Fortinet FortiGate Reviews

Its user interface is good, and it is always working fine.

Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why.

In terms of additional features, I don't have any requirements. It is okay for me. I do lots of things, and I still don't know everything about FortiGate. If I need something, it might already be there in FortiGate. 

I have been using this solution for one and a half years.

It is very stable. We didn't have any problems in one and a half years.

We just have one firewall, and we are too small to have redundancy or something like that. In the future, we would like to have a second unit. We have lots of problems locally with the internet fiber. It is not very good, and ADSL is bad. So, first, we have to stabilize and upgrade our connection, and later, we will try to have redundancy, but it is not necessary at this time.

I never contacted them.

When I came here, Netgate was installed. My IT department and my IT subcontractor explained to me that FortiGate was better than the previous solution. We changed it one and a half years ago, and it has been working well.

It was an IT subcontractor who did the implementation. Our experience with them was very good.

It is too early for an ROI, but I have no problems with it. Everything is good.

I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost.

When we tried to find something better, our IT subcontractor recommended FortiGate or Stormshield. I tried to find a subcontractor at my location for both, but I could only find a subcontractor for FortiGate, so I chose FortiGate. I wanted to have a local subcontractor. There are some products for which we don't need local support, but for some of the products, such as a firewall, we prefer to have local support.

I would advise others to find a local contractor. That's because it is a product that can do a lot of things. If you don't know it well, you can make mistakes. Because I learned how to use it, I can now modify or update it. I can do some of the things in FortiGate, but when starting with it, it is better to have someone locally to guide you and do the initial setup.

It is a good and very useful product for me. It is very stable, which is the only thing that I want from a firewall. I would rate it a nine out of 10.

In most cases, we use the solution as a firewall to access the internet. For example, we use Cisco Wireless for our clients to have access to the network and we use within the same solution the FortiGate Firewall for them to access the internet as well.

The solution offers very easy usability. 

The product can scale well.

The solution is extremely reliable.

The pricing and licensing models are pretty good. 

The user interface, both the web and CLI versions, are very good.

The solution overall is quite good. It works how we need it to. I can't recall seeing any features that are lacking.

We haven't had any breaches in our organization, however, I have read in journals that there have been some issues.

There may have been some bugs after an update, however, that has since been resolved. We saw a few bugs in the web field and when we ran an update it was resolved in the new version. 

Some resources must be accessed via web fields. We were not able to access them at first. However, it was a simple task to fix it and that has since been resolved.

The pricing could be a bit better, especially when you consider how they have the most basic offering priced.

I've been using the solution since I started at my current company. I began my employment here about a year ago or so.

The solution is quite stable. It doesn't give us issues. There are no bugs or glitches. It doesn't crash on us. It doesn't freeze. It's reliable. Fortinet has created a really reliable solution.

We've found the scalability of the solution to be very good. If a company needs to expand on this solution, it can do so with ease.

We have between 2,000 and 3,000 users on the solution currently.

We do plan to continue to use the solution going forward. We have no plans to change anything.

I've never contacted technical support. Having never dealt with them, I can't speak to their responsiveness or knowledgeability. I don't know enough about them from any kind of personal experience.

I also use Cisco wireless solutions. Our company uses both simultaneously.

While I did not participate in the main part of the installation, I've discovered from deploying small FortiGates such as FortWiFi 60E, that it's good. It's not too complex of a process. It's pretty straightforward. It's easy.

We've found the pricing to be fair and the licensing model is quite good. It's a reasonable cost. It's not too expensive.

That said, I do feel they could work on the pricing policy a bit.

Right now a license to use some of the simpler features like web filtering or antivirus, you have to pay about 80% of the hardware price to have a license for a year. That's a bit too much for such basic features.

We use a variety of Fortinet products. We are using mostly FortiGate 200E and we have some of FortiGate 100E and the FortiWiFi 60E.

We are not using the latest version of the solution at this time. We have version 6.0 and it completely meets our requirements. When we will have to update it we will do so. However, that is not so necessary right now. We will not update it until we need to.

I'd recommend the solution to other organizations. It's been a positive experience overall.

I would rate the solution at a nine out of ten.

We are a managed services company, and we are also a partner with Fortinet and Cisco Meraki. The firmware that I just started using is 6.4.4. Most of the FortiGates that I sell are 60E and 60F. For some of our larger customers, I have got a handful of FortiGate 80, 100, and 200.

Fundamentally, its primary purpose is security at the edge of the network. I have got some clients who are starting to use the SD-WAN feature for a multi-location setup. I have got other clients who are using a lot of IPSec tunnels. I also have some clients who, with the increase in remote workers, are taking advantage of the FortiClient product that ties in. They are using that for remote VPN connections. 

We are a managed services provider, and I would say that it has improved the way our client's organization functions. I would also hope that it is seamless for them. They don't even know it. The biggest improvement for us is that it allows us to do more with a smaller staff.

One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent.

One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them.

FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works.

Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware.

The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack.

I have been using this solution since 2007.

If you have the firmware version 6.4.3 and are using FortiLink in VLAN, it has trouble with tunneling networks for a wireless network. It won't give it a route to the internet. I found it just last week. There was a version back in 6.2 where it required 12 characters for the password of a wireless network on Web 2.0 as opposed to the traditional eight characters. The problem came when you wanted to edit it. If you upgraded to that firmware from a previous version, it wouldn't let you save any changes without changing the password, making it a requirement. That was kind of problematic for a while, but for the most part, it has been pretty stable and responsive.

It is easy to scale as long as you start with the right firewall. Our clients are of different sizes. We have clients with the home office with two or three employees. One of the clients has about 26 locations in all four time zones and about 400 employees.

I haven't used their official tech support, which is actually a good thing. The reason I haven't used their official tech support is that they have a support mechanism in place. I have direct access to a local sales engineer, and when I have problems, I call him up on the cell phone. Based on that, they definitely support their partners 100%. They are definitely channel driven, and it shows.

I have deployed SonicWall, WatchGuard, Cisco ASA, Rockies, and Palo Alto. The biggest reason I went with Fortinet is that it felt like it has got Palo Alto type of functionality at a much more reasonable price point.

I spent seven years working at the state level education, and budgets were tough. We had SonicWall subscription services. I could replace them with the brand new FortiGate with a three-year subscription for the same cost. That really changed things. The single pane of management that they have was just the frosting on the cake.

It is pretty simple. For example, I just set up a new network with a 100E, and I have got four stackable switches. It will run a network with 23 access points. I set up all the VLANs, routing, rules, and other things. It won't take more than four hours of work. I am getting ready to box up and ship it out. It will be plug and play once it gets to the site.

Take the training. They've got free training that is available online, and there are different levels for technical training. It is crucial. If you sign up as a partner, which doesn't cost you anything, the training is free. If you want to go for the test and get certified, you got to pay for the test, but the actual training materials are available to every partner for free. I would say that definitely take advantage of those. When you have new employees as network engineers, make this training a part of the routine.

I would rate Fortinet FortiGate an eight out of ten. I have been using it for years, and I do try to evaluate it on a regular basis and continue to stick with them. I just don't have a lot of bad things to say about them. Aside from their product, I'm a also fan of their company and how they do business, which makes it easier to do business with them. I don't necessarily appreciate the business practices of some of their competitors. It is nice not to have to worry about that.

We primarily use the solution as a firewall.

We use the firewall to enforce our company ideologies and principles and policies. The solution has built-in features for web filtering that are great. It categorizes it nicely for you. 

The interface itself is nice to work with. It's a lot better than the initial interface that they used to have around version four. I used to work for FortiGate some time back, and the earlier interfaces were not as good as these latest ones. 

I like that once you open it up, you have a dashboard that can give you a holistic overview of what is happening. You can see, for example, how your resources are doing on your firewall or if you still have disc space for logs and so forth.

The solution gives you an immediate view of what's happening on the hardware itself. What we have done with FortiGate is we have put up a FortiAnalyzer, a FortiGate reporting hardware. We are using it in conjunction with FortiGate. 

The solution offers good reporting. We get our reports from there. We have the opportunity to get real-time reports. 

There are great templates, so you don't have to customize them if you don't want to. You do have the option to custom create some folders and some reports, however, with what is there, you don't really need to go through extra effort, as they already give you a lot of predefined views of reports and so forth.

We have access to quite a few features. The web filter and application control are primarily what we are using. Then we also have a VPN feature, which allows for our remote users to connect and get through the firewall. 

The commercial side of things can be improved a bit. They have such a good product, and when you disable some features, it has to be commercialized for you to enjoy those features. Therefore, you are actually buying half a product. You have hardware there, and yet, your features are not enabled. The primary things, such as the antivirus, web filter, DNS filter, application intrusion, file filter, and email filter come with the general license. There are other things that you want to also enjoy in this system and you can't. 

There are SD-WAN network monitoring, SD-WAN features, Industrial Databases, Internet of Things, Detection, etc., however, we do have not licenses for those features. We thought that if you bought a product, you should have all of the features it offers. Why should you need to make so many extra purchases to enable features? They should have one price for the entire offering. That's one of the drawbacks they could look at. 

Sometimes the firmware automatically updates itself. Then it corrupts the configuration and you have to roll back or you have to do amendments to the configurations. That, however, has happened only once with us. We have put in controls for automatic updates to stop them and now we do manual allowance or we allow the manual update.

Most of the features are good. They give you pricing and you get a VPN for about 10 users where you can test it. For us, we feel that we need to buy extra licenses due to COVID, as people are working from home. Under the current conditions, we are not getting the best out of the firewall. 

They could just maybe put better graphics or better reporting into the solution. I want to know who is the user and what is the exact website they're visiting. Something like that would help. They should do more like what the GFI is doing.

We've been using the solution for a bit over a year now.

6.4.2 is our current version. The latest is 6.4.3. It's available like I say, however, we have not installed it. We'll wait until around December, then we will then install that one. We like to wait to witness its stability. Once we know it is bug-free, then we allow it to run as the latest platform.

We have a cluster and we have configured it with high availability. What we have done is we have put one primary and one secondary in case it breaks or it gets damaged. We have a third one at our DR site as well, which works in conjunction with Plateau. We have employed the same rules and some stricter rules on the DR site, just to allow traffic between these machines.

We allow certain times for updates on the infrastructure we have at the DR. We are planning some more, however, we don't enjoy all the features yet. We want to bring in an SD-WAN. Maybe that can also help us with scaling our network at different angles and from the cloud or being from an LD device or so forth. We're still working on that.

We have a partner that we work with. We have support at another level and I'm the primary person that looks after the firewall. If I have an issue that is urgent and I don't have the time to do the knowledge base to actually turn it around, we usually engage our partner, which has engineers that have the knowledge necessary to deal with it and who are certified in FortiGate. 

We have what is called FortiCare. We have FortiCare support as well for firmware and general updates and all those other things. I normally do updates and so forth myself. It's very little intervention from outside technical support.

Having background knowledge, the initial implementation was not really complex for me. You just need to know your environment and what is needed as well as what is allowed. 

The business input was the only item outstanding as there were issues such as who needs to have social media access at what time and who needs to have full access. Those were business decisions, however, but from the technical side, it was fairly easy.

They have almost all the features embedded in the solution. It's just that some features are not available because you have to pay for it. There are lots of add-ons available, and you need to pay extra for them, so pricing can add up.

We are strictly a government entity. We are a customer.

The model that we are using is the 500E, which is for small and medium enterprises. We are not a big institution. We do not have the latest version. We like to wait about three months before we apply anything new to make sure the early releases aren't flawed. After three months, after we've got a good review, then we will say, "Okay, let's upgrade to that version."

Even though we feel that sometimes they create a new version to take care of a vulnerability or threat, we like to be safe and avoid bugs. The version that we are fitting currently is 6.4.2, which is fairly stable.

Apart from the fact that they should just include everything in their offering, everything else works fine for me. There's a whole lot of Fortinet products that work together, FortiSwitches, FortiAP's, etc. Overall, I would give it eight of ten. 

I'm primarily using the solution for security purposes, and also for managing the network for various companies. I am deploying it for uniting management statuses, in order to be able to manage everything inside and to control security policies. It can fight against attacks to the system or for email searches. It is basically a central management security appliance.

We find it's good for managing the network and offers good defense against attacks.

Technical support is great. It's really fast.

Overall the solution is pretty user-friendly. It has a good dashboard and is pretty easy to navigate.

The pricing is excellent. It's much less expensive than Cisco.

The only thing is sometimes you have to learn with CLI. For those not familiar with CLI it can be an issue. It would be ideal if we could avoid using CLI. If you make a mistake in the command line, it's harder to detect. It would be much better if they had a user-friendly GUI.

The initial setup is complex.

I've been using the solution for five years.

The solution is very stable. You don't have to worry about bugs or glitches. I tend to wait and not upgrade to the latest version right away to ensure this is the case.

The solution is scalable. If you need to expand it, you can. We have it at a variety of networks and sites with no problem.

We have 120 users that are connected to a minimum of 80 computers and a minimum of 15 servers, which is great. The solution is working and it is still stable even across all of these devices and servers. We have multiple networks inside as well, so we are not only on one network. We set them separately, which is why the initial setup for us was quite complex. We're through with that though.

The technical support is pretty good. they're pretty knowledgeable and responsive, especially when you get to the Level 3 techs.

We previously used CheckPoint. Unfortunately, they didn't have a very good service, especially in technical support, and therefore we decided to switch.

For our organization, the initial setup was not straightforward. It was pretty complex. That's due to the fact that we had many networks to set up and many sites to take into account.

We set up the solution ourselves, although we did work closely with Fortinet as part of their bundle package.

The licensing is paid on a yearly basis.

I evaluated Palo Alto. They didn't have the complete solution we wanted. Neither did Juniper, which we also looked at. We looked into possible having Cisco, however, Cisco is too expensive. 

When we looked at Cisco, we also evaluated Meraki, which is a part of Cisco. It did not have what we needed either. 

We are using the 200E in our environment. We had 200D before.

We're not using the latest version of the solution, which is 6.4. I like to wait on new versions to see if it is stable before deploying it. I like to take my time and avoid headaches where possible.

I would recommend the product to other organizations. It's got great bundle options which make it a very good choice - and it's much cheaper than Cisco.

My use case for Fortinet FortiGate involves different plans and consulting in the retail area, and I utilize it in various press scenarios. 

The configuration possibilities that Fortinet FortiGate provides are extensive, and the task configuration activity is fast and efficient for me. My group in the office has ten years of experience with Fortinet FortiGate, and we utilize AI services that help with problem-solving. EER represents a ten-year experience, and we have certified five people in Fortinet FortiGate.

I don't know how Fortinet FortiGate can be improved; I find it comfortable and appreciate it as it is.

I have used the Fortinet FortiGate solution for three years and a different firewall for more than ten years.

Stability is important, and I can be contacted via email for further details.

My experience with the SD WAN capabilities includes working with more than one company, including a small company and a big company with users ranging from twenty to nine hundred. The users can see the tracking.

I rate the support of Fortinet as internal departmental support, which helps me, although I have no other experience.

The pricing for Fortinet FortiGate is good; it's a competitive price.

I find Fortinet FortiGate preferable over Cisco for firewall solutions. Fortinet FortiGate works well for me, while Cisco does not work for me anymore.

I am the chief of the technical department and provide support. I rate Fortinet FortiGate a ten out of ten.

We used the solution for the client environment.

The solution is easy to use and checks the access control as a firewall. We did not face any challenges while integrating the solution into our infrastructure. Fortinet FortiGate SWG is easy to use.

Fortinet FortiGate SWG can't be used on its own, and you have to get FortiAnalyzer.

I have been using Fortinet FortiGate SWG for three years.

Fortinet FortiGate SWG is a very stable solution.

Fortinet FortiGate SWG is a scalable solution.

The solution's initial setup is simple once you get a hang of it. All the documentation is available to help with the setup.

Overall, I rate the solution a nine out of ten.

We use the solution for a large government customer. We helped them migrate from Check Point to Fortinet FortiGate. The customer had a lot of applications that are accessed by HTTPS. It was necessary to put some protection in place to prevent certain internet access. They have a reverse proxy published behind FortiGate. The reverse proxy balances the servers.

FortiGate uses IPS profiles for the reverse proxy. The operation system is Linux, and the server is Apache with HTTPS of medium, high, and critical severity. FortiGate is used to inspect the connections between the servers and the customers. It is used to protect the environment.

We use .NET services to block IPs. We use the tool’s features to prevent access to classified IP addresses. We use ISDB to prevent network access to malware, botnet, BitTorrent networks, and mining for cryptocurrencies.

We prevent access to certain classified addresses to stop attackers from understanding our environment. Attackers try to study the environment to explore its vulnerabilities and attack us. The solution protects the environment from internal and external threats.

Our customers have a specific application for two-way inspection. Two-way inspections are not possible in FortiGate. It is usually available in load-balancing solutions like F5. It would be a good improvement if the product provides two-way inspection features in the next release.

I have been using the solution for five years.

The support is good. We need to raise specific tickets for specific problems. If we have any issues, the team helps us solve them.

Positive

It is easy to deploy the solution. The configuration of the firewall is simple.

The protection of the customers’ networks is our return on investment. The integration with FortiAnalyzer allows us to see the traffic and perform troubleshooting. Creating a profile with IPS does not require many steps. The level of protection provided by the tool is better than other vendors.

Fortinet FortiGate is better compared to Check Point.

Overall, I rate the product a nine out of ten.