FortiGate Next Generation Firewall (NGFW) Reviews

I work for an integrator in Nigeria, and we implement all these solutions for our clients. I've done a lot of deployments on Fortinet, deploying all from FortiAP to FortiSwitch. I integrated it with FortiGate, FortiManager, SD-WAN, deployment, security, and the like.

I found the upgrades valuable. Normally, when you want to upgrade an enterprise firewall, the customer always requests a box swap, whereby we look at the new firmware and compare it to know if there will be any configuration changes. These are the parts where we have to bring in the OEM to do it. But with the new FortiGate firmware, it helps do that by providing reporting and helps you to give the customer the comfort of saying you can upgrade the firewall and describe what changes and issues you would expect. Basically, out-of-the-box management.

One area for improvement is the IPS engine, which is something that needs to be improved on. I've had so many issues whereby I have high CPU usage, and when I check, I see it's being consumed by the IPS engine. I have to upgrade the IPS engine firmware and all that. That has been the main pain point with FortiGate. Likewise, customer support could improve.

I've been working on FortiGate for about five years now, and I'm working with the latest version.

The solution is stable apart from the IPS engine issue, so I rate stability a seven out of ten. Stability depends on the operational team. If you have a good operational team that knows what you are doing, you always gain stability with most of your solutions. But if you have an operational team that is not so strong, you will always have issues with that solution because they will keep making human errors that will keep disrupting the services you offer. For example, in 2021, I was working as the cyber delivery manager for MTN, and I was managing the FortiGate infrastructure. In that one year, I never had any incident on FortiGate. But after I left, they started having frequent issues because of human errors. From a management perspective, if I were the CTO during that period, I would assume that FortiGate Firewall is not a good firewall. But that is not the case. It is the person who handles it that determines the stability. If you know how to do your health check properly and how to output the firewall properly, I'm sure FortiGate will be stable. I'm rating the stability as seven just to be in the middle. If it's being handled by a less experienced operational team, I'm sure you will have issues because they always perform changes, they don't know when to perform the kind of change they are performing, and that might disrupt the services. But if I rate FortiGate based on myself, I give it a nine out of ten.

I rate FortiGate's scalability a nine out of ten. Out of every ten enterprises in Africa, six currently use FortiGate. MTN is one of our major customers, and we helped them migrate from Cisco and Juniper to FortiGate.

The ease with the initial setup depends on the deployment. I've deployed FortiGate for different use cases. I've deployed it using internal segmentation. I've deployed it using it as a data center firewall, doing east and west. I've deployed FortiGate on the perimeter edge, whereby we have the SSL VPN and site-to-site VPN. But overall, I rate the initial setup an eight out of ten because it's always been very easy.

There are timelines with projects, so the time taken to deploy the solution depends on the scale of the project. If it's just a perimeter firewall where I have to migrate from one firewall, like the Cisco firewall, to the Fortinet firewall, it takes me nothing less than a week. It takes a day using the FortiConverter to convert the configuration from Cisco to Fortinet and maybe another two days to look at the configuration properly on my FortiGate before I'm confident enough to tell the customer to schedule maintenance for us to migrate the services. It depends on the customer, so in a nutshell, from kickoff to the close date is not always an exact amount, but generally no more than a month.

The deployment time taken depends on the customer's availability and their response because it's not totally dependent on me being the technical engineer. It depends on how fast they provide me with all the information I need to complete the deployments and determines how fast I can close the project. If the customer is very responsive, it takes us about three weeks to close the project.

FortiGate is much cheaper than other OEMs such as Cisco, Palo Alto, and Check Point. I'll rate FortiGate's pricing a five out of ten since it is moderately priced.

Currently, we are pushing all our clients to adopt the Fortinet cloud firewall instead of using the native solutions found on the different cloud environments they use, like Azure and Google, because they are not really effective.

FortiGate is a very good firewall that has a lot of features, and it's a firewall that gives the same stability as enterprise ones, and it gives you scalability in terms of deployment and operational management. I rate FortiGate NGFW a nine out of ten.

The tool's most valuable feature is IPS. In my experience, I haven't encountered any issues with integration. It easily integrates with the FortiGate solution. However, verifying through documentation and assessing their support is necessary.

Its interface user-friendliness is good. When we present this interface to customers, they find it easy to understand and manage.

Support for courses available on the platform

I rate FortiGate's NGFW's stability a ten out of ten. 

The tool's scalability is good and it has helped our company. I rate it a ten out of ten. We have around 3 customers and 500~800 users. 

There has been a delay in support where I had to wait for a day to receive a response. I believe I might not have used the correct procedure, leading to inaccurate information. Consequently, I did not receive the prompt answer that I was expecting.

Positive

The Cisco Firepower is less stable compared to FortiGate NGFW. Cisco Firepower has a complex interface. 

The solution's deployment is easy. 

The tool's pricing is neither cheap nor expensive. Overall, I find it to be competitive in the market.

I recommend FortiGate NGFW because its interface is easy to understand, making firewall deployment and management straightforward. It has a good market reputation and offers information on cybersecurity, including news, threats, etc. I rate it a ten out of ten. 

We use the product for security and filtering purposes.

The product helps block multiple ports during ransomware attacks.

FortiGate Next Generation Firewall (NGFW) 's most valuable features are reporting and filtering.

The product's data guard feature should support a USB port when the internet connection is unavailable.

We have been using FortiGate Next Generation Firewall (NGFW) for three years.

I rate the platform's stability a ten out of ten.

Our organization has 500 FortiGate Next Generation Firewall (NGFW) users. We utilize the platform 24/7. I rate its scalability a ten out of ten.

The platform's initial setup process is easy. I rate the process a ten out of ten. It takes a couple of days. The deployment involves integrating it with SSO in FortiGate. It helps with filtering access to user accounts through Active Directory. One executive is required for deployment. Additionally, one executive is needed to take care of packet updates for maintenance.

We implemented the product with the help of our in-house team.

I rate FortiGate Next Generation Firewall (NGFW) an eight out of ten.

I use FortiGate Next Generation Firewall for network protection using its DMZ network.

The solution has helped our network security.

There are multiple features I have found to be valuable, such as encryption and integrated security features.

The management consoles can be improved. I have used them before, and they are not so good.

I have been using FortiGate Next Generation Firewall for over two years.

I would rate the solution eight out of ten points for stability.

I rate the solution eight out of ten points for scalability. Over 200 people use it, some of whom are in IT.

I used Palo Alto more than a year ago at my previous job.

The initial setup was easy, I rate it a nine out of ten. Deployment took several days, involving one or two people. The steps involved in the process are design, configuration and implementation, testing and implementation, and also some fine-tuning.

I would rate pricing to be about four or five out of ten, it is reasonable.

I recommend this solution because the price is reasonable and the performance is quite good. Overall I rate the solution an eight out of ten.

As for us, the IPS and the application control feature are the most valuable.

Maybe the room for improvement is to have more flexibility on the virtual machines of their next-generation platforms. 

So far, FortiGate is really pricey and comes with some restrictions. FortiGate NGFW can enhances that to make it easier to be deployed.

I have been using the latest version of FortiGate Next Generation Firewall (NGFW) for eight to ten years.

As for the stability of the FortiGate Next Generation Firewall (NGFW), I would rate it a nine out of ten.

The scalability of the FortiGate Next Generation Firewall (NGFW) is good. In our organization, we have our data centers having FortiGate, and our customers are selling FortiGate. So the number of users, you can say 100 in my organization.

I would rate the scalability an eight out of ten.

I don't have premium support or something from their side, but I would like basic support.

Neutral

The deployment depends on the architecture, but simple deployment can take up to five to ten minutes, and you are done. It's an easy deployment when you know what you need, actually. It requires one person to deploy it.

I would rate the initial setup an eight out of ten.

I would rate the pricing of appliances. So, outside appliances are maybe four, but the virtual machine is, like, eight. It is too expensive for virtual licenses.

We evaluated Sophos and WatchGuard in the past. Fortunately, definitely and technically, for the supposed deployments using the platform is much easier and much more efficient.

My advice would be just go for it. It is a really nice solution, scalable and stable, most importantly. It is easy to use, and all the security features are available. Also, it is very flexible for all sorts of deployments. I would recommend it certainly compared to any other firewall providers.

Overall, I would rate the solution a nine out of ten. 

We are a distributor of Fortinet products. My role primarily involves importing these products and delivering them to our partners and resellers, who in turn sell them to the end customers.

FortiGate is a rapidly growing vendor with a wide range of ready-to-use products. Their delivery time is remarkably quick, usually between two to four weeks. They provide excellent support, especially when it comes to helping resellers who may encounter implementation issues with Fortinet. The technical presales and support teams are readily available to assist them. So, there are definitely several benefits to working with Fortinet.

The interface, pricing, and support are good. FortiGate release new patches and offers regularly. In the integration file, they don't have anything to add because they have a very wide portfolio and models in the next-generation firewalls. FortiGate has a variety of add-on license tools that can be applied to the firewall.

FortiGate should continue to push them to continue to grow up as they've been growing for the last eight years.

FortiGate NGFW can improve technical support. The engineer who answers the technical support call, email, or phone call, whatever the medium may be. The response time is very bad.

I have been working with FortiGate Next Generation Firewall for eight years. 

We don't have broken devices to be repaired or replaced with new ones, so they are very stable while working.

I rate the solution’s stability a ten out of ten.

I rate the solution’s scalability a ten out of ten.

We have all types of business models and customers in our portfolio, such as the midsized business, enterprise, entry-level, and small businesses. We are working with all of that with all of the Fortinet solutions.

The customer support is very slow. The engineer who answers the technical support call, email, or phone call, whatever the medium may be. The response time is very bad. 

On the other hand, Cisco takes one or two hours to respond, while Fortinet takes a few days. This is an area that they could improve on a global scale.

Neutral

The initial setup of the solution is easy, which is the most important feature for in-domain-wide resellers, partners, and customers. In the end, if you want to use Fortinet as a firewall administrator in your network, it is highly recommended because it is extremely easy to set up, especially for first-time users.  

Even if you have previous experience with Cisco or Check Point, setting up Fortinet is easy. It is a very user-friendly configuration.

I rate the solution setup a ten out of ten. It is very user-friendly.

FortiGate Next-Generation Firewall is cheaper than Cisco or CheckPoint or Palo Alto and more expensive than Barracuda or Sophos or any smaller brands. The prices fit right where they are on the global market.

I advise you to buy it ASAP because it's a very good product.

From my experience as a distributor, some customers don't buy technical support on the devices. They buy only devices. I will advise them to buy the technical support of FortiCare service. In that case, they will have technical support by phone call, or by mail. They will have a replacement if anything is broken 24/7.

Overall, I rate the solution an eight out of ten.

There are numerous features and benefits depending on the specific use case. Fortinet offers comprehensive security solutions for various purposes. I can deploy different solutions and more. 

There is room for improvement in pricing. 

I have almost five years of experience with FortiGate NGFW. I work with the firewall for small businesses and enterprises. Currently, I'm using the enterprise version.

As for the models, I mainly use FortiGate 6800, T, 100C, 200S, and 200P.

I haven't experienced any stability issues with this product so far. It handles everything it needs to, including server requirements, client services, and computing, without any problems. I have deployed numerous firewalls, and until now, they have been incredibly stable. There haven't been any issues related to version compatibility either. So, I would say it's stable for me.

I would rate the scalability a ten out of ten. 

Customer service and support are good. Every time I have reached out to them, they have been responsive and helpful. In fact, I have even shared news and deployment information on my LinkedIn to showcase their excellent support.

The initial setup was easy. There were no issues during the setup.

The time taken for deployment depends on various factors. For example, if I deploy it today, I might install it the following day. However, if there are any issues with the network architecture provided by the IT vendor, it may take more time to resolve those issues before completing the deployment. But in terms of deployment alone, without considering logistics, it can be done in a day or a few hours.

In our market, the pricing is a little expensive. While we can acquire a smaller package of Fortinet, it still comes at a high cost. So, I would say the pricing is on the higher side. However, when comparing it with other vendors, it's still more reasonable.

Overall, I would rate the solution an eight out of ten. A rating of ten would require even more efficient reporting and swift resolution of any breakout or resilience attack. If they can provide faster fixes and proactive responses, it would be perfect.

In order to make it even better in the future, improved integration with other vendors' solutions could be beneficial.

FortiGate is compatible enough with other infrastructures, but I encountered difficulties when attempting integration with other infrastructures. So, better compatibility could be an area for improvement.

Another area of improvement could be in terms of changing passwords. For instance, when using FortiGate firewall, you can have the option to set up SSL VPN, allowing users to connect to the network externally. It's like using FortiClient software. But here's the thing, when you have a local account on FortiGate, and you use it to access the network, there is no option to change your password, and that becomes a problem. Especially when you are not using Active Directory and instead relying on the local FortiGate database to create accounts. 

The admin creates the account for you with credentials and a password. But when you try to access using the VPN client software, you have the ability to change your password, and that's not ideal. It's quite challenging. So, if you need to change your password, you have to contact the administrator to change it on the equipment, and that's not convenient, especially in large environments. So, that could be the only solution.

In terms of personal experience, I've been using the product for about seven years. In my current company, it has been three years.

I'm using version 7 for the majority of my equipment, and for some products, it's version 6.6 or something similar.

The product is stable. It offers good stability.

It is a scalable solution. 

The customer service and support have been satisfactory so far.

Positive

FortiGate Next Generation Firewall (NGFW) is easy to deploy. The deployment process is smooth and straightforward.

In my experience, the ROI has been positive.

The price of FortiGate Next Generation Firewall (NGFW) is affordable. I believe it offers reasonable value for the features it provides.

If you're using the IPS version, particularly for ATP, the price is higher due to the IP functionality. However, for other features like web filtering, the price is reasonable. For a year, the license cost for ATP is around $8000. 

So far, I haven't had to pay separately for maintenance or support. It's usually included in the support package, including software support.

Overall, I am satisfied with the product. I would rate it a nine out of ten. 

If you are using it in a small environment, you can go for the FortiGate product. However, if you are implementing it in a very large environment or have specific needs, it's recommended to couple FortiGate with another vendor's solution, like Cisco or Palo Alto.