FortiGate Next Generation Firewall (NGFW) Reviews

The tool's most valuable feature is IPS. In my experience, I haven't encountered any issues with integration. It easily integrates with the FortiGate solution. However, verifying through documentation and assessing their support is necessary.

Its interface user-friendliness is good. When we present this interface to customers, they find it easy to understand and manage.

Support for courses available on the platform

I rate FortiGate's NGFW's stability a ten out of ten. 

The tool's scalability is good and it has helped our company. I rate it a ten out of ten. We have around 3 customers and 500~800 users. 

There has been a delay in support where I had to wait for a day to receive a response. I believe I might not have used the correct procedure, leading to inaccurate information. Consequently, I did not receive the prompt answer that I was expecting.

Positive

The Cisco Firepower is less stable compared to FortiGate NGFW. Cisco Firepower has a complex interface. 

The solution's deployment is easy. 

The tool's pricing is neither cheap nor expensive. Overall, I find it to be competitive in the market.

I recommend FortiGate NGFW because its interface is easy to understand, making firewall deployment and management straightforward. It has a good market reputation and offers information on cybersecurity, including news, threats, etc. I rate it a ten out of ten. 

We use the product for security and filtering purposes.

The product helps block multiple ports during ransomware attacks.

FortiGate Next Generation Firewall (NGFW) 's most valuable features are reporting and filtering.

The product's data guard feature should support a USB port when the internet connection is unavailable.

We have been using FortiGate Next Generation Firewall (NGFW) for three years.

I rate the platform's stability a ten out of ten.

Our organization has 500 FortiGate Next Generation Firewall (NGFW) users. We utilize the platform 24/7. I rate its scalability a ten out of ten.

The platform's initial setup process is easy. I rate the process a ten out of ten. It takes a couple of days. The deployment involves integrating it with SSO in FortiGate. It helps with filtering access to user accounts through Active Directory. One executive is required for deployment. Additionally, one executive is needed to take care of packet updates for maintenance.

We implemented the product with the help of our in-house team.

I rate FortiGate Next Generation Firewall (NGFW) an eight out of ten.

I work for an integrator in Nigeria, and we implement all these solutions for our clients. I've done a lot of deployments on Fortinet, deploying all from FortiAP to FortiSwitch. I integrated it with FortiGate, FortiManager, SD-WAN, deployment, security, and the like.

I found the upgrades valuable. Normally, when you want to upgrade an enterprise firewall, the customer always requests a box swap, whereby we look at the new firmware and compare it to know if there will be any configuration changes. These are the parts where we have to bring in the OEM to do it. But with the new FortiGate firmware, it helps do that by providing reporting and helps you to give the customer the comfort of saying you can upgrade the firewall and describe what changes and issues you would expect. Basically, out-of-the-box management.

One area for improvement is the IPS engine, which is something that needs to be improved on. I've had so many issues whereby I have high CPU usage, and when I check, I see it's being consumed by the IPS engine. I have to upgrade the IPS engine firmware and all that. That has been the main pain point with FortiGate. Likewise, customer support could improve.

I've been working on FortiGate for about five years now, and I'm working with the latest version.

The solution is stable apart from the IPS engine issue, so I rate stability a seven out of ten. Stability depends on the operational team. If you have a good operational team that knows what you are doing, you always gain stability with most of your solutions. But if you have an operational team that is not so strong, you will always have issues with that solution because they will keep making human errors that will keep disrupting the services you offer. For example, in 2021, I was working as the cyber delivery manager for MTN, and I was managing the FortiGate infrastructure. In that one year, I never had any incident on FortiGate. But after I left, they started having frequent issues because of human errors. From a management perspective, if I were the CTO during that period, I would assume that FortiGate Firewall is not a good firewall. But that is not the case. It is the person who handles it that determines the stability. If you know how to do your health check properly and how to output the firewall properly, I'm sure FortiGate will be stable. I'm rating the stability as seven just to be in the middle. If it's being handled by a less experienced operational team, I'm sure you will have issues because they always perform changes, they don't know when to perform the kind of change they are performing, and that might disrupt the services. But if I rate FortiGate based on myself, I give it a nine out of ten.

I rate FortiGate's scalability a nine out of ten. Out of every ten enterprises in Africa, six currently use FortiGate. MTN is one of our major customers, and we helped them migrate from Cisco and Juniper to FortiGate.

The ease with the initial setup depends on the deployment. I've deployed FortiGate for different use cases. I've deployed it using internal segmentation. I've deployed it using it as a data center firewall, doing east and west. I've deployed FortiGate on the perimeter edge, whereby we have the SSL VPN and site-to-site VPN. But overall, I rate the initial setup an eight out of ten because it's always been very easy.

There are timelines with projects, so the time taken to deploy the solution depends on the scale of the project. If it's just a perimeter firewall where I have to migrate from one firewall, like the Cisco firewall, to the Fortinet firewall, it takes me nothing less than a week. It takes a day using the FortiConverter to convert the configuration from Cisco to Fortinet and maybe another two days to look at the configuration properly on my FortiGate before I'm confident enough to tell the customer to schedule maintenance for us to migrate the services. It depends on the customer, so in a nutshell, from kickoff to the close date is not always an exact amount, but generally no more than a month.

The deployment time taken depends on the customer's availability and their response because it's not totally dependent on me being the technical engineer. It depends on how fast they provide me with all the information I need to complete the deployments and determines how fast I can close the project. If the customer is very responsive, it takes us about three weeks to close the project.

FortiGate is much cheaper than other OEMs such as Cisco, Palo Alto, and Check Point. I'll rate FortiGate's pricing a five out of ten since it is moderately priced.

Currently, we are pushing all our clients to adopt the Fortinet cloud firewall instead of using the native solutions found on the different cloud environments they use, like Azure and Google, because they are not really effective.

FortiGate is a very good firewall that has a lot of features, and it's a firewall that gives the same stability as enterprise ones, and it gives you scalability in terms of deployment and operational management. I rate FortiGate NGFW a nine out of ten.

The main use case of FortiGate Next Generation Firewall (NGFW) is that it is used to search for a firewall whenever we need to connect multiple sites to a VPN. At times, the solution needs a web filter or a particular filter. With the IPS and the cloud protection on the gateway, we are also looking for a firewall that can act as zero-depth protection.

The solution's most important feature is that it will work on the app whenever we block the application order, making it a plus point for the NGFW firewall. The solution also works with all the other web protection aspects, because of which we get everything in a single box.

There are multiple firewalls, and I mainly worked with Sophos and FortiGate. To weigh the pros and cons, different types and aspects should be considered in different firewalls.

The support for FortiGate in the Indian region can be improved along with the scalability. The pricing of the solution is expensive, so it could be cheaper.

I have worked as a system integrator with FortiGate Next Generation Firewall (NGFW) for five years.

We can say that the solution's scalability is moderate. It is not that easy, nor too hard. If the technician is sound, then he can understand the solution easily.

Our customers include small, medium, and enterprise businesses.

In India, support takes some time. If the call gets connected outside India, then it is very good. SonicWall has the best support, and Sophos also offers good support. For FortiGate, the support in the Indian region can be improved. 

As for the rating, I would say that FortiGate offers very good support. Once we get the support, it is very good. However, the support team is not connecting as easily as we require. If the issue is too critical, the process becomes more complicated for us. I rate the support an eight out of ten.

Positive

I mainly worked with Sophos and FortiGate. I have used different solutions depending on the customer's requirements. We can suggest a particular solution to a customer based on their needs. Every firewall solution has its own pros and cons, which we just bifurcate as per the customer's requirement.

The initial setup is easy if I am going to talk about Sophos' and FortiGate's installation. It is easy to install. There is not much complexity involved.

As for deployment, it depends on the customer's requirements. But the average time is 3 to 4 hours. At times, deployment takes 12 to 13 hours, but it depends on the model and the configuration.

It takes two engineers to deploy the product. One of them is the deployment engineer, and one is an architect.

The solution is deployed on-premises.

The solution is more expensive than Sophos. It could be cheaper. The licensing is on a yearly basis. We have had it for about three years. We must only pay extra for the license, additional requirements, and the hardware box.

I am fine with the solution's interface. The solution is easy to use. FortiGate Next Generation Firewall (NGFW) is a base product, and anyone can use it. I recommend it to those planning to use it.

There is not much maintenance for FortiGate Next Generation Firewall (NGFW). OEM provides the support. Whenever it becomes complicated or any issues come up, we can call OEM directly, and they are always available to help.

Overall, I would rate it ten out of ten.

We use the solution to provide firewall, cybersecurity, VPN access, and SD-WAN connectivity worldwide.

The GUI is reasonably good. The product is easy to configure.

The product runs out of memory. The web process often has a memory leak. The support cost could be improved.

I have been using the solution for ten years.

The solution’s stability is good. I rate stability a nine out of ten.

The scalability is good. I rate the scalability a ten out of ten. Some customers have 20 users, while others have about 5000 users.

Support is good. It's a bit scripted. It takes a while to get to somebody who knows what they're talking about. It'd be nice to talk to someone technical upfront. Sometimes we have to go through a service desk and go through a whole lot of quick repetitive questions before we get to talk to someone knowledgeable.

I've been working with the product for ten years. I find the initial setup quite simple.

I'm currently deploying 50 units around the country. It'll take me about ten minutes each to configure the solution. Once the product is set up, we need about one or two people to maintain it.

The solution’s price has gone up recently, but it's still good value for money compared to the other firewalls we use. Especially for smaller ones, it is good value for money. Our customers pay for licenses annually or once every two to five years. If we have an older version, the support costs get quite high. I rate the support cost a six out of ten.

I work with lots of firewalls. I deploy the product on FortiManager. It'll take me about a day to configure FortiManager. We have lots of customers. I would recommend the solution to others. Overall, I rate the product a nine out of ten.

First, we use the solution as a native firewall. After a native firewall, we use IPS. We also use NGFW features like antivirus, IPS, and shaping, which are very important features for companies. We also manage all of my products with FortiManager or FortiAnalyzer and collect online data. For another feature, we try to use SD-WAN products. The SD-WAN feature on FortiGate was implemented for a company with thirty or fifty branches. We had a good experience with the conversion between Cisco and FortiGate for secure access points because Now I'm a consultant for network administration, and we have a challenge with choosing one of these, and so for example, someone, if I actually choose a Fortinet product, SD-WAN based on Fortinet, sometimes someone chooses SD-WAN based on Cisco, but because my special is Cisco, I prefer SD-WAN based on Cisco.

One of the weaknesses of the solution is something we noticed, especially after comparing the tool with SD-WAN features, since, unfortunately, in a massive scale size environment, the solution is not good. It cannot be recommended for massive scaling in terms of size, especially for businesses with more than 1,000 branches.

Cisco is very stable, especially on the larger scale side, and it's very important for SD-WAN features. If you try Next Generation Firewall for a big company, then it is good to purchase a Cisco product. However, Cisco's price is a little high and more than Fortinet's prices. But for small companies, it is better to choose Fortinet and FortiGate products, which is important.

A company needs a tool for accounting. Unfortunately, now we don't have any accounting, especially for the quarter and control side. We don't have any solution in FortiGate. However, Sophos Firewall has it, so it is good for Fortinet's next version.

I have been using FortiGate Next Generation Firewall (NGFW) for more than eight years. I am just a technical person, so I'm a solution designer, a network architect involved in network security.

In FortiGate, after FortiOS Version 5.6, it is stable, and there is no problem. However, we had many problems with FortiOS Version 5.0.5 in FortiGate. Now, when we use FortiGate's FortiOS Version 7, we don't have any problems. The solution has improved, and it is a good product now. For a larger scale, my recommendation is to choose a Cisco product like Firepower Services because, in a massive-scale business, stability is very important.

When I survey FortiGate and FortiGate products, I see that they have a good performance, especially in terms of next generation firewalls. In the future, improving such features and performance is absolutely better. Juniper has a better performance compared to FortiGate.

Speaking about technical support, I have a good experience with design, especially in terms of security design and security architecture.

In level one support, they connect to customers directly, which is a part of our work, and we should solve customer problems. But I prefer staying in level two, where we develop, implement, and solve huge and complex problems, because I have had a good experience with this for more than ten years. Also, I think I have good behavior when under heavy pressure.

I think price-wise, the solution is totally reasonable since it has many products to serve, starting from small homes to massive scale sites. A company can choose from one of the offerings by the solution company. Also, it's very important to choose a contract support level. Some companies may choose RMA with support twenty-four hours and seven days a week. So, it depends on the contract support, I think. The Fortinet appliance is a reasonable purchase for companies.

Regarding the license costs, when you choose the 100 series, it is completely different from the 1000 series. It's very important, and so when you choose one-year support or five-year support, or seven-year support, the pricing depends on which one you choose.

In Iran, we have a massive sanction, so we don't use direct support. We don't talk about this. But, concerning my country and direct support from Fortinet, I can't speak about this event. So, in Iran, I don't have an idea about the use of support since we don't use direct support, but we do get indirect support.

When planning to choose FortiGate Next Generation Firewall (NGFW), the scope of the company is very important. Also, it is important for a company to consider if they want one gig, ten gigs, or another concurrent pair concurrent session. Totally, a company's scale and size are very important. After that, for example, we use a prototype with a five gigabit per second, including the performance. However, if we compare Cisco, Fortinet, and other things, Firepower is very good because Cisco's Firepower is a big and active solution which is very strong compared to Fortinet. However, it's very important for a company to have a native firewall, so such companies can't choose from Fortinet series. So, it very much depends on the situation of the company. So, before that, we review a company's requirements and survey network. After that, usually, I recommend the solution. Also, it is very important to have a budget. For example, a company can first tell me about its budget, like, one billion dollars or whatever. After that, we choose a guide and recommend choosing one of the solutions.

I rate the overall solution an eight out of ten.

We use FortiGate Next Generation Firewall first and foremost for the main site's security, remote sites, and establishing the connection between the firewalls they use. More recently, we have been using it when implementing SD-WAN.

The total ownership of equipment has several benefits when using one platform for administration. Training is then more focus-oriented to technology like Fabric. From the operations point of view, we have better savings by using this solution.

I like the common administration and the possibility of adding Fortinet defense systems.

I see problems with the licensing. If I have to add a new feature, we need to add a license. There may then be extra costs for our maintenance budget.

I have been using the solution for the past five years.

Fortigate is very stable.

FortiGate is a very scalable solution.

We used SonicWall. We switched to FortiGate looking for better security technology, and better fabric technology based on security. In this approach, FortiGate is still better than SonicWall.

With the initial setup, it's important to sit with the team to establish the application and the main issues to get the best possible script to implement in Fortinet equipment. We had to spend some time to implement it better.

Deployment could take one week, depending on the site, or even three weeks to implement the solution. Around four people were involved in the deployment.

We contacted an external company to provide some professional services through engineers who have better experience in certain kinds of implementations.

The pricing is better compared to other solutions like Check Point, Arista, or Cisco.

To anyone who plans on supporting this solution, refer to training resources in the Fortinet training center. There are people who have some experience that could provide some guidelines to people who start with basic issues and basic tasks, to then grow with experience by implementing some maintenance windows. I rate FortiGate Next Generation Firewall a nine out of ten.

I use FortiGate Next Generation Firewall for network protection using its DMZ network.

The solution has helped our network security.

There are multiple features I have found to be valuable, such as encryption and integrated security features.

The management consoles can be improved. I have used them before, and they are not so good.

I have been using FortiGate Next Generation Firewall for over two years.

I would rate the solution eight out of ten points for stability.

I rate the solution eight out of ten points for scalability. Over 200 people use it, some of whom are in IT.

I used Palo Alto more than a year ago at my previous job.

The initial setup was easy, I rate it a nine out of ten. Deployment took several days, involving one or two people. The steps involved in the process are design, configuration and implementation, testing and implementation, and also some fine-tuning.

I would rate pricing to be about four or five out of ten, it is reasonable.

I recommend this solution because the price is reasonable and the performance is quite good. Overall I rate the solution an eight out of ten.