Fortinet FortiDDoS Reviews

Our primary use case of this solution is for security purposes. 

Some of this solution's policies are good for security reasons, like the firewall and all the inundation when you configure the firewall. Then you have to purchase and apply the security of FortiDDos. I also like its ease of use and the technical support. I find the interface easy to use because I'm the Linux expert in our company. 

The solution can be a little more user-friendly and it can be more affordable.

I haven't had any problems with stability before, but one of my clients had. He asked me to help him when he had stability issues. We consulted the software team and asked them about software solutions. They then made some changes in their software, and since then it has been working fine.

We have a big team working on this program, and I do believe it is scalable.

The technical support is good because it's available 24/7. I don't use them often because I usually fix things myself. But if I need a password, or if my client forgot a password, we need support. Their response is very good.

The initial setup was quite straightforward and because I'm certified by Fortinet, I only reconfigured the firewall and some other things. Whenever I was uncertain about something, I did a test on Google and figured it out myself. So I was able to do everything myself. 

The pricing of this solution is better than that of Cisco and other software on the market, which are very expensive.

Most companies don't have a big budget, so a decrease in the license fees will be good. Companies with the lowest price, want the lowest price in the IT sector because their IT sector has a very big budget. I will rate this solution a seven out of ten.

We use it to protect our users and their data.

It allows me to see all the traffic on my network.

I would like to see analytics, big data.

FortiDDoS rates a nine out of ten because it's user-friendly.

We use this solution to protect the web server from application-based attacks.

This solution can protect Layer 3, Layer 4 and Layer 7 attacks of applications for us, and this is important. The net screen feature helps us deal with the Layer attacks.

I find that there have been issues in the past year with the solution hanging. It freezes often.

The solution is scalable. Our company is about 100 people.

We have received good support. 

We have prior experience with Juniper.

I use FortiDDoS in an internet datacentre with multiple upstreams to protect my infrastructure and customers from current and future DDoS attacks.

Compared to other DDoS mitigation solutions with similar deployment, FortiDDoS does not require 24x7 NOC. It has lower TCO.

• Detects and mitigates DDoS attacks at L3 to L7 - DDoS attacks are not only ICMP (L3) and UDP (L4).
• Protection from Zero-day DDoS attacks - I don’t have to worry whether my current solution is relevant in the future.
• Negligible to zero false-positives - With a high-rate of false-positives I would have to have a 24x7 NOC which would increas TCO and decreas customer confidence.
• Ability to detect and mitigate DDoS attacks while allowing legitimate traffic from the same source IP.
• Does not rely only/mainly on signature because a signature-based DDoS solution cannot detect many DDoS packets; and worse, they are the cause of false-positives.
• Purpose-built CPU.
• Generates and sends reports without the need for an expensive third-party solution - Such solutions for generating and sending reports would increase TCO.

Multiple subnets can be created in one SPP Policy. Multiple subnets can be selected in one report configuration. One report configuration can have multiple schedules. All those thresholds that need to be configured should be included in the default so that user will not forget or misconfigure.

Purpose-built ASIC mitigates DDoS attack at line-rate without affecting performance. This has been proven by an independent testing lab and during our PoC.

I find this product the best on-premises (in-line) DDoS mitigation solution that suits my current and future requirements. It can be also deployed off-ramp if the user has the know how.

Layer 3, Layer 4, and Layer 7 DDoS attack mitigation including encrypted DDoS attack. All-in-one DDoS mitigation solution.

Minimal to zero false-positives. Differentiate DDoS attack traffic from non-DDoS attack traffic from the same source IP and blocks only DDoS attack traffic. This has been proven during our PoC.

Zero-day DDoS attack mitigation. Mitigates current and future DDoS attacks as it doesn't use signature.

If deployed properly, it doesn't require 24x7 NOC. Fully automated and with minimal to zero false-positives, it has a lower TCO compared to other solutions.

SPP Policy. Ability to configure multiple subnets in one SPP Policy.

Report configuration. Ability to select multiple SPP Policy and configure multiple schedules in one report.

I have been using this for three years, as of 2017.

Earlier versions of firmware had bugs that limit my options. They were fixed on subsequent version releases. For my requirements, stability started with version 4.2

I rate it 10 (best). Support has good product knowledge.

I didn't use different solutions. I made sure to choose the right solution through comprehensive evaluation of many DDoS mitigation solutions available. I worked with vendors in evaluating their products and my colleagues who are using them.

Although I didn't attend training and just saw the setup during a demo, when I set up the solution in production it was straightforward and it didn't even cause downtime.

The price is reasonable. IP Reputation is a separate subscription but this is optional.

I evaluated products from three vendors. I worked with vendors in evaluating their products along with my colleagues who are using them in production.

Ask for a demo. Use the latest firmware version. Plan properly. Understand the features and settings before deployment.