Fortinet FortiWLM Reviews

The most valuable features are central management and the many other features available.

The roaming of Fortinet FortiWLM could improve when comparing it to other solutions. We are missing some of the functionality in the controller. Additionally, they should offer more logs instead of using FortiAnalyzer because all the users will not be using the same thing.

I have been using Fortinet FortiWLM for approximately two weeks.

You need to understand the concept first before you can implement the solution. You need to be familiar with networking first to be able to install Fortinet FortiWLM.

I rate Fortinet FortiWLM an eight out of ten.

My clients use Fortinet FortiWLM for wireless management in healthcare, hospitality, and office settings.

Fortinet FortiWLM is good for tracking assets, monitoring, and overall management.

In the next release, they could improve by adding a controller-less server, or architecture that is provided in other solutions, such as Aruba. This would be a great benefit for customers. Additionally, they could improve the feature sets to be more competitive.

The solution is stable and highly reliable. We do not have any complaints from customers.

We have currently three clients using this solution.

For critical infrastructure in healthcare and government, we find Aruba a better solution for their requirements.

If we are redoing an installation of an existing network are some difficulties but a typical installation is not difficult.

There is a perpetual license required for this solution and the price could be reduced.

I would recommend this solution.

I rate Fortinet FortiWLM a seven out of ten.

We are similar to our customer implementation. We provide a switch, we have provided even the firewall, Apache, and SolarWinds solutions. So when we are talking about Apache, completely it is taken out first. Then monitoring or patching with iPhones, it is much better. It is very simplified when comparing it to any other product. I think the product doesn't have challenges. I didn't find any challenges with Fortinet Wireless.

Documentation could be improved.

I have been using and selling Fortinet Wireless for 13 years.

We have been very happy with the stability of the product.

Fortinet Wireless is very scalable.

Once you have a subscription, it works. After that, you open tickets with their technical support. There's no other challenge. We haven't needed to contact technical support as everything is pretty straightforward.

In many of my other previous companies, Fortinet Wireless has been used. I haven't had many challenges. Apart from that, when I became a system integrator, I found that It's really good when comparing it to any other product or it is much better in terms of features that the customer requires.

I have my own team who are satisfied with the product. There are two or three engineers on the team. They normally handle the implementation of Fortinet Wireless.

The licensing is all contained in the purchase and implementation. The customer will look at the licensing at purchase and make sure all is in order. All the subscriptions that are relevant for the purchase and maintenance are involved. The implementation will be monitored and have a secure wireless connection.

We have a partnership with Sophos also. But with Sophos, we have a lot of customers, more than with Fortinet. When you compare the features and, reliability and performance, Fortinet is better.

Fortinet Wireless is a very good product, in terms of reliability and in terms of configuration also. I would rate Fortinet wireless at a nine out of ten.

Our primary use is for official purposes. On our campus, there are two employees who have a laptop and move here and there, and sub-faculties are always trying to connect to Google or other resources, for any documentation purposes. The facility is huge. So for online purposes, we give them the flexibility so that wherever they are on campus they can easily connect to the internet.

All their features are common. Nothing more. All the features are controlled behind the Fortinet firewall. Is there any wireless controller to balance the load? Or what report do they give for the stated purpose? Basically, we need to put more focus on the reporting end for their sustainability.

I have been using Fortinet Wireless for the last five years.

The product is a stable solution.

In terms of scalability, we will not replace Fortinet for our staff purposes. But we have a very large group of students for whom we are planning to use it to give them online education. For that purpose, we are planning to handle the number of 40,000 students on our campus so that we can synchronize real data over any streaming material or tablet.

Because of that, because of the technology changes every year, this is not suitable for the search crowd.

Technical support is very poor. We are not satisfied with the technical support because there is not any direct person from Fortinet for any troubleshooting, which we expected.

On a scale from one to 10, where one is the worst and 10 is the best, I would rate Fortinet Wireless three out of 10.

You may discuss this with any of the other clients who are using Fortinet. I think you will find out what kind of support Fortinet gives because there is no direct person involved from the Fortinet side to give client support. They depend on the mediator or integrators or suppliers. They help. They are trained but they are not from Fortinet. I would not go with Fortinet. You can think of it as a customer buying a Fortinet product from the company and the company has stopped their service. Then who will look after those clients? 

So I think there should be a direct person who provides service to the client. It could either be a portal or there could be another way to improve the services.

We are a technical services company and this is one of the solutions that we provide to our clients. My client was interested in adding a guest network to the existing infrastructure. The main requirement was that the new access points needed to be able to integrate properly, but any guests should not be able to connect to his main network.

It was a very old network with no VLAN and there was no interest in implementing one. This solution allowed for the creation of different networks without the need for a VLAN or the installation of layer two switches.

The most valuable feature is the ability to connect and broadcast to different networks without using a VLAN or a layer two switch, which allows you to easily create guest networks. This is a very useful and very different feature compared to other solutions on the market. In every customer meeting, this is the feature that we highlight.

The solution is easy to use and the GUI is user-friendly.

The guest management features need to be improved by adding automation. There is a facility for guest management through a portal, but it should be automatic. As it is now, the IT person has to edit and do things manually. All of the details should be maintained in the FortiCloud.

I would like to see some small access points or signal extenders added to the product line to help with areas that do not have full coverage. 

I have been working with Fortinet wireless for the past seven years, and for fourteen years in total with Fortinet solutions.

In the past seven years that I have been working with this solution, I have not had any issues regarding stability.

This scalability is good.

I have been in contact with technical support a few times, although it was for known product issues that required doing things like installing a new driver. Overall, I would rate them to be good.

We have deployed solutions from D-Link and NETGEAR for certain clients, although they have not needed to have the depth of features that are offered by Fortinet Wireless. These include both security options and the facility for providing a guest network.

The initial setup is easy and user-friendly. The deployment is highly efficient, and it may take 25 minutes to configure if you have a maximum of ten access points. At most, it may take three to four hours.

For indoor access points, there is a one-time cost, upfront, whereas outdoor access points have an annual fee.

Compared to some of the wireless solutions by Cisco, Aruba, and HP, this product is a little bit costly. However, Fortinet has good security and other good features that the customers are interested in.

I would rate this solution an eight out of ten.

We started the utilization in our warehouse to improve the connection for our hand scanner and cameras. 

The Access Points work with two radios (2.4GHz and 5GHz) and it was the best feature because some scanners are new with AC wireless support. The firewall integration was another good feature because is very fast to setup.

The firewall integration is very important for the security of the connection. For each SSID it's possible to create rules to specify connections.

This solution should be easier to set up in a production environment.

We intend to implement this solution in our production area and eventually replace cable connections with wireless service.

I've been doing pre-sales engineering for most Fortinet products. Wireless is one of our main products, where there's a good market. I have been involved in a few of the implementations including the designing. One was a warehouse and there was another one where we helped design a wireless network for a public youth center. The youth center was a fairly big building. There was the basketball court and they had the library, etc. I designed the network around that.

There was another where we did the design for a retail shop. For them, the requirement was high-performance WiFi because there were going to be a lot of customers in the retail shop. They needed a very strong WiFi without having any network drops.

Nowadays, the biggest problem in modern networks is that you have one vendor for wireless and you have another vendor for your SIEM, another vendor for firewall, and an entirely different vendor doing anti-virus. The problem here is that if somebody were to infiltrate your network, you would have to pull information from all these different products. It goes without saying that these different vendors' products don't talk to each other. That means you would have to manually correlate all this information. With the faster threats that we have today, by the time you correlate anything and then come to a conclusion, the damage is already done.

But with the Security Fabric, all these products - let's say you have Fortinet Wireless and you have FortiGate as your firewall and on the endpoints you run FortiClient - they talk to each other, and you have 100 percent visibility across the entire network. If somebody, for example, from the accounting department brought in a USB that they picked up on the road and plugged into their computer, and it had a virus or a botnet, since you have visibility across the entire network, the IT manager would be able to clearly see this and take action.

But for most people, since their anti-virus is just one of their products, it's not going to inform the firewall or the switch or the WiFi that it has a problem. It's only going to be the anti-virus that will, hopefully, will catch it. If it doesn't catch it, that virus or problem can spread throughout the network without anybody noticing.

The two main points of the Security Fabric are the visibility and knowledge-sharing. Given that we have the Security Fabric properly implemented in the network and we have a FortiSandbox in place, if a Zero-day attack comes into your network, nobody will be the wiser. But your computer's anti-virus detects it as a suspicious file. It will load it up into the sandbox and the sandbox will run that program and give a red light when it realizes that it's a bad program. Since most of the products in the Security Fabric can talk to the sandbox, the sandbox will let every other point in the network know that it was a bad file. So from one of those files being uploaded into the sandbox, the entire network security infrastructure will have a new signature for that Zero-day, which doesn't happen in any other cases.

One valuable feature that comes to mind is the Network-In-Control. Usually, when there's WiFi, it's the WiFi client - your phone - that decides which AP to stick to. Your phone will stick with the closest AP, even though there may be another AP that's a bit farther away that has better bandwidth. Since your phone only decides based on the strongest signal, it would stick to the one with the stronger signal, the one that may not have enough bandwidth.

But with Fortinet, there is a feature called Network-In-Control. It's the AP controller that decides what the clients are going to connect to. In this case, the phone doesn't choose which AP you're connecting to, it's the wireless AP controller. Even though your phone sees, let's say, two APs, since the wireless controller has visibility into and access across all the APs, it knows the best AP for the client to connect to. This way, the controller makes sure that none of the APs is over-crowded, and the spectrum is used properly.

Fortinet Wireless has two appliances. The first thing is the wireless controller which does the AP setup and controlling. But it's the Fortinet Wireless Manager that gives you all the visibility, the logging and monitoring, etc.

If you do have a FortiGate Firewall somewhere in the network, you can connect the wireless controller to that. The Fortinet holistic approach is called the Security Fabric. That is the single-pane management for every Fortinet product in a single network. You get 100 percent visibility from a single point, which is, most of the time, the FortiGate. You can see everything that's connected to the FortiGate, whether it's a switch or a wireless AP or a wireless controller or any other Fortinet product. If you connect them through the Security Fabric you can actually see what's happening from end to end. If you're at the perimeter FortiGate and there's a client that's connecting through it, maybe six floors down the line, you can just go and have a look at the client end point from the perimeter FortiGate. And if that end point is compromised you can take it off the network easily.

There are three methods that Fortinet offers wirelessly. The first is industrial, where you have a wireless controller separately and you don't have a FortiGate in the equation. The second is what we call integrated: You get a FortiAP that connects directly to your FortiGate. The third is cloud AP where you just have the AP and you control it through the cloud. On that, they could improve the management side of it. The management side is a bit lacking in its reporting.

One of the main features that I see as lacking in any of the Fortinet products is the reporting. If you want to have proper, end-to-end reporting, you must purchase the FortiAnalyzer which is the dedicated reporting and analyzing tool. For a small customer who has only a few APs, you can't justify asking them to run the FortiAnalyzer because that will incur some amount of cost. If Fortinet could offer some better, built-in reporting, that would be a point of improvement.

The stability is fine on its own, but we can do high-availability where we have multiple wireless controllers, in case one goes down.

Scalability is pretty high. In a large enterprise, the single largest box we have is the Forti FWC-3000 which can hold up to 30,000 clients. That's just one box. If we need more I'm sure we can scale more.

I haven't had the chance to see the Wireless technical support side of the operation. Fortinet Wireless' tech is pretty knowledgeable about what they're doing so I would assume that their tech support caters pretty well. But I can't give a solid answer because I haven't had any experience with them.

I do come in contact with their tech support pretty often when it comes to dealing with FortiGates, and their help is very good.

If it's an industrial setup, it's a bit complex. You need to know what you're doing. An everyday manager wouldn't be able to set it up properly because you need to know how to secure it properly and set all the settings.

For an industrial deployment, if you get engineers who are knowledgeable, it would be pretty easy for them. They could set it up within a day. The integrated WiFi, where you connect the AP to the FortiGate, will take a couple of minutes. The cloud WiFi is actually a zero-touch deployment. You can just ship it to a branch office, have them connect it to the internet, and it will configure itself automatically.

In terms of an implementation strategy for an industrial deployment, the first step would be to do a proper wireless survey by somebody who understands the field. Something that I have seen, where most people go wrong, is that the network engineers or the network administrator in the company think they how to design the network. In the diagram they place the APs where they think would be the optimal placements. Later on, when they've done the purchase and setting up, they figure out it's not optimal. Either they have wasted money by putting in too many APs, or they have not assigned enough APs to power the entire network. When it comes to wireless LAN networks, step number one should be getting a proper WiFi survey done to suit your requirements. After that it's easy.

The survey requires just one person. For a deployment, I'm not sure how many people will be required to set up the APs, because if it's a big conventional hall, for example, then you are going to need some professional people doing the WiFi mounting, etc. After that, configuration-wise, it is a one-person job.

I don't think that any organization will have somebody who is qualified to do a deployment by themselves. This is a niche product. If a company is going to introduce Fortinet Wireless into their network, the IT administrators would not know how to configure it. They would have to get somebody who knows it. After that, they could get training for maintaining it. The administration will then take just one person.

In terms of cost of ownership, as a WiFi solution on its own, I would say it is pretty similar to every other vendor. But, as a holistic approach to a network, it would definitely lower the cost of ownership. If the client chooses to go with the WiFi as well as security from Fortinet, all from the same company - as I explained earlier, with the Security Fabric you get 100 percent visibility and threat intelligence sharing - that would definitely cut down on the cost of ownership.

Regarding ROI, especially for people in the retail business, they can easily cater to their clients, plus they can get analytic data from the clients and make something of that data.
Let's take an example where you have a big mall and the mall management decides to implement FortiWiFi. There is one feature that these guys really like which is the analytic side of it. We can easily show where their customers have been. We can show them a wireless "heat map" of everybody who walks into the mall. With it, we can tell people who own the shops, "This is where the customers mingle the most. These are the favorite parts around the mall." That really helps clients to do something with the data. That would be a good return on investment.

We're not cheap but we can give you better pricing than the competition if it comes to that. Licensing is pretty straightforward. We don't have any hidden licensing when you purchase an appliance. If you purchase one appliance you get the maximum number of clients and every feature in that appliance unlocked for you. You just pay for the entire thing outright.

In looking at Ruckus vs Fortinet Wireless and some other WiFi providers, the others are just doing the WiFi part. With Fortinet, the plus is that you also get a very secure network which is easily adaptable to the security design provided by Fortinet: the FortiGate, FortiAnalyzer, or any other feature in there. That is one of the deciding factors for organizations but, in certain cases, the fact that we can give it at a much more affordable price also helps.

Get a good wireless plan done, get a good survey done. Also, know what you really want. Every vendor comes with 100 different features but you may not end up using all those features yourself. I'm being vendor agnostic here. If you want to do a WiFi implementation: 

1. Get a proper survey done.
2. Know exactly what you want. 
3. Think about security as well.

If those three steps help you zero-in on one product, that's the way to go.

Fortinet has a very strong industrial presence because they acquired Meru Networks a couple of years ago. The industrial strength WiFi, which Fortinet is offering, is what Meru used to have. They have a couple of more technologies which the other vendors don't have.

We've seen a big jump in the market for Fortinet WiFi. We can actually provide it at a much lower cost than the competition. The plus point of our WiFi is that we don't only provide the WiFi, we also provide security with it. This relates to another problem that I see in the market. Let's take a web developer for example. The web developer is a developer who does web pages but doesn't think much about security. No matter how good a webpage is, if that page can be easily breached then it is of no use to the client. If you apply that same analogy to Fortinet, Fortinet understands security as well as wireless LAN solutions. We can easily integrate the access part of wireless with the security part of wireless. That is appreciated very much by our customers. Since they understand that, they are very happy to go with Fortinet WiFi.

I would rate Fortinet Wireless at nine out of ten because of the ROI and the TCO that we discussed, plus the ease of management. These guys they are really up on the deal. They are in the fastest moving technology industry. Whatever changes come, they implement it and do their testing very well. Overall, it's a very good product. The one feature that I am not happy about is the reporting. There's a bit of a way for them to go with that. Once they iron those things out I'm sure they'll get ten from me.

We are an internet and telecom service provider, so we are not the final customer. We provide secure wireless LAN solutions to our customers, and for internal services as well.

We show how we can bring many positive results to different businesses.

We merge with the customers' bring-your-own-device solutions. It's easy to manage the WiFi, the customer does not need to buy more equipment, like tablets, for their employees. They can reuse equipment. And employees are definitely comfortable using their own devices and, from the IT and security perspectives, we are bringing security to these employees, with our solution. We innovate the business process. We innovate how employees work in their companies.

Also, in the case of stores, we are bringing new results and new income. We help them to grow their sales. Their customers like to go to their stores because they can access the information they need. They can connect to the wireless LAN, they can compare prices. We are making the business process faster and more secure, and customers like that. They can engage with the retail store.

Using this technology, the stores' loyalty programs are growing because, when customers go into the stores, they can connect with the loyalty programs to receive discounts and special items. This makes their customers more loyal to the stores, who are our customers.

We have some international retail customers, such as H&M, from Sweden, and another one from the U.S. and, in both cases, monthly sales have increased about ten to 15 percent. In these cases, income was one of the benefits that they received in the quarter after we installed the solution. The results were very quick.

In addition, we make the business process, the internal process of distribution and logistics, more efficient and connected. We're reporting, online, how they are distributing all the items to the different stores. And the inventory is connected to the wireless LAN solutions, so they know, online and in a centralized way, what the inventory levels are in the different stores.

Security is the feature we like most from Fortinet. In general, their security architecture is really great, because it involves everything: firewalls, wireless LANs, the user. Everything is really secure. That's a great feature from Fortinet. It's very valuable.

Sometimes we feel that we are buying the top-of-the-line technology and, six months or eight months later, we feel it is already obsolete. New smartphones bring new technology, new ways to connect. Sometimes we have this bad feeling that, even though we are investing tons of money, technology is moving faster than us. So even with this huge amount of investment, one year later we are totally obsolete compared with the new technology.

They need to make it move faster. They need to make it easier to configure, easier to monitor, easier to report.

We have great tech support from Fortinet, here in Mexico. But if we have a big issue, like a big bug, and they need to produce new versions of the software in their R&D departments, this is the slowest part.

It is very stable. In the last 16 to 18 months, there have been no big issues related to the solution.

It is really scalable. That is one of the decisive, key points we consider in all our projects. In the case of Fortinet Wireless, it is really scalable.

We get good response from the tech guys at Fortinet. Our experience with them is absolutely positive.

We used to have some HPE equipment. We switched from those old access points. We use Fortinet as a preferred vendor, but if a customer wants or needs to use equipment from other vendors, we sell equipment from other vendors.

Setting up the solution is really straightforward. The amount of time it takes depends on the customer. If it's a really big customer, the implementation process could take from three months to almost ten months. Once you have all the plans and you start installing, it's really straightforward and it can move fast.

For Mexico, a big customer is the one that has more than 200 retail stores. They are not as big as in the U.S. or in other countries, but for Mexico, a retail store that has 250 stores is a huge company.

The deployment strategy depends on the project manager and his staff. Because we are telecom service providers, we usually start with all the internet connections, and voice and data connection, using fibre. Once we have all that in place, we start building the local area networks.

In terms of deployment and maintenance, on average, I would estimate it's about eight to ten percent of the investment. It depends on the customer and the approach we have with the customer. We usually have two or three engineers, per customer, giving support. But that's not just for the wireless, that's also for the networking. For a huge retail company, we may have between five and ten certified engineers working on daily support for the customer.

ROI depends on the customer but it could be from six months to 12 months, on average. It's a good return on investment. More sales. More savings. It reduces the TCO, but I don't have the numbers. It could be a reduction of, maybe, 15 percent, compared to other solutions.

It's definitely a great solution.

Negotiate with the vendor to activate the licenses at the moment that they install and configure the equipment. If you initially have a big project with a lot of equipment, and you have a six-month plan, licensing will start before you are using all the equipment, and that doesn't make sense.

In terms of how extensively it's being used and whether its usage will grow, it's really organic. People are using the internet and using all kinds of applications on a daily basis. It's growing, more people are connected every day. Usage is changing dramatically, exponentially, really. As more people use the internet and applications on a daily basis, our customers are required to increase services and, obviously, in a secure way.