Fortinet FortiGate Reviews

A use case for Fortinet FortiGate includes connecting nine to ten different sites to the main Fortinet FortiGate firewall and diversifying the traffic with two-way traffic. It functions as a load balancer to balance loads between different sites.

The main benefits of Fortinet FortiGate, especially in India, are its economic value, scalability, and different sizing options. When compared to Cisco or Juniper, upgrading to a higher class involves a substantial cost increase, whereas with Fortinet FortiGate, the next class is only marginally higher.

The best feature of Fortinet FortiGate is SD-WAN. It ensures continuous connectivity by taking over during link failures, preventing any downtime for the company. One of my clients faced many problems with the primary internet provider and requested multi-path functionality. We implemented the SD-WAN facility and added another three-link WAN link, converting the normal port into SD-WAN and assigning weightage. When there is no response from the primary connection after a certain number of milliseconds, it switches to the secondary and then to the tertiary connection. The impact on network performance with the SD-WAN is very good, provided it is sized properly based on throughput. It is necessary to calculate how much data is transferring daily or per minute, then size the firewall accordingly and select a particular model.

The Fortinet FortiGate solution offers ease of use, not requiring highly skilled workers. General users with two or three experienced team members can read the manual and implement the needed configurations.

Hardware-assisted DDoS protection in Fortinet FortiGate is very easy to implement with single-click options, though care must be taken not to burden bandwidth. Certain ACL units should be used, applying rules only to interesting or exposed traffic.

Some features in Fortinet FortiGate need improvement as we discover when calling support that certain actions must be done from the command line. Not all features are available in the web UI. Features such as enabling multiple MPLS circuits can only be accomplished through the command line, so these need to be made available in the web UI.

Fortinet needs to improve customer support and documentation.

I have been working with Fortinet FortiGate for more than 15 years.

Fortinet FortiGate is very stable, but the person procuring the firewall needs to ensure it is sized properly. If the sizing is not proper, it will create many problems.

The scalability of Fortinet FortiGate is very good. It has improved significantly compared to five years ago when it was not as scalable.

When we encounter struggles, they perform actions from the backend, taking control and resolving issues. This becomes a black box for us because we do not know what actions they took.

Neutral

The initial setup of Fortinet FortiGate is straightforward and easy. HA is the deployment model we always recommend.

While we have not calculated it specifically, we found the ROI to be good, approximately 97% to 98%.

I utilize the Fortinet FortiGate hardware and have never tried the VM version, working only with normal VPN configuration, user configuration, normal routing, and multiple WAN links. While we are using the dynamic segmentation feature, we have not tested it thoroughly enough to analyze its benefits.

People generally go with the recommendations of high-level architects. For core networks, they typically suggest Cisco or Juniper. In India, the market follows whatever the chief architect suggests without quantifying whether it is worth it.

My advice for others considering Fortinet FortiGate implementation is to focus on its ease of use. 

Based on my experience, I would rate this solution an eight out of ten.

We have two deployments of Fortinet FortiGate at different sites. One is the SD-WAN, and the other is the next-generation firewall.

We secure our perimeter using Fortinet FortiGate. We are using it as a gateway device, and we have all the filters, such as the web filter, the intrusion detection and the anti-virus. We mainly use it to filter our traffic. Most importantly, it serves as our gateway device. That is how we are using it at the end of the day.

We wanted to see how Fortinet FortiGate SD-WAN can help us reach out to our branch, and that was the only reason for enabling it. It pretty much works for connectivity to the branch.

It is very user-friendly compared to other products. It integrates with many other technologies out there. It does not matter what technology you have deployed within your network, it can work with that.

We have not had an issue with the Fortinet FortiGate firewall. We recently renewed the licenses for the firewall and FortiNAC, and it has been working well. I have not had any incidents or instances since the last renewal.

Application control and the web filter are the best features of Fortinet FortiGate. 

Traffic control is available, and I have been using Fortinet FortiGate to allocate bandwidth also, so it helps me manage and allocate bandwidth to my applications. On that side, that has worked for me. Most importantly, it helps to filter unwanted traffic.

Its pricing can be better. I cannot think of anything else because it pretty much satisfies our requirements. I am comfortable with this product. 

The only issue that I have is with FortiNAC. The firewall is fine, but the FortiNAC interface is a little bit too jumbled or too complicated, not as straightforward as it is on the Fortinet FortiGate firewall and FortiAnalyzer. 

I have not faced any stability issues with Fortinet FortiGate. I would give it an eight out of ten for stability.

Fortinet FortiGate is scalable. I would rate it an eight out of ten for scalability.

I raise my tickets for Fortinet FortiGate, and they are handled well. The support is pretty good. I would rate the support an eight out of ten.

Positive

In this work environment, Fortinet FortiGate was the first one we had as our firewall. We had nothing before it.

I have previously worked with Check Point and Cyberoam. Those are the only two products that I can compare with Fortinet FortiGate.

From my experience, administration is a bit complicated on the Check Point side. Most of the concepts are similar, but configuring Fortinet FortiGate is a little bit easier for me compared to Check Point. Cyberoam was resource intensive, which I have not seen in Fortinet FortiGate.

The initial setup of Fortinet FortiGate was handled by a provider to implement it, but the knowledge transfer was pretty much straightforward. It took about two weeks to deploy Fortinet FortiGate.

We are not a business-oriented organization; our primary aim is to make sure that our assets are protected. We had some issues before having this firewall, and we have not had any incidents ever since we implemented Fortinet FortiGate.

When I look around at other products, such as Sophos, Fortinet FortiGate is 20% to 30% more expensive with our current cost.

The license renewal for Fortinet FortiGate has been a little bit costly. When we are paying, we renew both the warranty and licenses for Fortinet FortiGate. That is what makes the whole thing a bit costly.

We normally purchase and renew those licenses for FortiAnalyzer, FortiNAC, and Fortinet FortiGate firewall at the same time. When I look around, I would say Fortinet FortiGate is on the higher side.

The thing that I have not experienced with it is the web application firewall. I was trying to find out from the partner whether it is something that is licensed separately. When you look at the policies, it looks it is not active.

I would recommend using Fortinet FortiGate because of its usability. I would rate it a nine out of ten.

We use Fortinet FortiGate for SD-WAN as well as the switches for renewable plants and energy sector power plants.

All the features needed to protect the digital landscape are available. The enterprise-level support is excellent, and we receive quick assistance from Fortinet FortiGate.

With the SD-WAN network, the connectivity is seamless. The dependency on bandwidth and MPLS connectivity is expensive compared to SD-WAN. Currently, there is seamless connectivity between all plants and corporate offices. The implementation is straightforward and not complex to execute.

The SD-WAN connects all sites, as we have many regional offices in different locations. The Fortinet FortiGate devices are very useful and easy to configure, and we are benefiting from their features.

In the utilities and electrical generation sector, we use various models. In IT security, we have different models, and for sites, we use 40F, 460F, and various others. While my part is limited to India, Fortinet FortiGate is used worldwide across our group.

There should be some open-source training or free training for decision makers, or some webinars should be available. These would help understand the new product line and the existing product line features. 

Additionally, it would be helpful to have comparisons between competitors such as Cisco, Juniper, and others with Fortinet FortiGate.

I have been using the solution for three years.

The system is very stable.

The system is very easy to scale.

We receive quick support from Fortinet FortiGate. When we raise a ticket, we get support via email reply promptly. The experience has been perfect, and we are satisfied with it.

The initial setup is easy. I'd rate it nine out of ten.

This is handled by my team. I am in leadership and do not handle the technical aspects directly.

While we haven't calculated specific ROI numbers, most devices are very stable and seamless. We don't typically consider money since this is an infrastructure requirement. Fortinet FortiGate support is available, annual maintenance contracts are in place, and the devices haven't failed in three years. The product quality is good, eliminating the need to reinvest in the same devices or setup.

Fortinet FortiGate has an excellent portfolio including firewalls, switches, and access points. I would recommend it to anyone. We are using FortiSwitches as part of our implementation.

I rate Fortinet FortiGate a nine out of ten.

Most of our clients are SMB. We have several support contracts, and as a way to standardize all the products and processes, we ask our clients to switch to Fortinet FortiGate as a firewall, and that's how we standardize our process. Most of our clients we support with a support contract have Fortinet FortiGate as a firewall on-premises.

It's easy to manage. The GUI is very simple, and what is very good is that every product, regardless of size, has the same interface. Most features are in every single product irrespective of the size. 

Their support's response time can be better. In the past six months, they took quite a long time to respond to the support tickets. I don't know if they are overwhelmed with too much activity, but for the last six months, the support has not been very good. Previously, it was very good.

I have dealt with Fortinet FortiGate for four or five years.

I would say that Fortinet FortiGate is stable. We have several appliances installed, but we encountered some trouble with the smaller models on three occasions, which somehow limited the inbound traffic. We had to send one in for a Return Merchandise Authorization (RMA), and Fortinet sent us a new appliance, which resolved the issue. The only downside is that the replacement process takes about two to three weeks. That has been the only problem we've experienced with the smaller model.

The scalability of Fortinet FortiGate is mostly with the bigger appliances. It's not quite flexible once you buy one appliance; to scale up, you have to buy a new appliance, and there's no way to upgrade the appliance. The challenge is that you don't want to oversize the appliance because that is tied to the subscription. The price of the subscription is tied with the size of the appliance, so you have to size it very precisely, considering the future growth of the company.

Their technical support is pretty good. Over the last six months, there has been a delay in response, but previously, it was very good.

Positive

The initial setup for Fortinet FortiGate is pretty straightforward.

My experience with the pricing, setup cost, and licensing for Fortinet FortiGate is quite good. I don't have a public site, such as in Azure, where I can see the pricing. I always have to go through the distributor, and that could take some time to get the real price for each appliance. 

When our client has two internet connections, we do Fortinet FortiGate SD-WAN configuration, and it works very well. I can't determine if there is better performance using SD-WAN, but it's much more stable. We did have some trouble with certain types of traffic that doesn't work well with SD-WAN, and we had to implement rules to stick to one of the connections, but those are exceptions. The traffic is much more fluent, but mostly it makes the connection much more stable.

I would rate Fortinet FortiGate an eight out of ten.

I'm using Fortinet FortiGate for consultancy, implementation, and troubleshooting after device implementation. We serve as both reseller and consultant, providing search support and consultancy support. I usually recommend Fortinet FortiGate for small and small-sized businesses.

I have experience with Fortinet FortiGate SD-WAN, as it is a method for routing traffic. We can assign profiles with specific conditions to create best practices or optimal experiences for customers. These profiles can manage traffic balance or link balancing. We can detect users or specific links for particular services, including load balancing.

Fortinet FortiGate provides superior protection compared to other firewalls, with high processing capabilities. In comparison to Sophos devices, Fortinet FortiGate offers enhanced protection through network protection, IPS, and application protection.

They could simplify their deployment process, especially when customers have existing devices. The configuration approach depends on whether customers need to start from scratch or can utilize existing backups and rules. 

I would seek to improve Fortinet FortiGate by exploring additional features, such as SASE solutions that we are currently studying and implementing. The configuration could be made easier, particularly during initial setup. We need to ensure comprehensive utilization of all device features and learn best practices from other cases.

I have been working with Fortinet FortiGate for approximately one year.

Fortinet FortiGate is overall stable. When compared with Sophos, particularly regarding remote access and SSL VPN, Fortinet FortiGate proves much easier to use. While Sophos presented port-related challenges in Egypt, Fortinet FortiGate operates more smoothly.

Fortinet FortiGate is scalable, with capacity depending on firewall sizing. We determine sizing based on multiple factors: number of users, available links, traffic types, server count, services in use, and whether services will be published. We consider parameters such as VPN requirements, remote access needs, side-to-side VPN configuration, and overall traffic volume to determine device capacity.

We tend to handle support.

I have experience with Fortinet products and limited experience with Cisco.

I provide other firewalls, such as Sophos, and I have worked with endpoint protection solutions. I have experience with backup solutions such as Veeam, and endpoint security solutions including Kaspersky and ESET.

I have created many profiles for SD-WAN capabilities while integrating with Fortinet FortiGate. We assess customer needs and make recommendations accordingly. If customers aren't using SD-WAN, I suggest implementing it due to its effective load balancing capabilities and additional firewall features.

Regarding the evaluation of changes in return on investment after implementing the Fortinet solution for SD-WAN hybrid workforce, we work on a case-by-case basis. ROI is monitored by management, and we do not directly track ROI in the systems.

Fortinet FortiGate is among the best options in the market, though alternatives exist, including Sophos. Fortinet FortiGate demonstrates stronger performance and protection compared to Sophos, though its device and license costs are higher.

I'd rate the solution eight out of ten.

Fortinet FortiGate is among the best firewall solutions, having a significant market share in Egypt. Fortinet FortiGate has a very simple configuration, is easy to set up, and includes SD-WAN features at no additional cost. I recommend Fortinet FortiGate to act as an internet or perimeter firewall.

Features such as URL filtering, intrusion detection, and threat prevention make it suitable as a perimeter firewall. It also includes free SD-WAN features. It is recommended when any customer has more than one site, as it can act as an SD-WAN solution without any extra licenses, with SD-WAN being a built-in feature. It is a very easy solution.

From my experience, I see that the datasheets of the Fortinet FortiGate portfolio need to be more accurate because correct sizing is essential. The datasheets should provide clear information when deploying features. 

When comparing Fortinet to all other vendors, I believe most features are available in Fortinet. I'm not sure if the DNS security license is available in Fortinet; if not, it is important to add Fortinet DNS security and sandboxing licenses. I know Fortinet has a separate sandbox solution, but I am unsure about sandbox features in the firewall. In contrast, Palo Alto has a DNS security license, email security, and WildFire license that serves as a sandbox solution.

I have been working with Fortinet FortiGate for around eight years.

I find Fortinet FortiGate to be very stable.

The scalability of Fortinet FortiGate depends on the project. If the project meets accurate sizing, it can be scalable, but if the presales engineer does not accurately size it, Fortinet FortiGate can have limited resources to scale. It depends on the project.

I evaluate Fortinet's technical support as a seven out of ten. They aren't the best support, but when we need assistance with any features or field activities, we can utilize the internal support team of the vendor located in our country.

Neutral

I believe it is cost-effective. With Fortinet FortiGate, we can pay once for every renewal period, and there are no CAPEX expenses because Fortinet FortiGate is easy to configure, easy to manage, and familiar to most engineers. 

It is not the cheapest one, but its price is very competitive.

When comparing Fortinet FortiGate to Palo Alto or other firewalls I've worked with, Fortinet is more stable, easy to configure, easy to manage, and is competitive in price. 

Fortinet offers multiple product sizes suitable for various enterprises, including small, medium, and enterprise customers. Compared to Palo Alto, Fortinet offers a free SD-WAN feature while Palo Alto requires an SD-WAN license with more costs and several licenses. However, Palo Alto does offer more advanced features than Fortinet. A notable difference is that when the Fortinet FortiGate license expires, the box still works until the customer renews the license, while with Palo Alto, the box stops entirely and the customer must renew the license to continue functioning.

My experience in integrating SD-WAN capabilities with Fortinet FortiGate in the network shows that the integration is very simple and has a straightforward configuration.

The Fortinet SD-WAN solution consists of multiple products. To create or set up a full SD-WAN solution, it needs two products from Fortinet: FortiGate and FortiManager, which is a centralized management solution, and FortiAnalyzer, which is a log management solution. SD-WAN connects more than one site. It centralizes management and logs. Fortinet FortiGate with SD-WAN does not require any extra license, but to have the full SD-WAN solution, it is required to have FortiManager and FortiAnalyzer for several reasons. Fortinet products can be VM or hardware.

I have worked with the hardware-assisted DDoS protection in the Fortinet FortiGate, and I think it's good.

I recommend the Fortinet FortiGate when acting as a perimeter firewall, and some customers use it in the data center. I recommend another vendor in the data center, but our customers are very satisfied with Fortinet FortiGate when acting as a data center firewall.

I have limited experience with the AI and machine learning enhanced FortiGuard services, but I know that Fortinet is leading this trend. 

Fortinet FortiGate provides SD-WAN and SASE solutions to secure any type of user and any type of traffic. It has many features, including a secure web gateway and secure service edge, helping users access the internet and applications, whether inside or outside.

I would rate Fortinet FortiGate an eight out of ten.

We don't have any issues regarding security, and our web server is running fine with protection from all threats.

The best features of Fortinet FortiGate are that it does the job effectively and protects our environment. It has a VPN and can create a virtual IP for a web server and functions as a standard firewall.

We faced difficulties with the configuration because there are many features we could optimize using Fortinet FortiGate, but our reseller didn't have a good understanding of it. So, we just use it on a basic level, not with the best practice for using FortiGate.

We have been using Fortinet FortiGate for around five years.

Overall, I find Fortinet FortiGate to be very stable. Fortinet FortiGate demonstrates consistent stability.

In my case, the 101F is not scalable. I faced problems with scalability related to memory. When we hit 100% memory usage, it stops the internet connection, so we need to control the traffic. We cannot increase the memory.

We have about 350 users and only one admin.

My experience with Fortinet's technical support is good and helpful. The response time and overall competence meet our expectations. I would rate their support a seven out of ten.

Neutral

We used Juniper before Fortinet FortiGate. We switched because it was an old one and reached the end of support. We had to change.

We were supported by a third party and the reseller. During deployment, it was not a good experience because of the reseller. We had challenges with the optimized configuration. 

The deployment took around three months.

The reseller helped us with the implementation. It has been a long time since the implementation, so I don't remember the name of the company that helped us.

Our IT has six people for deployment, and we used two staff members.

We have seen a return on investment with Fortinet FortiGate. The ROI calculation is based on potential loss prevention rather than traditional ROI metrics.

Its pricing is good. The advantages of Fortinet FortiGate over its competitors include good pricing and meeting our requirements at a lower cost. Palo Alto's features are superior, but too expensive.

I compared other brands, such as Palo Alto and Sophos, and chose Fortinet FortiGate. Palo Alto is the best, but it is significantly more expensive. Palo Alto has better capabilities than Fortinet FortiGate. Their protection is much more secure, and they excel in detecting intrusion and reading information. 

I would rate Fortinet FortiGate an eight out of ten.

There is a tool called FSSO, which is a single sign-on user ID agent that works perfectly. You can configure anything on it, and it is better than Palo Alto's version.

The GUI is written in JavaScript, so when you move any object or policy to another one, it becomes easy to use. It is user-friendly and not complex for network configuration.

Run Script is the best tool to use in Fortinet FortiGate with multiple environments. You can perform multiple tasks at once with the script functionality. It is available through the GUI, whereas in Palo Alto, you need to run it in a separate tool, such as Python.

I prefer Palo Alto over Fortinet FortiGate. Its IPS engine is not better than the Palo Alto version. The monitoring tool needs improvement, and the syslog configuration needs enhancement.

The management plane and control plane are not separated as they are in the same hardware devices, whereas in Palo Alto, everything is separated. So, if the CPU and GPU usage gets higher in the data plane, the admin also becomes unreachable.

The web filter in Fortinet FortiGate is not very useful. While you can add web filters in security policies, it is difficult to understand and not flexible to use.

Fortinet FortiGate frequently experiences IPS engine problems. 

I have been working with it for four to five years.

In most cases, the IPS engine uses too many resources, which makes Fortinet FortiGate devices unstable. When clients encounter different issues, the IPS engine is usually the problem because it consumes excessive resources.

I have not worked directly with technical support, but I am familiar with the distributor, partner, and vendor. People who work with Fortinet provide adequate service.

Positive

I mostly migrate from Fortinet FortiGate, Check Point, and other solutions to Palo Alto. For migrations from various solutions to Fortinet FortiGate, it takes a few days, depending on the environment.

Fortinet FortiGate is cheaper than Palo Alto. It is about 20% cheaper. 

I prefer Palo Alto over Fortinet FortiGate. Fortinet FortiGate is not the best firewall, but it is acceptable. If you have a budget to buy a firewall and Palo Alto is too expensive, then Fortinet FortiGate can be usable. As an instructor in Palo Alto Networks who knows all the techniques, I naturally prefer Palo Alto.

For a small company or branch, I would choose Fortinet FortiGate because it is cheaper and the features are sufficient. However, for more critical environments, such as government institutions or banks, where privacy and security are paramount, I would opt for Palo Alto.

In a hamburger topology setup with the internet side and internal side, I prefer using Palo Alto Networks on the internet side and Fortinet FortiGate on the internal side. This creates a multi-vendor environment, avoiding dependency on a single vendor. The internet side requires more security, hence I would go for Palo Alto, whereas the internal side would benefit from Fortinet FortiGate's flexibility and ease of use.

I would rate Fortinet FortiGate an eight out of ten.