IT Central Station is now PeerSpot: Here's why

Fortinet FortiOS OverviewUNIXBusinessApplication

Fortinet FortiOS is #17 ranked solution in best firewalls. PeerSpot users give Fortinet FortiOS an average rating of 8.4 out of 10. Fortinet FortiOS is most commonly compared to Fortinet FortiWeb: Fortinet FortiOS vs Fortinet FortiWeb. Fortinet FortiOS is popular among the large enterprise segment, accounting for 54% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 29% of all views.
Fortinet FortiOS Buyer's Guide

Download the Fortinet FortiOS Buyer's Guide including reviews and more. Updated: August 2022

What is Fortinet FortiOS?

Control all the security and networking capabilities in all your FortiGates across your entire network with one intuitive operating system. Improve your protection and visibility while reducing operating expenses and saving time with a truly consolidated next generation enterprise firewall platform.

Fortinet FortiOS Customers

Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data

Fortinet FortiOS Video

Fortinet FortiOS Pricing Advice

What users are saying about Fortinet FortiOS pricing:
  • "The Fortinet solutions can be a bit expensive."
  • "It would be better if it were cheaper. We have the firewall in our office, and the license is expiring in 20 to 25 days. We got a quote for almost 80,000 Pakistani Rupees, which is a little costly."
  • "The cost is around $40,000."
  • Fortinet FortiOS Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    RaynoPowell - PeerSpot reviewer
    Senior System Analyst at EOH
    Real User
    Top 20
    Great IPS and DNS filtering with useful tutorials available  
    Pros and Cons
    • "Their classification inside of that database of the various threats is typically very, very good."
    • "You can enable and disable certain modules in it. However, with disabling, nobody can really tell us if that module is disabled."

    What is our primary use case?

    FortiOS is the operating system of the FortiGate firewall. So whether it's an actual device or virtual machine, FortiOS is the actual software running.

    FortiOS is dedicated to the next-generation firewalls. You can't really use it for anything else.

    What is most valuable?

    Essentially, their IPS and DNS filtering databases are the most useful for us. The industrial protocol database, which is the main one that we use, is great. They do extensive research to make sure that all the CVEs that they include in the IPS database are up to date and they keep it up to date. And that they don't miss any threats.

    Their classification inside of that database of the various threats is typically very, very good. It's, for that matter, one of the best we've seen.

    The IPS, IDS database with the DNS and industrial database are the three core main features that are the best for us.

    What needs improvement?

    We don't really find a lot of issues on it.

    If I really have to complain about something, and there's not much, is the free VPN solution is a bit limited. Then again, it is a free solution. That's essentially it. Nothing else on the FortiGate or on the Fortinet OS side is really an issue. That's one of the main reasons why we use them: everything works and works well.

    For what we use, there isn't really any missing feature. In fact, we actually want to get rid of some of the features that they have due to the fact that, for the security model that we need to implement, having more features actually opens up potential risk. We actually would like to have a device that is more focused specifically on OT environments the operational technologies.

    We would prefer a device that's stripped down, that doesn't have all the other fluff in the more enterprise system. We actually want a feature where we can remove features that are there that we don't use. That is actually a thing that we find. We use it now in an operational technology environment. We use normal IT equipment. However, it's not a normal IT network. It differs significantly from a normal corporate IT environment. In a normal corporate IT environment, you like the fluff, and the additional features, and you can click, click, click, and you're done.

    However, all of those features you add to a device open up risk for us. And that is something we do differently in the OT environment in operational technology. We prefer to not have the fluff. We prefer to have only what is needed for the device to do what it needs to do.

    For example, imagine an additional feature for some sort of additional VPN technology has been added. However, it's not really needed for the OT environment, and it's not configured on the device, yet there's some sort of security threat in there. Now, all of a sudden, somebody can hack your system, and he's in there, and he's switching the lights on and off the entire city. And you don't know about it due to the fact that the additional fluff that we added to the system, we weren't aware of that issue was on there.

    You can enable and disable certain modules in it. However, with disabling, nobody can really tell us if that module is disabled. Is it really disabled? Is it actually unloaded? Is it uninstalling Word from your laptop, or is it just not running Word?

    For how long have I used the solution?

    I've been using the solution since 2009, give or take. That's almost 13 years.

    Buyer's Guide
    Fortinet FortiOS
    August 2022
    Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
    622,063 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    We don't have any instability issues.

    What do I think about the scalability of the solution?

    The solution can scale reasonably well, within the means, of course, of the device itself. You buy the device based on the current network requirements. We typically build in a bit of extra expandability into there to ensure that the device can cope with the additional load on it.

    It greatly depends on the unit itself and what the limitations are. However, typically, expanding past that limit it's not complicated. Still, you'll have to procure a new unit. It's very crucial for us at the beginning phase to make sure that we know exactly what the customer's networking requirements are in terms of bandwidth, IPS, IDS, and throughput.

    If a VPN needs to come in, we’ll need to consider what is done with the requirements of the VPN. And then, based on that, we'll specify the unit with additional capacity. However, if you go outside of the unit's capacity, you'll have to get a new or bigger unit.

    It's actually an OT environment, not an IT environment. The actual user base is relatively small as not many people are allowed to use the operational side of things.

    It's not like a normal enterprise network where you have thousands of people connected to it. It's very small. And when I say very small, it's typically ten or maybe 20 users.

    How are customer service and support?

    If you log a support call, they have support engineers that jump on that support call very quickly to try and sort out your issue. There are absolutely no complaints that we have on their support side.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    If you are a novice person that has never worked with any firewall and don't really understand the concepts, you may find it challenging to set up. However, there are help files, online tutorials, and videos that guide you on any of the topics you have in it.

    It really helps you a lot to get to it in order to do the configuration. So it varies. It depends on how you install it. It may be fairly easy for your average user at home or for an average enterprise guy. However, for a process environment, it may be a bit more challenging since there are different approaches that we follow in order to install it. That said, Fortinet itself is not very difficult to use and its knowledge base and help are very extensive.

    We only need one person to deploy the solution.

    How long deployment takes depends on the customer requirements and what they require for their network that we need to implement. For the actual deployment of the FortiOS and the initial testing, you're looking anything from a day to about four days' worth of work.

    That said, your pre-prep, in other words, all your pre-definition of your firewall rules and what security model you need to run and what security level in your Purdue model that you need to implement, can take a good couple of months to do since it's purely based on how you apply the IEC 62442.

    It also greatly depends on what the customer needs are. The pre-prep work is actually the most important. The actual configuration is quick. However, the pre-prep work takes quite a while.

    What was our ROI?

    It's probably one of the best devices you have for ROI, especially regarding the current security landscape that we are in with the current kinds of security threats and stuff flying around. FortiGate is one of the best solutions regarding your return on investment.

    If you look at the way that you'll typically have to try and clean systems, let's say, if you were infected with very bad ransomware, the amount of cost and effort and money that you'll have to spend in order to clean all your systems and get all your IT equipment and everything running in top form condition.

    If you don't have a FortiGate unit protecting you, and you compare that to installing a proper FortiGate unit with all the correct modules and stuff like that, your ROI on it is much better than trying to clean everything after an attack. It's definitely well worth your investment.

    What's my experience with pricing, setup cost, and licensing?

    There are different types of licensing. It depends on what kind of licensing you decide to take, if it's on an annual basis or if it's a three-year basis. It also depends on what modules you have selected in your firewall.

    If you have the next business day on-site warranty, and if you have the actual hardware replacement, the normal RMA on devices like Cisco and those devices where the device fails, the company comes out and swaps the device out for you free of charge, that comes at a price.

    It greatly depends on what options you take with their warranties and guarantees and stuff. It's very difficult to say what the licensing is until you break down which module you will take.

    You need to buy the modules or the add-ons based on your needs. Licensing then will be directly connected to that. It’s like purchasing Windows. You can just buy Windows. However, you won't get Office working necessarily. It's the same with the FortiOS licensing. You buy the OS; then you buy everything you want to run on it.

    You can just buy the operating system, the FortiOS. However, it won't give you IPS or any other advanced firewall rules. That will be an additional cost on your licensing.

    They are slightly on the pricey side. They are affordable. However, they are not cheap. I’d rate them a two out of five in terms of affordability.

    What other advice do I have?

    All of the infrastructure is hosted locally on-prem. We can't host it in the cloud due to security reasons.

    We’re resellers more than partners. We provide the solution to customers. It's an industrial process environment.

    Whether we use the latest deployment or not depends on the customer. However, we prefer to not install the latest version. We typically install two or three versions backward. The reason is, that your latest versions typically have a lot of bugs that are not necessarily known yet. Since this is a process plant, which is not directly connected to the internet, effectively, you go through a Purdue model, which connects to layer three or layer four before they get to the corporate network.

    That then will break them out to the internet. The risk model for that is okay to have them not on the latest version. Also, since it is a process environment, literally, it's a process plant; it's an industrial process plant. The performance and uptime is king, not so much anything else. In a normal corporate environment, uptime and security is king. However, in a process environment, you need to keep the plant running 24/7 in order to pay the bills. The way that you look at how you install the product is quite a bit different than normal enterprise IT.

    I’d rate the solution ten out of ten.

    It is the best solution for users if they start out in a secure environment. They just need to make sure that they partner up with the correct partner that can guide them through the processes of obtaining the correct device and obtaining the correct training for themselves in order to use the device. That said, it's a highly recommended device to use from a perspective of security, usability, and installability.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    System Administrator at RBDigital
    Real User
    Top 5
    Robust, scales well using FortiManager, and you have a choice of two different modes to run in
    Pros and Cons
    • "It is more robust than SonicWall, particularly on the VPN from site to site."
    • "I can only compare it with SonicWall, and it is missing many advanced features that SonicWall has."

    What is our primary use case?

    We use this solution as a gateway, a firewall for the office.

    How has it helped my organization?

    More Stability on VPN and SSL Deep Packet Inspection (Compare to Sonicwall)

    What is most valuable?

    It is very robust.

    What needs improvement?

    Many things are missing from the interface that necessitates using the CLI, so it needs to be improved. When I migrated to FortiGate, there many things that I wanted to do, but couldn't.

    With FortiOS, you can use the router in two modes. The first mode is the profile mode, which is the starter mode that most use, but you have another mode that is a policy mode and is required before creating your firewall rule. The problem is that when you switch from one mode to the other, all of your firewall rules will be gone. This means that you have to decide if you want to use the policy mode firewall or a profile mode firewall.

    With policy mode, you can have granular control on the application on the firewall rule because the firewall rule works with the source destination protocol. With the application, you have multiple rules, one by one. As an example, you can have one for Skype or one for OneDrive, etc. On the source, you can add a group, and add people to the group, and they can have access to Skype and OneDrive along with others added.

    You can granularly control applications on the firewall rule with the policy mode, but you don't have access to the proxy mode rules. There are also issues with the antivirus, IPS, and you are forced to switch back to the profile mode where you have less granular control on the application.

    I have problems with the IPS stability and the antivirus in Policy Based Mode. If the file is bigger, then the antivirus doesn't check it.

    In policy Based Mode, There are many issues. (Firmware =< 6.4)

    For how long have I used the solution?

    I have been using this solution for one year.

    We are using the latest version, either 6.4 or 6.5.

    What do I think about the stability of the solution?

    This solution is very stable. It is more stable than SonicWall. The biggest difference is the stability on the VPN site to site, and on the DPI SSL for the HTTPS communication.

    What do I think about the scalability of the solution?

    If you wanted to expand the firewall to another office you would have to use the FortiManager, which I have not used yet.

    I have built five routers, one by one.

    SonicWall is the same where you have the GMS that can be used to move the rule to the other firewall.

    How are customer service and technical support?

    Technical support is not always good.

    Which solution did I use previously and why did I switch?

    I can only compare it with SonicWall, and it is missing many advanced features that SonicWall has. SonicWall has multiple advanced features on the DNS, Antivirus, etc...  and a lot of options that don't exist in Fortinet.

    With SonicWall, I never had to use the CLI but have had to with Fortinet. They are missing many things on the interface.

    FortiGate is like a teenager, where SonicWall is the adult firewall. However, it is more robust than SonicWall, particularly on the VPN site to site and SLL Inspection.

    How was the initial setup?

    When you build a VPN from site to site, you have to make sure the tunnel you select has the same option on both sides to make it work, but you have to also make sure that the routing exists, the mapping exists, and the firewall role exists. 

    If one of them is not there, even if you create a site-to-site VPN with the other side and everything, there is no error, the VPN will not go up. 

    On SonicWall, it's different. You build a tunnel, you put the same encryption, the same password on both tunnels, and you click up and it's up. If it's not working, it's because you didn't create yet the firewall rule, you work on the VPN, you click, then connect, and it's up.

    Then if it's still not working, you create a firewall rule and it's up, or if you forgot the net rule, etc. You do that step-by-step, and it's working, but unfortunately if one of them has a mistake, even if you have no error on the site-to-site VPN setup, it's not going up.

    With SonicWall, you can do it step by step and have it working, but with Fortinet, you have to do it all at the same time with no errors.

    What's my experience with pricing, setup cost, and licensing?

    I work on the configuration and not really involved in the pricing. It was already in place when the company decided to switch back to Fortinet. 

    I concentrate more on security.

    What other advice do I have?

    I know Fortinet and SonicWall, and If I had to consider other solutions or if I have to redo it again, I would take a closer look with Palo Alto first.

    With Palo Alto, the cost is more, but when I switch from SonicWall to Fortinet FortiOS, I lost a lot in the features. I would check to see if Palo Alto has what was lost in terms of features.

    The stability is good. I would rate Fortinet FortOS an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Fortinet FortiOS
    August 2022
    Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: August 2022.
    622,063 professionals have used our research since 2012.
    Xin He - PeerSpot reviewer
    Network Support at Rexall Pharmacy Group
    Real User
    Top 20
    Flexible, easy to use, and meets our requirements
    Pros and Cons
    • "It's easy to use."
    • "Right now, all the features meet my requirements."

    What is our primary use case?

    FortiOS is just an operating system. That's it. It's a firmware FortiGate is running. 

    FortiOS is the foundation of the Fortinet secured fabric.

    How has it helped my organization?

    You can have virtual domains. On top of each virtual domain, you can see the independent system. When comparing Fortinet with other vendors, the good part is you can set different priorities. It depends on different VDOMs. In my case, I have two VDOMs. One is called a VPN VDOM; the other is called a web filter VDOM. Usually, for other vendors, no matter how many domains, just one primary device is always a primary one. However, for FortiGate, you can separate them. In my case, I have machine one, and machine two. FortiGate one, Fortigate two. And for each FortiGate, we can have multiple VDOMs. In my case, I have two VDOMs. If you want to save money, you can split the workload, and this capability helps us save on costs.

    What is most valuable?

    It's very flexible firmware. 

    I really like it overall. It really meets lots of my requirements.

    The initial setup is easy.

    It's easy to use. 

    The solution is quite stable.

    What needs improvement?

    Right now, all the features meet my requirements. It's not lacking in any way.

    For how long have I used the solution?

    I have more than ten years of experience with the solution. 

    What do I think about the stability of the solution?

    The stability is good. There are no bugs or glitches. It doesn't crash or freeze. It is reliable. In terms of hardware. We are in a cycle right now to handle hardware replacement. We've been using the hardware for seven years now. 

    What do I think about the scalability of the solution?

    I have more than 400 stores nationally in Canada. I have it in every  different location. For each store, for business continuity purposes, we have two internet connections. One is the primary internet connection; the secondary is the LTE. 

    LTE is expensive, so we always use the primary, like cable or PPPoE. Unless the cable or PPPoE fails, then we switch traffic to LTE. Even for LTE, we control the traffic. For example, we have backup traffic. For LTE, we don't allow the backup traffic to go through LTE since LTE is for business continuity purposes only.

    For redundancy, you build up the HA environment, meaning, at a minimum, you have two devices to work together. The secondary is always just sleeping there, dormant. When the primary fails, then you switch over to secondary.

    However, for Fortinet, on top of this, you can have multiple VDOMs.

    How are customer service and support?

    I'm a very senior tech guy, and therefore I would rarely need their services. However, I will say they have been much better, and we find them helpful. 

    Which solution did I use previously and why did I switch?

    I've had previous experience with Cisco products.

    How was the initial setup?

    The initial setup is very good. I'm a Cisco guy; I'm used to the command line interface. Therefore, right now, from my command line point of view, I like it. The hierarchy of the command line is very clear and it's very easy to change as needed.

    What's my experience with pricing, setup cost, and licensing?

    The license is based on the machine itself, not on how many users. That's why we backhaul all the internet traffic to my head office, so in my head office, I only need to buy one license. To access the internet, we have a VPN tunnel. 

    I'm not sure of the exact costs. I didn't purchase it, I just use it. 

    Which other solutions did I evaluate?

    I've compared the solution to Palo Alto and Cisco. 

    What other advice do I have?

    Right now, more and more services are moving to the cloud. In terms of the cloud, the IP address changes so frequently. Today you see this IP for this service, the next day, without notifications, they may change IP to other IP addresses. So, originally, all firewall rules were based on the IP address. Now, it's not based on the IP address; it's based on the service. I can see Fortinet has already worked on this. For example, they provide internet service, which I remember, even though I haven't tried it yet. There's an internet service called Office 365. You just use this; you don't need to know the exact IP address or something; you just use this name. In the background, Fortinet updates this, updates all the information about this group, so you don't need to. The firewall keeps retrieving all that information from Fortinet, so you don't have to worry about the frequent change on the cloud side.

    So far, I'm very satisfied with this device. Compared with other vendors, like Palo Alto and Cisco, I'm delighted with FortiGate, to be honest.

    I'd rate it ten out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    IT Infrastructure at a tech services company with 51-200 employees
    Real User
    Top 5
    Useful UTM features, good interface, and beneficial controls
    Pros and Cons
    • "The interface is good."
    • "There are some features for FortiGate using FortiOS that can only be enabled via a command line. These aren't very advanced features they have been part of FortiOS for quite some time but they still aren't accessible from the graphical user interface. It makes it a little bit harder than it should be for us to manage the solution. That's my main concern with the user interface. Another concern we have is some elements for the user interface, if they're not properly configured, it could lead to hardware and performance degradation."

    What is our primary use case?

    Most of our customers that we implemented Fortinet FortiOS for we support and manage the FortiGate. Most of them use all the UTM features, such as web features, application control, intrusion prevention, and SSL inspection. We do have some customers who do not use these features. They mostly use IPsec, VPN concentrator, but no security features, we only have two specific cases. Most of our clients prefer to use FortiGate because of all the security features.

    What is most valuable?

    The interface is good.

    What needs improvement?

    There are some features for FortiGate using FortiOS that can only be enabled via a command line. These aren't very advanced features they have been part of FortiOS for quite some time but they still aren't accessible from the graphical user interface. It makes it a little bit harder than it should be for us to manage the solution. That's my main concern with the user interface. Another concern we have is some elements for the user interface, if they're not properly configured, it could lead to hardware and performance degradation.

    We have had some cases where the entire hardware is at a lockout. This means the CPU is  100% consumed and requires a reboot because of a malfunction with the graphical user interface dashboard widget. This is something that we saw a few years ago. We haven't had any new experience with this same issue. However, I'm not sure if that's because Fortinet fixed them, or because we have mow avoid using those specific regions.

    For how long have I used the solution?

    I have used Fortinet FortiOS within the last 12 months.

    What do I think about the stability of the solution?

    Fortinet FortiOS is stable.

    What do I think about the scalability of the solution?

    I have found Fortinet FortiOS to be scalable.

    We have approximately 200 users using this solution.

    Which solution did I use previously and why did I switch?

    We have used work with many antivirus solutions, such as Trend Micro, CrowdStrike, and Kaspersky. The antivirus engine could use some improvement when comparing Fortinet with other vendors.

    How was the initial setup?

    I have been doing the installation of Fortinet FortiOS for five years and I am used to doing them. For someone who is new, I do see some difficulties for them to learn how to do it.

    The process could be better.

    What about the implementation team?

    For approximately 200 employees we have at least two engineers and some junior analysts for the day-to-day operation.

    What's my experience with pricing, setup cost, and licensing?

    The Fortinet solutions can be a bit expensive.

    What other advice do I have?

    The most advanced solution Fortinet has is intruder prevention.

    My advice to those wanting to implement Fortinet FortiOS is they should do a site survey, but not exactly the site survey. They need to study and scale the environment for which they want to implement the FortiGate solution. FortiGate solutions aren't exactly cheap, but if they undersize the environment and they purchase or implement FortiGate solutions that are not good enough power-wise for the environment that's being used, it could lead to problems. Although it is a stable solution, it is prone to lockouts if it goes above the recommended use cases. Proper sizing of the environment is very important.

    I rate Fortinet FortiOS an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Muhammad Jahangir - PeerSpot reviewer
    Manager Devops at emergent
    Real User
    Top 5
    A next-generation operating system and firewall with a lot of features
    Pros and Cons
    • "I am satisfied with Fortinet FortiOS. It's a cool product and has a lot of UTM features. It has application control, web filtering, antivirus, IPS/IDS, DNS filtering, and many things in that firewall. It also has a web application firewall WAF feature. On the feature side, it's a good firewall."
    • "It would be better if AWS instances were available. If I want to upgrade from T2.small to T2.medium, it should be available rather than having a big instance and paying a lot of money for that. The issue is that we had deployed in AWS Cloud, and we were using a very small instance. Recently we wanted to move in-house and deploy it on the big instance because it was struggling with the RAM. If we use T2.small, we cannot upgrade it to the T2.medium. It has predefined instances in the marketplace with a lot of cost differences. If I can increase the RAM, I have to choose the T3.large instance. If I'm paying $270 for the small instance, I have to pay more than double the cost for T3.large. It is about $850, and this is not good. So, it would be better if it was cheaper. I think both AWS and Fortinet should think about that. They should provide it on lower instances as well. If I want to upgrade it from T2.small to T2.medium, it should be available, but it's a problem."

    What is our primary use case?

    We use Fortinet FortiOS to protect our office, and we have another deployment in production. We have the PCI DSS environment on which we have deployed the Fortinet Firewall.

    What is most valuable?

    I am satisfied with Fortinet FortiOS. It's a cool product and has a lot of UTM features. It has application control, web filtering, antivirus, IPS/IDS, DNS filtering, and many things in that firewall. It also has a web application firewall WAF feature. On the feature side, it's a good firewall.

    What needs improvement?

    It would be better if AWS instances were available. If I want to upgrade from T2.small to T2.medium, it should be available rather than having a big instance and paying a lot of money for that.

    The issue is that we had deployed in AWS Cloud, and we were using a very small instance. Recently we wanted to move in-house and deploy it on the big instance because it was struggling with the RAM. If we use T2.small, we cannot upgrade it to the T2.medium. It has predefined instances in the marketplace with a lot of cost differences.

    If I can increase the RAM, I have to choose the T3.large instance. If I'm paying $270 for the small instance, I have to pay more than double the cost for T3.large. It is about $850, and this is not good. So, it would be better if it was cheaper.

    I think both AWS and Fortinet should think about that. They should provide it on lower instances as well. If I want to upgrade it from T2.small to T2.medium, it should be available, but it's a problem.

    For how long have I used the solution?

    I have been using Fortinet FortiOS since 2019, so more than three years.

    What do I think about the stability of the solution?

    Fortinet FortiOS is a stable product.

    What do I think about the scalability of the solution?

    Fortinet FortiOS is scalable. 

    How are customer service and support?

    Technical support is good. When I create the ticket, they respond to me, engage the engineer, and support is good. No issue at all.

    How was the initial setup?

    The initial setup is not too complex; it's simple.

    What's my experience with pricing, setup cost, and licensing?

    It would be better if it were cheaper. We have the firewall in our office, and the license is expiring in 20 to 25 days. We got a quote for almost 80,000 Pakistani Rupees, which is a little costly.

    Which other solutions did I evaluate?

    If I compare Fortinet FortiOS with Cisco Adaptive Security Appliance (ASA), it's a cool product. The deployment of ASA is a little bit complex because it's GUI-based, and ASA also has a graphical user interface. But I still think Fortinet is a good firewall compared to ASA because if you want to use the IPS/IDS feature in the ASA, you have to deploy the management center and integrate it with the firewall, which is a little complex.

    What other advice do I have?

    I recommend this solution to potential users because it has many features, and it's a stable product.

    On a scale from one to ten, I would give Fortinet FortiOS an eight. 

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Sabyasachi Sen - PeerSpot reviewer
    IT General Manager at Manav Rachna International School
    Real User
    Great security and authentication but the setup can be complex
    Pros and Cons
    • "The classification of the websites is helpful."
    • "There is no flexibility."

    What is our primary use case?

    The solution is basically an OS for Fortinet.

    What is most valuable?

    Security and authentication are the most valuable aspects of the product. The classification of the websites is helpful.

    The solution is stable and reliable.

    What needs improvement?

    We have several access points on FortiGate, which were procured long ago. Those are not supporting the present firmware update we make on the UTM. Therefore, we cannot get the latest firmware updated on the UTMs. I was thinking that if we need to get rid of these physical devices, we should move to some cloud-based system.

    The only problem that we are facing at the moment is that all the devices of FortiGate, whether it is for FortiGate's access points or authenticator or controllers or UTM, is in the FortiOS. They are interrelated and interdependent. It means if I buy a FortiGate car, I have to run FortiGate OS, I have to fill in FortiGate fuel, and I have to run it on a Fortinet road. I can’t mix and match it with different solutions. There is no flexibility.

    The initial setup is a bit complex.

    We would like to have NMS built into the solution.

    For how long have I used the solution?

    We’ve been using the solution for the last ten years.

    What do I think about the stability of the solution?

    The solution is stable. We’ve never had any issues with the product. It’s reliable. There are no bugs or glitches.

    What do I think about the scalability of the solution?

    If I need to scale it up, then again, I have to change the entire family of it.

    The amount of users connected at any given point is something around 6,000, including the students and the people on move.

    How are customer service and support?

    We never use tech support from Fortinet. We get support from a local supplier.

    Which solution did I use previously and why did I switch?

    We are tied to Fortinet and therefore did not use any other product.

    How was the initial setup?

    Initially, the solution can be a bit complex to set up. It’s not simple. There’s a learning curve. You need to train on it a bit first.

    We have ten to 12 people on hand who are specialized in FortiOS and can handle deployment and maintenance tasks. We have a total of 20 people working on maintenance.

    What's my experience with pricing, setup cost, and licensing?

    The pricing is pretty high. I’d rate it at a two or three out of five in terms of affordability.

    Since the pandemic, a lot of things have gotten exponentially higher. Also, for us, the final price is dependent on the dollar conversion rate. You can get a license for one or up to five years.

    Which other solutions did I evaluate?

    Since we are tied to Fortinet and could not use anything else, we did not compare it to other solutions.

    What other advice do I have?

    We are customers and end-users.

    I’d rate the solution seven out of ten.

    I’d recommend the solution for an enterprise user. However, it may be a bit much for a small or medium-sized organization.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Dago Pacheco - PeerSpot reviewer
    Infrastructure and Services Manager at Universidad Arturo Prat
    Real User
    Top 20
    Easy to use with a powerful CLI and a nice graphical user interface
    Pros and Cons
    • "The technical support on offer has always been quite good."
    • "The pricing of the product is too high."

    What is our primary use case?

    Fortinet is used for security. FortiOS is the operating system. FortiAnalyzer, for example, can be used on it and it is used for log management, et cetera.

    What is most valuable?

    The solution is very easy to use. It's a solution that has a powerful CLI and a very powerful graphical user interface.

    The solution scales well.

    In terms of stability, the solution is reliable.

    It's not too hard to implement the solution.

    Technical support is helpful and responsive. 

    What needs improvement?

    The pricing of the product is too high. They should work to lower it.

    For how long have I used the solution?

    I've been using this solution for three years. It's been a while. 

    What do I think about the stability of the solution?

    The solution is stable. There are no bugs or glitches. It doesn't crash or freeze. The performance is reliable 

    What do I think about the scalability of the solution?

    We have found the product to be scalable. It's not a problem if you want to expand it.

    There are 1,000 users on the solution at this time. 

    While there may be plans to increase usage in the future, I'm not sure if that's the case just yet. 

    How are customer service and support?

    The technical support on offer has always been quite good. We are satisfied with the level of service they provide.

    Which solution did I use previously and why did I switch?

    Previously, we were mainly using Cisco firewalls and products.

    How was the initial setup?

    We enlisted some assistance with the implementation process. The setup was pretty easy. It wasn't overly difficult.

    We have three people who are able to maintain the solution. They include me and two team members who are both engineers.

    What about the implementation team?

    We used an integrator to help us deploy the solution.

    What's my experience with pricing, setup cost, and licensing?

    The solution is fairly expensive. The cost is around $40,000.

    It would be ideal if they offered more licensing options.

    Which other solutions did I evaluate?

    We were presented with some other solutions such as Palo Alto and Check Point. We prefer Fortinet due to the features on offer.

    What other advice do I have?

    I'm an end-user and customer. 

    We are using a few versions of the solution, some with 6.2, which is not the most updated version, and some others with almost legacy versions such as 5.6.

    I would advise users to not stick with the last version if a new release comes out.

    I would rate the solution at a nine out of ten. We have been largely pleased with its capabilities. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Javed Hashmi - PeerSpot reviewer
    Chief Technology Officer at Future Point Technologies
    Real User
    Top 10
    Provides good security with easy to use link balancing features; could have better integrations
    Pros and Cons
    • "Has a very simple OS and a good price point."
    • "Lacks flexibility for different scenario configurations."

    What is our primary use case?

    We are system integrators and we deploy firewalls for our customers. I'm the CTO and we are partners with Fortinet. 

    What is most valuable?

    Fortinet is a feature-rich firewall. The ease of use is one of the primary advantages of this product. It has a very simple OS and things are pretty easy to do. Fortinet has a good price point which is one of the reasons it's so popular. It's also a good security product. With Fortinet, the link balancing features are easier to use compared to other firewalls. 

    What needs improvement?

    We have had some performance issues, but that seems to be improving. I'd like to see better integrations and more flexibility for different scenario configurations. In comparison to Cisco, the CLI is quite difficult to use. Finally, I believe that the reporting could be enhanced to provide better visibility into the traffic. 

    As an additional feature, Fortinet could have XDR embedded into it which would mean more visibility from the reporting side because right now we have to separately install FortiManager and FortiAnalyzer for driver analysis.

    For how long have I used the solution?

    We've been using this solution for over five years. 

    What do I think about the stability of the solution?

    Fortinet is a pretty stable product. 

    What do I think about the scalability of the solution?

    Fortinet still has to prove themselves when it comes to higher throughput cases, because there are many places where other brands are placed with higher throughput than Fortinet. When we enable all the features, sometimes the performance migration is more significant compared to Fortinet's claims of what it should be, so that needs to be better matched. 

    How are customer service and technical support?

    I think Fortinet needs to improve their support. They are not one of the gold star rating support companies. There are a few big vendors like Cisco, EMC, VMware with gold star support rating. The support is sometimes not up to the mark. 

    How was the initial setup?

    The initial setup is quite straightforward. 

    Which other solutions did I evaluate?

    We generally deploy Fortinet, Cisco and occasionally Palo Alto which is an expensive firewall so less companies use it. We deploy Cisco and Fortinet frequently. When it comes to performance and price, Palo Alto is at the top on both counts. 

    What other advice do I have?

    I rate the solution seven out of 10. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    PeerSpot user
    Buyer's Guide
    Download our free Fortinet FortiOS Report and get advice and tips from experienced pros sharing their opinions.
    Updated: August 2022
    Product Categories
    Firewalls
    Buyer's Guide
    Download our free Fortinet FortiOS Report and get advice and tips from experienced pros sharing their opinions.