Fortinet FortiGate Reviews

The typical use cases for Fortinet FortiGate revolve around its security capabilities, as it has a number of features that clients see as necessary for a security solution. This helps them protect various platforms on their networks and infrastructures.

I am involved in implementation as a partner.

It's a good solution. I've not interacted much with it. I know a few features, and it's a nice one.

It's comprehensive and time-saving. It covers several areas regarding security.

Improvements for Fortinet FortiGate could be made by making it easier to implement on networks and simpler to add users and accounts that utilize this solution. That's basically the only challenge that I see.

I have one to two years of experience working with Fortinet FortiGate.

Fortinet FortiGate is a stable solution. While there are issues during implementation, once everything is properly configured, it remains stable. The implementation process can affect users, but those issues get sorted out. 

I find the scalability of this solution to be very good because it allows for easy expansion. You can add more users as needed, which makes it flexible.

I would rate the technical support from Fortinet FortiGate an eight out of ten.

I normally apply the licensing as a partner, but I am not involved in procurement. 

It's a good product that significantly enhances security and protects organizational data. Therefore, I would recommend considering using it.

I would rate Fortinet FortiGate an eight out of ten.

On-premises

I see several benefits of using Fortinet FortiGate. When it comes to deploying the solution, it is easy. It allows customers to quickly get up to speed with their day-to-day tasks, minimizing mundane requests. Additionally, the support regarding upgrades and hardware failures has been above par.

Fortinet FortiGate helps to remediate threats more quickly. 

Fortinet FortiGate helps to reduce the mean time to respond when it is properly integrated with proper tools. For example, with email and other automation capabilities, it has reduced to under an hour for me. 

Fortinet FortiGate helps to consolidate tools and applications by offering web control, email protection, routing, firewalling, and extending to switching and wireless on the same management platform.

Fortinet FortiGate is good for helping you secure and protect mission-critical data. It is also good for protecting your edge.

When it comes to security, Fortinet is excellent in terms of how updates are done when there is an incident globally or there's a new variant of any IOCs. It is quite up-to-date.

I find application control, logging and reporting, and ease of use valuable. I find the ease of configuring specific policies to be the most valuable feature of the Fortinet FortiGate firewall.

The solution could be improved by addressing limited local reporting. It requires obtaining the FortiAnalyzer for proper visibility because you can't do much from a reporting perspective with just the firewall alone.

In terms of convergence, it is a good solution, but it can be better. FortiGate has the capability to support their switching and wireless platforms. They are quite excellent on their wireless side, but I found a couple of gaps in terms of how FortiGate integrates with their own switching platform. There are some gaps there.

My experience of working with Fortinet FortiGate is approximately 10 years.

It caters to all with different units, such as from five users to a model that supports telcos or huge enterprises. Depending on the size of your organization, you end up getting the correct fit of the model, and they have the same capabilities. The variation comes in terms of the interfaces and throughputs, but from a security perspective, you get the same benefit, irrespective of whether you have an entry-level unit or an enterprise.

Their support is quite effective. I would rate technical support from Fortinet a nine out of ten.

Positive

I've had a chance to do a couple of deployments on the cloud. I've done deployments on private and public clouds. I've deployed it on-prem as an edge firewall or as a data center firewall. 

In terms of maintenance, like all firewalls, there is an aspect of upgrading based on new features and getting the latest updates from the signatures and IPS uploads that come along with it. That happens effectively in an automated way. Software upgrades are catered to during the support window.

The FortiGate firewall has helped to reduce the total cost of ownership.

It provides value for money and is quite competitive compared to other vendors, allowing you to achieve the proper ROI from investments.

The pricing or licensing of Fortinet FortiGate is quite effective as it offers different bundles that aggregate most required features, while also allowing clients the option to select specific components alone.

The typical use case for Fortinet FortiGate as a firewall is because of the commercial aspects. It is competitive from a pricing perspective. There is ease of use compared to other vendors and effective vendor support for any issues.

Anyone considering purchasing FortiGate's data center firewall should go for it because data centers require stability and proper performance, which the platform provides. I would recommend getting the latest unit for a longer shelf life as clients often buy nearly end-of-sale products, limiting their usability.

Overall, I would rate this solution a nine out of ten.

I use the FortiGate firewall for ordinary firewall functions, including SSL inspection, VPN, and site-to-site VPN.

The most valuable features of the FortiGate firewall include SSL inspection, VPN functionality, and threat intelligence features for preventing threats. These features are essential and provide significant functionality for our organization.

There should be more testing before releasing software since it can be a little buggy sometimes when new features come out after updates.

I have been working with the FortiGate firewall for many years.

I am satisfied with Fortinet support. Usually, it is fast and provides advice effectively.

The initial setup of FortiGate was an easy process. It took about three months for a full deployment across the entire organization.

The FortiGate firewall provides good value for the money. It usually is cheaper than the competition, contributing to cost savings.

The pricing of the FortiGate firewall is good. It offers cost savings as it is generally cheaper than the competition.

Palo Alto is an alternative solution. While it may be better for filtering and category white-listing, especially in areas like banking, it is more expensive than FortiGate.

Overall, I would rate FortiGate an eight out of ten. 

For some use cases like banking, Palo Alto may perform better due to its filtering capabilities.

We use Fortinet FortiGate as our security and routing solution.

We implemented Fortinet FortiGate to enhance our security posture by blocking and restricting access to certain websites and securing our VPN traffic. 

Fortinet FortiGate offers enhanced visibility and segmentation for our industrial devices, a crucial process when some machines utilize systems demanding high-level security.

We have implemented Fortinet Security Fabric on our VM infrastructure, and it has provided great service in helping us meet regulations, governance, and compliance requirements. This is important to us because Fortinet Security Fabric connects to our sandbox, allowing us to scan shares across all clusters and enabling FortiGate to resolve any online issues.

Fortinet FortiGate has enhanced our organization's security by enabling secure VPN access and restricting access to social media sites, thus ensuring that employees can focus on their work. We saw the benefits of FortiGate within weeks of the deployment.

FortiGate helps reduce the risk of cyberattacks that could disrupt our production by isolating the affected traffic and creating a log for us.

It also helps to centralize the management of our network and security operations.

The centralized management allows us to access all of our firewalls and policies using a single interface.

Fortinet provides actionable data to help us make informed decisions about the actions to take. For example, if one of our firewalls goes down, the solution helps us rectify the issue by providing details on the problem and how to address it.

By consolidating the numerous individually connected batches, FortiGate helped us reduce operational expenses associated with the extra costs they incurred.

Fortinet FortiGate has helped us mature our approach to cybersecurity for protecting our industrial equipment. Their knowledge and daily webinars on email security and virus prevention have empowered us to stop attacks and maximize our efficiency.

The most valuable features are SD-WAN, application control, IPS control, and FortiSandbox. These features help reduce our downtime, manage the ISPs, and deploy SLAs for all the website traffic.

The graphical user interface of Fortinet's FortiGate product does not function well with text-based interfaces. This functionality should be improved.

I have been using Fortinet FortiGate for seven years.

I would rate the stability of Fortinet FortiGate a ten out of ten.

While Fortinet FortiGate firewalls are scalable, upgrading to a new version or adding hardware requires purchasing a new license to migrate the old backup to the new firewall. 

While the technical support team is knowledgeable, their response time to support tickets is concerning. It typically takes them 48-72 hours to respond, which significantly disrupts my work.

Neutral

While we previously used the open-source PSS firewall, it lacked the layered security architecture offered by Fortinet FortiGate.

We migrated to Fortinet FortiGate for its superior control, in-depth scanning, and ability to minimize cybersecurity risks, features not offered by other firewall solutions.

The initial deployment is easy. The solution can be installed by following the on-screen prompts, and the policies can be implemented through the interface dashboard.

Deploying the system takes one full business day. We begin by gathering user requirements from each department, as they have varying policies. The policies are implemented department-first, followed by branches. Finally, VPNs are generated for remote users. Two people are required for the deployment.

The implementation was completed in-house.

Since implementing Fortinet FortiGate, we have observed an increase in user productivity, which translates to a positive return on investment.

While Fortinet FortiGate has a higher price point compared to Sophos XG, its user-friendly interface justifies the cost. Additionally, its fixed pricing structure eliminates concerns about surprise fees.

After evaluating Sophos XG and finding its interface overly complex for our needs, we opted for the user-friendly interface of Fortinet FortiGate.

I would rate Fortinet FortiGate an eight out of ten.

We have one person that deals with maintaining Fortinet FortiGate.

We have 1,100 users in multiple cities and departments using FortiGate.

The Fortinet FortiGate 60F is a good choice for organizations to begin evaluating firewalls.

On-premises

There are various use cases for Fortinet FortiGate, including firewall protection for internet access, data centers, branches, and SD-WAN. We use the firewall in multiple locations throughout our network, taking advantage of its many features, such as the promising CDR feature and security profiles like the WAF filter and application DNS security. We deploy these features in different parts of the network. Additionally, some customers use Fortinet FortiGate in the cloud to safeguard their cloud servers within platforms like Microsoft tenants.

Our customers are using Secure SD-WAN for connecting different branches. For example, oil and gas companies have different branches all over Egypt, which are not in the main city, so they need a secure connection and stability for certain protocols, such as voice and things like that. They also need visibility. They need to understand which applications are consuming SD-WAN. 

Some of the customers are also using SD-WAN for load balancing. For SD-WAN, you need at least two internet connections, so some of the customers are using it as a load-balancing technique. Overall, there are a lot of features for which customers are using SD-WAN.

For our customers, Secure SD-WAN is very useful for giving the right priority to the applications and controlling the proper use of the application.

Secure SD-WAN's interoperability with other systems and applications in the environment is very good. The integrated application protection provided by Secure SD-WAN is also good. There is a very good integration with all the applications and portfolios. We don't integrate the firewall with the application itself, but it does what is needed to control and reroute the traffic.

Secure SD-WAN has a lot of benefits. There is a calculator on Fortinet's website. When you feed the right information to that calculator, it tells you how much money you will save by acquiring SD-WAN. The first benefit is that you're going to save money. Instead of buying multiple ISP connections, MPLS, and other such things, you can use the normal internet and apply SD-WAN on it, so you can save a lot of money. You also don't need to increase the bandwidth. SD-WAN helps with the routing of your traffic and the optimum use of your links. It's efficient and secure, and it saves you a lot of money, and of course, there is the security of the firewall that's applied on SD-WAN. If we're comparing it with other vendors like Cisco, you are not getting the firewall features.

It's very efficient. There is a lot of visibility. It reduces the number of incidents. If there is any problem, you can immediately log in to the firewall, and you will know if there is a notification about bandwidth consumption or any other issue, or if there is any drop in connectivity. It makes the operation very easy. It makes it easy for the teams to respond to incidents and manage issues. SD-WAN helps to remediate threats more quickly and efficiently because, with SD-WAN, there are a lot of applications going through different links, so if you can know which link an application is using and what's on the link, you can make the right decision in a very fast way to fix it. It provides both visibility and efficiency.

It reduces your mean time to detect (MTTD). In the new version, which is version 7.x, of the FortiGate firewall, through the main dashboard, you can know what is going on. If you've done the dashboard and you're putting these statistics in front of you on a screen, once you look at it, you'll know what's going on and what's the problem. It, of course, will give you the tools and the right information to reduce the time to solve.

It's hard to say whether it has reduced help desk tickets because it's more on the operational side, but it helps them a lot. The operations team is not handling the firewall. It's either the network team or the network security team. Generally, once it's up and running, it just works. It's different from having an antivirus or something else that can be changed from day-to-day activities. With this one, once you turn it on, the service will be stable unless you have a problem with your internet. It doesn't cause a lot of problems.

In terms of helping to future-proof business, from a partner perspective, it gives you a lot of flexibility to enhance the customer network. It opens a lot of doors for sales, for a new business, and for new potential. That's from the partner side. From the customer side, you can save money and solve a lot of problems. If you need to connect with a few branches all over the country, it's efficient. You don't need to travel for five to ten hours to reach the second branch. If you have proper SD-WAN technology and it's connected in a good way with good vendors, you can save a lot of time, effort, and money. You can have proper connectivity between branches as if the guy you are talking to is next door. So, SD-WAN gives a lot of benefits at the vendor level, partner level, and customer level.

Fortinet FortiGate is user-friendly and affordable.

When it comes to Secure SD-WAN, ease of use is valuable. The visibility and reporting are also valuable. A cool thing is that SD-WAN is free of charge with the Fortinet firewall. You can just use it just by using the Fortinet appliances that you already have in the branches. You cannot have appliances from different vendors. Fortinet customers can use the feature in a very easy way. It takes one click to integrate with the firewalls. It's very very easy to deploy. You don't need to build anything.

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets.

For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line.

The stability has room for improvement.

When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

I have been using Fortinet FortiGate for seven years, and I have been using Secure SD-WAN for two years.

Secure SD-WAN is stable, but when it comes to the firewall, sometimes there are issues with the throughput and related factors. Improper handling of these can lead to a memory surge, a well-known bug that can cause the entire system to freeze. When this happens, the system appears to be running but no traffic is processed, causing disruptions to applications, users, and overall internet connectivity. This can be confusing because the firewall appears to be functioning correctly. Typically, the solution is to restart the firewall. However, when we contact support, they require logs before restarting, which can be challenging in urgent situations. As a result, we prioritize quick resolution over troubleshooting. This is a common drawback of the operating system.

I'd rate Fortinet FortiGate's scalability an eight out of ten.

While the technical support offered online and on-site is generally effective, there may be occasions when we need to escalate an issue to a higher level due to its complexity. 

I initially sought assistance from level-one support, but they were unable to resolve my issue. Eventually, they informed me that the problem would be addressed in a future patch. However, within a day or two, a level three engineer intervened and provided me with an update to resolve the issue. He explained that it required a command line configuration, as it couldn't be done through the graphical user interface. I was impressed with the level-three engineer's expertise and problem-solving skills. It taught me that if we persist and communicate our needs, we can achieve our desired outcomes.

Positive

The initial setup is straightforward. We need to determine whether the firewall will be positioned in an active-standby or active-active configuration. Based on this decision, we will choose the appropriate license. If the firewall is intended for use with the Internet, we will need to include features such as a full DNS filter. However, if it's being used in a data center, these features may not be necessary. Additionally, we need to consider the speed of the interface, 1G or 10G, and the expected amount of network traffic to properly size the firewall model and ensure proper throughput. This is the initial phase of the process. Once the firewall has been deployed, it's a matter of connecting it and configuring policies. 

When it comes to the deployment model of SD-WAN, my customers usually buy the appliance. They already have FortiGates, so we're just connecting firewalls to each other. In Kuwait and Egypt, there are mostly on-prem deployments. It's rare to have someone deploying a firewall on the cloud, and if it's deployed on the cloud, it's for a certain reason. It's not for SD-WAN because you're not loading balancing or you don't need SD-WAN for cloud access. In the countries where I was responsible for its implementation, there was only on-prem deployment.

There is one single challenge with the deployment of SD-WAN, but it's not from the FortiGate side. It's from the customer side. You need to understand your traffic so you can get the best out of SD-WAN. For some organizations, it's huge because they don't know which application is doing what and which is more important than the other. Especially during the COVID years, a lot of applications popped up. Companies used to release an application every few weeks. To do a proper implementation, you need to understand your network, understand your application, and set your priorities. Once you do this, the implementation will be a piece of cake. If you have all the information, it will take a day or two days.

We implement the solution for our clients. One person can easily deploy multiple Fortinet products through the firewall including FortiAnalyzer for the logs, FortiManager, and FortiMail.

For SD-WAN also, one senior security engineer can do everything for a customer. The maintenance is easy. We haven't faced any critical problems with it.

We have experienced a positive return on investment by utilizing Fortinet's products. For instance, their website features a calculator for SDR, which enables us to measure the actual ROI in dollar amounts. We input our current expenses, the products we intend to purchase, and our connectivity plans, along with a few other details. At the end of the process, we receive data that indicates the amount of money we will save, such as two hundred thousand, for example. This provides us with clear and precise figures on our savings, making it an excellent tool.

Our customers have seen time to value with Secure SD-WAN. Its time to value is seen within weeks of implementation.

The price for the Fortinet FortiGate is reasonable. Secure SD-WAN is free of charge. If you have their firewall, it's free of charge. It's very tempting. Other vendors, such as Palo Alto, will charge you to have an SD-WAN license, whereas, with Fortinet, it's free of charge.

When purchasing a firewall, stability is non-negotiable. For small to medium businesses, Fortinet's affordability and ease of deployment make it a suitable option. However, for enterprise-level businesses, Palo Alto or Check Point would be preferred for their robust clients and immediate updates, despite the higher cost.

When comparing the pros and cons of Secure SD-WAN with other solutions, the challenge is not with SD-WAN. It's with the appliance that's offering SD-WAN, which is the firewall. So, the first comparison would be between the FortiGate firewall and other firewalls, and if the other firewalls are already offering the same service, the comparison will be between different levels, not just SD-WAN. There could be other firewalls that are more efficient or lower in cost or even more familiar to customers than Fortinet. So, the challenge is not with SD-WAN. The main reason I use SD-WAN on FortiGate is to get the benefit of the security profiles or security features of the firewall on top of the SD-WAN. Otherwise, I can use my internet router, the basic load balancing protocols, and the basic IP tunneling, and send some traffic here and some traffic there, and I'll save the cost. 

I'd rate Fortinet FortiGate an eight out of ten.

On-premises

In a scenario where FortiGate Next Generation Firewall (NGFW) notably enhanced my customer's network performance, we discussed many points. The graphical user interface is very good, both feature-wise and technology-wise.

The effective feature in FortiGate Next Generation Firewall (NGFW) is DLP.The FortiGate Next Generation Firewall (NGFW) has the feature image of 7100 D.

In FortiGate Next Generation Firewall (NGFW), my concern regarding improvements is the licensing model. In the latest versions, everything moves to licensing only, and to work from SSL VPNs and integrate those features, it is similar across all vendors, but my main concern is the DLP part, which has not advanced significantly.Regarding the AI capabilities of FortiGate Next Generation Firewall (NGFW), these AI features are not present in the latest versions, which is why we are working on those versions. They aren't suitable in a live environment, and while AI features exist, I don't have details about their availability in versions after 7.0, as I believe only versions 6.0 and below have those features.For future improvements in FortiGate Next Generation Firewall (NGFW), features-wise, SD-WAN enhancements are expected, especially in configuration or viewing SD-WAN monitoring, as some minor enhancements would be beneficial.The complexity in configuring the policies needs improvement, and the SD-WAN template should be available in the tunnel. When we create the tunnel, we need to add in SD-WAN, allowing the creation of VPN tunnels from SD-WAN, which requires technical expertise to configure. Automating that would strongly enhance it, as SD-WAN is number one now with FortiGate, and going forward, more customers will move to FortiGate.

FortiGate Next Generation Firewall (NGFW) is recommended for various industries, and its GUI has many enhancements in the latest version, making everything good.In FortiGate Next Generation Firewall (NGFW), we are expecting the effective DLP feature with threat detection capabilities, which works with deep inspection. Some customers are not accepting to install the applications, and sometimes in the guest tunnel, content filtering should be blocked, such as domain blocking for Gmail, as users access only their particular consumer account. If they try to access personal accounts, it should be blocked, requiring configuration settings with deep inspection that needs certificates installed in all systems, which is a time-consuming process that some customers do not accept, questioning the need for installing certificates without deep inspection.The licensing model for FortiGate Next Generation Firewall (NGFW) depends on various types such as the earlier UTM license, FortiCare, and Enterprise license. The Enterprise license includes all features such as FortiManager, FortiAnalyzer, and converter. The UTM licenses include only UTM features such as AV, web filtering, application control, and IPS, while FortiCare is only for hardware.

We are using FortiGate IPS as a firewall, as an intrusion prevention system (IPS), and as a content filter. Additionally, we use it for SD-WAN, which is very important for us.

FortiGate IPS has made managing our cybersecurity framework easier. It is user-friendly, easy to implement, and helps in threat detection and prevention. Also, SD-WAN management by FortiGate has ensured seamless internet connectivity by automatically switching between lines during provider interruptions.

The most effective features for threat prevention are the IPS, content filter, and SD-WAN capabilities. The user-friendly nature of FortiGate IPS compared to our previous products, like Cisco and SonicWall, is also valuable.

I would like to see more AI features included in future updates, as that would add significant value. Additionally, the pricing of FortiGate is relatively high compared to other products like Cisco and SonicWall. An area for improvement is in their support services, which could be more responsive and quicker to resolve issues.

We have been using FortiGate IPS for more than nine or ten years.

FortiGate IPS is very stable.

I think it is very scalable. I would rate its scalability as nine out of ten.

In the past, direct support from Fortinet was not very satisfactory, as it took a lot of time to resolve issues. However, we now receive excellent support from our partner. They are amazing and provide very good support.

Neutral

We previously used SonicWall and Cisco. Compared to those products, FortiGate IPS is easier to use and more user-friendly.

The initial setup was straightforward and easy to implement. It took only a few hours to deploy.

The implementation was done by a different team, but we supervised the process. We used third-party services for the implementation.

The pricing is relatively high compared to other products like Cisco and SonicWall. This is a point that could be improved, as FortiGate is expensive.

We evaluated SonicWall and Cisco before choosing FortiGate IPS.

I recommend FortiGate IPS because it is very user-friendly, easy to install, and effective in threat prevention. More AI features in future updates would add more value.

I'd rate the solution nine out of ten.

Hybrid Cloud

Conventionally, the solution is used for perimeter security. Whenever we find our organization's customer without an existing firewall, we use FortiGate Next Generation Firewall both for perimeter security as a firewall and as a VPN appliance to allow work-from-home employees at the VPN end. In the aforementioned instance, our company also uses the solution to connect different branches.

If our organization is establishing the network for a company with different branches spread geographically, we will use the VPN in IP set and FortiGate. The solution is highly flexible and is available at a cost-effective price. 

When using FortiGate Next Generation Firewall, availing the FortiGuard subscription is very important due to the vast threat intelligence with an international network.

Using the aforementioned network, FortiGate has been able to procure intelligence about the threats and incorporate the mitigation and protection against those threats in FortiGuard. So when you have FortiGuard integrated with the firewall, you have a robust perimeter solution to protect against malware. 

The pricing of the solution should be more affordable. 

I have been working with FortiGate Next Generation Firewall for seven years. 

FortiGate Next Generation Firewall has excellent stability. Fortinet is a top-tier IT security infrastructure company. 

I would rate the scalability a nine out of ten. The solution exhibits impressive stability. Once the solution is installed, it's used 24/7. 

We never had to rely on or communicate much with the tech support. The free resources, documentation, training, and community feedback have been enough to resolve 99% of our company's issues with the product. In our organization, we directly interacted with the support team once or twice and had a positive experience. I would rate the tech support eight out of ten. 

Positive

We used Cisco previously, but it was too expensive for our company. FortiGate Next-Generation Firewall was available at a better price and performance; it was a better fit for our company as a networking vendor. 

I would rate the initial setup an eight out of ten. Our company deals with only the on-premise version of FortiGate Next Generation Firewall. It took about half a day in our organization to deploy the solution. 

Our company has several firewall projects. When our organization identifies a company that needs a firewall but doesn't have one, we contact them. Our company strongly advises potential customers to adopt a firewall, and we provide reasons why the company shouldn't operate without a firewall today, we try to sell them the FortiGate Next Generation Firewall and FortiGuard solutions.

If the potential customer doesn't have access points or the latest switches, our company tries to sell that as well in the form of an integrated solution. 

Our company prefers to program solutions as much as possible in-house before approaching the customers. 

FortiGate Next Generation Firewall has a very high ROI. A customer can realize nearly 100% ROI when it is used along with FortiGuard to establish a robust perimeter firewall based on an international vendor with a global-level threat intelligence network. 

I would rate the pricing a seven out of ten. There are penalties if you don't renew the FortiGuard subscription, and I think the vendor should've refrained from imposing such penalties. If a customer fails to renew for a year, there shouldn't be any penalties on Fortinet solutions, the vendor should eradicate such policies. 

We evaluated Palo Alto, but we still chose Fortinet because, as per our company's evaluation, Palo Alto doesn't offer switches or access points. Before adopting FortiGate Next Generation Firewall, we also concluded that Fortinet offered everything for networking infrastructure, including switches, access points, antivirus, and firewalls. 

FortiGate has end-to-end solutions, they have switches, access points, and a native antivirus and threat management solution. When you onboard FortiGate Next Generation Firewall, you choose a vendor that covers every aspect of the IT infrastructure.

So, if you avail yourself of other products from the same vendor later on, it makes the management processes easier, as the command interface is similar across all the products from Fortinet, including switches, access points, and firewalls. The aforementioned benefit removes the need for training your team when a new solution is onboarded in the organization. 

I would advise others to do a proper assessment in terms of the sizing before onboarding FortiGate Next Generation Firewall. Before adopting the solution, one should know how many users need access to the Internet so that the firewall can be sized or scaled ideally.

A sizing chart is available online to assist users in procuring the correct firewall size. FortiGate Next Generation Firewall offers comprehensive reports on user activity; potential customers should also analyze the reporting aspect before choosing the solution.  

FortiGate Next Generation Firewall handles new and latest security threats satisfyingly. FortiGuard has some AI influence in its threat intelligence features in its international network. I would overall rate FortiGate Next Generation Firewall an eight out of ten. 

On-premises

It is just for firewalls and network security.

It's mostly compliance, like just meeting our security requirements to keep our data secure. We don't make money out of it. It just keeps our data safe.

I have FortiGate for SD-WAN and all access points here, which has helped with traffic shaping capabilities.

I also use AI (Rapid7) to improve my cybersecurity. 

It's easy to use and provides good visibility of network traffic.

The SD-WAN functionality is a bit overly complicated and not fully documented.

I have been using it for six years. 

The customer service and support are good. I can contact them online or over the phone.

Neutral

I have used Sophos XTM and Palo Alto.

FortiGate is more feature-rich and has a broader range of hardware. They offer switches, access points, firewalls, and the whole network stack, whereas a lot of others only do firewalls.

It's just a good value and the possibility of using those features. We haven't used FortiSwitches yet; we're investigating them at the moment, but we haven't ordered any yet.

The SD-WAN was certainly tricky and took a while to figure out, but the rest of the security features were straightforward.

The deployment took us six months. 

It's hard to measure the return on investment, but it certainly helps us manage our security requirements easier than other solutions that I've used.

It's good value for the money.

It was worth the money overall. It's good value.

Overall, I would rate the solution an eight out of ten. 

On-premises

Our company uses this solution for endpoint network security. 

The ECC management and the GUI that offers single interface management are the most valuable features of Fortinet FortiGate. 

The documentation available for Fortinet FortiGate should be improved. Often, I find documentation of older models and not the latest version of Fortinet FortiGate. I have to often utilize the older documentation and reengineer the information for the latest model of Fortinet FortiGate. 

There are competitor products in the market that can monitor all logs, which are referred to as SOC; Fortinet FortiGate should have such in-built features. The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection. 

I have been using Fortinet FortiGate for more than a year.

I would rate the stability an eight out of ten. 

The solution is used daily in our organization. I would rate the scalability an eight out of ten. 

I would rate the tech support an eight out of ten. Our company needs to contact customer support on certain issues. The support team is usually able to resolve the issues by communication over call a few times. Sometimes, there was quite some back-and-forth through support tickets with the vendor team before the issues got resolved. 

Positive

Our company previously worked with Juniper, NETGEAR, and Cisco. The devices from the aforementioned vendors reached the End of Life, and their support was expiring in our company, so we switched to Fortinet FortiGate to have visibility and manage all devices through a single vendor. 

I would rate the initial setup a nine out of ten. Due to some network complexities, we had to schedule the downtime of our organization's business, so the initial deployment of Fortinet FortiGate took more time than anticipated. But the setup process was seamless and our company didn't face any abrupt down time. 

At our company, first, we prepared a deployment plan and then divided the services into varying areas based on which the deployment was performed in phases. Only two professionals, a system engineer, and an infrastructure manager, are required to deploy Fortinet FortiGate.

Another two individuals are needed to maintain the solution with the same aforementioned professional job designations. In our company, we didn't face any issues while integrating Fortinet FortiGate with our existing infrastructure and even with other tools.

A third-party team deployed the solution for our organization. 

In our company, we haven't realized an ROI yet, as the solution was implemented just a year ago. There are some devices that I need in addition to other area devices of my company, we are in process of renewing all old devices with newer versions.

In the next few months, our company will be able to obtain the actual capex purchase with at least ten switches. Fortinet FortiGate is worth the money, offers multiple solutions under one roof. 

I would rate the pricing a five out of ten. Our company onboarded the solution through a traditional capex purchase of the standard license with three years of customer support. 

Our company has been using Fortinet FortiGate since 2009 at the firewall level, due to familiarity with the RTO and FortiGate environment, complete adoption of Fortinet FortiGate was an easier choice than other solutions for a single clear management. 

Fortinet FortiGate also had all the features that our company was expecting, and in terms of ease of management, opting for the same vendor from firewall to edge device was a comfortable option. 

Previously, in our organization, we didn't have a network monitoring tool. With the adoption of Fortinet FortiGate, we can now check the port level of the switches that can be witnessed at the EP end, where all devices remain connected to the network. The management and monitoring are the major benefits of Fortinet FortiGate. 

I would advise others to consider adopting the solution without hesitation. I read the latest Gartner Magic Quadrant report, and it mentioned that, based on its track record, Fortinet can compete with the best in terms of network and security solutions.

For the last five years I believe Fortinet has dominated the market. I recently attended a Fortinet event where I met all the local and regional support team; I learned that the vendor is continually expanding, and in our region, we can easily avail support and guidance regarding Fortinet solutions whenever required. 

The monitoring subscription that is provided with the Fortinet FortiGate has built-in AI features for the past three years. I believe Fortinet is in the sixth generation of their AI and ML utilizing the native infrastructure. Thus, the AI features have been available for a long time in Fortinet FortiGate, but they are promoting it now due to the market trends. I would overall rate the solution an eight out of ten. 

On-premises