Fortinet FortiGate Reviews

We are using Cisco for the core switch, and for the firewall and WAN security, we are using Fortinet FortiGate. For distribution switches, we are using Ubiquiti. 

We are using the 200F series of Fortinet FortiGate for our main branch and model 60 for our branch offices at five locations. We have connected a site-to-site VPN with Fortinet FortiGate. 

We have used multiple WAN ASPs and set up SD-WAN. It's quite interesting and user-friendly; essentially, anyone can configure it. All you need to do is go through the documentation, and you'll be able to set it up directly. We experimented with Cisco and other devices, but found them to be somewhat challenging. Additionally, there are commercial aspects to consider. However, with FortiGate, everything is bundled together, eliminating the need to pay extra for SD-WAN management.

Performance-wise, we have great output with SD-WAN in our network. Earlier, when we were using it without SD-WAN, it was very difficult, and our IT team's effort was greater. After this SD-WAN configuration, we have no need to worry about whether the link is going down or not. We just get the notification, and at that time, we work on it. There is no need to run behind that.

The only issue is their renewal pricing. For more than 10 years, we have been customers of multiple Fortinet FortiGate security devices, and every time, it's at a high price. It is very difficult for small companies, especially in India. If Fortinet can reduce the renewal price a little bit, it can expand and target small businesses as well. Currently, only medium and large-scale organizations can afford it. Startups and small companies cannot afford it. The renewal cost is very high. When we get the equipment along with the license, it's acceptable, but the next renewal after one or three years is very expensive compared to other firewalls.

We have been using Fortinet FortiGate for more than 10 years. It's the fifth device we are using. Earlier devices reached the end of life. After that, we moved to the next product.

Fortinet FortiGate is absolutely scalable enough for our needs.

We have more than 400 employees, and there are six branch offices connected. The branch offices are connected with site-to-site VPN, and multiple roaming employees or working from home employees are connected with SSL VPN. More than 100 people are connecting at a time. We only need two IT people to maintain the security devices.

We very rarely raised tickets with Fortinet. Only on one occasion, when the FortiCloud account was locked, we raised a ticket. Apart from the configuration part, we never contacted them. They were very supportive. With that particular ticket, we got help immediately.

We are also customers of Cisco and Ubiquiti. We have a core switch, 9000 series switches, and Ubiquiti equipment.

I have earlier worked with Cyberoam and Sophos as a partner. They have a range of devices, and the renewal price is also lower in Sophos compared to Fortinet FortiGate.

I was involved in the deployment of Fortinet FortiGate. The deployment process of Fortinet FortiGate is very straightforward, and since we have experience, it's very easy for us. Even for freshers, if they have basic theoretical knowledge of the setup, they can easily implement it. 

It's deployed on-premises. We are not planning for the cloud. Our clients are not comfortable with the cloud solutions.

We deployed it ourselves with one or two people for the deployment.

The renewal cost is much higher than other firewalls. It is not reasonable.

I would definitely recommend Fortinet FortiGate to others. 

My experience with Fortinet FortiGate has been good overall. I would rate Fortinet FortiGate an eight out of ten.

We are using Fortinet FortiGate for enterprises. We are a partner of Fortinet.

Its features are very good for the price. Their support is also very good. A lot of expertise is available in the market in terms of engineers. 

The best features of Fortinet FortiGate are its simplicity, ease of installation, and ease of functionality. It is very easy to learn and implement, and everything is clear. The deployment of Fortinet FortiGate is very straightforward. 

I would like to see improvements in Fortinet FortiGate regarding the active-active scenario. The active-active scenario is supported but not recommended, whereas other vendors are implementing active-active without issues. Perhaps in the future, we could effectively use both firewalls to increase the throughput. If there are two boxes, they both should be able to work.

Other than that, I don't have anything. I'm very happy with the features.

I have been working with Fortinet FortiGate regularly for a few months only, though I have previously encountered one or two installations.

Fortinet FortiGate is very stable.

There are multiple options available for small, mid-sized, and large-scale deployments.

My experience with the technical support for Fortinet FortiGate is very good. I only had one bad experience. I would rate them a nine out of ten.

Positive

It is very straightforward to deploy.

In terms of maintenance, many features are automated, including antivirus updates that happen regularly without intervention. Simply connecting the firewall to the internet enables automatic downloads of everything.

It was recently implemented, so it is too early for that assessment.

It is very cost-effective. You get features similar to other firewalls, such as Palo Alto, but at a lower price.

I have not worked extensively with Palo Alto, but from various comparisons, Fortinet FortiGate is understood to be a cost-effective version of Palo Alto. While Palo Alto has more features, Fortinet FortiGate offers similar functionality.

Currently, we are not using SD-WAN, but we will implement it as it is a very impressive built-in feature. We will implement it for one of our customers in the near future.

Fortinet FortiGate is a very good next-generation firewall. It is not very expensive and offers plenty of models to suit various needs. The licensing options are extensive. The day-zero protection is very good. FortiCloud is also excellent. The geo-protection is effective and serves its purpose. 

I would rate Fortinet FortiGate a nine out of ten.

The main use cases for Fortinet FortiGate are for small, medium to large enterprises, and they also have products for SOHO (small office/home office). That is where they stand out.

The main benefits that Fortinet FortiGate brings to the table include the ease of configuration, stability of the product, and excellent support. When a customer is using Fortinet FortiGate, they will not look at any other products for expansion or upgrades. In terms of price and performance, it gives a very good, balanced product.

One of Fortinet FortiGate's best features is in terms of the configuration; it is one of the easiest to configure. It is very easy and based on ASICs. In terms of performance under scalability and stability, I would rate it amongst the best. I have not come across a product that I have had to replace or generate an R&D for to date.

There has not been any impact in terms of performance for customers because Fortinet FortiGate is dependent on the architecture, which is totally different. They have security processors, network processors, and they work on a different architecture compared to other products. To be very frank, we have not had any performance issues when deploying SD-WAN and a next-generation firewall together.

Regarding improvements for Fortinet FortiGate, there is always room for improvement in any product. In information technology, things fade away quickly, and new technologies come in. It is how quickly each of these companies adapts to that and brings in more value to the customer.

I have been working with Fortinet FortiGate for over fifteen years.

For scaling Fortinet FortiGate, I am not sure about scaling down as we have not had any instances, but scaling up has presented no challenges.

I would rate the Fortinet FortiGate technical support as extremely good so far. I have not had any issues, and I would rate it the same as Cisco.

Positive

One pro for the Fortinet FortiGate compared to Palo Alto, Cisco products, and WatchGuard is that the architecture is different because they use specific processors to handle different types of traffic, both security traffic and routing traffic. They keep enhancing the processors as they improve the capabilities of the product. As for cons, I do not see anything at this point in time.

The initial setup for Fortinet FortiGate is extremely simple. It takes about five minutes to get it up and running. It is that easy. Nothing beyond that.

The deployment process for Fortinet FortiGate is generally very simple. We give the prerequisites to the customer in terms of a number of man links they want to connect and what the LAN subnet and number of subnets are. These initial details are gathered from the customer. Once the appliances are in place, we begin with the contribution to the content management interface. Most of the time, we start with the LAN configuration and the LAN network configuration. Then we move to firewall policies based on the organization's requirements, licensing the product on the cloud, and subscription licenses. In some cases, we configure VPNs and site-to-site VPNs. That is about it, and there are certain features that need to be enabled, which we will enable.

One thing I would definitely state about Fortinet FortiGate is that, in terms of performance, if compared with a product of the same price point, Fortinet FortiGate will outperform it. This way, the customer has a better ROI because they do not have to look at changing it or looking at an upgrade frequently.

I find the pricing setup cost and licensing for Fortinet FortiGate reasonable.

I work with Fortinet FortiGate SD-WAN extensively. My experience in integrating SD-WAN capabilities with Fortinet FortiGate in the network is that it is very easy.

I would rate Fortinet FortiGate as a highly mature product. I have been working with them for quite a long time and have multiple implementations across India. I have not come across any instance where I had to replace the product.

My advice for others looking into implementing Fortinet FortiGate is to plan the capacity properly and right-size the product for the specific customer, which is most important. When choosing the wrong model, some run into issues where it is not supporting that procedure, the system going under load, and similar issues. It is primarily important to spend more time on the design and finalize what is required in terms of the appliances.

On a scale of one to ten, I rate this solution 10 out of 10.

The SD-WAN feature of Fortinet FortiGate has been most impactful in maintaining our network's integrity.

Fortinet FortiGate's threat detection capabilities are good for our use because it's an internal firewall; however, we haven't enabled some of the features that are there. We've enabled IPS and antivirus generally.

They could improve the response time and quality of support.

I'm not sure what additional features they need to have in the future to make it better. For the purpose that we use it, it is doing the job, but I haven't explored some of the features.

I have been using Fortinet FortiGate for seven years.

I haven't had any issues with the stability or performance of the actual firewall. It has been fine with no bugs.

We didn't have to think about upgrading or anything; it does what we bought it for. If it wasn't for the end of support and the end of sale, we would not think about changing it. We are considering similar products for upgrading, maybe newer or bigger hardware.

The product is scalable. Currently, 120 people are using Fortinet FortiGate in my company.

I would rate their technical support about six out of ten; I'm not fully satisfied. They could improve the response time and quality of support.

Neutral

Fortinet FortiGate has delivered financial and operational ROI to my organization. It took about two to three years to realize ROI with Fortinet FortiGate.

At the time we bought them, I was satisfied with their pricing; I don't know how the new pricing will be.

We have to pay additionally for maintenance or support; it is not all included.

I would rate Fortinet FortiGate a seven out of ten.

I work in presales exclusively. I work in the public sector, focusing on presales of architecture. I usually work with enterprise businesses rather than SMB businesses.

Fortinet FortiGate is a simple solution, and the integration with other solutions in the Fortinet portfolio, such as the Security Fabric integration, is competitive. It is simple for deployment, design, and integration with other Fortinet solutions. The SD-WAN capabilities are simple because the license includes this function, making deployment straightforward for Fortinet FortiGate clients.

The impact of the SD-WAN on network performance includes cost efficiency and automation. For performance, the solution is focused on the user experience with optimal path selection. Unified SASE secures remote connections for many use cases. We use AI and machine learning enhanced FortiGuard services and FortiAnalyzer to protect data centers through deep inspection and other functionalities.

Fortinet FortiGate is stable in the data center environment and in its functionality. It is scalable. The price is competitive in the market, especially when integrated with other Fortinet solutions. It has a return on investment without the need for additional licenses for products such as FortiSwitches and FortiAP.

I have 12 years of experience in total with Fortinet FortiGate.

Fortinet FortiGate is stable in the data center environment, and it is stable in its functionality.

The solution is scalable.

Their customer service is great because the TAC service in Latin America is available 24/7 in English and Spanish. I am happy with the service. In Latin America, when I call at night, the response is in English, and during the day, it is in Spanish. The only challenge is the language availability at night, but I rate it a 10.

The setup is simple and easy, with no difficult configuration required for the devices.

Fortinet provides a return on investment. When using FortiSwitches and FortiAP, additional licenses are not required.

I worked with the implementation and presales of Fortinet FortiGate in the past. In the past two years, I haven't worked with deployment, but I have experience with presales in the last year. I am familiar with the SD-WAN capabilities. The solution focuses on user experience because the path selection is optimized for the user or application.

I rate Fortinet FortiGate a 10 out of 10 as it is a great product.

We mainly use the Fortinet FortiGate for perimeter wall protection and internet usage, protecting our network from internet threats and our endpoints, so we've set it at a perimeter level.

The main benefit I have seen from using Fortinet FortiGate is the protection it offers because I can see threats that come through in real-time, and if they are blocked, I can see that. We are able to customize those features, and it's so customizable that I can tweak it to fit our environment; it has really been helpful.

The hardware-assisted DDoS protection in FortiGate has helped us. We are able to monitor traffic in real-time and block it as needed. We have enabled this feature in every policy we created, so it consistently checks for any threats.

What I appreciate about the Fortinet FortiGate is the throughput and the management aspect; it's easy to manage. Unlike what we used before, initially, we had Microsoft Forefront, so moving from that application-based to a firewall which is appliance-based was really helpful. 

I would like to see the licensing aspect improved because there is a feature we were yearning to use, the bandwidth monitoring feature, but it's licensed separately. It's not bundled with the enterprise bundle, and since we normally buy the advanced hardware support annually, we found out that the license is licensed separately. If they could bundle it together, it could really be helpful to us.

We've been using it for the last seven years, and it has been helpful. We are looking forward to upgrading as the one we are having is at the end of life already. We are planning to upgrade to the latest one, and we are looking forward to the features it will offer.

I have been working with Fortinet FortiGate for seven years.

I haven't faced any downtimes, crashes, or issues with it; it's very stable.

It is scalable.

My experience with technical support for Fortinet FortiGate has been excellent. I would rate them nine out of ten; they've been really good.

I decided to move from Microsoft to Fortinet FortiGate. Fortinet and Cisco were rated highly worldwide. We compared those two and settled for FortiGate because of its manageability. The Microsoft firewall used to fail frequently, so we didn't want to go to another Microsoft product.

The experience with the initial setup and deployment process of the Fortinet FortiGate was complex, especially in terms of linking users. In our environment, we normally use the feature for Active Directory, and we don't give everyone internet access. We've enabled this feature called SSO linked to our Active Directory, and we create groups there. Setting that up initially was really tricky, so we had to engage the support team to sort us out. However, moving forward, it has been very good.

There are no challenges with updates and upgrades. They are straightforward. We have support from Fortinet and the local partner. 

We had a local partner here helping us with the initial setup.

It has worked and surpassed our expectations. We've really benefited from that.

It's pretty average compared to our environment.

My advice for other users looking into Fortinet FortiGate for their environment is to choose one that will serve them based on their needs, whether that's throughput or the number of users. That's really important to ensure they don't do an overkill, as we initially thought we went for a big firewall, only to realize later that it was the right choice. For our upgrade, we'll just go for a bit higher, but generally, it really serves us. 

I would rate Fortinet FortiGate a nine out of ten.

We deploy the FortiGate Next Generation Firewall (NGFW) mainly in education, with retail, big retails, and other industries such as manufacturing, agriculture, and some banking.

Some of the best features with the FortiGate Next Generation Firewall (NGFW) particularly are its security focus, the easy to configure IPS, the Layer 7 capabilities, and the easy way to configure different VDOMs in each equipment so we can separate the different features or the different sites that the client may use in one data center.

The application control feature has helped manage the network traffic with filtering and antivirus capabilities. When we use it in SD-WAN solutions, we can apply in a unified and easy way the different profiles for each branch, and we can also have one profile for the hub if they have a data center with some servers connecting to the FortiGate. We can have different profiles, and it helps us to detect easily any threat that we may have in the network and control the outbound traffic to the internet, restricting those applications or those web services that the final users don't need to have access to.

The FortiGate Next Generation Firewall (NGFW)'s anti-malware protection is very effective, as we have demonstrated through our work with this feature.

The FortiGate's analytic tools have provided insights into network security events by implementing the IOC license, Indicator of Compromise, in some customers, which has been very helpful because it demonstrates that we can identify the threats more easily or the difference in the way that the customers use the network. We can identify the possible behavior of the customers on the network and can identify the possible threats and isolate that customer if we receive any threat for the network or the company.

The web filtering has also helped for maintaining network security because we have been implementing some filters in customers so they don't have access to potential sites that can make a threat to our network, for example, to access peer-to-peer networks or any other sites that are not allowed in the company.

The FortiGate Next Generation Firewall (NGFW) could be improved in application control if they can have a bigger baseline of applications that they can identify, because this is something that is always growing. I know that Fortinet with the team is updating this database, but it's something that grows at a pace that is very difficult sometimes to keep up. This applies to all vendors, not only Fortinet.

I would rate their support for the FortiGate Next Generation Firewall (NGFW) on a scale of one to ten as 7.5.

Positive

The pricing for the FortiGate Next Generation Firewall (NGFW) is fair.

My company has a business relationship with Fortinet as we are both resellers and we also use the technology. If they had any questions regarding my feedback on the FortiGate solution, not the NGFW, but the FortiGate, it would be okay for them to contact me in that regard. I rate the FortiGate Next Generation Firewall (NGFW) 8.5 out of 10.

We deal with messaging, specifically A2P, P2P, and RCS, a rich communication service.

We use Fortinet FortiGate 500, 600, and 900E, which are mainly used for data center activities.

Fortinet FortiGate has helped us significantly in many ways. Previously, we had multiple data centers interconnected over IPsec tunnels. Each IPsec tunnel was individual, and if that tunnel went down, manual intervention was needed to reroute the traffic to the available path. To avoid such cases, I introduced the SD-WAN concept using ADVPN (auto-discovery VPN). With this solution, I have almost four sites where critical traffic flows, avoiding many impacts. The reason we prefer Fortinet FortiGate SD-WAN is that it enables automatic establishment of the next available VPN if any connectivity goes down, ensuring all hub and spoke connectivity flows through the hub. Using ADVPN, spoke-to-spoke communication is established so that hub bandwidth or hub firewall does not get overloaded.

The best features in Fortinet FortiGate are the SD-WAN, IPsec tunnel, and the SSL VPN. It is very user friendly, and we can integrate multiple underlay links to the firewall. From there, you can manage it, and by using this SD-WAN concept, the device itself will make decisions about which path to take to reach the destination. If there are any issues on the desired path, it will automatically select the best path based on the configuration defined in the SLAs. This feature is particularly impressive. Before introducing SD-WAN, I had perimeter devices such as independent routers where intelligent routing across the underlay links was not possible.

It is very informative and easy to implement. The GUI is very user friendly. Using this solution, we can easily integrate security profiles based on needs and requirements of internal stakeholders to avoid malicious traffic or security-related issues.

When onboarding any Fortinet FortiGate to your production platform with active internet connectivity, the device connects to FortiGuard to fetch all signatures and behavioral patterns based on your security policy. It detects anomalous traffic and packets undergo deep inspection. If there are any anonymous or malicious activities, it immediately blocks them based on defined policy actions and alerts the end user and network administrator via FortiManager or via the cloud.

I don't have any areas for improvement in terms of features. With the introduction of AI/ML, they are performing behavioral pattern checks in terms of security. They have removed the SSL web-based and tunnel-based features, and they are improving in many aspects including the UI. However, throughout this year, their support has been very poor.

We have been using Fortinet FortiGate for more than 10 years.

It's stable. I would rate it a ten out of ten for stability.

It's scalable. I would rate it a ten out of ten for scalability. 

We have clients with more than 2,000 users.

Their support needs improvement. When raising a service request on the portal, it normally takes two to three days for a response. Even for production issues, they do not initiate contact. The customer has to call the TAC before they schedule calls, which is problematic.

Neutral

The deployment is very easy. People who are familiar with Fortinet FortiGate can implement it through CLI and GUI. It is very user-friendly for deploying complex configurations. There is also a tool called FortiExporter, which can convert all configurations from any OEM to Fortinet FortiGate.

It doesn’t require much maintenance. The only maintenance activity required is firmware updates.

We have approximately 84 devices in production, demonstrating our investment in Fortinet FortiGate and its usefulness in many ways.

We have invested almost 60% to 70% in Fortinet FortiGate as we don't have any other firewall apart from it. In some cases where we had Palo Alto, we removed it and purchased Fortinet FortiGate. We are using Fortinet FortiGate as our production firewalls in our organizations, corporate offices, and all locations.

It's economical.

In terms of cost, features, and security, everything is top-notch. I would recommend everyone to use Fortinet FortiGate instead of purchasing expensive firewalls such as Palo Alto and other OEMs. It is more economical and provides more flexibility and granularity in terms of access.

Fortinet is a market leader. It is phenomenal in terms of price and kind of services.

I would recommend Fortinet FortiGate to others. I would rate it a ten out of ten.