Fortinet FortiGate Reviews

We usually use Fortinet FortiGate for a perimeter firewall, but also for our outbound traffic as well as for the tunnels, with around 40 to 50 tunnels on our firewall.

We are using it in our data center; we have the 2,000 series HA firewalls.

Fortinet FortiGate has positively impacted my organization by allowing us to replace all the firewalls in other locations, as around 90% of our company operates on Fortinet.

We enable the SD-WAN zone to handle multiple ISPs, allowing it to automatically switch over the WAN link if any latency hits the threshold value, eliminating the need for manual failover. The impact of SD-WAN on our network performance provides great stability with zero downtime; it immediately switches over without any delay, not even a fraction of a second.

Fortinet addresses many vulnerabilities with respect to SSL VPN on their devices; quarterly patch upgrades are released, and the Fortinet team is retiring remote VPN services in favor of whole encrypted IPsec remote VPN to enhance security against hackers.

I have found Fortinet FortiGate's user-friendly design to be the most valuable feature so far. Anyone can easily understand how exactly it works, unlike Palo Alto and Check Point which are complex to understand. 

I believe one area that could be improved in Fortinet FortiGate is posturing, specifically for remote VPN users, as there are OS-based limitations I encountered with only Windows; adding domain restrictions for VPN access would make it more competitive and useful.

I have been working with Fortinet FortiGate for almost five years.

Overall, my impression of the stability of Fortinet FortiGate is very good, as I haven't seen any issues in the five years I've been using it, and there is no degradation of services on the firewall. However, I have observed some issues with FortiAPs, which is a different platform.

Based on my experience, Fortinet FortiGate is very scalable. Earlier it was suitable for mid-infra, but now we can use the firewalls for enterprise-level needs.

Whenever I am stuck or need help, Fortinet support is available 24/7, regardless of the time zone I'm in, and they immediately jump in to assist, provided it is licensed.

Before implementing Fortinet FortiGate, we were using SonicWall and ASA firewalls, which have now been replaced. The reason the previous firewalls were not suitable for our company anymore is that they were not competitive; they lacked UTM features, had limited VPN capabilities, and were outdated, which led us to select Fortinet over Cisco FTD for future needs.

It's not so complex. It's user friendly. I have implemented more than hundred devices from scratch.

As partners with Fortinet, we are end-users of this tool for our customers.

I am not exactly aware of the pricing of Fortinet FortiGate, but I would say it is considerably cheaper compared to other firewalls.

I evaluated other options, particularly Palo Alto. Fortinet FortiGate is user-friendly and as competitive as Palo Alto, Check Point, and FTD. It has the same features as other vendors but at a lower cost.

I would rate Fortinet FortiGate a ten out of ten.

On-premises

I integrate service with Fortinet FortiGate. I integrate service, and some manage service, so the customer already has the firewall and we manage them, or we sell the hardware. But mostly for hardware, there are a lot of sellers, so mostly we do the services.

If the customer wants Fortinet FortiGate, I give Fortinet FortiGate. If the customer wants Sophos, I give Sophos. Both have a different market and different customer profile.

Whatever the customer asks, we provide. I'm running Fortinet FortiGate now because a customer wants that in my data center.

I find Fortinet FortiGate valuable due to Fortinet's ASIC, as I have known Fortinet FortiGate since a long time ago, from the first time they ran. They use ASIC. While Sophos also has a special hardware solution such as Xstream, they have all different purposes and different advantages, so I can utilize both. It depends on the customer.

I don't have any problem with Fortinet Unified SASE. Mostly in Indonesia, in our market, customers buy the brand without knowing the full capability of it. So actually with Fortinet FortiGate, you also have to implement FortiManager, FortiAnalyzer and for hardware control, FortiNAC and so on. But because it's so modular, sometimes customers mistakenly just buy the firewall. The firewall doesn't work right. That's a problem. I understand that this product design philosophy of Fortinet FortiGate is meant to serve very big corporations which have established SOC teams. They put segmentation of who is the manager and who is the analyzer. That's why they put the separate server for that. But because the brand is so famous, even small customers want to buy it.

I think Fortinet FortiGate could learn from its competitors that there's nothing to change. Perhaps they could just launch a lightweight version of the SIEM and SOAR tool, which is cloud-based. This would be for small organizations who cannot afford to build the full scale SOC facility and team.

I have been working with Fortinet FortiGate for maybe five or six years, or maybe longer than that. It could be 10 years as well.

I have been working with Fortinet FortiGate for quite a long time, but I am not a partner yet. Last year I took partnership with Sophos, so we do both.

I don't have experience integrating SD-WAN capabilities with Fortinet FortiGate yet, as we had a case but the project didn't go. SD-WAN is not mostly firewall. Yesterday, I just had a discussion with a new customer that wants to buy ZTNA and NAC.

I think the pricing of Fortinet FortiGate is affordable to some small customers, but they can only afford the firewall without the other components. Mostly firewall, so it's just selling products, not selling a security system.

In my opinion, Fortinet FortiGate doesn't need to be improved. It's because it has a different market. I had a case maybe five or six years ago. There was a tender of SD-WAN implementation for 10,000 mini marts. A company that has 10,000 outlets of mini marts needs security. In the data center at their headquarters, they need a very big firewall, up to 500 Gbps. But in the outlet, which is a small store or mini mart, they need a very small firewall that's capable to do SD-WAN, authentication, security, VPN and so on. Fortinet FortiGate has it all. Fortinet FortiGate is suitable for that kind of organization. They have a special SOC, so they buy FortiManager, FortiAnalyzer and so on. I rate this review an 8.

On-premises

Other

The main use cases for the product revolve around perimeter security, and it depends on LAN to WAN traffic, especially in work-from-home scenarios wherein the customer wants to access the local infrastructure remotely. It is also sometimes used in data centers, but many times Palo Alto is used.

Fortinet FortiGate serves as the first line of defense. It is robust and easy to configure, and I haven't seen any breaches happening when configured properly based on best practices. In the Indian market, clients have a lot of trust in this product.

The most useful functions of Fortinet FortiGate are SD-WAN, which is very easy to configure. Its user interface is also very good, making it easy for any engineer to explain configuration changes over the phone without needing to take remote access. Integration of SD-WAN capabilities with Fortinet FortiGate is simple to integrate.

They are already making improvements with the integration of AI and machine learning (ML). While I haven't personally used these features yet, I see that the focus is primarily on AI operations that fall under the umbrella of AI and ML. Additionally, they offer FortiManager with a signal dashboard that allows for the monitoring and configuration of multiple FortiGate firewalls, which is quite impressive. Moreover, they now provide a SaaS offering for FortiManager, which I believe is a good development overall.

If they can come up with a feature that allows scalability within the firewall itself, such as 'scale as you grow,' that would be a valuable improvement. Fortinet is already implementing AI and ML, although I haven't used it personally. AI ops are covered under it, and they also have FortiManager, which allows for monitoring and configuring multiple Fortinet FortiGate firewalls through a single dashboard.

I have been working with Fortinet FortiGate for more than 10 years.

When it comes to stability, I would rate Fortinet FortiGate a ten out of ten, as I haven't seen any downtime wherever I proposed it.

I would rate Fortinet FortiGate's scalability as an eight out of ten.

I would rate the support from Fortinet a nine out of ten.

We also work with Palo Alto solutions. Palo Alto has a distinct advantage because it offers some great features that are already available, such as DNS security, which we have a lot of experience with. Palo Alto is unmatched in a data center environment. This is why many people tend to trust Palo Alto firewalls more compared to FortiGate. As for perimeter security, FortiGate excels in that area.

In most small and medium enterprises and SMBs, we usually propose SonicWall, and for enterprises, we work with Palo Alto or Fortinet FortiGate, depending on the requirement. It makes sense to propose the Fortinet FortiGate firewall, especially if the customer is already using the SD-WAN feature.

The initial setup for Fortinet FortiGate is simple.

The only challenge with Fortinet FortiGate is the pricing model.

Currently, we are considering Fortinet FortiGate solely for perimeter security, and for SASE and other approaches, we go with other solutions. I have not used AI and ML FortiGuard services with Fortinet FortiGate yet.

Overall, I would rate Fortinet FortiGate an eight out of ten.

We have a Fortinet FortiGate 900 series that is a big UTM. We also have 10 Gig switches, all fiber, for distribution of the service provider's connections.

The key features include SD-WAN, firewall use, intrusion prevention, intrusion detection, and application control. 

I have tested 90% of the features that Fortinet FortiGate offers. This type of solution helps us integrate all communications of our company. They guarantee operational continuity of our company and reduce risks by eliminating and detecting threats. This solution gives us agility.

The area that Fortinet may improve is customer support. When you have an incident, situation, or open a case, the support is not as good as Cisco or other platforms I have tested. There are many opportunities for improvement.

I've been using the solution for eight years.

Currently, we are experiencing a general outage of one of the main internet service providers of the Dominican Republic, and we have not been impacted in our operations because with SD-WAN, we have another internet service provider and we are working with the second WAN connection without any disruption.

The area that Fortinet may improve is customer support. When you have an incident, situation, or open a case, the support is not as good as Cisco or other platforms I have tested.

Before Fortinet FortiGate, we had Cisco.

It was not easy. While it might be easier now than eight years ago, you have to be careful and ensure you use a great partner that helps you implement this solution as easily as possible.

The experience is good when you use a quality partner or integrator. We use an integrator, located in the Dominican Republic. They have great support here and extensive knowledge.

The return on investment is great. Previously, we were using a dedicated point-to-point connection from the service provider that cost approximately $3,000 a month. When we implemented Fortinet FortiGate, we changed to two internet high-speed dedicated connections, costing approximately $2,000 in total, resulting in significant cost savings.

The cost efficiency is notable because it is an overall product with a mid-range price point, and you receive more value for the price.

Before Fortinet FortiGate, we had Cisco.

The only product that I have not integrated yet is the Unified SASE. This gives my team agility because as the Chief Information Security Officer, I do not have frequent contact with the platform, but my team has this interaction. 

On a scale of one to ten, I rate this solution a nine.

On-premises

Other

I am a network engineer implementing Fortinet FortiGate firewalls. We have implemented this firewall for various government departments, small organizations, and hotels.

Fortinet FortiGate is quite popular in my region, so we are implementing Fortinet FortiGate firewalls. Fortinet FortiGate is the best option on the market when it comes to firewalls. It's straightforward to deploy and has good stability and performance.

In an incident, after a restart, Fortinet FortiGate did not connect to FortiGuard servers. Due to that reason, on the customer end, all websites got blocked. I don't know why this happened. The firewall of a bank in Sri Lanka rebooted yesterday, and after that, FortiGuard servers did not connect properly, blocking all customer environment websites.

I have been working with Fortinet FortiGate for around three years.

I have not faced any other issues with Fortinet FortiGate. The performance for Fortinet FortiGate is good.

The scalability of Fortinet FortiGate is good.

We are able to resolve most issues on our own. We raise a case through a partner portal. If the local distributor cannot resolve it, it's routed to another country. The response time for their technical support is not always good. It also depends on the license that the customer has.

Positive

We are partners with both Sophos and SonicWall. I have implemented Sophos firewall myself, but not SonicWall. Our other engineers handle SonicWall implementations. I implemented Sophos SG and recently migrated from SG to SGS, all the firewalls.

The implementation process for Fortinet FortiGate is straightforward. We don't get much error with FortiGate because it's straightforward. We can implement it easily. Sometimes, when we implement through the portal, there are some errors, but we can manage it.

I have implemented 900D firewall and 400D firewall clusters, and many Fortinet FortiGate firewalls. I have also implemented FortiADC once, following step-by-step guides.

We are a partner of Fortinet.

Some of our customers are using Sophos and SonicWall due to price concerns, as they can't manage the pricing of Fortinet FortiGate.

I mostly recommend Fortinet FortiGate when it fits the customer's budget. I would rate Fortinet FortiGate an eight out of ten.

I am reselling FortiGate Next Generation Firewall (NGFW) or handling the administration of this product for various customers such as universities and those in the hospitality industry.

FortiGate Next Generation Firewall (NGFW) is more realistic in application, allowing for more specific, customized security policies without the extensive work involved with static rules. This feature is what I desire from the next-generation product. Its segmentation capabilities allow me to apply rules based on team needs or social networks, automatically updating for new networks. This removes worry about what happens when a new social network appears.

It would be better if there was more transparency regarding what the automatic rules do. When a site is blocked, it is necessary for me to consult the logs to understand what the Next Generation Firewall policy has blocked. There is usually no information about what is included or not included in these automatic rules.

I have had about five years of experience with FortiGate Next Generation Firewall (NGFW).

The support is not good because I generally search for solutions online. When I open a case, they usually identify it as a bug they are working on. I must study the best version to install to avoid previously found bugs.

Neutral

The initial setup of FortiGate Next Generation Firewall (NGFW) is pretty straightforward and easy.

For one implementation, only one person is needed for configuration. However, for tasks like interconnecting, putting the device in a rack, and other physical requirements, more people are required.

The licenses are expensive, and whenever a customer needs to renew the license, it becomes a significant expense. However, the hardware itself is relatively inexpensive compared to the license costs.

Netgate pfSense and FortiGate Next Generation Firewall (NGFW) differ significantly in terms of pricing and features, with FortiGate offering many more features.

On a scale of one to ten, I would rate FortiGate Next Generation Firewall (NGFW) a seven.

My customer's main use cases for Fortinet FortiGate are mainly for threat blocking, compliance requirements, firewall functionality, and basic security.

It's focused on defending against advanced threats and providing better throughput. Additionally, it can accommodate both enterprise companies and independent users. Bandwidth is one of the issues, but there are many benefits. Overall, it's a solid solution that is scalable in terms of throughput.

The best features of this tool include threat protection, email filtering, and web filtering. FortiAnalyzer's integration with the firewall and FortiSASE is beneficial. The integration helps detect the most advanced threats, such as APTs. 

Fortinet FortiGate stable solution has made systems more compliant in the cyber industry for several customers.

They can improve the backend functionality of Fortinet FortiGate, particularly how the policies work in a real-time environment. Improving this aspect can ensure that policies work effectively.

I have been working with this solution for around one year.

The stability can be rated as eight out of ten.

Fortinet FortiGate has very good scalability in terms of bandwidth, throughput, and everything else. It's scalable without any problems.

I would rate Fortinet support a six out of ten. The immediate response is not that good, particularly when raising a critical or P1 ticket; they lag in the immediate response. They can improve on that front, especially in their support service.

Positive

The initial setup of Fortinet FortiGate is straightforward.

My customers have seen ROI with Fortinet FortiGate. The investment they made has provided returns.

I'm not sure about the exact license cost, but generally, it's a reasonable price. If the hardware or the machine is advanced, it will be expensive. However, for medium-sized machines or hardware, it maintains a reasonable price.

I recommend that those who want to use Fortinet FortiGate need to plan ahead. If they are upgrading or expanding their user base in their company, they should purchase a one-level higher version. It would provide good throughput and withstand the number of users in their company.

Fortinet FortiGate can be a bit expensive, but the price is reasonable. I would rate this solution an eight out of ten.

I use Fortinet FortiGate just for the data center to connect to it. I put Sophos on the internet and FortiGate on the data center.

For application filtration, I really appreciate many features of Fortinet FortiGate because it is more reliable, easy to use, and the reports are easy to read and understand. I have integrated Fortinet FortiGate with the database for reading the reports. I can recommend Fortinet FortiGate for enterprise-level because it has many features and solutions, though I would not recommend it for small companies or individual companies.

To improve Fortinet FortiGate, I think they need to improve the software and make updates more quickly, rather than taking a long time to update the software or firmware.

I have been working with Fortinet FortiGate for approximately four to five years.

I would rate the stability of Fortinet FortiGate a ten out of ten, with ten being the best.

I would rate the scalability of Fortinet FortiGate a ten out of ten, as I think it is reliable and very dependable.

I would rate the technical support from Fortinet between eight and nine; it is a very good vendor, but sometimes there is a delay in getting information from us or maybe a delay for us to contact them.

I am using Fortinet FortiGate and Sophos.

In the beginning of my work with Fortinet FortiGate, the setup was difficult, but after many attempts, I became an expert on how to install and modify every command. For a regular user, I think it is very easy to understand and read the product documentation.

I use Sophos for firewall and Fortinet FortiGate for data center.

I really recommend Fortinet FortiGate. My overall rating for Fortinet FortiGate is 9 out of 10.

Public Cloud

Microsoft Azure