Fortinet FortiGate Reviews

We have two deployments of Fortinet FortiGate at different sites. One is the SD-WAN, and the other is the next-generation firewall.

We secure our perimeter using Fortinet FortiGate. We are using it as a gateway device, and we have all the filters, such as the web filter, the intrusion detection and the anti-virus. We mainly use it to filter our traffic. Most importantly, it serves as our gateway device. That is how we are using it at the end of the day.

We wanted to see how Fortinet FortiGate SD-WAN can help us reach out to our branch, and that was the only reason for enabling it. It pretty much works for connectivity to the branch.

It is very user-friendly compared to other products. It integrates with many other technologies out there. It does not matter what technology you have deployed within your network, it can work with that.

We have not had an issue with the Fortinet FortiGate firewall. We recently renewed the licenses for the firewall and FortiNAC, and it has been working well. I have not had any incidents or instances since the last renewal.

Application control and the web filter are the best features of Fortinet FortiGate. 

Traffic control is available, and I have been using Fortinet FortiGate to allocate bandwidth also, so it helps me manage and allocate bandwidth to my applications. On that side, that has worked for me. Most importantly, it helps to filter unwanted traffic.

Its pricing can be better. I cannot think of anything else because it pretty much satisfies our requirements. I am comfortable with this product. 

The only issue that I have is with FortiNAC. The firewall is fine, but the FortiNAC interface is a little bit too jumbled or too complicated, not as straightforward as it is on the Fortinet FortiGate firewall and FortiAnalyzer. 

I have not faced any stability issues with Fortinet FortiGate. I would give it an eight out of ten for stability.

Fortinet FortiGate is scalable. I would rate it an eight out of ten for scalability.

I raise my tickets for Fortinet FortiGate, and they are handled well. The support is pretty good. I would rate the support an eight out of ten.

Positive

In this work environment, Fortinet FortiGate was the first one we had as our firewall. We had nothing before it.

I have previously worked with Check Point and Cyberoam. Those are the only two products that I can compare with Fortinet FortiGate.

From my experience, administration is a bit complicated on the Check Point side. Most of the concepts are similar, but configuring Fortinet FortiGate is a little bit easier for me compared to Check Point. Cyberoam was resource intensive, which I have not seen in Fortinet FortiGate.

The initial setup of Fortinet FortiGate was handled by a provider to implement it, but the knowledge transfer was pretty much straightforward. It took about two weeks to deploy Fortinet FortiGate.

We are not a business-oriented organization; our primary aim is to make sure that our assets are protected. We had some issues before having this firewall, and we have not had any incidents ever since we implemented Fortinet FortiGate.

When I look around at other products, such as Sophos, Fortinet FortiGate is 20% to 30% more expensive with our current cost.

The license renewal for Fortinet FortiGate has been a little bit costly. When we are paying, we renew both the warranty and licenses for Fortinet FortiGate. That is what makes the whole thing a bit costly.

We normally purchase and renew those licenses for FortiAnalyzer, FortiNAC, and Fortinet FortiGate firewall at the same time. When I look around, I would say Fortinet FortiGate is on the higher side.

The thing that I have not experienced with it is the web application firewall. I was trying to find out from the partner whether it is something that is licensed separately. When you look at the policies, it looks it is not active.

I would recommend using Fortinet FortiGate because of its usability. I would rate it a nine out of ten.

I'm using Fortinet FortiGate for consultancy, implementation, and troubleshooting after device implementation. We serve as both reseller and consultant, providing search support and consultancy support. I usually recommend Fortinet FortiGate for small and small-sized businesses.

I have experience with Fortinet FortiGate SD-WAN, as it is a method for routing traffic. We can assign profiles with specific conditions to create best practices or optimal experiences for customers. These profiles can manage traffic balance or link balancing. We can detect users or specific links for particular services, including load balancing.

Fortinet FortiGate provides superior protection compared to other firewalls, with high processing capabilities. In comparison to Sophos devices, Fortinet FortiGate offers enhanced protection through network protection, IPS, and application protection.

They could simplify their deployment process, especially when customers have existing devices. The configuration approach depends on whether customers need to start from scratch or can utilize existing backups and rules. 

I would seek to improve Fortinet FortiGate by exploring additional features, such as SASE solutions that we are currently studying and implementing. The configuration could be made easier, particularly during initial setup. We need to ensure comprehensive utilization of all device features and learn best practices from other cases.

I have been working with Fortinet FortiGate for approximately one year.

Fortinet FortiGate is overall stable. When compared with Sophos, particularly regarding remote access and SSL VPN, Fortinet FortiGate proves much easier to use. While Sophos presented port-related challenges in Egypt, Fortinet FortiGate operates more smoothly.

Fortinet FortiGate is scalable, with capacity depending on firewall sizing. We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published. We consider parameters such as VPN requirements, remote access needs, side-to-side VPN configuration, and overall traffic volume to determine device capacity.

We tend to handle support.

I have experience with Fortinet products and limited experience with Cisco.

I provide other firewalls, such as Sophos, and I have worked with endpoint protection solutions. I have experience with backup solutions such as Veeam, and endpoint security solutions including Kaspersky and ESET.

I have created many profiles for SD-WAN capabilities while integrating with Fortinet FortiGate. We assess customer needs and make recommendations accordingly. If customers aren't using SD-WAN, I suggest implementing it due to its effective load balancing capabilities and additional firewall features.

Regarding the evaluation of changes in return on investment after implementing the Fortinet solution for SD-WAN hybrid workforce, we work on a case-by-case basis. ROI is monitored by management, and we do not directly track ROI in the systems.

Fortinet FortiGate is among the best options in the market, though alternatives exist, including Sophos. Fortinet FortiGate demonstrates stronger performance and protection compared to Sophos, though its device and license costs are higher.

I'd rate the solution eight out of ten.

We use FortiGate for security. Some clients use the whole Fortinet solution, including FortiSwitch, FortiAP, and FortiExtender, but FortiGate is my bread and butter.

We have a hybrid deployment. A lot of it is onsite, and we have data center collocations. Some customers do collocations with us, but others request connectivity to Azure or another cloud services provider. Fortinet has plugins for Azure, AWS, or Google that make it easy to configure VPNs out of the data center or off-site. 

Typically, we stick with Azure because their support is better, but we do have a handful of customers that choose AWS. We have the solution deployed across Canada. One of our biggest customers is a retail company with many little stores under their umbrella. We cover everything from British Columbia to a couple of sites in Newfoundland. I estimate that we have around 1,200 users.

We need to allow a set of websites or block another set. FortiGate gives us the ability to do it based on URL domain. It's so much easier because you input the domain microsoft.com instead of adding the specific URL. Other firewalls can't do that the way FortiGate does. It helps us with compliance and security.

FortiGate's web and URL filtering are unlike any other firewall I've used. The functionality of URL filtering in those solutions is problematic because everything is encrypted, and firewalls can't break that encryption protocol. 

Fortinet has an SSL proxy, so the encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features.

My only complaint about FortiGate is a lack of QinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this on all Cisco routers, including the smaller models. However, QinQ isn't available on the biggest, most expensive Fortinet units. They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint.

I've been using Fortinet solutions for about four or five years now.

I think FortiGate is going to be around forever. If I don't see their stock price double in the next two years, I'm going to be surprised. I think it's a very underrated solution. 

Scaling up only requires adding a router. Once you have your network in place and a basic template, you buy another router and add it to the mix. It's incredibly easy to add and configure devices. 

I rate Fortinet support 10 out of 10. The support gets better as you get more certifications. I'm trying to get my certification to see how much better it can be. With an NSE 7 certification, you can contact Tier 3 support directly. I'm already getting my cases resolved in 24 to 48 hours using Tier 1 and 2 support.

We used Juniper firewalls in the past. The two solutions are similar in terms of features, but Fortinet blew it out of the water with regards to pricing and user-friendliness.

The main difference is CLI versus GUI. You have to know what you're doing on a Juniper because it's all command-line based, but Fortinet is 99 percent GUI-based. You log in to Fortinet and check off what you want to allow or block. 

Our biggest Fortinet solution was 500 plus retail sites. This customer chose the whole nine yards, including FortiGate, FortiSwitch, FortiAPs, and the FortiExtender, which is the LTE router. 

I made the templates for the configuration for our bottom tiers because they were the ones rolling them out. I made a standard template config and wrote notes specifying necessary changes for each site. 

The primary difficulty was trying to understand our customer's requirements and concerns because they were with an old provider. The provider had a lot of things on-site that weren't necessary. Deploying the Fortinet solution itself wasn't hard. 

Getting there was hard because we had to sit down with the customer and their tech team to determine what was needed because they had old Cisco routers. That took about three weeks and required a lot of on-site visits, but it wasn't hard to deploy the solution once we got an understanding of the requirements was not hard.

We trained the customers to manage and maintain the solution themselves. The only maintenance we do is emailing them monthly when we get notifications from Fortinet about router upgrades. You can configure it and then forget it. 

We are the integrator/consultant for the solution. We are the one in between the client and the internet service provider.

FortiGate firewalls pay for themselves. We bought our first FortiGate when they came out with the 50Fs and thought we would never see the return on investment. However, they paid for themselves because we rent them out, and customers loved them so much that we just retired our Juniper and Cisco solutions.

Fortinet's pricing is more straightforward than other solutions. If Fortinet doesn't stick out when you're searching for a solution, you are a glutton for punishment. You only need to know two things when purchasing a Fortinet solution: your total bandwidth and bandwidth at the site. You need to estimate the future bandwidth with other solutions if your customer plans to upgrade.

You have to consider whether you'll need to resell your licenses or wait until they expire and get new ones. You need to worry about out-of-pocket costs with other solutions, but you could pay for a higher-tier Fortinet license. You don't need to worry about it for 10 years and still be under budget.

Fortinet encourages people to buy their base product and then add what they need. That mentality goes a lot farther in the game because it affords people security. That's how they got into the market and became so competitive.

We evaluated Meraki, Dell's old SD-WAN, and Cisco's Viptela. Price and flexibility were the main factors. Viptela, Juniper, and others make it so hard to pick a solution. You have to be highly specific about what you want, including the amount of bandwidth and encryption level at every site. You have to pick a different router per site, depending on your functionality and requirements.

I rate FortiGate 10 out of 10. It's a tremendous little firewall. It takes care of all your security concerns.  When people say, "I need to make my organization more secure," the first thing that comes to mind is Fortinet. Everyone is talking about Cisco, Juniper, Palo Alto, and Check Point but overlooking Fortinet, which is a relatively new player in the game. 

Fortinet's next-generation firewall is more affordable and user-friendly. They also have an extensive knowledge base online. Good luck finding that community support on a Palo Alto, Cisco, or Juniper website without paying.

We are a managed services company, and we are also a partner with Fortinet and Cisco Meraki. The firmware that I just started using is 6.4.4. Most of the FortiGates that I sell are 60E and 60F. For some of our larger customers, I have got a handful of FortiGate 80, 100, and 200.

Fundamentally, its primary purpose is security at the edge of the network. I have got some clients who are starting to use the SD-WAN feature for a multi-location setup. I have got other clients who are using a lot of IPSec tunnels. I also have some clients who, with the increase in remote workers, are taking advantage of the FortiClient product that ties in. They are using that for remote VPN connections. 

We are a managed services provider, and I would say that it has improved the way our client's organization functions. I would also hope that it is seamless for them. They don't even know it. The biggest improvement for us is that it allows us to do more with a smaller staff.

One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent.

One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them.

FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works.

Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware.

The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack.

I have been using this solution since 2007.

If you have the firmware version 6.4.3 and are using FortiLink in VLAN, it has trouble with tunneling networks for a wireless network. It won't give it a route to the internet. I found it just last week. There was a version back in 6.2 where it required 12 characters for the password of a wireless network on Web 2.0 as opposed to the traditional eight characters. The problem came when you wanted to edit it. If you upgraded to that firmware from a previous version, it wouldn't let you save any changes without changing the password, making it a requirement. That was kind of problematic for a while, but for the most part, it has been pretty stable and responsive.

It is easy to scale as long as you start with the right firewall. Our clients are of different sizes. We have clients with the home office with two or three employees. One of the clients has about 26 locations in all four time zones and about 400 employees.

I haven't used their official tech support, which is actually a good thing. The reason I haven't used their official tech support is that they have a support mechanism in place. I have direct access to a local sales engineer, and when I have problems, I call him up on the cell phone. Based on that, they definitely support their partners 100%. They are definitely channel driven, and it shows.

I have deployed SonicWall, WatchGuard, Cisco ASA, Rockies, and Palo Alto. The biggest reason I went with Fortinet is that it felt like it has got Palo Alto type of functionality at a much more reasonable price point.

I spent seven years working at the state level education, and budgets were tough. We had SonicWall subscription services. I could replace them with the brand new FortiGate with a three-year subscription for the same cost. That really changed things. The single pane of management that they have was just the frosting on the cake.

It is pretty simple. For example, I just set up a new network with a 100E, and I have got four stackable switches. It will run a network with 23 access points. I set up all the VLANs, routing, rules, and other things. It won't take more than four hours of work. I am getting ready to box up and ship it out. It will be plug and play once it gets to the site.

Take the training. They've got free training that is available online, and there are different levels for technical training. It is crucial. If you sign up as a partner, which doesn't cost you anything, the training is free. If you want to go for the test and get certified, you got to pay for the test, but the actual training materials are available to every partner for free. I would say that definitely take advantage of those. When you have new employees as network engineers, make this training a part of the routine.

I would rate Fortinet FortiGate an eight out of ten. I have been using it for years, and I do try to evaluate it on a regular basis and continue to stick with them. I just don't have a lot of bad things to say about them. Aside from their product, I'm a also fan of their company and how they do business, which makes it easier to do business with them. I don't necessarily appreciate the business practices of some of their competitors. It is nice not to have to worry about that.

We utilize Fortinet FortiGate appliances at six branch offices, one data center, and one DLP site. Our network is driven by SD-WAN, and we employ FortiGate as our firewall, FortiEDR for endpoint protection, and FortiSwitch for alerting on all layers of the network.

For me, the best practice is to deploy on-premises for data centers. However, for small branch offices with over ten to twenty staff members, I can deploy the devices remotely. We can provision our cloud and push the configuration to those devices from the cloud.

The visibility that FortiGate provides into our devices is crucial for network segmentation. I want to see the output in a specific way. The traditional approach has shifted slightly, as I'm accustomed to Cisco networking equipment. Typically, we have a call feature, but I'm currently using all the call features for internal routing. However, with FortiGate, most security subnets are segmented and protected behind the firewall. This allows me to lock down or secure sensitive subnets, such as HR or departmental information. I can log in from there, and all other subnets for client users require centralized access. This means that all traffic must go through the firewall, enhancing security.

FortiGate enabled us to achieve compliance with governance requirements. The FortiGate, along with fabric security and checkpoints, essentially act as regulatory checkers, reviewing our security practices against industry best practices and guidelines. If they identify any discrepancies, they alert us, allowing us to develop and implement mitigation plans to address the issues. For instance, if our SSH configurations don't meet security standards, such as algorithm or cipher requirements, FortiGate will notify us, enabling us to take corrective action and regain compliance.

We utilize API calls for FortiGate, including those related to our PRTG monitoring system. Additionally, we employ HVAC calls and leverage another MDR solution from Arctic Wolf to trigger specific events on the FortGate. This API functionality enables us to generate API keys and seamlessly integrate with API features across various platforms.

Integrating FortiGate into our environment is straightforward. Our transition from Palo Alto to FortiGate was seamless, utilizing our existing policies and migration tools. FortiGate also provides provisioning capabilities for defining branch office configurations. As long as branch office devices can access the internet to communicate with Fortinet Cloud, we can remotely implement provisioning for these devices, offering greater convenience for small branch offices.

The built-in APIs streamline integrations with other vendors, reducing deployment time. They effortlessly generate API keys upon logging into the Fortinet network, facilitating the deployment of our PRTT monitor tools. These tools seamlessly integrate with each other, fostering rapid deployment. Most platforms, including Cisco Meraki, Palo Alto, and Check Point, now adhere to industry standards and support API calls.

FortiGate has been instrumental in mitigating the risk of cyberattacks that could potentially disrupt our production operations. I am particularly impressed with Fortinet's cloud-based FortiGuard service, which continuously updates our systems with the latest zero-day attack protection, significantly reducing the threat landscape within our industry. Given the energy industry's heightened vulnerability to cyberattacks, we have implemented measures to restrict access to our network based on geolocation IP addresses. This includes restricting access from countries such as Russia and China, further safeguarding our environment from potential threats. Additionally, FortiGuard's regularly updated list of malicious websites provides an invaluable layer of protection for our industry.

In the event of a production-disrupting attack, we can utilize FortiManager to remotely isolate and mitigate the threat by shutting down specific subnets or networks. We can easily navigate through the unpacked data, and upon detecting a suspicious event, we can initiate automation or SOAR processes to notify the Cloud Service Provider team with whom we have been collaborating. Additionally, we can establish traffic alerts. For instance, since not all users access the AD server simultaneously each month, if we observe such suspicious behavior, we can remotely shut down that network, thereby minimizing our risk exposure.

FortiGate provides us with actionable insights to guide our decision-making regarding the appropriate actions to take. We generate 20 gigabytes of log data daily, which we utilize to establish a baseline for network traffic on our servers and compare it to our generated report. This approach allows us to set a threshold for the read volume of 20 gigabytes of FortiGate data attempting to reach a server from an external source. If this threshold is exceeded, an alert is triggered, prompting us to take corrective action. The centralized monitoring of our environment provides significant value.

Security is not a single, isolated element. It encompasses the entire network infrastructure, including firewalls, routers, switches, endpoints, and even mobile devices. The Fortinet Security Fabric seamlessly integrates these components to provide comprehensive protection. It generates detailed logs, including those from access points linked to FortiSwitch. The FortiSwitch, fully integrated with the FortiGate Fabric, relays security alerts to the FortiViewer in the SOC. This centralized view provides complete visibility into the network, including SSIDs, wireless networks, subnets, and devices protected by FortiClient. The Fortinet Security Fabric tracks individual devices connected to the network, including compromised laptops. FortiClient triggers alerts and sends them to FortiCloud, which also receives logs from the EMS server and the firewall. These logs are consolidated in the FortiAnalyzer and forwarded to the cloud-based log server for analysis. This comprehensive approach to security ensures that all potential threats are identified and addressed promptly.

FortiGate has contributed to a reduction in our operational expenses. Prior to adopting Fortinet, we utilized Palo Alto for firewalls and Cisco for call switches. However, as we began using Fortinet, we gradually transitioned to their products. Currently, we employ FortiGate for our firewall, FortiSuite, and FortiAP Access Points, phasing them in one at a time. This approach has effectively minimized downtime and lightened our workload by enabling centralized management through a single pane of glass.

FortiGate has significantly reduced our time to remediation. We can now check logs from servers, firewalls, switches, access points, clouds, and even devices from different brands, all from a single centralized location. This has greatly reduced the time required for threat hunting and security event investigation.

Fortinet has been instrumental in enhancing our cybersecurity approach to safeguard our industrial machinery. We rely on some heavy equipment that is critical to our industry's operations. To protect this equipment, we have isolated it on a single subnet and implemented strict access controls, allowing only authorized users and MAC addresses to access the network. This ensures that only internal staff can operate the equipment unless authorized maintenance personnel are present. The high level of security we have implemented is essential because our industry's operations are closely tied to the core applications of our industry. We are committed to safeguarding our equipment and preventing any potential risks.

I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager. Additionally, its integration with FortiAnalyzer, which can be deployed in the cloud, enables centralized monitoring of all firewall logs.

Fortinet needs to overhaul its documentation. Our current reliance on outdated documentation has resulted in significant time wastage. While we can locate the necessary documentation, the constant daily revisions necessitate meticulous identification of the relevant documents to prevent the use of outdated information that could jeopardize our environment. At the very least, Fortinet should classify its documentation to clearly indicate the applicable version, as our attempts to do so manually are becoming increasingly tedious.

I have been using Fortinet FortiGate for over three years.

Fortinet FortiGate is stable. I have not encountered any performance issues.

Fortinet FortiGate is scalable. 

The speed of Fortinet's technical support is significantly faster compared to Palo Alto. I recall an instance where I experienced an issue with Palo Alto, and it took an hour to connect with a real technician from Palo Alto. However, when I call Fortinet, it takes a maximum of two minutes to get a knowledgeable individual to address my concerns. Considering the stark contrast in service levels, imagine having a network issue with Palo Alto and having to wait an hour for support. Conversely, with Fortinet, we can receive proper assistance within two minutes. The difference is immense. This is the one aspect I find lacking in Palo Alto.

The reason I don't give Fortinet's support a perfect score is that I've worked in this field for many years and have come to expect a certain level of expertise. Even when we call Palo Alto, Cisco, Check Point, or any other support service, our experience can vary depending on who we get on the phone. If we're lucky, we'll get a highly experienced expert who can quickly resolve our issue. However, we may also get someone who is new to the team or to their role, and they may take a long time to understand our problem. While Fortinet's support is generally excellent, I have had a couple of experiences where I felt like the person on the other end was inexperienced and asked me irrelevant questions. Despite these occasional issues, I am still very satisfied with Fortinet's support overall, but I wouldn't give it a perfect score.

Positive

We previously used Palo Alto for five years and switched to Fortinet FortiGate. Palo Alto is expensive.

The initial deployment is simple. We need to determine which interface is the WAN interface and which is the internal interface.

With Fortinet, we should prioritize a centralized approach to ensure synchronization and consistency across the network. This centralized management strategy will streamline the implementation of SD-WAN, as it allows for the deployment of standardized templates and traffic configurations. Centralized management also simplifies future modifications, as minor changes can be pushed down without requiring complete redesigns. Conversely, deploying SD-WAN without prior centralized management can lead to complexities and potential disruptions. For instance, if WAN interfaces are configured independently of SD-WAN, integrating SD-WAN later will necessitate removing and reconfiguring existing data, policies, firewall policies, and rules. This process can be time-consuming and error-prone.

For medium and enterprise organizations, FortiGate is more affordable. We can choose from a variety of bundles to find the right license for our needs. The software is reliable and easy to install, and it will run smoothly on our systems. FortiGate is priced lower than Palo Alto.

I would rate Fortinet FortiGate nine out of ten.

I compared SD-WAN solutions offered by companies like Cisco Meraki, and Palo Alto. I'm impressed with SD-WAN solutions in general, but I recommend considering purchasing Fortinet's SD-WAN solution, as it could lead to significant cost savings. However, proper planning and design are crucial before deployment to avoid incurring additional expenses due to rework. That's my suggestion.

It does a lot for you for intrusion protection and as an antivirus. The threat management bundle is worth the money. You don't need another company to monitor your web traffic for you. You can do everything yourself on the firewall. You restrict your own black list for people on the firewall. You don't need to pay some other company for another product to do that for you. The firewall can do that for you. So, it's an easy-to-use product for people to be independent. They don't need to rely on other vendors to do what the firewall can do. They can do everything.

The GUI is good. I'm really happy with the ease of use of the firewall. Fortinet's support is also great.  

I don't really have anything negative to say as far as Fortinet firewalls are concerned. If anything, they can support a user a little bit better. They can stop being so time-sensitive about how much time the support call has taken, and they can help you do it yourself.

I've had different models of Fortinet since 2009. They all are physical appliances. I had 300As, and now I'm on 300Ds. I've got a remote site with a different model, which probably is 60F. They are great little firewalls, and for bigger size places, they have 300 models.

I don't have virtual appliances. I don't have a virtual infrastructure. I have an older virtual environment with Hyper-V, and the servers are not up-to-date. It was a money thing. So, it was better to go with the appliance itself.

I'm happy with what they got. It is a great product. Sometimes, you're going to get a lemon—the way it initially happened with FortiAuthenticator 300F—but that doesn't happen very often.

If there is a problem, the next business day, they send it and get the replacement, and they help me configure it.

In terms of its users, everybody uses the firewall because they're going out. That's our egress point. So, there are about 20 users for that. We have a dozen IPsec tunnels with which we connect to different companies. So, security is a big part of it. I also have a remote location with about 10 users who use a different firewall.

We probably won't be increasing its usage. Now that I got Authenticator, it nicely compliments the Fortinet firewall. The size of the company isn't going to grow any more than what it is. So, we're good.

Their support is great, but it also depends on who you get for support. From the support perspective, they can help you do it yourself, which is always more beneficial to both parties. They can stop being so time-sensitive about the call duration and let a user help himself a little bit more.

It takes time to study this stuff, and I don't always have time to do it. So, I'm looking for a quick answer because I get interrupted all the time during work. I don't always have the time to study something and figure it out. So, I have to call them, but I don't always get somebody who really knows what they are doing. They don't know deep enough to help you. They're troubleshooting with you, and that's the difference between Level 1 and Level 2 support.

When I first got here in this job in 2007, they had Cisco ASA Firewall, but it was too cryptic. You had to enter all these CLI commands for a configuration. It also didn't do everything that Fortinet could do. It was very limited, and it wasn't easy to use. I know what I want to do, and I don't have to learn a special language in order to do it. I just want to be able to use some basic programming code that they have put into the firewall and use the GUI interface with it to actually visualize what I am looking at. Some of the Cisco products are not visual enough. That was one of the reasons I stayed away from it. Cisco is also very high-priced. They price themselves out of business a lot of times for equipment, but Fortinet is just great.

I've also used SonicWall before. It was okay, but it is better for bigger places. I was looking for a midrange-size firewall for a couple of hundred users, and I felt Fortinet was the right fit.

Its deployment and maintenance are easy. 

I pretty much used the support from Fortinet to do it. They're good about their support. I did it myself by being a nuisance to Fortinet. I kept calling them to ask questions. They had to remote on to it and see you do something you don't know how to do.

It was probably about $2,500 per firewall. It was all included. It included support, services, threat management software, and 24/7 FortiCare on it. Cisco products are more expensive.

Fortinet has got great firewalls. They do everything. They do FortiTokens for two-factor. They do the IPsec VPNs, SSL VPNs. They have a great GUI for you to know, but you still got to know the CLI commands. 

I would rate it a 10 out of 10. It does its job, and it is easy to use. The support is great.

In most cases, we use the solution as a firewall to access the internet. For example, we use Cisco Wireless for our clients to have access to the network and we use within the same solution the FortiGate Firewall for them to access the internet as well.

The solution offers very easy usability. 

The product can scale well.

The solution is extremely reliable.

The pricing and licensing models are pretty good. 

The user interface, both the web and CLI versions, are very good.

The solution overall is quite good. It works how we need it to. I can't recall seeing any features that are lacking.

We haven't had any breaches in our organization, however, I have read in journals that there have been some issues.

There may have been some bugs after an update, however, that has since been resolved. We saw a few bugs in the web field and when we ran an update it was resolved in the new version. 

Some resources must be accessed via web fields. We were not able to access them at first. However, it was a simple task to fix it and that has since been resolved.

The pricing could be a bit better, especially when you consider how they have the most basic offering priced.

I've been using the solution since I started at my current company. I began my employment here about a year ago or so.

The solution is quite stable. It doesn't give us issues. There are no bugs or glitches. It doesn't crash on us. It doesn't freeze. It's reliable. Fortinet has created a really reliable solution.

We've found the scalability of the solution to be very good. If a company needs to expand on this solution, it can do so with ease.

We have between 2,000 and 3,000 users on the solution currently.

We do plan to continue to use the solution going forward. We have no plans to change anything.

I've never contacted technical support. Having never dealt with them, I can't speak to their responsiveness or knowledgeability. I don't know enough about them from any kind of personal experience.

I also use Cisco wireless solutions. Our company uses both simultaneously.

While I did not participate in the main part of the installation, I've discovered from deploying small FortiGates such as FortWiFi 60E, that it's good. It's not too complex of a process. It's pretty straightforward. It's easy.

We've found the pricing to be fair and the licensing model is quite good. It's a reasonable cost. It's not too expensive.

That said, I do feel they could work on the pricing policy a bit.

Right now a license to use some of the simpler features like web filtering or antivirus, you have to pay about 80% of the hardware price to have a license for a year. That's a bit too much for such basic features.

We use a variety of Fortinet products. We are using mostly FortiGate 200E and we have some of FortiGate 100E and the FortiWiFi 60E.

We are not using the latest version of the solution at this time. We have version 6.0 and it completely meets our requirements. When we will have to update it we will do so. However, that is not so necessary right now. We will not update it until we need to.

I'd recommend the solution to other organizations. It's been a positive experience overall.

I would rate the solution at a nine out of ten.

We don't have any issues regarding security, and our web server is running fine with protection from all threats.

The best features of Fortinet FortiGate are that it does the job effectively and protects our environment. It has a VPN and can create a virtual IP for a web server and functions as a standard firewall.

We faced difficulties with the configuration because there are many features we could optimize using Fortinet FortiGate, but our reseller didn't have a good understanding of it. So, we just use it on a basic level, not with the best practice for using FortiGate.

We have been using Fortinet FortiGate for around five years.

Overall, I find Fortinet FortiGate to be very stable. Fortinet FortiGate demonstrates consistent stability.

In my case, the 101F is not scalable. I faced problems with scalability related to memory. When we hit 100% memory usage, it stops the internet connection, so we need to control the traffic. We cannot increase the memory.

We have about 350 users and only one admin.

My experience with Fortinet's technical support is good and helpful. The response time and overall competence meet our expectations. I would rate their support a seven out of ten.

Neutral

We used Juniper before Fortinet FortiGate. We switched because it was an old one and reached the end of support. We had to change.

We were supported by a third party and the reseller. During deployment, it was not a good experience because of the reseller. We had challenges with the optimized configuration. 

The deployment took around three months.

The reseller helped us with the implementation. It has been a long time since the implementation, so I don't remember the name of the company that helped us.

Our IT has six people for deployment, and we used two staff members.

We have seen a return on investment with Fortinet FortiGate. The ROI calculation is based on potential loss prevention rather than traditional ROI metrics.

Its pricing is good. The advantages of Fortinet FortiGate over its competitors include good pricing and meeting our requirements at a lower cost. Palo Alto's features are superior, but too expensive.

I compared other brands, such as Palo Alto and Sophos, and chose Fortinet FortiGate. Palo Alto is the best, but it is significantly more expensive. Palo Alto has better capabilities than Fortinet FortiGate. Their protection is much more secure, and they excel in detecting intrusion and reading information. 

I would rate Fortinet FortiGate an eight out of ten.