IT Central Station is now PeerSpot: Here's why

Fortinet FortiOS Room for Improvement

PR
System Administrator at RBDigital

Many things are missing from the interface that necessitates using the CLI, so it needs to be improved. When I migrated to FortiGate, there many things that I wanted to do, but couldn't.

With FortiOS, you can use the router in two modes. The first mode is the profile mode, which is the starter mode that most use, but you have another mode that is a policy mode and is required before creating your firewall rule. The problem is that when you switch from one mode to the other, all of your firewall rules will be gone. This means that you have to decide if you want to use the policy mode firewall or a profile mode firewall.

With policy mode, you can have granular control on the application on the firewall rule because the firewall rule works with the source destination protocol. With the application, you have multiple rules, one by one. As an example, you can have one for Skype or one for OneDrive, etc. On the source, you can add a group, and add people to the group, and they can have access to Skype and OneDrive along with others added.

You can granularly control applications on the firewall rule with the policy mode, but you don't have access to the proxy mode rules. There are also issues with the antivirus, IPS, and you are forced to switch back to the profile mode where you have less granular control on the application.

I have problems with the IPS stability and the antivirus in Policy Based Mode. If the file is bigger, then the antivirus doesn't check it.

In policy Based Mode, There are many issues. (Firmware =< 6.4)

View full review »
CC
Technical Head at a tech services company with 51-200 employees

The product really has everything that we need as far as features for this type of solution and our use case. It works fine for us. One thing that can be improved is the pricing model. It is currently subscription-based and I think they should probably try to change that.  

View full review »
RR
IT Infrastructure at a tech services company with 51-200 employees

There are some features for FortiGate using FortiOS that can only be enabled via a command line. These aren't very advanced features they have been part of FortiOS for quite some time but they still aren't accessible from the graphical user interface. It makes it a little bit harder than it should be for us to manage the solution. That's my main concern with the user interface. Another concern we have is some elements for the user interface, if they're not properly configured, it could lead to hardware and performance degradation.

We have had some cases where the entire hardware is at a lockout. This means the CPU is  100% consumed and requires a reboot because of a malfunction with the graphical user interface dashboard widget. This is something that we saw a few years ago. We haven't had any new experience with this same issue. However, I'm not sure if that's because Fortinet fixed them, or because we have mow avoid using those specific regions.

View full review »
Buyer's Guide
Fortinet FortiOS
July 2022
Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
610,336 professionals have used our research since 2012.
Muhammad Jahangir - PeerSpot reviewer
Manager Devops at emergent

It would be better if AWS instances were available. If I want to upgrade from T2.small to T2.medium, it should be available rather than having a big instance and paying a lot of money for that.

The issue is that we had deployed in AWS Cloud, and we were using a very small instance. Recently we wanted to move in-house and deploy it on the big instance because it was struggling with the RAM. If we use T2.small, we cannot upgrade it to the T2.medium. It has predefined instances in the marketplace with a lot of cost differences.

If I can increase the RAM, I have to choose the T3.large instance. If I'm paying $270 for the small instance, I have to pay more than double the cost for T3.large. It is about $850, and this is not good. So, it would be better if it was cheaper.

I think both AWS and Fortinet should think about that. They should provide it on lower instances as well. If I want to upgrade it from T2.small to T2.medium, it should be available, but it's a problem.

View full review »
JL
Executive - Data & IP at a comms service provider with 1,001-5,000 employees

Fortinet needs to make this solution even more robust. Sometimes when we get a DDoS attack, the cannot withstand it. We can run out of sessions very easily. That said, I suppose if you want more a robust system, then you could purchase higher-end solutions, which are more expensive. Still, I would like to see more protection from even in the low-end version.

The pricing needs to be improved. It's quite pricey.

In terms of the CLI, if they could make it more intuitive, and more user friendly, it would make the solution better. I like to work on CLI instead of through the GUI. If you are used to it then you wouldn't mind the way it works right now. However, for those that don't, there's just a sizeable learning curve.

View full review »
Dago Pacheco - PeerSpot reviewer
Infrastructure and Services Manager at Universidad Arturo Prat

The pricing of the product is too high. They should work to lower it.

View full review »
Javed Hashmi - PeerSpot reviewer
Chief Technology Officer at Future Point Technologies

We have had some performance issues, but that seems to be improving. I'd like to see better integrations and more flexibility for different scenario configurations. In comparison to Cisco, the CLI is quite difficult to use. Finally, I believe that the reporting could be enhanced to provide better visibility into the traffic. 

As an additional feature, Fortinet could have XDR embedded into it which would mean more visibility from the reporting side because right now we have to separately install FortiManager and FortiAnalyzer for driver analysis.

View full review »
SB
President at a manufacturing company with self employed

FortiOS doesn't work well with all browsers. I think they need to do a better job of making it compatible with the various browsers that are out there. I see weird stuff happen sometimes.

It doesn't crash the router bin itself, but it typically takes some time. Sometimes I'll have to reboot the router to get it working with a browser again. This is maybe just a problem with older versions. I can't say anything about the recent versions of the FortiOS, but over the years, I've seen weird stuff.  This is mainly just a problem with the browser interface. I've never had a problem with the command line.

View full review »
SM
Senior Network Administrator at Tawasul telecom

The support could be better. Their first-level support is often poorly trained. 

We don't have any other requirements in terms of needing new features. 

View full review »
AK
Senior Manager (Engineering Department) at a comms service provider with 10,001+ employees

They're using a lot of application-specific IC, so that may be causing some performance issues. And whenever a Fortinet adds new features, it can affect performance. I don't handle implementation, so I have to ask my frontline engineers to implement new features, like software-defined WAN service. But I'm not sure these are stable and acceptable because this project is still in progress. FortiOS and all the other firewall products are adding SD-WAN service, and this kind of service needs a lot of resources from the fabrics, the hardware, and the software. Still, I think we have more confidence deploying this service with FortiOS than using the other brands, like Juniper.

View full review »
Andrey Kurtasanov - PeerSpot reviewer
Consultant at Orange

The central management can improve in Fortinet FortiOS. It is sometimes difficult to manage all the devices.

I wrote my opinion about changes to the SSL-VPN authentication directly on the Fortinet forum, and they said that right now they will not change it. Hopefully, in the future, they will change the SSL-VPN authentication for groups and users.

View full review »
Sudeep Maydeo - PeerSpot reviewer
Senior Manager IT at Tata International Limited

It would be great if they can push the Microsoft updates through Fortinet OS and provide a centralized patch management system.

They should also include the data loss prevention (DLP) and data leakage prevention features. They could also add network monitoring more effectively.

View full review »
Subbu Madhira - PeerSpot reviewer
CEO at OmniNet Systems

Fortinet FortiOS can improve the GUI and remove the command line interface. All the functionality should be available from the GUI. Day-to-day management can be tough for IT administrators. Additionally, the reporting is not very good.

View full review »
RiteshJha - PeerSpot reviewer
Director (FS Strategy) at LPP

The support could be improved, Fortinet's response time is very slow. 

Setting up the VPN could be made much easier, especially when deployed with Azure.

View full review »
SamiEsber - PeerSpot reviewer
Security consultant at Manaai corp.

Some features I have found to be hidden and cannot be accessed through the graphical user interface, you can only access them through the command-line interface(CLI). All the features should be accessible through the graphical user interface.

View full review »
Vincent Gonzales - PeerSpot reviewer
Senior Network & Security Engineer at a tech services company with 51-200 employees

The solution could improve the log retention and reports.

View full review »
TN
Sales engineer/Technical support engineer at Vietnet

Fortinet's central management needs to be improved. FortiManager's technical tool provider ability should manage all Fortinet security products. Right now, FortiManager only manages the configuration of FortiGate.

View full review »
Mitku Bitew - PeerSpot reviewer
Head of Network Administration Section at Zemen Bank S.C.

FortiOS's bandwidth and interface could be improved. In the next release, Fortinet should include an option to disable users.

View full review »
PA
Systems manager at a educational organization with 51-200 employees

Fortinet FortiOS could improve by having better authentication methods with Microsoft or Google Services.

In an upcoming release, they could improve the user interface.

View full review »
GG
System Engineer at a tech services company with 51-200 employees

There are some issues with the performance. We also had some issues while updating the firmware.  

The download options can be better. While downloading VPN clients, it is a little bit difficult to get different versions. You need to log on and search.

Their support can be better. 

View full review »
AS
Technical Presales Engineer at a educational organization with 10,001+ employees

FortiOS could provide a more detailed analysis of the network and connected devices.

View full review »
Ravinder-Singh - PeerSpot reviewer
Junior Manager at Paytm Payments Bank

The threat time interval lags a little, especially if there's a heavy load on the firewall.

View full review »
CR
Director at REDCO

I would like to see fewer bugs. If you use the box with its basic features, the solution is straightforward and stable, but you can run into bugs when using newer features or in more complex use cases. They included a DNS filter as a new feature, and I had issues that required raising a ticket with customer support.

View full review »
RR
Sr. Architect at a manufacturing company with 10,001+ employees

Fortinet FortiOS can improve by limiting the need for the CLI and GUI combination. The more functions they can have on the GUI and less on CLI would be helpful.

View full review »
HK
Software Development Specialist at Unicomp Information Co. Ltd.

The solution could improve by making the dashboard easier to use.

View full review »
Ali Fauzi - PeerSpot reviewer
Senior Network Security Engineer at Tunas Ridean Tbk PT

I would like to see the features of FortiAnalyzer included in Fortinet FortiOS. Right now, you're required to have an additional license and a different device for features such as processing the log, reporting, and analyzing traffic.

View full review »
AA
Manager IT at wintac

The reporting and monitoring could improve, they have a lot of limitations. The monitoring is not easy compared to the other firewall.

View full review »
Vijay Bhaskara Maram - PeerSpot reviewer
Network Engineer at Pyramid IT Solutions Pvt Ltd

The reporting for this solution could be improved. It could also be more stable and offer better pricing. 

View full review »
Buyer's Guide
Fortinet FortiOS
July 2022
Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
610,336 professionals have used our research since 2012.