Fortinet FortiGate Reviews

We use Fortinet FortiGate for network segmentation. We protect from the outside world and make segregation with the outside world. With Fortinet FortiGate, we primarily focus on network segmentation.

The most valuable feature of Fortinet FortiGate is the price-quality ratio. It's a very good fit as it's not very expensive and offers extensive functionality. It functions effectively as a firewall, performing its intended purpose compared to the competition. When activating the Unified Threat Protection, users gain access to FortiGuard. The SASE possibility is also interesting even though we do not currently use it.

It's not only about the product itself. It is also the team around Fortinet. We receive substantial help from Fortinet, which is very valuable as they assist us in choosing the right solutions. If we need configuration assistance, they can send specialists who help design the solution. The value comes from both the FortiGate firewall itself and how the team supports you.

One area for improvement involves FortiAnalyzer, specifically regarding the SOC part and log interpretation. Sometimes interpretation is very difficult. They send an extensive amount of logs, and when putting that in a SOC or SIEM, payment is based on gigabytes sent. We send many unnecessary items, resulting in unnecessary costs.

We decided to reduce the logs and now send only half of what we had before after determining what was unnecessary. They should improve what needs to be sent to the SIEM. The logs should be lighter. In the log structure, there are many unnecessary columns, resulting in a large amount of redundant data. They should improve the way logs are sent to the SIEM.

We have been using Fortinet for more than ten years. 

Fortinet FortiGate is stable overall when choosing a release that has been tested. We have observed more vulnerabilities on Fortinet, however, this indicates that as the product becomes more successful, it becomes a larger target for hackers. This issue exists with every major vendor.

The scalability of Fortinet FortiGate for our organization is one of the best aspects, as they use the same OS for everything. This means you can find your way back and upgrade without changing everything in terms of configuration. Scaling up infrastructure is not problematic as it doesn't require a major migration.

Based on my experience with their support, I would rate Fortinet FortiGate eight out fo ten. Sometimes it takes more time if the issue is complicated. Overall, the support is good.

We've always used Fortinet; we were working with someone else who was also using Fortinet.

I personally participated in the initial setup and deployment of Fortinet FortiGate a very long time ago. Currently, I am more involved in management than operations, so I no longer follow this aspect.

Fortinet FortiGate is deployed on-premises in my organization.

The return on investment with Fortinet FortiGate is measured in terms of security. A firewall can be nice, however, if it is poorly configured, it will result in poor value for money. 

Return on investment for a firewall is about performing its intended function. Without one or with poor configuration, you can lose substantial money. The return on investment is reflected in the level of protection provided.

I am aware of the pricing of Fortinet FortiGate through our purchasing service. I have access to the list price and know the discounts. The price-quality ratio is very good, and we have an excellent representative who helps us secure good pricing.

I evaluated other options before choosing Fortinet FortiGate through a tender process. They met all the feature requirements and testing criteria. The dedicated ASIC provides very good performance, which was initially the key factor for our needs. We continue monitoring what Palo Alto and Cisco do, but we maintain a partnership agreement with Fortinet.

I have experience comparing Fortinet's SD-WAN with Cisco's solution. We currently don't work with SD-WAN, having returned to an MPLS network since we own the network and cables. 

We don't integrate SD-WAN capabilities with Fortinet FortiGate in our network yet since we own our whole network, including all the cabling and optical fibers in the region. While SD-WAN is a good feature, it's not necessary for our use case. 

Regarding Fortinet Unified SASE, implementation may come in the future. 

We don't use Fortinet FortiGate's data center solution. 

I'd rate the solution eight out of ten. 

On-premises

In a scenario where FortiGate Next Generation Firewall (NGFW) notably enhanced my customer's network performance, we discussed many points. The graphical user interface is very good, both feature-wise and technology-wise.

The effective feature in FortiGate Next Generation Firewall (NGFW) is DLP.The FortiGate Next Generation Firewall (NGFW) has the feature image of 7100 D.

In FortiGate Next Generation Firewall (NGFW), my concern regarding improvements is the licensing model. In the latest versions, everything moves to licensing only, and to work from SSL VPNs and integrate those features, it is similar across all vendors, but my main concern is the DLP part, which has not advanced significantly.Regarding the AI capabilities of FortiGate Next Generation Firewall (NGFW), these AI features are not present in the latest versions, which is why we are working on those versions. They aren't suitable in a live environment, and while AI features exist, I don't have details about their availability in versions after 7.0, as I believe only versions 6.0 and below have those features.For future improvements in FortiGate Next Generation Firewall (NGFW), features-wise, SD-WAN enhancements are expected, especially in configuration or viewing SD-WAN monitoring, as some minor enhancements would be beneficial.The complexity in configuring the policies needs improvement, and the SD-WAN template should be available in the tunnel. When we create the tunnel, we need to add in SD-WAN, allowing the creation of VPN tunnels from SD-WAN, which requires technical expertise to configure. Automating that would strongly enhance it, as SD-WAN is number one now with FortiGate, and going forward, more customers will move to FortiGate.

FortiGate Next Generation Firewall (NGFW) is recommended for various industries, and its GUI has many enhancements in the latest version, making everything good.In FortiGate Next Generation Firewall (NGFW), we are expecting the effective DLP feature with threat detection capabilities, which works with deep inspection. Some customers are not accepting to install the applications, and sometimes in the guest tunnel, content filtering should be blocked, such as domain blocking for Gmail, as users access only their particular consumer account. If they try to access personal accounts, it should be blocked, requiring configuration settings with deep inspection that needs certificates installed in all systems, which is a time-consuming process that some customers do not accept, questioning the need for installing certificates without deep inspection.The licensing model for FortiGate Next Generation Firewall (NGFW) depends on various types such as the earlier UTM license, FortiCare, and Enterprise license. The Enterprise license includes all features such as FortiManager, FortiAnalyzer, and converter. The UTM licenses include only UTM features such as AV, web filtering, application control, and IPS, while FortiCare is only for hardware.

Our company uses this solution for endpoint network security. 

The ECC management and the GUI that offers single interface management are the most valuable features of Fortinet FortiGate. 

The documentation available for Fortinet FortiGate should be improved. Often, I find documentation of older models and not the latest version of Fortinet FortiGate. I have to often utilize the older documentation and reengineer the information for the latest model of Fortinet FortiGate. 

There are competitor products in the market that can monitor all logs, which are referred to as SOC; Fortinet FortiGate should have such in-built features. The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection. 

I have been using Fortinet FortiGate for more than a year.

I would rate the stability an eight out of ten. 

The solution is used daily in our organization. I would rate the scalability an eight out of ten. 

I would rate the tech support an eight out of ten. Our company needs to contact customer support on certain issues. The support team is usually able to resolve the issues by communication over call a few times. Sometimes, there was quite some back-and-forth through support tickets with the vendor team before the issues got resolved. 

Positive

Our company previously worked with Juniper, NETGEAR, and Cisco. The devices from the aforementioned vendors reached the End of Life, and their support was expiring in our company, so we switched to Fortinet FortiGate to have visibility and manage all devices through a single vendor. 

I would rate the initial setup a nine out of ten. Due to some network complexities, we had to schedule the downtime of our organization's business, so the initial deployment of Fortinet FortiGate took more time than anticipated. But the setup process was seamless and our company didn't face any abrupt down time. 

At our company, first, we prepared a deployment plan and then divided the services into varying areas based on which the deployment was performed in phases. Only two professionals, a system engineer, and an infrastructure manager, are required to deploy Fortinet FortiGate.

Another two individuals are needed to maintain the solution with the same aforementioned professional job designations. In our company, we didn't face any issues while integrating Fortinet FortiGate with our existing infrastructure and even with other tools.

A third-party team deployed the solution for our organization. 

In our company, we haven't realized an ROI yet, as the solution was implemented just a year ago. There are some devices that I need in addition to other area devices of my company, we are in process of renewing all old devices with newer versions.

In the next few months, our company will be able to obtain the actual capex purchase with at least ten switches. Fortinet FortiGate is worth the money, offers multiple solutions under one roof. 

I would rate the pricing a five out of ten. Our company onboarded the solution through a traditional capex purchase of the standard license with three years of customer support. 

Our company has been using Fortinet FortiGate since 2009 at the firewall level, due to familiarity with the RTO and FortiGate environment, complete adoption of Fortinet FortiGate was an easier choice than other solutions for a single clear management. 

Fortinet FortiGate also had all the features that our company was expecting, and in terms of ease of management, opting for the same vendor from firewall to edge device was a comfortable option. 

Previously, in our organization, we didn't have a network monitoring tool. With the adoption of Fortinet FortiGate, we can now check the port level of the switches that can be witnessed at the EP end, where all devices remain connected to the network. The management and monitoring are the major benefits of Fortinet FortiGate. 

I would advise others to consider adopting the solution without hesitation. I read the latest Gartner Magic Quadrant report, and it mentioned that, based on its track record, Fortinet can compete with the best in terms of network and security solutions.

For the last five years I believe Fortinet has dominated the market. I recently attended a Fortinet event where I met all the local and regional support team; I learned that the vendor is continually expanding, and in our region, we can easily avail support and guidance regarding Fortinet solutions whenever required. 

The monitoring subscription that is provided with the Fortinet FortiGate has built-in AI features for the past three years. I believe Fortinet is in the sixth generation of their AI and ML utilizing the native infrastructure. Thus, the AI features have been available for a long time in Fortinet FortiGate, but they are promoting it now due to the market trends. I would overall rate the solution an eight out of ten. 

On-premises

I use Fortinet FortiGate's data center solution, and I use the AI and ML-enhanced FortiGuard services within FortiGate.

The best features of Fortinet FortiGate are the integration of SD-WAN capabilities with Fortinet Unified SASE. I utilize Fortinet FortiGate's data center solution, and I use the AI and ML-enhanced FortiGuard services within FortiGate.

The ease of use related to Fortinet FortiGate and FortiNAC is a bit complex when implementing and supporting cases related to a FortiGate firewall. The software contains bugs, particularly in SSL VPN from all the firmware starting from version 7.6.3; the SSL VPN is not found in this version. If customers update the firewall firmware to 7.6.3, they might experience issues with the SSL VPN. In FortiNAC, there are issues with the passive agent on an endpoint. I currently conduct lab tests in my company to apply the FortiNAC agent on my endpoint, but I encounter issues with this application.

I have been using Fortinet FortiGate for three years and FortiNAC for one year.

I do not have information about the license costs for Fortinet FortiGate.

I have experience with Fortinet FortiGate and FortiNAC. I need to apply some labs in my company to finalize the project, so I can identify the disadvantage points to share. The interface of Fortinet FortiGate is simplified and easy to use. 

On a scale of 1-10, I rate this solution a 7.

Fortinet FortiGate is used just to manage our network because our network is managed by another company. I work in a small to medium-sized industry.

Fortinet FortiGate is used to prevent security failures. Since implementing the solution, we have seen improvements in security and in the distribution of our network.

In my opinion, Fortinet FortiGate could be improved by making the appliance smaller than what we have here, as it is pretty big.

We have been using Fortinet FortiGate for three or four years.

Fortinet FortiGate is better for large enterprise networking compared to MikroTik because we have about 100 people using our network, and we have had few problems compared to the time we were using MikroTik, which didn't work for us as well as the Fortinet FortiGate 200D does.

We never have any issue or problem that hasn't been solved in two or three hours. The quick resolution of issues with Fortinet FortiGate is due to the support of the company and the fact that the equipment is easy to work with. Fortinet FortiGate does not require a lot of maintenance.

Positive

We have been using Fortinet FortiGate for three or four years, and before that, we used MikroTik. We switched to Fortinet FortiGate because the company that provides service for us started to work with Fortinet FortiGate as a partner, and they showed it to us. We liked it, and we started to use the Fortinet FortiGate solution.

The initial setup for Fortinet FortiGate was pretty easy, and they completed it in one hour and a half.

Two people worked to support us on Fortinet FortiGate. One of their job roles was manager, and I don't know the other role.

My advice for people thinking about using Fortinet FortiGate is that you have to try to understand your necessities first. Make a comparison with other players in the market and have a good company to manage the equipment if you don't have the competence to do it yourself, preferably a third company that does this for you. 

I would rate Fortinet FortiGate an eight out of ten.

We use different solutions from FortiGate, focusing primarily on their firewalls within our department. However, due to a reorganization, the operational maintenance of FortiGate is now managed by someone else.

The most helpful features of FortiGate include its firewall policy, specifically the user-based policy, which I find to be quite beneficial in managing our network security effectively. FortiGate has also provided reliable protection against many attacks, although it lacks the ability to detect specific attacks like SQL injection, which usually requires a web application firewall.

The main area needing improvement is the user-friendliness of FortiGate's integration with other Fortinet tools like FortiAuthenticator and VPN services. Configuring these services is quite complex and not very user-friendly, requiring technical steps that are difficult for normal users to understand. Fortinet support's resolution of issues is slow, and the research on making the solution user-friendly needs to progress further.

I have worked with FortiGate for more than eight or nine years.

We have not faced any stability issues with FortiGate since we specified sizable RAM and CPU, and our size was adequate for our traffic.

Fortinet provides a prompt response. However, the resolution process is slow. While their response time is quick, their ability to resolve issues takes a long time.

Neutral

We have previously used a solution called Cyberoam, which has been replaced with a new brand. There are also managed firewalls offered as a cloud solution that we have not considered yet.

In terms of cost-effectiveness, Fortinet tools like FortiGate are costly for us as a higher education institute in India. Our expenditure is focused on minimal levels, however, FortiGate's pricing is positioned for corporate levels, which can be inflexible.

We are considering replacing Fortinet with a different solution, taking about a year to change configurations and rules.

Fortinet should consider developing a pricing scheme for the education segment since educational institutions in India operate on non-profit terms and under government regulations. They could potentially follow Kaspersky's example, which provided a more affordable pricing model for students and educational institutes. 

As a product, I would rate FortiGate around seven out of ten.

On-premises

It is just for firewalls and network security.

It's mostly compliance, like just meeting our security requirements to keep our data secure. We don't make money out of it. It just keeps our data safe.

I have FortiGate for SD-WAN and all access points here, which has helped with traffic shaping capabilities.

I also use AI (Rapid7) to improve my cybersecurity. 

It's easy to use and provides good visibility of network traffic.

The SD-WAN functionality is a bit overly complicated and not fully documented.

I have been using it for six years. 

The customer service and support are good. I can contact them online or over the phone.

Neutral

I have used Sophos XTM and Palo Alto.

FortiGate is more feature-rich and has a broader range of hardware. They offer switches, access points, firewalls, and the whole network stack, whereas a lot of others only do firewalls.

It's just a good value and the possibility of using those features. We haven't used FortiSwitches yet; we're investigating them at the moment, but we haven't ordered any yet.

The SD-WAN was certainly tricky and took a while to figure out, but the rest of the security features were straightforward.

The deployment took us six months. 

It's hard to measure the return on investment, but it certainly helps us manage our security requirements easier than other solutions that I've used.

It's good value for the money.

It was worth the money overall. It's good value.

Overall, I would rate the solution an eight out of ten. 

On-premises

I'm managing security rules, bandwidth for the internet, switches, and fifty access points. Everything, including the network in Afghanistan, is managed from there, and it's something critical for us.

FortiGate's ability to perform as expected and fulfil our needs has been the most compelling feature for network security. FortiGate has proven to be secure and effective in terms of threat intelligence, as it alerts us about external login attempts and suspicious scripts, contributing to our system's overall security.

FortiGate can improve its token system, as it requires a purchase before use. Additionally, the VPN system could be more efficient, especially regarding VLAN passing through, which is currently a limitation. Another suggestion for improvement would be better timezone coordination for customer support. Currently, there are issues with calls coming at inconvenient times due to timezone differences. Another area for enhancement could be the response time for support tickets, as there is a delay of at least twelve hours, even for urgent tickets, which can be frustrating.

I have been using Fortinet FortiGate for the past three years.

It is scalable as we expand our usage of FortiGate as our company grows. We're currently using one, but we plan to use two as our network expands.

I open a ticket and communicate with the engineers when I encounter issues. Although it may take some time, they always get back to me with a resolution. There are mainly due to these issues with time zone coordination and response time.

Neutral

The setup process for FortiGate depends on the complexity of your network. For simpler setups, a user-friendly interface is easy to use. However, for more advanced configurations, it may require expertise. Integration into the ecosystem is neither too easy nor too complex.

The maintenance process is relatively easy.

Regarding return on investment, I believe FortiGate is worth the money. It has helped us stay safe, and considering what we are paying for such a system and service aligns well with our expectations and financial goals.

The price of FortiGate is reasonable as I plan to buy new switches. The initial gadgets are already booted, and the pricing seems normal on the market. As for additional costs, I haven't subscribed to many extra features, so I'm only using what I need. Last year, I renewed the support for three years, which can sometimes be expensive but depends on the security benefits and how it helps us.

Overall, I would rate the solution an eight out of ten.

On-premises