Fortinet FortiGate Reviews

We primarily sell FortiGate to clients. We have customers such as pharmaceutical companies and hospitals that require the security on offer. It is a great firewall. 

With many companies dealing with users now working from home, definitely a great feature is the SSL VPN. With that, a user can control everything from their own devices and get connected to the servers even if they are off-site.

The initial setup is easy. It's not overly difficult. 

The solution offers very good security. 

It's a good firewall. It's very easy to configure.

We require troubleshooting and those kinds of things. We have to worry about debugging. It would be ideal if they had some sort of GUI interface for troubleshooting and diagnostics. That would be much better. FortiGate has only CLI-based diagnostic capabilities. Sometimes it's become very difficult to do all this troubleshooting.

We've been handling security solutions lie FortiGate for ten to 15 years at this point. It's been a while. 

There are some bugs you have to deal with. There's some troubleshooting that needs to be done. 

The solution isn't scalable per se as it is hardware. However, you can always buy more hardware to expand it if you need to. 

Technical support is good. You get very good support from this product overall. We're quite satisfied with their level of service. 

The implementation process is not complex. It's an easy solution. It's not complex setting everything up.

We are resellers of security products. 

New users should be aware that this solution offers very good security. The different level of security we have in Fortinet, in general, is good. They can use various security products to help protect their organizations.

I'd rate the solution at a nine out of ten.

Our primary use case is mainly for firewalls. We tried FortiClient as well and FortiToken, but we mainly use it for the firewall.

The solution is deployed on-prem. We are using the latest version.

The most valuable feature is the interface, which is very user friendly. We are utilizing most of the features, like content filtering. The firewall is powerful.

The renewal price and the availability could be improved. We faced a lot of delivery issues because of the pandemic situation. We are a customer, but sometimes we have sister companies, so we deliver or order a few extra boxes. In these cases we are facing some delays, like three or four months. There are a massive delays in deliveries and they're saying that it's from the vendor itself. I don't know how long this will last or if it's just temporary.

We have been using this solution for six to seven years.

The solution is stable. The only issue is the renewal price, which is always higher compared to the purchase price.

We have two people for maintenance from network and security.

We have up to 100 users, and we are pretty satisfied. It's stable. We have never had to scale up because of the newest model. We go with C, E, then F, but at the same level, we never had to upgrade the hardware itself to a higher or a bigger model.

We raised a few tickets and issues, and they replied to us. It was pretty good. We have never faced any problems with getting our issues resolved.

It was straightforward. We didn't face any issues.

We implemented through a reseller and it took couple of days. There were some modifications and configurations that took more time, but the core configuration took a couple of days.

The renewal price is always higher compared to the purchase price.

Fortinet is one of our top products, our main products. They have 75% market share, so we cannot ignore the fact that they are in the market, but I need an alternate solution. I don't want to depend on only one vendor, so I think Sophos will be a good option for us.

I would rate this solution 8 out of 10.

We use Fortinet as a perimeter firewall. The solution is deployed on-premises.

The best feature is the ease of use. I think it's pretty much a well-rounded product. It has more features than we use, but a lot of products are like that. We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well.

The logging details need to be improved.

We have been working with Fortinet for about 18 months. We are running the current version.

The solution is very stable.

We haven't had a need to scale it, so it provides directly what we need it for.

There are approximately 2,800 users in my organization. The solution doesn't require a lot of staff for maintenance.

Technical support is very good. On a scale of one to five, I would give them a four.

We previously used Check Point. We switched because the devices became in the end of support and then we got pricing on the replacement models, and the pricing was a little bit ridiculous for what we needed so we looked into Fortinet. 

Fortinet said that they could migrate from Check Point for us or help build an easy migration from Check Point to Fortinet. It wasn't that easy at the end of the day, but it all got done. 

The switch was really down to pricing and the functionality that we required, so the decision was made to go with Fortinet because of that and ongoing maintenance costs.

It wasn't complex. It was time-consuming because there were so many rules that had to be set up. We were migrating away from Check Point and going to Fortinet. 

Deployment took six weeks.

Deployment was completed with a consultant.

The license is yearly. 

We pay for the top end. It's called 360. We get signatures for blacklist. We get signatures for a whole host of different bad actors that search the internet.

It covers the hardwares, software, and it covers the subscriptions to the signatures because the box uses three or four different types of signatures for interrogating inbound and outbound traffic.

I would rate this solution 8 out of 10. 

It does everything we need it to do. We're quite happy with it. It's very reliable. We haven't had any problems with it. We had a few teething problems that everybody has when you first use something new. Everything works, and the majority of time we don't even know it's there, which is the best power for an IT appliance that you can buy.

My advice is that if you haven't tried it, you should try it and see if you like it.

Its user interface is good, and it is always working fine.

Its filtering is sometimes too precise or strict. We sometimes have to bypass and authorize some of the sites, but they get blocked. We know that they are trusted sites, but they are blocked, and we don't know why.

In terms of additional features, I don't have any requirements. It is okay for me. I do lots of things, and I still don't know everything about FortiGate. If I need something, it might already be there in FortiGate. 

I have been using this solution for one and a half years.

It is very stable. We didn't have any problems in one and a half years.

We just have one firewall, and we are too small to have redundancy or something like that. In the future, we would like to have a second unit. We have lots of problems locally with the internet fiber. It is not very good, and ADSL is bad. So, first, we have to stabilize and upgrade our connection, and later, we will try to have redundancy, but it is not necessary at this time.

I never contacted them.

When I came here, Netgate was installed. My IT department and my IT subcontractor explained to me that FortiGate was better than the previous solution. We changed it one and a half years ago, and it has been working well.

It was an IT subcontractor who did the implementation. Our experience with them was very good.

It is too early for an ROI, but I have no problems with it. Everything is good.

I had to pay for the license for the firewall, but it is guaranteed to have updates. I expect a good service for it. It was about €1000 for a year, and there was no additional cost.

When we tried to find something better, our IT subcontractor recommended FortiGate or Stormshield. I tried to find a subcontractor at my location for both, but I could only find a subcontractor for FortiGate, so I chose FortiGate. I wanted to have a local subcontractor. There are some products for which we don't need local support, but for some of the products, such as a firewall, we prefer to have local support.

I would advise others to find a local contractor. That's because it is a product that can do a lot of things. If you don't know it well, you can make mistakes. Because I learned how to use it, I can now modify or update it. I can do some of the things in FortiGate, but when starting with it, it is better to have someone locally to guide you and do the initial setup.

It is a good and very useful product for me. It is very stable, which is the only thing that I want from a firewall. I would rate it a nine out of 10.

We primarily use the solution for security, including threat prevention.

The threat prevention is the solution's most valuable aspect.

The solution's initial setup is very simple and straightforward. It's not hard to implement it.

The stability if the product is very good so far. We haven't had any issues.

The pricing of the product is reasonable.

The logs need to be better. They need to be more visible and easier to access.

The VPN features could use some improvement.

I've been using the solution for about two years at this point. It hasn't been too long.

The stability is excellent. We haven't had any issues in that sense. It's not buggy and there aren't glitches. It doesn't crash or freeze. We find it reliable.

I do not foresee the product being easy to scale. We find it so hard. It does not seem to be possible.

Currently, we have around 15 users and there are five to ten people handling the management aspect of the product.

Over the past two years, we really haven't had any issues that would require us to reach out to technical support. The user experience has been good. If we run into little issues, we may reach out directly to the vendors, however, I can't say that I've spoken with technical support. I wouldn't be able to evaluate their services or speak to their level of knowledge or responsiveness for that reason.

I've used other solutions in the past, including, for example, Sophos. However, I have found Fortigate to be more reasonably priced and generally much better as a product.

The initial setup is very easy. It's straightforward. We didn't run into any complexities. We were able to set it up without any issues at all.

The initial implementation was handled by the vendors. They were great at assisting us with the process.

We've found that the cost of the product isn't too high. They are a bit higher than other options, such as Meraki, however, it's still not so bad.

You need to pay for the hardware and then you need to pay for the licensing as well.

We are just a customer. We don't have a business relationship with Fortinet.

We are using the latest version of the solution at this point.

Overall, we've been pretty happy with the solution. I would rate it at an eight out of ten.

In most cases, we use the solution as a firewall to access the internet. For example, we use Cisco Wireless for our clients to have access to the network and we use within the same solution the FortiGate Firewall for them to access the internet as well.

The solution offers very easy usability. 

The product can scale well.

The solution is extremely reliable.

The pricing and licensing models are pretty good. 

The user interface, both the web and CLI versions, are very good.

The solution overall is quite good. It works how we need it to. I can't recall seeing any features that are lacking.

We haven't had any breaches in our organization, however, I have read in journals that there have been some issues.

There may have been some bugs after an update, however, that has since been resolved. We saw a few bugs in the web field and when we ran an update it was resolved in the new version. 

Some resources must be accessed via web fields. We were not able to access them at first. However, it was a simple task to fix it and that has since been resolved.

The pricing could be a bit better, especially when you consider how they have the most basic offering priced.

I've been using the solution since I started at my current company. I began my employment here about a year ago or so.

The solution is quite stable. It doesn't give us issues. There are no bugs or glitches. It doesn't crash on us. It doesn't freeze. It's reliable. Fortinet has created a really reliable solution.

We've found the scalability of the solution to be very good. If a company needs to expand on this solution, it can do so with ease.

We have between 2,000 and 3,000 users on the solution currently.

We do plan to continue to use the solution going forward. We have no plans to change anything.

I've never contacted technical support. Having never dealt with them, I can't speak to their responsiveness or knowledgeability. I don't know enough about them from any kind of personal experience.

I also use Cisco wireless solutions. Our company uses both simultaneously.

While I did not participate in the main part of the installation, I've discovered from deploying small FortiGates such as FortWiFi 60E, that it's good. It's not too complex of a process. It's pretty straightforward. It's easy.

We've found the pricing to be fair and the licensing model is quite good. It's a reasonable cost. It's not too expensive.

That said, I do feel they could work on the pricing policy a bit.

Right now a license to use some of the simpler features like web filtering or antivirus, you have to pay about 80% of the hardware price to have a license for a year. That's a bit too much for such basic features.

We use a variety of Fortinet products. We are using mostly FortiGate 200E and we have some of FortiGate 100E and the FortiWiFi 60E.

We are not using the latest version of the solution at this time. We have version 6.0 and it completely meets our requirements. When we will have to update it we will do so. However, that is not so necessary right now. We will not update it until we need to.

I'd recommend the solution to other organizations. It's been a positive experience overall.

I would rate the solution at a nine out of ten.

We are a managed services company, and we are also a partner with Fortinet and Cisco Meraki. The firmware that I just started using is 6.4.4. Most of the FortiGates that I sell are 60E and 60F. For some of our larger customers, I have got a handful of FortiGate 80, 100, and 200.

Fundamentally, its primary purpose is security at the edge of the network. I have got some clients who are starting to use the SD-WAN feature for a multi-location setup. I have got other clients who are using a lot of IPSec tunnels. I also have some clients who, with the increase in remote workers, are taking advantage of the FortiClient product that ties in. They are using that for remote VPN connections. 

We are a managed services provider, and I would say that it has improved the way our client's organization functions. I would also hope that it is seamless for them. They don't even know it. The biggest improvement for us is that it allows us to do more with a smaller staff.

One of the nice things about FortiGate is that it can be deployed on the cloud or on-premises. You can actually do both. That's the biggest reason why I stick with this solution as opposed to something like Cisco Meraki. Another nice thing is that I can log directly into a FortiGate or get to it through their FortiCloud access products. They're pretty reliable and consistent.

One of the reasons why I started using the product was their single pane of management. I can deploy their line of firewalls in conjunction with their switching and access points, and I can manage the entire network from one interface. I don't have to log into one interface for the firewall, another one for the access points, and another one for the switches. These firewalls have access point controller functionality built right into the system, so I don't even have to purchase additional devices to manage them.

FortiLink is the interface on the firewall that allows you to extend switch management across all of your switches in the network. The problem with it is that you can't use multiple interfaces unless you set them up in a lag. Only then you can run them. So, it forces you to use a core type of switch to propagate that management out to the rest of the switches, and then it is running the case at 200. It leaves you with 18 ports on the firewall because it is also a layer-three router that could also be used as a switch, but as soon as you do that, you can't really use them. They could do a little bit more clean up in the way the stacking interface works.

Some use cases and the documentation on the FortiLink checking interface are a little outdated. I can find stuff on version 5 or more, but it is hard to find information on some of the newer firmware.

The biggest thing I would like to see is some improvement in the switch management feature. I would like to be able to relegate some of the ports, which are on the firewall itself, to act as a switch to take advantage of those ports. Some of these firewalls have clarity ports on them. If I can use those, it would mean that I need to buy two less switches, which saves time. I get why they don't, but I would still like to see it because it would save a little bit of space in the server rack.

I have been using this solution since 2007.

If you have the firmware version 6.4.3 and are using FortiLink in VLAN, it has trouble with tunneling networks for a wireless network. It won't give it a route to the internet. I found it just last week. There was a version back in 6.2 where it required 12 characters for the password of a wireless network on Web 2.0 as opposed to the traditional eight characters. The problem came when you wanted to edit it. If you upgraded to that firmware from a previous version, it wouldn't let you save any changes without changing the password, making it a requirement. That was kind of problematic for a while, but for the most part, it has been pretty stable and responsive.

It is easy to scale as long as you start with the right firewall. Our clients are of different sizes. We have clients with the home office with two or three employees. One of the clients has about 26 locations in all four time zones and about 400 employees.

I haven't used their official tech support, which is actually a good thing. The reason I haven't used their official tech support is that they have a support mechanism in place. I have direct access to a local sales engineer, and when I have problems, I call him up on the cell phone. Based on that, they definitely support their partners 100%. They are definitely channel driven, and it shows.

I have deployed SonicWall, WatchGuard, Cisco ASA, Rockies, and Palo Alto. The biggest reason I went with Fortinet is that it felt like it has got Palo Alto type of functionality at a much more reasonable price point.

I spent seven years working at the state level education, and budgets were tough. We had SonicWall subscription services. I could replace them with the brand new FortiGate with a three-year subscription for the same cost. That really changed things. The single pane of management that they have was just the frosting on the cake.

It is pretty simple. For example, I just set up a new network with a 100E, and I have got four stackable switches. It will run a network with 23 access points. I set up all the VLANs, routing, rules, and other things. It won't take more than four hours of work. I am getting ready to box up and ship it out. It will be plug and play once it gets to the site.

Take the training. They've got free training that is available online, and there are different levels for technical training. It is crucial. If you sign up as a partner, which doesn't cost you anything, the training is free. If you want to go for the test and get certified, you got to pay for the test, but the actual training materials are available to every partner for free. I would say that definitely take advantage of those. When you have new employees as network engineers, make this training a part of the routine.

I would rate Fortinet FortiGate an eight out of ten. I have been using it for years, and I do try to evaluate it on a regular basis and continue to stick with them. I just don't have a lot of bad things to say about them. Aside from their product, I'm a also fan of their company and how they do business, which makes it easier to do business with them. I don't necessarily appreciate the business practices of some of their competitors. It is nice not to have to worry about that.

I specify, configure and deploy firewalls  in organizations with 500 or fewer employees and 15 or fewer sites.  Primarily I choose between Cisco, Sonicwall and Fortigate small and medium sized appliances.  Occasionally I deploy virtual appliances in AWS.   I prefer to use Fortigate firewalls for several reasons- remote access is simple and the included client works with MacOS Windows and IOS devices.  The level of security works well for most clients and the authentication with AD/LDAP makes the solution easier to deploy.  I also find that the clients  appreciate the lower price point than other vendors.

We have a standard build. We give the client the laptop, and, especially with the pandemic, we send them home with the laptop or FedEx the laptop already configured, and the user is ready to go. 

I don't even need to know the client's password. I can just install the software and create a profile. The client fills the profile in with simple instructions, types in their password instructions, and connects it and they're good. It's really simple. 

That's why we have standardized recommending Fortinet. That doesn't mean that I don't support other solutions as well, however, the device that I like the best is the one that's easy to use for me and it's easy to use for the clients. The price point is not bad as well.

The ease of setting the solution up is a valuable aspect for us.

The most valuable aspect that differentiates it from other solutions is that the client (the SSL VPN client or the IP sec VPN client, the same clients) is included in the solution. We don't have to pay extra for the software and the clients. 

I have had some issues, but no more than others and I don't have to buy an expensive add-on license to do it and it's managed and it's updated automatically. That's the key thing, that the client is included and it updates itself so I don't have to do too much to manage it and it's very transparent to the end-user.

The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall. 

If I wanted a unified console, I have to pay extra. And that's the downfall. That's the only needed improvement that I would say for the Fortinet solution, is that they should have it web-based from the get-go. You should not have to buy an extra bundle or an extra device.

If I have to make an update to a web filter, and I have 12 devices, I've got to do it in 12 places. If I don't want to do that the client can pay for a pretty expensive device or virtual appliance that does that for them. It's like an expensive centralized management tool. That's the big downfall of Fortinet. It doesn't come included, you have to pay for it. Their web-based one, that's sort of just like an inventory manager. It's not really good for distributing roles. With Cisco, you don't have to do anything. The one from Aruba HD has one too. Fortinet should try to be similar to those options.

In the next release, it would be amazing if they could give a better tool for upgrading, so that if I upgrade from an older version to the other, it can read the configuration and processes it for me so that I don't have to rewrite it from scratch. In FortiConverter, they have a tool like this, however, it doesn't work well. It's really more for bringing items in from other vendors, not from one version to the other.

That was my last experience where they operated from version five to six. However, that's really the only big thing. The main thing is to include the FortiManager cloud software like Cisco does. To have one solution. If you paid $150 a year for the support, you might as well get that too so I could manage all the devices at one spot. They do have FortiCloud, however, it's not the same as the way Cisco does it. They are selling another product called FortiManager. FortiManager should be included with the support, and that would make it more of a business solution, rather than a feature request.

I would say that I have been using the solution for over 10 years. It's likely been between 10 and 15 years at this point.

Fortigate firewalls are very reliable- in the past 15 years I believe only 2 devices in a 100 have failed.  The failures were due to harsh environments (dust and water will ruin any electronic device).  The input I can give to any technology person or client looking to choose a firewall / threat management device I would highly recommend the stability / reliability of fortigate.  Once installed it will do it's job efficiently and effectively for several years.

I will tell a client not to go with Fortinet if they have no firewall or they have a very, very old firewall. If this is from scratch, I'd say let's not go with Fortinet, let's go with Meraki if you have the money. I always say create the budget for it if you have a lot of sites, as Cisco does a better job if you have a lot of sites. If you have two sites, then it's fine to go with Fortinet. It'll scale to that scale. However, if you want to go over a couple of sites, it's not the best option.

The solution's initial setup is straightforward. It's actually gotten better. I got good at doing it from scratch from the command line, or even from the GUI with all the 50 steps to set up stuff. However, now they're wizards and it's much better. It was the thing that probably a lot of people commented on initially, and they just worked hard to fix it. They updated the software from version four to five to six. They did a good job at making it easier.

If the client had a lot of downtime or a lot of issues with older equipment, or they did not like the fact that they had to pay every year just to be able to use the device, then the return on investment of spending $900 for a Fortinet 60E per site for a three-year contract will hands-down beat pretty much anybody. 

It is definitely set it and forget it. There's very little input. You'll save money on consulting. If you were to call me and you're doing Juniper or you're doing Palo Alto, there's a lot more configuring and it's a lot harder to add stuff and therefore, as a consultant, I make more money, and I'm being serious. Once I set up a Fortinet I really don't have to touch it for years.

Maybe I have to log in to check that I need to do an update, however, in that case, they usually send me an email saying hey, your license key is up and maybe you want to buy a new one. I take the old one out and put a new one in, that's when I get paid again. It's boiled down to that. 

I'm not only an authorized reseller. I am a consultant that uses their equipment and recommends them on a routine basis. I am not a Fortinet partner, however.

I use a series of FortiGate products, including the 60, the 90, and the 100. Some of them are E's, some of them are S's; it all depends. However, they have pretty much the same user interface.

If a company is considering the solution, I'd advise that they consider purchasing the FortiManager if they really like the feature set and the way that Fortinet works. For example, a company we work with has these large scale solutions, and they use FortiManager. If you're a very large implementation, definitely look into Fortinet. If you're small, for example, under 20 devices, consider joining Cisco Meraki as it's so much easier. That's what I would tell any client. 

FortiManager and FortiGate are really good. If you like the way the GUI works it's more flexible than Cisco. There are more bells and whistles, however, Cisco is going to be the way to do it if you're going to do 50 sites. If you were to do a lot of sites, consider Cisco. If not, you can do Fortinet.

At the end of the day, the solution is very flexible, and if the client has special business partners that want a special type of nailed up VPN or special configuration for the clients, it offers that. The lesson I learned using the solution was to go with the solution that's most flexible for the client and at the same time is as low touch as possible. That's why I've standardized on FortiGate, as it's low touch for me and I'd rather spend time fixing other stuff or troubleshooting the other problems for clients than this particular solution.

You want to spend less time fighting with your remote access solution or your firewall solution and work on other problems. It should not be a difficult thing, and yet, a lot of people struggle with that. Especially today with the pandemic, they have to be able to have access to their stuff and that's crucial. That's the biggest takeaway. Is it easy to manage it, is it easy to connect? If so, it's worth the investment.

I would rate the solution nine out of ten. If they included FortiManager in their offering, I'd give the product a perfect ten.