, FortiAnalyzer, and FortiManager as our solution.

    How has it helped my organization?

    • Better visibility into traffic patterns
    • Lightening fast troubleshooting and reduced management complexity overall.

    What is most valuable?

    • Live traffic viewer
    • Packet capture, and
    • The option of using GUI and CLI interchangeably.  

    FortiManager and FortiAnalyzer helps us manage multiply firewalls.

    What needs improvement?

    The speed of synchronization between FortiManager and FortiGate could be improved, but that could be because we host them in Azure.

    For how long have I used the solution?

    Still implementing.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Sabyasachi Sen - PeerSpot reviewer
    IT General Manager at Manav Rachna International School
    Real User
    I am "headache free" now that I don't have to categorize all the websites and that security has been pre-categorized. The tech support needs improvement.
    Pros and Cons
    • "I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over."
    • "A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve."

    What is our primary use case?

    My primary use case for this solution is using it as a key net and as a firewall.

    How has it helped my organization?

    For Fortinet Fortigate,I have to have a Fortigate access point. In my opinion, it should have been a universal access, which supported the universal access point. At this point, our campus is large with some 10 thousand students and staff on board at any given time. Every time I have to use Fortigate, the access point portal has to be a universal type. It would be nice if I did not have to "marry" Fortigate for everything.

    What is most valuable?

    The only feature is that I don't have to be worried about categorization of the websites. I am able to put on the policies for the blog because this is an institution.There are several restrictions out there to get onto the websites. It creates a "headache free" environment for us.

    What needs improvement?

    A couple of things I've seen that need improvement, especially in terms of a hard coding. The driver-level active moment really is out-of-the-box and we have to have contact the customer support and sometimes it is difficult to resolve.

    My only solution would be please don't make it as a closed source. Don't make it as
    a closed source. Give some kind of a power to the user so that they can consider it
    according to their determine that it should have some flexibility on concurrent
    connections not be restricted. I agree that to some concurrent connections the CPU and
    the box may be a lower model and it need some higher scale level with this. But, there
    should be a provision. There should be a provision to go to at least to 60-70% onto the
    threshold to go beyond the designed capacity of something. Like we call it as a design
    capacity, and since 70% addition to the 100% of it.

    What do I think about the stability of the solution?

    If I compare with the open source, it has really frustrated me for a couple of things. Whenever my students or faculty goals increase, then in Fortinet, I need to change the model for going with the higher model, or better model more better first tier it can deal with it.

    What do I think about the scalability of the solution?

    It should have been scalable. But, it is not quite so. There are limitations, I need to change the box or I have 1500 D. That means I can make 1000 connections, but some kind of vestibules are going on and the advances are going on. Then, I find it very difficult to give  a connectivity simultaneously and upon current connections. As a result, I have to deprive my faculties, my staff, or my students of certain functions.

    How is customer service and technical support?

    Tech support is not very efficient in India.

    Which other solutions did I evaluate?

    We have considered the Linux Suite and HP BSM.

    What other advice do I have?

    As I said, that at least one part I am "headache free" that I don't have to categorize all the websites and that security has been pre categorized by the people, and that the services are getting updated. At least one part of my problem is over.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Ahmed Konsowa - PeerSpot reviewer
    Senior Security Consultant at SEE "Systems Engineering of Egypt"
    Real User
    Top 10
    It has very easy management and an amazing ETM configuration.

    What is our primary use case?

    My primary use case of this solution is as a data center. It performs very well.

    How has it helped my organization?

    It has very easy management and an amazing ETM configuration.

    What needs improvement?

    I would like to see more advanced developments of a wireless controller in the future.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    I think the product is stable. It is amazing.

    What do I think about the scalability of the solution?

    It is amazing, but sometimes there are issues with Fortinet Integrations. But, I know they are now trying to rectify the problem.

    How is customer service and technical support?

    We have good technical support from the vendor.

    How was the initial setup?

    It was very straightforward. An easy installation process.

    What other advice do I have?

    I think when you look at this product, you must realize that the box hardware and software are vary stable. And, the pricing is perfect.

    Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
    PeerSpot user
    Yousef Altaj - PeerSpot reviewer
    Tech Manager at Global tec
    Reseller
    It is a reasonably priced solution for this type of product. It enables productivity of our organization to go smoothly.

    What is our primary use case?

    We primarily use this for the Security Fabric feature. It works together with other Fortinet products like FortiWeb and FortiMail, as well as with Amazon products. There is a lot of integration. 

    How has it helped my organization?

    It enables our organization to become more productive. Also, it protects our NEtWare from viruses and malware.

    What needs improvement?

    I think the only issue that needs improvement is the interface.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    It is a very stable product.

    What do I think about the scalability of the solution?

    Sometimes the solution is not scalable.

    How is customer service and technical support?

    Our experience with technical support has been very positive. 

    How was the initial setup?

    It was very straightforward an easy for us to initially install.

    What about the implementation team?

    We always consider:

    • Price
    • Product success

    What's my experience with pricing, setup cost, and licensing?

    The price, in comparison to other products is very cheap.

    Which other solutions did I evaluate?

    Other products considered were Sophos and CiscoMaraki.

    Disclosure: My company has a business relationship with this vendor other than being a customer: I am a reseller.
    PeerSpot user
    it_user929583 - PeerSpot reviewer
    Network and Security Manager at a consumer goods company with 10,001+ employees
    Real User
    Review about Fortinet FortiGate
    Pros and Cons
    • "The response is very quick and they can visually resolve our problems in a short period."
    • "The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."

    What is our primary use case?

    The primary use case for this solution is as a firewall protection for our company.

    How has it helped my organization?

    It's performed as a firewall to block those unwanted traffics, and it can protect our clients and our users from some threats. I think it is the best solution to protect the network or our users from the APT attacks.

    What is most valuable?

    I like the UTM features, including the web filtering and antivirus.

    What needs improvement?

    The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it would be great.

    For how long have I used the solution?

    One to three years.

    What do I think about the scalability of the solution?

    It keeps improving the features and I am very impressed with the effort.

    How are customer service and technical support?

    The response is very quick and they can visually resolve our problems in a short period.

    Which solution did I use previously and why did I switch?

    In the past, we were using Cisco, the quite old firewall. And did not have the UTM features. So we switched to Fortinet to improve the security of our network.

    How was the initial setup?

    I was involved in the initial setup and it was very easy and the features and interface are very good for us to understand what is going on.

    What about the implementation team?

    When selecting the firewall vendor, we are considering the protection and the security features, it's the most important things we are considering. We need a good option for threat protection.

    What's my experience with pricing, setup cost, and licensing?

    The beauty is the price performance ratio is great with FortiGate. It provides all the features we needed and the price is comparable with others' firewalls. The price is quite competitive with the firewalls with similar features.

    Which other solutions did I evaluate?

    We also looked at Palo Alto, Check Point and Cisco.

    What other advice do I have?

    It's very easy to contact, the conversation is easy and it provides us all the features on point. It is also reliable.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Network Engineer at a tech services company with 201-500 employees
    Real User
    The most valuable feature is the policy routing and application control

    What is our primary use case?

    Our primary use case is for our small company. It is basically for users on the LAN-side. So, it is just for browsing mostly.

    What is most valuable?

    The most valuable feature is the policy routing and application control. In addition, the firewall will act as a call-switch. So, the performance within the LAN is good.

    What needs improvement?

    The UI could be improved. 

    For how long have I used the solution?

    More than five years.

    How are customer service and technical support?

    We sometimes wait 30 to 40 minutes to get a tech engineer. But, then they are pretty good. Whenever I call for a problem they will assist me and correct me and they will fix up the call. Only one they are sure we have solved the problem will they disconnect from the call. Whenever the issue arises, they're available to help.

    Which solution did I use previously and why did I switch?

    I also have prior experience with SonicWall.

    How was the initial setup?

    The initial implementation was straightforward.

    What's my experience with pricing, setup cost, and licensing?

    I do not have personal experience with the pricing of the solution because my boss has been taking care of that aspect of the relationship with the solution.

    Which other solutions did I evaluate?

    SonicWall has a better UI solution.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user913353 - PeerSpot reviewer
    Gerente de Seguridad Informática at a financial services firm with 1,001-5,000 employees
    Real User
    The main benefit is the grouping of our security monitoring. The technical support is great.
    Pros and Cons
    • "The technical support is great."
    • "The main benefit is the grouping of our security monitoring."
    • "It does not have key authentication for admin access."

    What is our primary use case?

    I use Fortinet Fortigate. First of all, I use them as perimeter firewall. Secondly, I use it for a  data center firewall for internal segmentation.

    How has it helped my organization?

    The main benefit is the grouping of our security monitoring. I have all of my solutions from the same brand, Fortinet. I have only one console, one dashboard, all the security incidents that occurs on the network.

    What is most valuable?

    The Fortinet FortiGate product has original features that we use. 

    These features include:

    • IPS
    • Anti-Malware
    • Web Application Firewall

    What needs improvement?

    I am looking to implement key authentication for admin access for the Fortinet product.

    For how long have I used the solution?

    Three to five years.

    How is customer service and technical support?

    The technical support is great. 

    How was the initial setup?

    I was involved in the initial setup. When we decided to use Fortinet, we were already a customer of Fortinet. So, my previous firewall also was Fortinet and the experience with the brand and with the provider was very good. We have no issues. We like to keep with the same brand.

    What was our ROI?

    Fortinet is a very good solution. It would not be a mistake to choose Fortinet as a solution.

    Which other solutions did I evaluate?

    In the past, we had evaluated Palo Alto and Cisco as possible solutions. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Assistant Manager (Infrastructure) at SISTIC
    User
    It has improved the security posture and visibility of our traffic
    Pros and Cons
    • "Easy to use support and licensing portal as well as activation process."
    • "I would like to see improvements made to the dashboard and UI, as well as to the reporting."

    What is our primary use case?

    E-commerce environment, enterprise data center.                                                                                                                                                                                                        

    How has it helped my organization?

    It has improved the security posture and visibility of our traffic. The OS and the firmware updates are very straightforward.                                                                                         

    What is most valuable?

    All the features are very good, straightforward licensing, Fortinet product integration, standardized FortiOS and automatic uninterruptable firmware upgrade. Easy to use support and licensing portal as well as activation process.                                                                 

    What needs improvement?

    I would like to see improvements made to the dashboard and UI, as well as to the reporting. I would also like them to consider offering more predefined security templates.                       

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    No issues.

    What do I think about the scalability of the solution?

    No issues.

    How are customer service and technical support?

    Customer Service:

    An eight and a half out of 10.

    Technical Support:

    They are able to identify an issue and resolve it within a pretty short period of time.

    Which solution did I use previously and why did I switch?

    We previously used Cisco ASA. We switched to Fortinet Fortigate because it was easy to manage, and it uses a Single OS for the whole product. We were also able to learn how to use it very quickly.

    How was the initial setup?

    It is very straightforward.

    What about the implementation team?

    We implemented it ourselves with some assistance from vendor. Because of the limited assistance from the vendor, we do not know what the level of expertise was.

    What was our ROI?

    No

    What's my experience with pricing, setup cost, and licensing?

    They have very competitive solutions across the entire product line.

    They also offer very clear licensing and pricing.

    Which other solutions did I evaluate?

    Checkpoint, Cisco, Palo Alto, Sonicwall, Huawei, and Sophos.

    What other advice do I have?

    I found that the memory usage for the Fortigate firewall are relatively higher than other firewall brand when compared to same traffic volume. It might be the scan engine do their job well or the scan engine not well tuning. If there is a details information about this would be good.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Iz - PeerSpot reviewer
    IzAssistant Manager (Infrastructure) at SISTIC
    User

    In fact I only apply on our DMZ firewall rules I only get the same result.

    See all 2 comments
    Robert Kaczorowski - PeerSpot reviewer
    System Administrator at HAMMOND LUMBER COMPANY
    Real User
    Their proxy-based inspection is responsive and secure
    Pros and Cons
    • "The CLI and GUI do a good job of putting a lot at your fingertips."
    • "Their proxy-based inspection is responsive and secure."
    • "It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco."

    What is our primary use case?

    We use Fortinet FortiGate as our firewall and Layer 3 switch. Together, they connect all our locations for internal and external access with an MPLS as the primary connection and a backup VPN over a secondary DSL/Cable ISP.

    How has it helped my organization?

    Fortinet FortiGate has improved our routing and made us more secure. Using OSPF tables with an MPLS VPN, along with the combined security of the firewalls, has made a huge difference in our organization.

    What is most valuable?

    • The ability to customize UTM features and add or remove features as we like.
    • Availability of different locations as options.
    • The VPN features are easy to deal with.
    • The CLI and GUI do a good job of putting a lot at your fingertips.

    What needs improvement?

    It could use more templates for third-party site-to-site VPN setups other than FortiGate and Cisco.

    For how long have I used the solution?

    Three to five years.

    What other advice do I have?

    Their proxy-based inspection is responsive and secure.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user915438 - PeerSpot reviewer
    Director TICs at a comms service provider with 51-200 employees
    Real User
    We can detect any attack of viruses or malware at the first point of contact
    Pros and Cons
    • "We can detect any attack of viruses or malware at the first point of contact."
    • "There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract."

    What is our primary use case?

    We use it for security. It performs okay.

    How has it helped my organization?

    It controls the traffic in the organization and the navigation of the Internet. It blocks some sites and permits limited access to our information through the web. We can detect any attack of viruses or malware at the first point of contact.

    What is most valuable?

    • The security
    • Monitoring
    • Alarms

    It is a very strong platform.

    What needs improvement?

    There are problems with the custom reporting of the unique traffic. The data is there, but it is too difficult for us to extract. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    Just today, our platform was down seven hours today. We called the technical support and they told us that there was some maintenance in the cloud for the platform.

    What do I think about the scalability of the solution?

    The scalability is good.

    How is customer service and technical support?

    The technical support is good.

    How was the initial setup?

    The initial setup is not difficult, but tricky. It's easy, but it's important that their technical support will help you during the configuration of the platform. Procedures that appear logical are not always so.

    What other advice do I have?

    Most important criteria when selecting a vendor: The security of the platform, because we are very concerned about cybersecurity. Also, the customer service response is important.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Security Engineer at a real estate/law firm with 501-1,000 employees
    Consultant
    Their response and resolution times are good

    What is our primary use case?

    It performs well.

    How has it helped my organization?

    We have a lot of bandwidth.

    What is most valuable?

    • Box stability
    • Security features, like SSL scanning. 
    • Their service: Whenever we raise a complaint with FortiGate, their response and resolution times are minimal.

    What needs improvement?

    They need faster serviceability and more security features.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It has good stability compared to its competitors.

    What do I think about the scalability of the solution?

    It is scalable. We are making a cost savings on the scalability.

    How are customer service and technical support?

    We have been using technical support. Their response and resolution times are good.

    Which solution did I use previously and why did I switch?

    Our previous solution had performance issues.

    How was the initial setup?

    The initial setup was straightforward and easy.

    Which other solutions did I evaluate?

    We evaluated Cyberoam and Cisco.

    What other advice do I have?

    Most important criteria when selecting a vendor: stability and service.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    User at El loco hugo
    User
    It has improved our organization with control data

    What is our primary use case?

    We use it because it is a good device.

    How has it helped my organization?

    It has improved our organization with control data.

    What is most valuable?

    The rules.

    What needs improvement?

    The reports are very basic.

    For how long have I used the solution?

    More than five years.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Information Security Analyst at a tech vendor with 51-200 employees
    Real User
    Protected us from several Zero-day attacks and includes data leak prevention
    Pros and Cons
    • "Valuable features include the Web Application Firewall, and it even has DLP (data leak prevention)."
    • "The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
    • "I need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it."

    What is our primary use case?

    It is performing fine, there is no problem from FortiGate. The firewall engine is very good, Very suitable for picking up Zero-day threats. It has protected us from two or three instances, thanks to this engine.

    How has it helped my organization?

    From 2014 when they started using it, I was not associated with the company. I have only been associated with the company for the last year.

    What is most valuable?

    Valuable features include the Web Application Firewall, and it even has DLP (data leak prevention).

    What needs improvement?

    After four years it has started to fail. The firewall engine is not so strong as of now, in my opinion. For that reason, we want to migrate to Check Point. This is one of the concerns that I have right now. 

    My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased.

    I also need user-behavior analytics, to find threat scenarios from inside the organization, insider attacks. That would be very helpful for us. In addition, I would like next-generation features for small and medium businesses. These businesses require UTM, all in one product. Fortinet must include it.

    For how long have I used the solution?

    One to three years.

    What do I think about the scalability of the solution?

    Scalability is fine as of now. Compared to other firewall products, it's a little cheaper in terms of pricing. So scalability is good. 

    But right now, due to a greater focus on security, I think FortiGate needs to improve on the security features, and they need to do so for their small and medium business products, in order to compete.

    How are customer service and technical support?

    Technical support is pretty good. We had to call FortiGate support once, and they really helped us. In one of the configuration files from FortiGate, during an upgrade of the hardware, something was changed. They were very helpful in resolving it for us. There is no problem with support.

    Which solution did I use previously and why did I switch?

    Previously, in 2013, I believe we were using WatchGuard.

    In the process of selecting a vendor, the most important criteria will be to go through threat assessment reports - the NSS testing reports that are published every year. Our decision will depend on that.

    What other advice do I have?

    If price is a constraint for you, you should go with Fortinet. But security is a very big factor right now. If you want to be compliant with GDPR and all the other things that are coming up, you should go with another good vendor. Even though Fortinet is a big competitor, in one to three years, when they include many new features in their products, they will be a good solution.

    I would rate FortiGate at eight out of 10 because the support was very good. Considering the current scenario, I would not give it nine or 10 because they need to include many features in the smaller products, not only in enterprise-level products.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Andrew S. Baker (ASB) - PeerSpot reviewer
    Cybersecurity & IT Operations Professional (VirtualCxO) at BrainWave Consulting Company, LLC
    Consultant
    The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors
    Pros and Cons
    • "The CLI is robust and powerful, enabling rapid, consistent changes via SSH."
    • "The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors."
    • "WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead."
    • "Some configuration elements cannot be easily altered once created."

    What is our primary use case?

    I have deployed several of the following models for customers: 200D, 60E, 60D. This review focuses on the FortiGate 200D.

    How has it helped my organization?

    The first implementation I performed of a FortiGate 200D was to replace a Juniper SSG-140 in a main corporate office.  This implementation provided improved network administration and network performance.

    We also received more timely security updates, and it became easier to connect all of the other offices together (via an IPsec VPN mesh).

    As additional FortiOS releases have come out, we have obtained more flexibility in device identification and WAN load-balancing, among other things.

    What is most valuable?

    • The CLI is robust and powerful, enabling rapid, consistent changes via SSH. 

      The device identification is very flexible, facilitating the creation of rules to regulate all sorts of devices that might spring up on a network, especially via WiFi.
    • The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors.
    • WAN load-balancing has improved, but needs some refinement.

      You can set up a different DDNS config for each WAN link.

      It is great to be able largely use the same OS features across the family of devices.

    What needs improvement?

    WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead. There are lots of options for routing traffic over a specific path when you have WAN load-balancing enabled, but they are not as clear and consistent as they could be, and most can only be set at the CLI.

    Some configuration elements cannot be easily altered once created.  For instance, there is no way to rename an interface (say, for a VPN tunnel), unless you create an entirely new one and perform a little gymnastics to switch from one to the other. Or, you export the config, rename the elements in question, then re-import the entire config.

    Creating a meshed VPN connection (Office A with two WAN links connecting to Office B with two WAN links) requires a massive bundle of four IPsec interfaces, with two policies. It would be nice to have a cleaner, simpler config for that functionality, something not very uncommon today.

    I have found that if you have a console cable in the device when you reboot it for a disk check, it will boot to the device firmware. This will not happen for a regular reboot.

    If you have more than a very basic environment, you quickly have to escalate past the first level of support. The initial level is so-so.  The next level up has been stellar for me, and quick to figure out issues and resolve them.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    I've only experienced stability issues a few times.  One was with the v5.4.0 and .1 releases. Also, there was an issue during the v5.2.x series where there was an SSD issue that was fixed with later firmware. Overall, the devices have been very stable.

    What do I think about the scalability of the solution?

    No. Scalability is good, and performance increases are great as you move to higher products.

    How are customer service and technical support?

    Customer support is okay. They are fairly responsive for level three and higher (one and two) issues, but if your issue is a little complex, you will want to ask them to escalate to a second level tech. They don't always read all the info you provide in the first pass, but overall, they are helpful.

    Which solution did I use previously and why did I switch?

    I previously favored NetScreen/Juniper SSG solutions, but Juniper stopped supporting the SSG line, and FortiGate provides more value and performance for the dollar.

    I've also tested the Sophos solutions, but found them not compelling enough to switch from the FortiGate devices.

    How was the initial setup?

    The devices are very easy to setup, even if you need to configure VPNs. You could have an HA config up and running within 60-90 minutes, with the latest firmware installed, and a couple of policies and tunnels.

    If you do not regularly work with enterprise-class firewalls, you might need to add an hour to the above scenario, but the provided wizards make it pretty easy to address the basic functions.

    What about the implementation team?

    In-house deployment all the time.

    What was our ROI?

    In almost every case, I've experienced (or had customers experience) an ROI within 12 months, based on better performance for the same price or increased functionality for the same (or less) price.

    What's my experience with pricing, setup cost, and licensing?

    Licensing and setup costs are generally pretty clear with Fortinet. If you go with centralized management or their Log Analyzer tool, these carry some additional pricing that you need to look at.

    Check out the price matrix, and go with a value-added reseller that understands how to help you size out the equipment. Remember to always look at the performance with the assumption that you will have many of the unified threat management (UTM) features on, not off.

    Which other solutions did I evaluate?

    Yes, I tested and evaluated solutions from pfSense, Sophos, and Palo Alto.

    What other advice do I have?

    I highly recommend, and often try to deploy Fortinet solutions for my office network and for my customers. They run for a long time, they are supported for many OS updates, and they are pretty solid.

    Don't upgrade the OS right away when it is released, if a major new version has come out.  v5.0 was problematic early, but v5.2 was great. v5.4 was a problem child, but v5.6 had only a minor issue. v6.0 was surprisingly smooth and had only a minor issue. I could have avoided most of these problems if I waited an additional month or so before updating, but I updated because I need to advise customers on what they should be doing.

    I've had to interact with support a lot, and overall they've been good (with the caveat mentioned earlier).

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Diana Nongera - PeerSpot reviewer
    I.T. Manager at a agriculture with 501-1,000 employees
    Real User
    Our security improved from being able to put in rules and close off unwanted traffic
    Pros and Cons
    • "With FortiClient, you can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong."
    • "Our security improved from being able to put in rules and close off unwanted traffic."
    • "It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go."

    What is our primary use case?

    When we looking for a device, we wanted to control incoming and outgoing traffic into our network to protect our organization, like have a barrier before anyone could send something in or anyone could send something out. We also use this for our DHCP.

    How has it helped my organization?

    The greatest improvement was on security. If you put rules that will not allow certain traffic, it won't happen. You can close the traffic that you don't want in your network, because of malware and people fishing and spamming.

    What is most valuable?

    • DHCP functionality: The object tab where we manage our IP addresses and static. The DHCP monitors them.
    • FortiClient: You can easily connect when you are home, check out what you want to do, and connect to your network when you are not at work. You can switch on servers and you can check what is wrong.

    What needs improvement?

    It should come integrated or have its own type of network monitor tool in a module. There should just be one package, and you are good to go.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    Stability is excellent. It is so stable that it is the best in the market. I would rate the stability as a 10 out of 10.

    What do I think about the scalability of the solution?

    It has the capacity to change in size. It comes in different sizes. E.g., for a smaller organization, you buy smaller package, then for bigger entities, you buy the bigger one. If you have fewer users in a certain entity, they would get a package of 50 each. If it's a head office, then you'd get something like 201. So, it accommodates for all sizes.

    How are customer service and technical support?

    Technical support has been great. We have used it before because sometimes you get issues that you can't handle, then you have to call it in, send emails, and they assist you. 

    We also work through our partners, which has been good.

    Which solution did I use previously and why did I switch?

    We were previously using Netgear, which was smaller. It didn't have the advanced technology in terms of what we wanted it to do. It was an older version. We thought that if we were going to change the firewall, then we should make a good, future investment. Thus, our partners advised us that FortiGate was one of the best, so we invested in them.

    How was the initial setup?

    The initial setup was not straightforward. You need some training and to learn some of these things through the experience of using it.

    What about the implementation team?

    We were guided by our partner, so we worked on our devices with our partners. They were the ones who helped us and who have been working with us, even for upgrades, and it has not been straightforward.

    Which other solutions did I evaluate?

    We evaluated Cisco, Netgear, and Cyberoam.

    What other advice do I have?

    You don't need to reinvent the wheel, as FortiGate is the best solution.

    Most important criteria when selecting a vendor: 

    • The ability of the brand
    • Best of breed
    • Reliability
    • After hours sales service, because we know technology comes with renewals, upgrades, and support. This is quite critical to our functionality and efficiency.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user824916 - PeerSpot reviewer
    it_user824916User at a tech company with 10,001+ employees
    MSP

    Need information on Fortinet IPS.

    ICT Officer at a non-profit with 5,001-10,000 employees
    Real User
    It is straightforward to implement the device from scratch
    Pros and Cons
    • "There is an easy process for configuring it, and it is straightforward to implement the device from scratch."
    • "At first glance, the interface for the device is very confusing."

    What is our primary use case?

    We have been using the FortiGate antivirus software for a couple of years, as of mid-July. The hardware solutions for the firewall, we have been using for less than a year.

    We are using FortiGate 80E for a medium-sized office. I am pretty satisfied with it. It has performed well. The primary use is to protect the internet traffic for a medium-sized office, up to fifty users, using a local domain with a not so intensive cloud traffic. Generally, it is just to protect the internet access for all the users in the network.

    Also, we are using VPN at external locations to the office, which FortiGate supports.

    How has it helped my organization?

    It give us the liberty to let us do our jobs.

    What is most valuable?

    • There is an easy process for configuring it, and it is straightforward to implement the device from scratch.
    • It has a somewhat diverse device interface, but if you have one day to play with it, you can easily find whatever you need. 
    • All types of policies need to be installed, then all the parameters are configured. It is not very demanding,

    What needs improvement?

    At first glance, the interface for the device is very confusing. However, every version is getting better.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    I have had no concerns with the stability so far.

    What do I think about the scalability of the solution?

    We have been in no position to upgrade our number of users. So, I cannot judge this aspect of the product.

    How are customer service and technical support?

    They provides local support. I have been using them only for some site blocking. They are pretty efficient in this. They say they will respond in 24 hours, but I have received responses in a maximum of one hour, which is impressive.

    Which solution did I use previously and why did I switch?

    We had a server acting as our service-based firewall, so no solution for firewall. 

    FortiGate is my first actual solution for firewalls.

    How was the initial setup?

    The initial setup was very straightforward.

    What's my experience with pricing, setup cost, and licensing?

    It provides mid-sized company pricing.

    What other advice do I have?

    Most important criteria when selecting a vendor: We have specific procurement rules, then we specify the technical specifications. After that, whoever is cheapest should get the job.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Mgr. IT Infrastructure and Network Operations at a media company with 11-50 employees
    User
    Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure
    Pros and Cons
    • "Centralized monitoring, policy management, and virtualized appliances allow us to take control over our public and private infrastructure."
    • "Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products offer much better ROI, upgradability, and manageability."

    What is our primary use case?

    • Security
    • Monitoring and controlling
    • VPN
    • Active Directory integration
    • Servers
    • All components related to an enterprise environment.

    How has it helped my organization?

    We replaced Sophos with FortiGate and found it better than the Sophos product. It has better control, insights, and prevention from crypto malware and other threats.

    What is most valuable?

    The most valuable features are centralized monitoring, policy management, and virtualized appliances so we can have control over public and private Infrastructure.

    What needs improvement?

    Cisco Meraki products are rising very quickly in the cloud and the connected era. Meraki products are future proof and offer much better ROI, upgradability, and manageability.

    IT is continuously evolving, and every few days or months, there is something new. Whoever evolves first will take the lead over the competition. Adopting and evolving is the key to success.

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    These products are solid and stable.

    What do I think about the scalability of the solution?

    We have not had any issues with scalability.

    How are customer service and technical support?

    Our experience with support has been fine. No trouble or hassle.

    Which solution did I use previously and why did I switch?

    Sophos: It was good for small businesses, who are evolving and improving. Though, I found Cisco Meraki to be much better.

    How was the initial setup?

    Part of the setup was straightforward and other parts were complex. They need to work on feature placements and menus.

    What about the implementation team?

    We did the implementation through a vendor, who had good experience.

    What was our ROI?

    Two to three years, depending on usage type, number of users, and organizational size.

    Which other solutions did I evaluate?

    Yes, we did, Palo Alto and other solutions, but we found FortiGate to be the best solution at that point in time.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user867420 - PeerSpot reviewer
    Network Engineer
    Real User
    A solid product with an easy configuration and good support
    Pros and Cons
    • "The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support."
    • "It needs more available central management."
    • "It could use better throughput on some of the smaller boxes for the branch offices."

    What is our primary use case?

    Primary use would be firewalls for the central office as well as all our branch offices. For some branches, we use the wireless feature.

    How has it helped my organization?

    The product is very stable, easy to troubleshoot, and configure, so it has reduced the time it takes for support.

    What is most valuable?

    • Stability
    • Ease of use
    • Configuration
    • The available feature sets

    What needs improvement?

    • It needs more available central management. 
    • It could use better throughput on some of the smaller boxes for the branch offices.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It is very stable.

    What do I think about the scalability of the solution?

    Since we are not virtual, it is a physical box. It scales well if you know what to buy from a physical box standpoint. They seem to offer something for every level.

    How are customer service and technical support?

    The technical support is very responsive and qualified.

    Which solution did I use previously and why did I switch?

    Cost and convenience are probably why we switched from our previous solution to FortiGate.

    How was the initial setup?

    The initial setup is straightforward, once you understand the operating system environment.

    Which other solutions did I evaluate?

    I was not here at the time that they were evaluating other solutions.

    What other advice do I have?

    I highly recommend the Fortinet product because of its implementation. It is a solid product with an easy configuration and good support.

    Most important criteria when selecting a vendor: 

    • Experience
    • Installations of similar types which met our needs
    • Pricing
    • Support
    • Ease of implementation.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user882894 - PeerSpot reviewer
    User at Smartdev LLC
    User
    The graphical interface is complete and easy to use

    What is our primary use case?

    It is a UTM firewall with many features. It has helped me to control users and public multi-servers easily. It also can make the VPN connection free through advanced routing (RIP, OSPF, BGP, PBR). It gives you a seamless, simple integration into a large network.

    How has it helped my organization?

    It help me control users, so I could review how users access the Internet or the bandwidth, and what they use per day. 

    What is most valuable?

    • A strong point of FortiGate is the graphical interface is complete and easy to use. 
    • The IPS is good. It protect my network from attackers. 

    What needs improvement?

    One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering.

    For how long have I used the solution?

    Less than one year.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Ali Asvadi - PeerSpot reviewer
    President at a tech services company with 1-10 employees
    Real User
    Good performance, protects network perimeters against attacks

    What is our primary use case?

    To protect network perimeters.

    How has it helped my organization?

    Security. The main options feature protection and security against attacks.

    What is most valuable?

    Reliability and performance, those are key factors.

    What needs improvement?

    I have only one request and that is to have Fortinet as a market download in Azure. 

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    So far, so good.

    Which other solutions did I evaluate?

    I'm an integrator, so I use SonicWall, Sophos, and Fortinet.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator.
    PeerSpot user
    it_user510852 - PeerSpot reviewer
    Technical Services Manager with 501-1,000 employees
    Real User
    Easy to set up, make policies; the switches automatically get policies from the firewall
    Pros and Cons
    • "It's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls."
    • "You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it."
    • "As far as wanting more scalability or things in the network diagram, it's going to cost you."

    What is our primary use case?

    I am using it as an IPS, intrusion protection system.

    How has it helped my organization?

    The first benefit is the cost. It is very affordable.

    Also, it's very easy to set up, it's very easy to make policies and, for an organization, that means you don't need IT expert in firewalls. You just need to have somebody who knows a little bit of IT, and that's it. With other products, you need someone with a "Masters" degree in firewalls.

    What is most valuable?

    It's a complete solution. You can purchase switches and you don't need to do anything with them. You just put in the firewall and the switches get all the policies and rules that you already have in the firewall. That's a very nice feature because with, for example, Cisco, you need to set the switch, you need to set the firewall, and you need to test it. With Fortinet, you just connect the FortiSwitch to the Fortinet and that's it. It's very easy.

    In the last version of the FortiOS - the operating system of the firewall - they put a lot of new features to support communications in a firewall. Whatever the communication that you have, you can put that in the firewall, and that's great.

    What needs improvement?

    For me, at this time, it's very complete.

    What do I think about the stability of the solution?

    Stability is very good. I have no problems right now with any of my customers. I haven't had a call from a customer in about three months, other than to make new policies. That's it. They are not complaining about the Fortinet, that it is damaged or something like that.

    What do I think about the scalability of the solution?

    Scalability is very good. We just did a quote for a university here that has about 25,000 students, and all the solutions that we put in the RFP, they were accepted. The only thing is the cost. As far wanting more scalability or things in the network diagram, it's going to cost you.

    How are customer service and technical support?

    Technical support is very good. If you have any questions, they have a forum and, apart from the forum, depending on the FortiGate that you purchased, they have very good support from second-line engineers. Whatever your problem is, you call and at least you get a callback.

    Which solution did I use previously and why did I switch?

    I was using a SonicWall. The problem with SonicWall is that they were purchased by Dell, and apparently, Dell is not putting any research money into the devices. That is the reason I changed because there are a lot of new things, new generation firewall technologies and they are not using them. Also, apparently, the price is very high right now. If you compare the price with a FortiGate, which has a lot of additional features, it's not worth it.

    When selecting a vendor the most important criteria are support and cost.

    How was the initial setup?

    Setup is very straightforward.

    What's my experience with pricing, setup cost, and licensing?

    Pricing is good. They offer a lot of things, the most important is the support. Every time you upgrade your license, you also get insurance for the equipment. If you have any problem with equipment, they send in new equipment.

    Which other solutions did I evaluate?

    We did a total cost of ownership analysis against Sophos and also Palo Alto, but that was out of scope, it was too expensive. Another one was WatchGuard. When you start looking at the cost of the license for all the things that you get, Fortinet is by far the best option. The problem with the other companies is the licensing.

    What other advice do I have?

    I rate FortiGate a 10 because every time I need to use the support, they are there. There were times when I went to a customer to give support, I called Cisco, they pass me to Brazil, and on another call, they passed me to India. After I gave the guy in India all this information for an hour, he asked me, "What's the problem?" So there was a communication issue with them and they don't know the problems very well. With Fortinet, they are in the US, not in India.

    Do a total cost of ownership analysis with all the features you are looking for and, based on that, make the purchase. Also, reviews are very important.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Manager and General Attorney with 51-200 employees
    Real User
    Filtering and alerts help protect our data but the cost is becoming too high

    What is our primary use case?

    The main use is to protect from outside attack, from any side. Because we work with sensitive data, we have to protect our work. We use it mainly for security, not only for content control.

    How has it helped my organization?

    We have peace of mind. We do work in a very dangerous environment, the internet, and this device gives us alerts. It gives us the opportunity to know what is going on.

    What is most valuable?

    The filtering that you can do with the firewall.

    What needs improvement?

    I would like to be able to do segmentation, for a specific user, with more priveledges. I would also like to see an easier user interface to implement that.

    What do I think about the stability of the solution?

    Sometimes we found that the traffic to the internet froze, I don't know exactly the reason. The only way to get it to work again was to turn it off and then run it again, a hardware reset. Overall it is a very stable platform but sometimes there is this problem.

    What do I think about the scalability of the solution?

    The scalability is fine. The problem is the licensing. To do more you have to pay for it. In this market, where you can find a lot of devices to do the same things, to charge for them in the license is very difficult. Also, sometimes Fortinet changes their products, they drop devices from the market very quickly.

    How are customer service and technical support?

    We have guys who are certified to work with Fortinet, so right now it's fine with them. We never really have serious problems, something to escalate to Fortinet. Only when there is a very difficult issue with the performance or something like that have we had to go to Fortinet, but it has been great.

    Which solution did I use previously and why did I switch?

    One of the main reasons we're considering switching from FortiGate is because many companies have a lot of features and you don't have to pay for. If you compare side by side, you find a lot of things that new brands do as well for fewer dollars.

    When selecting a vendor the most important factor is the prestige of the vendor. Also the cost, renewing licenses. Our customers are looking for more features for less cost. We have to look at what is going on in the market, who the main players are, who is doing well, and who has a good reputation.

    How was the initial setup?

    I was not involved in the initial setup of the devices. I only had to check it out and make sure it was working fine. But I saw the guys working with the configuration. Occasionally they had to reference the manual but had to find the answers on Google.

    Which other solutions did I evaluate?

    Fortinet and Sophos are the main players for this type of solution.

    What other advice do I have?

    I would rate FortiGate at seven out of 10 because, although they are doing well, the problem is the licensing, the cost is too high, and how they support their own devices needs improvement. They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost. FortiGate is a great product but they have to look out.

    My advice would be, look at the time on the market. FortiGate is doing well, but right now they have many competitors that are doing well.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    PeerSpot user
    Senior Consultant at Unify Square
    Real User
    FortiGate security appliances provide UTM security in a single device with a good administrative interface and performance

    We're discussing a family of UTM (Unified Threat Management) appliances.  FortiGate is a term which includes a wide range of products, starting with small ones dedicated to small offices, and developing into devices which are able to grant security and networking for large companies. The family includes physical devices and virtual machines, which grant network security on different layers using a single point of control. FortiGate is optimized to avoid bottlenecks or delays while the various controls are performed. High availability is also part of the available features with various solutions to avoid single points of failure. 

    In the following short list, I will list some interesting points about the FortiGate solution. 

    1. Administrative Interface

    If you are experienced with network security management, you are aware this activity requires interaction with many different software and hardware solutions from disparate vendors. In the aforementioned scenario, it is normal to have frequent updates to apply on the various products and to watch more than one monitoring tool to keep track of security events. The FortiGate solution includes all the controls you could expect using a patchwork of security products in a single device with a single administrative interface. It is your switch, router, firewall, VPN hub, antivirus, anti-spam, proxy, and endpoint security solution all-in-one. 

    If you define a network object or group for firewalling purposes, it will be available to define antivirus rules or internet browsing policies. There are two administrative interfaces:

    • Web-based manager (a graphical interface usable through a web browser);
    • CLI (a command line interface).

    A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside.

    If you have used appliances or firewalls from other vendors, often you have to use not-so-friendly command lines to obtain the exact result you need. With FortiGate, you will use the CLI seldomly and only for the most “exotic” features.

    2. UTM, the Fortinet way

    Unified Threat Management may be complex to manage, because you work on different protocols, at different layers and with disparate threats to consider. In FortiGate, you can have three great layers:

    • Networking services (switching and routing, both static and dynamic);
    • Network security services (firewalling, secure VPN connection, intrusion detection and endpoint security);
    • Application security services (spam and virus controls, web filtering, application control and data leak prevention).

    As long as you pay (and renew as it expires) the “bundle” license, you have all the aforementioned features available, including the updates for signatures and definitions coming to your appliance directly from Fortinet. You do not have to use all the available controls, but you are able to turn them on and off “On Demand”, so you could start with a simple configuration and add control layers when you feel more comfortable.

    3. Virtual Domains

    One of the available features include the capability of a FortiGate to support many Virtual Domains (VDOMs). VDOMs enable you to grant access to different companies with different administrators on the same physical unit. Each one will be able to keep their specific configuration with no impact on the others. What you are doing is creating “virtual units”, and keeping on a “root domain” which is used to manage the virtual domains. VDOMs add a lot of flexibility to the solutions that you are able to plan using FortiGate.

    4. High Availability and Resiliency

    There are four different ways to make a FortiGate unit have high availability. You could use a traditional “cluster” design with two or more units: FortiGate Cluster Protocol (FGCP), a solution with an external load balancer: FortiGate Session Life Support Protocol (FGSP), a Layer 3 resiliency solution like Virtual Router Redundancy Protocol (VRRP), or a Layer 2 solution like Fortinet Redundant UTM Protocol (FRUP). Again, we have a great deal of flexibility to design the best solution for our company’s needs.

    5. The Dark Side of the Moon

    It would not be fair to review a product omitting the negative points. With FortiGate, the main complaint that I have heard is about the technical support. My personal experience is the same as many people who are not happy with this aspect of the service offered by Fortinet. Often, your problem is diverted to local partners. I have to say that I have had mixed results with them. While some partners are professional, many are not skilled enough and I have had costs that are not equivalent to their quality. This is the same issue with other vendors, but that is not an excuse. As long as Fortinet support sends me to a local reseller or partner, from my point of view, they are taking responsibility for their capabilities.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    reviewer690582 - PeerSpot reviewer
    reviewer690582COO/CTO at a pharma/biotech company with 11-50 employees
    Real User

    I had my data speed compromise confirmed by my paid support subscription.

    See all 18 comments
    Consultant
    User
    Saved a bundle by not needing past appliances from an NGFW, however it needs better performance on bandwidth demands for smaller devices

    What is our primary use case?

    Firewall/Web Filter management. We have over 30 sites, and it is imperative that one person (myself) can plan, implement, and deploy these devices to our sites and manage them when finished.

    How has it helped my organization?

    Consolidated our network environment at all locations, but mainly at our datacenter. 

    What is most valuable?

    The web filtering was the most valuable, because at a school board, we need to make sure the students are not tying up our bandwidth and also to keep the bad guys out.

    What needs improvement?

    One area for improvement is the performance on bandwidth demands for smaller devices, as well as better web filtering. Each manufacturer has their own way of filtering and each one needs improvement in categories, URL, and/or application filtering.

    For how long have I used the solution?

    One to three years.

    What was our ROI?

    We saved a bundle by not needing all the past appliances from an NGFW.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user795288 - PeerSpot reviewer
    Pre-sales Engineer at a tech services company with 501-1,000 employees
    Real User
    Easy to understand licensing requirements

    What is our primary use case?

    I use this product on AWS. FortiGate's VM GUI is slightly different than the hardware devices.

    How has it helped my organization?

    It is a one box solution, which covers most of the edge device’s requirements.

    What is most valuable?

    I have found FortiGuard Services to be valuable.

    What needs improvement?

    It needs to improve its ISP load balancing.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    No issues.

    What do I think about the scalability of the solution?

    No issues.

    How are customer service and technical support?

    I would rate technical support as a seven out of 10.

    Which solution did I use previously and why did I switch?

    We had a previous solution, but switch because FortiGate is a one box solution.

    How was the initial setup?

    Initial setup was not complex.

    What's my experience with pricing, setup cost, and licensing?

    Easy to understand licensing requirements.

    Which other solutions did I evaluate?

    • Palo Alto Networks
    • Cisco ASA

    What other advice do I have?

    Easy to implement, and it is also reliable.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user805185 - PeerSpot reviewer
    CEO with 11-50 employees
    User
    Controls the user's activities and maximizes my bandwidth use overall
    Pros and Cons
    • "The FortiGate controls the user's activities and maximizes my bandwidth use overall."
    • "Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance."

    What is our primary use case?

    The company has integrated the LDAP with the UTM to control user traffic in senses and have a high availability for Active/Passive to assure uptime in case of physical failure. Our company is cloud driven and downtime becomes critical.

    How has it helped my organization?

    The FortiGate controls the user's activities and maximizes my bandwidth use overall. If the employer BYOD, we can accommodate it the need by having an isolated networked exclusively for that equipment which does not comply with the internal policies.

    What is most valuable?

    The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors.

    What needs improvement?

    Reporting is limited to providing an external appliance for improving the reporting capabilities of the FortiAnalyzer. It does not offer a central management and is also sold separably as an appliance.

    For how long have I used the solution?

    Three to five years.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user545559 - PeerSpot reviewer
    Owner at a tech services company
    Real User
    I am able to save hours of planning and implementation time because the documentation is so helpful
    Pros and Cons
    • "Their reliability and their policy of pre-shipping replacements when a unit has failed."

      What is most valuable?

      1. The prompt and knowledgeable support behind them. 
      2. Their reliability and their policy of pre-shipping replacements when a unit has failed.
      3. The simplicity and clarity of their user interface and documentation.
      4. Their 'cookbooks' that walk you through the most common installation scenarios.

      How has it helped my organization?

      I am a one-man show, so there is not much that can be done to improve the way that I function. However, these products provide best-in-class security at reasonable prices. 

      One of the most helpful features is their VPN, the client could not be any simpler to set up and use.

      What needs improvement?

      I can't think of too much which they can improve upon. I just have not come across any situation where they have fallen short of expectations.

      For how long have I used the solution?

      I am a consultant who supports these units for my clients who use them. I have had over 10 years of experience with Fortinet products.

      What do I think about the stability of the solution?

      The products are extremely stable. I have only had one instance where a unit did not function as expected, and Fortinet replaced the unit, despite the fact that it was still operational.

      What do I think about the scalability of the solution?

      Scalability is the one area where there is room for some improvement. Currently, customers need to purchase more powerful units as their network traffic and requirements grow. Fortinet will occasionally offer trade-in credits in such situations, but this is not always the case. Their product line allows customers to scale from SoHo through enterprise-level requirements, which is what I like about them so much.

      How are customer service and technical support?

      Their tech support is outstanding.

      Which solution did I use previously and why did I switch?

      I have sold and supported other solutions in the past. Fortinet is not always the least-cost solution available, but from a value standpoint, I find them hard to beat.

      How was the initial setup?

      Initial setup complexity will vary with the complexity of the installation. It is relatively straightforward and simple to set up basic configurations. More complex requirements entail reading through a lot of documentation in order to complete the firewall configuration because of the myriad of features and options that are available in their O/S. The 'cookbooks' are a big help in these instances.

      What's my experience with pricing, setup cost, and licensing?

      Pricing and licensing have to be taken in context with value. Fortinet is usually not the least expensive alternative when considering an upfront investment, but if you take into account the support costs over several years, they are often as cost-effective as the 'cheaper' solutions.

      Which other solutions did I evaluate?

      In this particular instance, Fortinet was evaluated against an equivalent solution sourced from D-Link. I also evaluated a solution from Xirrus (now Riverbed) which promised better signal strength. However, when I ran the various WiFi planning tools from each supplier, the coverage differences did not merit the more expensive Xirrus solution.

      What other advice do I have?

      Anyone evaluating this product should consult the documentation available and plan out their solution before making a decision. From personal experience, I find that I am able to save hours of planning and implementation time because Fortinet's documentation is so helpful.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Alan Chavira - PeerSpot reviewer
      Engineering Manager at a tech consulting company with 1-10 employees
      Real User
      Great product with too many features at the right price

      How has it helped my organization?

      Simplifies administration and upgrades overall security.

      What is most valuable?

      UTM/NGFW features and FortiCloud for logs and backups are awesome.

      What needs improvement?

      MTBF: Hardware failure is more common when compared to SonicWall or Cisco ASA.

      What do I think about the stability of the solution?

      No.

      What do I think about the scalability of the solution?

      No.

      How is customer service and technical support?

      Great support. It's quite good in Mexico.

      How was the initial setup?

      Straightforward.

      What other advice do I have?

      Great product with too many features at the right price.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      reviewer690582 - PeerSpot reviewer
      reviewer690582COO/CTO at a pharma/biotech company with 11-50 employees
      Real User

      I have used Fortigates for 6 years. Like you, similar experiences augmented by an additional support subscription due to my early learning curves. What I did not realize was the speed compromises with all the security apps active - if I have a Verizon FiOS true Gig subscription, my speed was tapered down to 100 Mbps or less. That is a 90% reduction. With 6 users multiplied by cell phones accessing the same WiFi, you can imagine the data speeds we were actually working with.

      So, I picked WatchGuard, the T70 specifically. The data speeds with everything turned on remains near the subscription (1 Gig) and I have the same types of protections as the Fortigate. It is too early to report the reliability and other specs since this has changed only in the last week, but the specs tell me a lot that helped me to understand what I missed on my first go-around with Fortigate. Don't get me wrong, I had zero issues over the last 6 years to Fortigate's credit. However, that speed compromise doesn't work for me. Perhaps I missed something, but my support knows the product and there were no adjustments available, other than turning certain features off. I couldn't afford that security risk, not these days.

      Matthew Titcombe - PeerSpot reviewer
      CEO & Sr. Information Security Consultant at a tech services company with 1-10 employees
      Consultant
      The solution improved the security posture and overall management's TCO

      How has it helped my organization?

      The solution improved the security posture and overall management's TCO.

      What is most valuable?

      One of the valuable features is a standardized OS.

      What needs improvement?

      It claims it does DLP, but the degree and level of controls are very basic. We recommend that our clients supplement it with other products.

      What do I think about the stability of the solution?

      There were no issues with stability.

      What do I think about the scalability of the solution?

      There were no issues with scalability.

      How are customer service and technical support?

      Customer Service:

      Customer service is excellent.

      Technical Support:

      Technical support is excellent.

      Which solution did I use previously and why did I switch?

      We did not use a previous solution.

      What about the implementation team?

      We implemented in-house.

      What's my experience with pricing, setup cost, and licensing?

      Work through partners for the best pricing.

      Which other solutions did I evaluate?

      We evaluated Palo Alto, Check Point, and Cisco.

      What other advice do I have?

      I highly recommend Fortinet as a leader in integrated suite information security capabilities.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Alberto E. Luna Rodriguez - PeerSpot reviewer
      Network Security Coordinator at a energy/utilities company with 1,001-5,000 employees
      Real User
      The VPN capabilities provide a reliable connection to our corporate network over low cost internet services.
      Pros and Cons
      • "LinkGreat firewall capabilities"
      • "Stability and technical support are the two major issues I have found with Fortinet."

      How has it helped my organization?

      These devices allowed my organization to connect a network of gas stations and convenience stores nationwide. The VPN capabilities provide a reliable connection to our corporate network over very low cost internet services (basically, any Internet service locally available can be used for this connections).

      We also leverage the NGFW, UTM and WLAN controller features to provide security for corporate network traffic, and secure, content-filtered guest internet access for customers in the convenience stores. All this at a relative low cost.

      What is most valuable?

      • LinkGreat firewall capabilities
      • Great IPS and web filter for small remote locations, with VPNs for tunneling to the corporate network, makes this device a solid choice for many sites.

      What needs improvement?

      Stability and technical support are the two major issues I have found with Fortinet.

      What do I think about the stability of the solution?

      We’ve had cases of unexplained bugs that go away with a simple device reboot. Software updates usually help with these issues.

      What do I think about the scalability of the solution?

      I have personally found that Fortinet advertising can be misleading. The devices will usually fail way before reaching the capacity advertised in the data sheets, especially when you activate several of the features the device can handle. This is not a dealbreaker for me, especially because of the cost. But I would advise care when dimensioning the devices you’ll need.

      How are customer service and technical support?

      Customer Service:

      Customer service in Fortinet is OK. Lately they've been making efforts in this area. They actually call you when licenses are about to expire which is a nice touch on their part.

      Technical Support:

      I would say technical support is 6/10. I’ve found tech support to vary, sometimes being decent, sometimes painfully inefficient. Much room for improvement here IMHO.

      Which solution did I use previously and why did I switch?

      We still use Cisco for some cases. However, where we need the advanced security and UTM features, Cisco’s prices can be very restrictive. Fortinet is a much more cost-effective choice for those cases.

      How was the initial setup?

      Initial setup was very straightforward. Interface is very friendly and easy to comprehend.

      Which other solutions did I evaluate?

      Before choosing this product, we also evaluated Cisco.

      What other advice do I have?

      Be careful with dimensioning. Don’t expect the device to handle ALL the features. Usually firewall, Web Filter and the WLAN controller work well. But if you need IPS, app control and AV, I would advise over-dimensioning the device a bit (taking Fortinet data sheets as the reference).

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Vendor
      We use it as an internal firewall for VLAN segmentation.
      Pros and Cons
      • "Layer-3 firewall and routing are the most valuable features."
      • "They should improve high CPU and memory usage that occurs."

      How has it helped my organization?

      We have secured our LAN IP subnets with VLAN segregation.

      What is most valuable?

      Layer-3 firewall and routing are the most valuable features. We use it as an internal firewall for VLAN segmentation.

      What needs improvement?

      When we need to enable Netflow on the firewall, there is a high CPU and memory usage that occurs. They should improve that high CPU and memory usage that occurs.

      What do I think about the stability of the solution?

      There were no stability issues.

      What do I think about the scalability of the solution?

      There were no scalability issues.

      How are customer service and technical support?

      Technical support is good.

      Which solution did I use previously and why did I switch?

      We were previously using the Check Point and Palo Alto software. The price and user-friendly GUI are the reasons that we switched to this solution.

      How was the initial setup?

      It is an easy setup and configuration.

      What other advice do I have?

      It's a user-friendly and stable firewall. You can safely use it for all small and big LAN networks.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user454521 - PeerSpot reviewer
      Deputy Chief Manager at a newspaper with 5,001-10,000 employees
      Vendor
      It has given us improved security over the internet. It is easy to use with a single console and unified threat management features.

      How has it helped my organization?

      It has given us improved security over the internet.

      What is most valuable?

      Ease of use, single console, Unified Threat Management (UTM) features.

      What needs improvement?

      NGN, reporting and controls.

      What do I think about the stability of the solution?

      We had some stability issues but we upgraded.

      What do I think about the scalability of the solution?

      There was a hardware limitation, affecting scalability.

      How are customer service and technical support?

      I would rate the technical support as 8/10.

      Which solution did I use previously and why did I switch?

      We had a different solution in the organization arising from different OEMs and this solution was chosen with consideration of requirements and costs.

      How was the initial setup?

      The initial setup was simple but the DC was complex.

      What's my experience with pricing, setup cost, and licensing?

      Go for long term pricing negotiated at the time of purchase.

      Which other solutions did I evaluate?

      We evaluated Check Point, Cisco ASA.

      What other advice do I have?

      You should be clear concerning the scope and outcome you are looking for.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user677703 - PeerSpot reviewer
      Superintendent, Process Automation and Safety at a pharma/biotech company with 5,001-10,000 employees
      Real User
      Allows for firewall rules to be programmed and named in a way that makes it readable.
      Pros and Cons
      • "Allows for firewall rules to be programmed and named in a way that makes it “readable”"
      • "It would be nice if backups could more easily migrate between different models."

      What is most valuable?

      • Flexible enough to handle everything we could want
      • Configuration layout is easily understandable
      • Allows for firewall rules to be programmed and named in a way that makes it “readable”
      • VPN support and some anti-virus protection.

      What needs improvement?

      It would be nice if backups could more easily migrate between different models.

      What do I think about the stability of the solution?

      I did not encounter any issues with stability.

      What do I think about the scalability of the solution?

      No scalability issues, but communications is severely limited in our case by design.

      Which solution did I use previously and why did I switch?

      They were our first firewalls on site.

      How was the initial setup?

      It does require someone knowledgeable in routing, firewall rules, and these firewalls in particular. Once it is set up, they are easy to modify and maintain.

      What's my experience with pricing, setup cost, and licensing?

      It is difficult as an end-user to setup continuing license contracts. It is possible to do between emails and their website, but it is practically impossible to find a phone number to call anyone directly.

      Which other solutions did I evaluate?

      We considered SonicWall .

      What other advice do I have?

      It is an excellent product and works extremely well. If it is set up in a logical way, it is very easy to understand and modify. It is highly recommended to have a service “expert” familiar with these to set it up initially with customer direction.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Hamza_Farhan - PeerSpot reviewer
      Hamza_FarhanProfessioan Services Engineer at a tech vendor with 501-1,000 employees
      Real User

      The easy way to migrate from one model to another is taking the config file and modify it manually, say rename port WAN to port-1 ( sometimes you need to modify the syntax of commands when moving between different versions) and upload the config back. Another method is to divided the config file to multiple sections say interfaces , NAT policies , Firewall ACLS / objects / object groups , then modify every part as required and upload them one-by-one.

      PeerSpot user
      Senior Security Consultant with 501-1,000 employees
      Vendor
      They added a valuable WAF feature to the latest version.

      What is most valuable?

      • Complete and cost-effective next-generation firewall features with app identification, and IPS and URL filtering with SSL inspection.

      How has it helped my organization?

      • Better manageability
      • Straightforward deployments
      • Streamlined and reliable upgrades

      Customers have more time to focus on security because maintaining the firewalls is completely hassle-free.

      What needs improvement?

      Grouping/tabbing (not only by interface) in the policy table of the web GUI would be a great addition.

      For how long have I used the solution?

      I have used it for two years.

      What was my experience with deployment of the solution?

      We have not encountered any deployment issues.

      What do I think about the stability of the solution?

      We have not encountered any stability issues. Stability has dramatically improved over the previous main version branch of FortiOS; 5.2.x and 5.4.x are stable enough for critical environments.

      What do I think about the scalability of the solution?

      We have not encountered any scalability issues; proven that you properly sized the FortiGate model that fits your environment.

      How are customer service and technical support?

      Customer Service:

      Customer service is sufficient.

      Technical Support:

      The tech support is not excellent; this is where Fortinet saves money compared to others... But plenty of free, clear and public documentation is available and this compensates for the most part the tech support shortcomings.

      Which solution did I use previously and why did I switch?

      We previously used Cisco ASA. We switched because the old ASA has no next-generation features.

      How was the initial setup?

      IMHO It is the most straightforward enterprise-level next generation firewall.

      What about the implementation team?

      All implementations were done in-house.

      What was our ROI?

      ROI is very high, it has hands-down the best price/performance/features ratio in the market...

      What's my experience with pricing, setup cost, and licensing?

      The licensing model is straightforward, easy to understand and purchase; prices are fairly low compared to other vendors.

      Which other solutions did I evaluate?

      Before choosing this product, we also evaluated Check Point and Palo Alto Networks.

      What other advice do I have?

      In version 5.4, they added a WAF feature that is absolutely unique for this kind of product; no other NGFW product can also be a WAF and this is a great added value...

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user