Fortinet FortiGate Reviews

We primarily use this solution as a firewall.

It's our main firewall, but we're planning to replace it with a pfSense for reasons I will discuss.

It's super reliable. I don't think I've ever had a reliability issue with it. Within the four years that I've been using it, maybe two or three times, resetting the firewall was what solved the problem. It's been super, super solid. I never have to think twice. If I ever experience a problem, the firewall is the last thing I think about. I never need to check it because it's never the problem. It's just super solid. It's also pretty robust. I know that there are more robust solutions out there, but not by a lot.

In the enterprise proprietary world, Fortinet, in my experience, considering its cost and reliability (maybe they could bring the price down or maybe they could make more plans), I honestly don't think that there is much room for improvement. I think it's a pretty good solution for anyone who is looking for a proprietary solution. I wouldn't look anywhere else.

Cisco, for example, is probably way overpriced. Fortinet on the other hand, one of their strong sides is that they have an all-encompassing solution with a very reasonable price point. Cisco and other brands are a little bit more modular — to get everything you'd have to buy a lot of different packages.

An automated guide feature or templates that you could pick and choose would be a nice addition.

It's definitely not as easy to look at traffic as I would like. Sometimes when I'm trying to see what traffic has been blocked or what traffic has been passed, it's not as easy as I would like to filter it out or to monitor bandwidth.

The monitoring is not as good as it could be. It could be a lot easier to understand. For example, I was trying to figure out, in a given timeframe, how much was downloaded off of a certain interface and I didn't really understand how I could get that information or if it was even available. I was searching the documentation online and I couldn't even figure it out. Monitoring and reporting could be better; It's very good, but there's definitely a lot of ways to improve it.

I have been using Fortinet FortiGate for four years.

Fortinet FortiGate is super stable, one hundred percent. Just works 24/7 without any issues like you would expect from an enterprise product.

I know that it's scalable, but I don't actually have any experience regarding scalability. It's probably not as scalable as pfSense because pfSense is based on open hardware platforms. I definitely know that proprietary platforms usually tend to be less scalable because they're more constrained with licensing. The scalability in my opinion would be decent, satisfactory, but I believe pfSense is probably more scalable. I know that there are a lot of big corporations like Google and others that use pfSense. I don't know the details. I'm just giving my educated guess.

I personally prefer pfSense as it's open-source and you only have to pay a minimal fee for support. But for people who want that platform, I think it's a great solution. If I wasn't using pfSense, I would definitely go with FortiGate.

The two products are completely different. If you're using pfSense, you're basically using the entire open-source world — so you're based on FreeBSD, you're using Snorts, everything is open-source. It's very easy to make modifications and to figure out what's going on. You're not dependent on your single company's documentation, there's a huge user base. It's very easy to modify and extend. You can see what's going on — it's very transparent in that sense. It's probably a little bit more manual. With pfSense, You have to put in a little bit more effort to get things done, but, in the end (aside from the huge cost savings), you get all the features that are available in an enterprise firewall for just the price of support, which is also very minimal.

If you need to make any tweaks, you can do it all yourself. If you need to tweak ciphers for SSL for compliance (for PCI, for security compliance) it's not a difficult thing to do; it's a fairly trivial task.

I didn't set it up initially, but I did set up a lot of things from scratch. I think it could be more simple. When you're looking at a proprietary solution, usually it's aimed for end-users and they just want to do point and click. I believe in certain aspects, pfSense was simpler. I think there's maybe just a bit of a learning curve, but I guess you would experience that with any platform.

I think that the pricing is fair.

On a scale from one to ten, I would give Fortinet FortiGate a rating of nine.

Other than the price and the lack of extensibility and transparency (which is inherent in any proprietary platform); if you're going to compare it to pfSense, then I would not give it a nine. I would give it an eight, and I would give pfSense a 10. pfSense has its drawbacks, but not that many, in my opinion. 

Take the time to learn the platform and you won't run into trouble later. That's my advice.

Other than that, it's super solid, super reliable. It does the job.

We are system integrators, and this is one of the products that we implement for our clients.

The primary use case of this solution is as a firewall, with advanced capability features for sandboxing, for preventing ransomware and other related threats. 

The most valuable features are the possibility of having one fabric for switching on security.

They have the feature where the fabric and the security fabric can be extended. That gives us visibility as a single pane of logs for many of the activities.

I would like to see a more intuitive dashboard.

Technical support can improve in knowledge sharing and they can implement better.

The dashboard appearance needs to be more refined. It has to be smoother and more customer-friendly.

As the cloud is more prominent and more are moving towards the cloud, people are used to certain ease of doing things, and less complicated.

I understand that a firewall is a technical product, but we can try to make it a better customer experience which will increase usability with good results.

I have been working with this solution for three years.

Fortinet FortiGate is a stable solution. We have not experienced any issues.

It's a scalable product.

Technical support is fairly good. We are able to get our message through, they look into our issues and provide us with a solution without any hassle.

I would rate technical support a seven out of ten.

To be better, they would need responsive pre-set activities to be more refined. They need to be in a position to give more modular solutions or more pre-defined solutions that are present.

We did not have any problems with the implementation. 

The initial setup was straightforward.

The Indian market is different than the European and American markets. When you compare, they need to be a bit more aggressive on pricing.

We would recommend this firewall at any given point in time.

I would rate this solution a seven out of ten.

We have both on-premises as well as virtual firewall servers. We have quite a few FortiGate firewalls as part of our infrastructure. We are using Check Point more from the perimeter perspective. It is only there on the perimeter.

The virtual firewall feature is the most valuable. We have around 1,500 firewalls. We did not buy individual hardware, and the virtual firewalls made sense because we don't have to keep on buying the hardware. 

FortiGate is easier to use as compared to Checkpoint devices. It is user friendly and has a good UI. You don't need much expertise to work on this firewall. You don't need to worry much about DCLA, commands, and things like that.

FortiGate is really good. We have been using it for quite some time. Initially, when we started off, we had around 70 plus devices of FortiGate, but then Check Point and Palo Alto took over the place. From the product perspective, there are no issues, but from the account perspective, we have had issues. 

Fortinet's presence in our company is very less. I don't see any Fortinet account managers talking to us, and their presence has diluted in the last two and a half or three years. We have close to 1,500 firewalls. Out of these, 60% of firewalls are from Palo Alto, and a few firewalls are from Check Point. FortiGate firewalls are very less now. It is not because of the product; it is because of the relationship. I don't think they had a good relationship with us, and there was some kind of disconnect for a very long time. The relationship between their accounts team and my leadership team seems to be the reason for phasing out FortiGate.

I have been using FortiGate for the last four to five years.

It is stable.

I currently have about 36 to 40 devices that are being used. We use a certain number of devices from business to business.

We were not getting proper support from Fortinet. That's the reason we had to phase out FortiGate.

We implemented it on our own. It took around one hour. We have one or two engineers for its deployment and maintenance. 

We installed FortiGate four or five years ago. We are just phasing out FortiGate and not doing new installations of FortiGate. Whichever model is getting end of life, we're just replacing it with a Palo Alto device. We can use it in the future, but I don't see any presence of Fortinet in my company at this time. I see a lot of push from Palo Alto, Check Point, and other vendors, but I don't see Fortinet around at all.

With the current COVID situation, I don't know how FortiGate behaves when working from home, which is an entirely different concept. In other firewalls, we create HIP profiles and similar stuff, but I am not sure how FortiGate works in such an environment.

I would definitely recommend this solution, but I think Fortinet has to first create a presence. That is more important. Nobody says anything bad about the product. The product is still widely being used.

I would rate Fortinet FortiGate an eight out of ten.

The primary use case of this solution is as a firewall.

The way the rules are created and set up on our firewall is very quick, very simple, and does not take a lot of time. It allows us to spend more time in other areas.

The most valuable features are that it is very simple to configure and to manage.

For me, this solution has nothing to improve and it meets the needs that I have. I don't see any way to improve, at least from my point of view on regular use.

In the next release, maybe the documentation on how to use this solution could be improved.

What I have noticed is that when we have done some configurations directly from the command line, there is not a lot of information regarding splitting.

I have been using this solution for six years.

We are using the latest version.

This is a stable product.

Fortinet FortiGate is very scalable.

We are satisfied with technical support. We have not had any issues.

The initial setup is very straightforward.

We used a reseller to help us with the implementation.

Pricing is very competitive. It's cheap for what it offers and for what it does.

It's very affordable.

I would recommend this solution to others who are interested in using it.

Fortinet FortiGate is simple and effective.

I would rate Fortinet Fortigate a nine out of ten.

We are currently using manual router failover that can be configured on the Fortinet security appliance’s second network interface to provide network edge redundancy if the primary managed router fails. If the edge router fails, traffic can be moved to the security appliance with a simple cable swap.

We are looking for a fully redundant solution with automatic failover between both Fortinet Security appliances. I am currently looking at battle card information between Fortinet and Zscaler. I have to do a competitive analysis.

The low cost of ownership was a benefit with all of the features we wanted.    

Preconfigured images have been developed for quick deployment. However, if we need a custom policy or have to include an existing policy then that can be accommodated as well. 

Virtual Domains (VDOMs) are a feature that we found valuable.

We found the Firewall, VPN, Application Control, IPS, Fortiguard Web filtering, anti-botnet, FortiGuard, Anti Spam Wireless LAN controller, WAN optimization, vulnerability assessment, and endpoint control all to be valuable.

Fortinet certifications include NSS Labs for NGFW, firewall, IPS, SSL, antivirus, and antispam.

Fortinet provides a consolidated security platform for the market place and certifications with NSS labs prove their security assurance.

To the best of my knowledge, Fortinet does not have a CASB solution and Fortinet does not have a Zero trust solution. Fortinet claims to do everything Zscaler is capable of and I'm looking for a comparison between the supported features.

Fortinet VPN and DDoS capabilities are great, yet we need to provide a solution that enables CASB and integration to the cloud.

We have been using FortiGate for three years.

Fortinet is very easy to service and set up.

Fortinet is the least expensive solution.

We are comparing the features of Zscaler vs. Fortinet. We are trying to determine what features Zscaler has over Fortinet and vice versa.

Fortinet was initially scoped as 25 rules for small, 50 for medium, and 100 for large. We need to incorporate more rules but there would be additional professional services or staging services. We are looking to incorporate the cloud access with the Fortinet UTM solution.

We use Fortinet FortiGate 100E for a VPN. We also use the solution for word filtering. These are our primary business requirements.

We were not fully operational previously. Our project needs to link two sides through the internet. One of these was in Cairo and the other in another city. 

In Egypt, to make this possible, we built connections for everything between the two sides through the internet using the VPN side-to-side with Fortinet. 

We used FortiGate as the integrating solution between the two locations, i.e. the Fortinet 30E & 100E.

The main feature that Fortinet FortiGate has that is very useful for me, is that I can connect two sides of the network to each other with Fortinet. 

I can make two VPNs run side-to-side. VPN is very simple and so easy with FortiGate.

Fortinet needs more memory to save the log files (like in the 101E, the old product). We need it to save the logs on the hardware and not in the cloud. 

I know this feature is available in FortiCloud, but if we need to log locally, it is not available. Also, the log only records a little time and needs to be longer.

Fortinet FortiGate offers good stability. I have been using it for around two years.

FortiGate is a very scalable tool. They have an app to manage the access points, switches, and other solutions. 

For our project, now we're over a hundred users at the headquarters. The other branch supports about 20 persons.

Fortinet tech support is very helpful. I have not faced any trouble with their technical support. 

The other product I was previously using was ForgeRock but did not have the experience of integrating it with Fortinet FortiGate.

For the Fortinet installation, our initial setup was for word filtering. It was very easy and did not take a lot of time. The deployment took about three days. 

FortiGate is very easy. The entire solution setup processes took about three days. I can make many of the rules for most users as we need it configured easily.

I am the integrator for Fortinet FortiGate solutions at our company.

The licensing price for the Fortinet products is approximately a thousand of dollars per year for the FortiGate 100E and $200 per year for the FortiGate 50E. 

I don't use additional licensing, just the yearly subscription.

We did not evaluate any other options for this purchase.

If anyone asks me for my experience with Fortinet solutions, I would recommend FortiGate, especially if they need to use it for security. 

I would recommend the FortiGate series for integration with any hardware or software product. I am very satisfied with Fortinet. I would rate it a 9 out of 10 overall.

I have deployed several of the following models for customers: 200D, 60E, 60D. This review focuses on the FortiGate 200D.

The first implementation I performed of a FortiGate 200D was to replace a Juniper SSG-140 in a main corporate office.  This implementation provided improved network administration and network performance.

We also received more timely security updates, and it became easier to connect all of the other offices together (via an IPsec VPN mesh).

As additional FortiOS releases have come out, we have obtained more flexibility in device identification and WAN load-balancing, among other things.

• The CLI is robust and powerful, enabling rapid, consistent changes via SSH. 
  
  The device identification is very flexible, facilitating the creation of rules to regulate all sorts of devices that might spring up on a network, especially via WiFi.
• The IPsec tunnels are very easily created, and quite interoperable with devices from other vendors.
• WAN load-balancing has improved, but needs some refinement.
  
  You can set up a different DDNS config for each WAN link.
  
  It is great to be able largely use the same OS features across the family of devices.

WAN load-balancing could be a lot better at detecting when a link is poor or inconsistent, and not just flat out dead. There are lots of options for routing traffic over a specific path when you have WAN load-balancing enabled, but they are not as clear and consistent as they could be, and most can only be set at the CLI.

Some configuration elements cannot be easily altered once created.  For instance, there is no way to rename an interface (say, for a VPN tunnel), unless you create an entirely new one and perform a little gymnastics to switch from one to the other. Or, you export the config, rename the elements in question, then re-import the entire config.

Creating a meshed VPN connection (Office A with two WAN links connecting to Office B with two WAN links) requires a massive bundle of four IPsec interfaces, with two policies. It would be nice to have a cleaner, simpler config for that functionality, something not very uncommon today.

I have found that if you have a console cable in the device when you reboot it for a disk check, it will boot to the device firmware. This will not happen for a regular reboot.

If you have more than a very basic environment, you quickly have to escalate past the first level of support. The initial level is so-so.  The next level up has been stellar for me, and quick to figure out issues and resolve them.

I've only experienced stability issues a few times.  One was with the v5.4.0 and .1 releases. Also, there was an issue during the v5.2.x series where there was an SSD issue that was fixed with later firmware. Overall, the devices have been very stable.

No. Scalability is good, and performance increases are great as you move to higher products.

Customer support is okay. They are fairly responsive for level three and higher (one and two) issues, but if your issue is a little complex, you will want to ask them to escalate to a second level tech. They don't always read all the info you provide in the first pass, but overall, they are helpful.

I previously favored NetScreen/Juniper SSG solutions, but Juniper stopped supporting the SSG line, and FortiGate provides more value and performance for the dollar.

I've also tested the Sophos solutions, but found them not compelling enough to switch from the FortiGate devices.

The devices are very easy to setup, even if you need to configure VPNs. You could have an HA config up and running within 60-90 minutes, with the latest firmware installed, and a couple of policies and tunnels.

If you do not regularly work with enterprise-class firewalls, you might need to add an hour to the above scenario, but the provided wizards make it pretty easy to address the basic functions.

In-house deployment all the time.

In almost every case, I've experienced (or had customers experience) an ROI within 12 months, based on better performance for the same price or increased functionality for the same (or less) price.

Licensing and setup costs are generally pretty clear with Fortinet. If you go with centralized management or their Log Analyzer tool, these carry some additional pricing that you need to look at.

Check out the price matrix, and go with a value-added reseller that understands how to help you size out the equipment. Remember to always look at the performance with the assumption that you will have many of the unified threat management (UTM) features on, not off.

Yes, I tested and evaluated solutions from pfSense, Sophos, and Palo Alto.

I highly recommend, and often try to deploy Fortinet solutions for my office network and for my customers. They run for a long time, they are supported for many OS updates, and they are pretty solid.

Don't upgrade the OS right away when it is released, if a major new version has come out.  v5.0 was problematic early, but v5.2 was great. v5.4 was a problem child, but v5.6 had only a minor issue. v6.0 was surprisingly smooth and had only a minor issue. I could have avoided most of these problems if I waited an additional month or so before updating, but I updated because I need to advise customers on what they should be doing.

I've had to interact with support a lot, and overall they've been good (with the caveat mentioned earlier).

We use this product to provide network security functions to our customers.

This solution has a unique range of features that are not available with any other product.

We also appreciate that this solution is easy to maintain and manage.

We would like to see an improvement in the consistency of the product's performance levels.

We have been using this solution for around five years.

The stability of this solution has been good, in our experience.

We have found this solution to be easily scalable.

The technical support for this product is very good; they always respond to us quickly when we raise issues.

Positive

We switched to this solution because it offered the best range of features in its category.

The initial setup of this solution is very straightforward, and deployment only takes between 30 minutes to an hour.

I would rate this product a 10 out of 10, and I would recommend it to any business that is in the market for a security solution.