Fortinet FortiGate Reviews

My customer's main use cases for Fortinet FortiGate are mainly for threat blocking, compliance requirements, firewall functionality, and basic security.

It's focused on defending against advanced threats and providing better throughput. Additionally, it can accommodate both enterprise companies and independent users. Bandwidth is one of the issues, but there are many benefits. Overall, it's a solid solution that is scalable in terms of throughput.

The best features of this tool include threat protection, email filtering, and web filtering. FortiAnalyzer's integration with the firewall and FortiSASE is beneficial. The integration helps detect the most advanced threats, such as APTs. 

Fortinet FortiGate stable solution has made systems more compliant in the cyber industry for several customers.

They can improve the backend functionality of Fortinet FortiGate, particularly how the policies work in a real-time environment. Improving this aspect can ensure that policies work effectively.

I have been working with this solution for around one year.

The stability can be rated as eight out of ten.

Fortinet FortiGate has very good scalability in terms of bandwidth, throughput, and everything else. It's scalable without any problems.

I would rate Fortinet support a six out of ten. The immediate response is not that good, particularly when raising a critical or P1 ticket; they lag in the immediate response. They can improve on that front, especially in their support service.

The initial setup of Fortinet FortiGate is straightforward.

My customers have seen ROI with Fortinet FortiGate. The investment they made has provided returns.

I'm not sure about the exact license cost, but generally, it's a reasonable price. If the hardware or the machine is advanced, it will be expensive. However, for medium-sized machines or hardware, it maintains a reasonable price.

I recommend that those who want to use Fortinet FortiGate need to plan ahead. If they are upgrading or expanding their user base in their company, they should purchase a one-level higher version. It would provide good throughput and withstand the number of users in their company.

Fortinet FortiGate can be a bit expensive, but the price is reasonable. I would rate this solution an eight out of ten.

We've deployed FortiGate on some customer premises. We've also deployed other Fortinet products, such as FortiMail and FortiManager. We often bundle Fortinet devices. We use FortiGate as a firewall. It is for security and protection. 

The solution has helped our clients secure their network efficiently. It offers security across multiple sites and helps monitor traffic effectively.

It's very good and very stable for businesses. It works very well. 

The UI is better than the alternatives. 

We like using Fortinet devices. They integrate well with one another.

Fortinet provides good visibility and segmentation.

Fortinet's devices are purpose-built to operate in various environments. It operates well across clouds. We can run Fortigate as an MSP.

It helps with intrusion prevention specific to various environments. It provides us with details about the traffic for better monitoring. 

FortiGate has helped reduce the risk of cyberattacks that might disrupt our client's production. 

The product provides policies for strict monitoring to make the network secure. If something hits against a policy, it will be blocked.

We'd like to see the product offer higher discounts to users. They should offer special pricing to premium partners and customers. 

The company has been using the solution for the last five or so years. I've maybe used it for three years.

The stability depends on the FortiGate model. You need the right model for the amount of GB traffic. If a customer deploys a smaller model on more traffic, there may be issues. Otherwise, it handles traffic well. Overall, it's a stable solution. I'd rate stability nine out of ten. 

Our clients are quite sizable. One of them is one of the biggest telecoms in our country. We also have smaller customers that deal with smaller FortiGate models. We have a variety of customers of different sizes from around the country.

It's a scalable solution. I'd rate it nine out of ten. 

Technical support is good. They offer very accurate solutions. We learn a lot from them. We're happy with their level of service. 

Positive

We typically deploy the solution to our client's VMs. The deployment sometimes takes about a month. We have a team of 12 people who work on the FortiGate side. 

Their services are good, and we are happy to work with them, however, the pricing could be cheaper. 

We're a Fortinet partner. 

If we have the option of which firewall to choose, whether Fortinet, Cisco, Juniper, et cetera, we will choose Fortinet. We're very comfortable with their devices. We have a very skillful team, and we've become very comfortable with Fortinet. They have good support as well.

I'd rate the solution ten out of ten. 

There are various use cases for Fortinet FortiGate, including firewall protection for internet access, data centers, branches, and SD-WAN. We use the firewall in multiple locations throughout our network, taking advantage of its many features, such as the promising CDR feature and security profiles like the WAF filter and application DNS security. We deploy these features in different parts of the network. Additionally, some customers use Fortinet FortiGate in the cloud to safeguard their cloud servers within platforms like Microsoft tenants.

Our customers are using Secure SD-WAN for connecting different branches. For example, oil and gas companies have different branches all over Egypt, which are not in the main city, so they need a secure connection and stability for certain protocols, such as voice and things like that. They also need visibility. They need to understand which applications are consuming SD-WAN. 

Some of the customers are also using SD-WAN for load balancing. For SD-WAN, you need at least two internet connections, so some of the customers are using it as a load-balancing technique. Overall, there are a lot of features for which customers are using SD-WAN.

For our customers, Secure SD-WAN is very useful for giving the right priority to the applications and controlling the proper use of the application.

Secure SD-WAN's interoperability with other systems and applications in the environment is very good. The integrated application protection provided by Secure SD-WAN is also good. There is a very good integration with all the applications and portfolios. We don't integrate the firewall with the application itself, but it does what is needed to control and reroute the traffic.

Secure SD-WAN has a lot of benefits. There is a calculator on Fortinet's website. When you feed the right information to that calculator, it tells you how much money you will save by acquiring SD-WAN. The first benefit is that you're going to save money. Instead of buying multiple ISP connections, MPLS, and other such things, you can use the normal internet and apply SD-WAN on it, so you can save a lot of money. You also don't need to increase the bandwidth. SD-WAN helps with the routing of your traffic and the optimum use of your links. It's efficient and secure, and it saves you a lot of money, and of course, there is the security of the firewall that's applied on SD-WAN. If we're comparing it with other vendors like Cisco, you are not getting the firewall features.

It's very efficient. There is a lot of visibility. It reduces the number of incidents. If there is any problem, you can immediately log in to the firewall, and you will know if there is a notification about bandwidth consumption or any other issue, or if there is any drop in connectivity. It makes the operation very easy. It makes it easy for the teams to respond to incidents and manage issues. SD-WAN helps to remediate threats more quickly and efficiently because, with SD-WAN, there are a lot of applications going through different links, so if you can know which link an application is using and what's on the link, you can make the right decision in a very fast way to fix it. It provides both visibility and efficiency.

It reduces your mean time to detect (MTTD). In the new version, which is version 7.x, of the FortiGate firewall, through the main dashboard, you can know what is going on. If you've done the dashboard and you're putting these statistics in front of you on a screen, once you look at it, you'll know what's going on and what's the problem. It, of course, will give you the tools and the right information to reduce the time to solve.

It's hard to say whether it has reduced help desk tickets because it's more on the operational side, but it helps them a lot. The operations team is not handling the firewall. It's either the network team or the network security team. Generally, once it's up and running, it just works. It's different from having an antivirus or something else that can be changed from day-to-day activities. With this one, once you turn it on, the service will be stable unless you have a problem with your internet. It doesn't cause a lot of problems.

In terms of helping to future-proof business, from a partner perspective, it gives you a lot of flexibility to enhance the customer network. It opens a lot of doors for sales, for a new business, and for new potential. That's from the partner side. From the customer side, you can save money and solve a lot of problems. If you need to connect with a few branches all over the country, it's efficient. You don't need to travel for five to ten hours to reach the second branch. If you have proper SD-WAN technology and it's connected in a good way with good vendors, you can save a lot of time, effort, and money. You can have proper connectivity between branches as if the guy you are talking to is next door. So, SD-WAN gives a lot of benefits at the vendor level, partner level, and customer level.

Fortinet FortiGate is user-friendly and affordable.

When it comes to Secure SD-WAN, ease of use is valuable. The visibility and reporting are also valuable. A cool thing is that SD-WAN is free of charge with the Fortinet firewall. You can just use it just by using the Fortinet appliances that you already have in the branches. You cannot have appliances from different vendors. Fortinet customers can use the feature in a very easy way. It takes one click to integrate with the firewalls. It's very very easy to deploy. You don't need to build anything.

In the past, NSS Labs was utilized to test files and verify the numbers and datasheets. It would be beneficial to have an organization or testing lab that can verify the numbers in our datasheets since changes are frequently made, which can be inconvenient for review. For instance, when comparing different competitors such as Forcepoint, Palo Alto, and Check Point, the throughput or numbers in the datasheet may be lower than the actual numbers. Conversely, Fortinet typically reports very high numbers, but they cannot be replicated in the real world. Therefore, it would be advantageous for them to partner with a neutral testing organization such as NSS Labs to validate these numbers, thus providing more credibility and comfort to everyone regarding the accuracy of the datasheets.

For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial. This tool shows a lot of promise and is very good. Making it free would help many companies deliver their products in a more efficient and integrated way. It would also be more valuable to include the tool with the firewall package or license instead of having to pay extra for it. Paying extra puts more pressure on small companies to deliver the firewall and complete the configuration, especially if they have hundreds or thousands of policies. It's very painful to move through these policies line by line.

The stability has room for improvement.

When it comes to Secure SD-WAN, everything is fine. They are going the right way. SD-WAN is very promising. They can provide the SD-WAN solution separately, but they will not take this approach because even the smallest firewall can support the features, so there is no need to have a separate service or appliance. They are following the right steps, and there is nothing to be improved. Feature-wise, I'm really satisfied with the new release, and the features they have added. For now, it's fine.

I have been using Fortinet FortiGate for seven years, and I have been using Secure SD-WAN for two years.

Secure SD-WAN is stable, but when it comes to the firewall, sometimes there are issues with the throughput and related factors. Improper handling of these can lead to a memory surge, a well-known bug that can cause the entire system to freeze. When this happens, the system appears to be running but no traffic is processed, causing disruptions to applications, users, and overall internet connectivity. This can be confusing because the firewall appears to be functioning correctly. Typically, the solution is to restart the firewall. However, when we contact support, they require logs before restarting, which can be challenging in urgent situations. As a result, we prioritize quick resolution over troubleshooting. This is a common drawback of the operating system.

I'd rate Fortinet FortiGate's scalability an eight out of ten.

While the technical support offered online and on-site is generally effective, there may be occasions when we need to escalate an issue to a higher level due to its complexity. 

I initially sought assistance from level-one support, but they were unable to resolve my issue. Eventually, they informed me that the problem would be addressed in a future patch. However, within a day or two, a level three engineer intervened and provided me with an update to resolve the issue. He explained that it required a command line configuration, as it couldn't be done through the graphical user interface. I was impressed with the level-three engineer's expertise and problem-solving skills. It taught me that if we persist and communicate our needs, we can achieve our desired outcomes.

Positive

The initial setup is straightforward. We need to determine whether the firewall will be positioned in an active-standby or active-active configuration. Based on this decision, we will choose the appropriate license. If the firewall is intended for use with the Internet, we will need to include features such as a full DNS filter. However, if it's being used in a data center, these features may not be necessary. Additionally, we need to consider the speed of the interface, 1G or 10G, and the expected amount of network traffic to properly size the firewall model and ensure proper throughput. This is the initial phase of the process. Once the firewall has been deployed, it's a matter of connecting it and configuring policies. 

When it comes to the deployment model of SD-WAN, my customers usually buy the appliance. They already have FortiGates, so we're just connecting firewalls to each other. In Kuwait and Egypt, there are mostly on-prem deployments. It's rare to have someone deploying a firewall on the cloud, and if it's deployed on the cloud, it's for a certain reason. It's not for SD-WAN because you're not loading balancing or you don't need SD-WAN for cloud access. In the countries where I was responsible for its implementation, there was only on-prem deployment.

There is one single challenge with the deployment of SD-WAN, but it's not from the FortiGate side. It's from the customer side. You need to understand your traffic so you can get the best out of SD-WAN. For some organizations, it's huge because they don't know which application is doing what and which is more important than the other. Especially during the COVID years, a lot of applications popped up. Companies used to release an application every few weeks. To do a proper implementation, you need to understand your network, understand your application, and set your priorities. Once you do this, the implementation will be a piece of cake. If you have all the information, it will take a day or two days.

We implement the solution for our clients. One person can easily deploy multiple Fortinet products through the firewall including FortiAnalyzer for the logs, FortiManager, and FortiMail.

For SD-WAN also, one senior security engineer can do everything for a customer. The maintenance is easy. We haven't faced any critical problems with it.

We have experienced a positive return on investment by utilizing Fortinet's products. For instance, their website features a calculator for SDR, which enables us to measure the actual ROI in dollar amounts. We input our current expenses, the products we intend to purchase, and our connectivity plans, along with a few other details. At the end of the process, we receive data that indicates the amount of money we will save, such as two hundred thousand, for example. This provides us with clear and precise figures on our savings, making it an excellent tool.

Our customers have seen time to value with Secure SD-WAN. Its time to value is seen within weeks of implementation.

The price for the Fortinet FortiGate is reasonable. Secure SD-WAN is free of charge. If you have their firewall, it's free of charge. It's very tempting. Other vendors, such as Palo Alto, will charge you to have an SD-WAN license, whereas, with Fortinet, it's free of charge.

When purchasing a firewall, stability is non-negotiable. For small to medium businesses, Fortinet's affordability and ease of deployment make it a suitable option. However, for enterprise-level businesses, Palo Alto or Check Point would be preferred for their robust clients and immediate updates, despite the higher cost.

When comparing the pros and cons of Secure SD-WAN with other solutions, the challenge is not with SD-WAN. It's with the appliance that's offering SD-WAN, which is the firewall. So, the first comparison would be between the FortiGate firewall and other firewalls, and if the other firewalls are already offering the same service, the comparison will be between different levels, not just SD-WAN. There could be other firewalls that are more efficient or lower in cost or even more familiar to customers than Fortinet. So, the challenge is not with SD-WAN. The main reason I use SD-WAN on FortiGate is to get the benefit of the security profiles or security features of the firewall on top of the SD-WAN. Otherwise, I can use my internet router, the basic load balancing protocols, and the basic IP tunneling, and send some traffic here and some traffic there, and I'll save the cost. 

I'd rate Fortinet FortiGate an eight out of ten.

We use Fortinet FortiGate for network segmentation. We protect from the outside world and make segregation with the outside world. With Fortinet FortiGate, we primarily focus on network segmentation.

The most valuable feature of Fortinet FortiGate is the price-quality ratio. It's a very good fit as it's not very expensive and offers extensive functionality. It functions effectively as a firewall, performing its intended purpose compared to the competition. When activating the Unified Threat Protection, users gain access to FortiGuard. The SASE possibility is also interesting even though we do not currently use it.

It's not only about the product itself. It is also the team around Fortinet. We receive substantial help from Fortinet, which is very valuable as they assist us in choosing the right solutions. If we need configuration assistance, they can send specialists who help design the solution. The value comes from both the FortiGate firewall itself and how the team supports you.

One area for improvement involves FortiAnalyzer, specifically regarding the SOC part and log interpretation. Sometimes interpretation is very difficult. They send an extensive amount of logs, and when putting that in a SOC or SIEM, payment is based on gigabytes sent. We send many unnecessary items, resulting in unnecessary costs.

We decided to reduce the logs and now send only half of what we had before after determining what was unnecessary. They should improve what needs to be sent to the SIEM. The logs should be lighter. In the log structure, there are many unnecessary columns, resulting in a large amount of redundant data. They should improve the way logs are sent to the SIEM.

We have been using Fortinet for more than ten years. 

Fortinet FortiGate is stable overall when choosing a release that has been tested. We have observed more vulnerabilities on Fortinet, however, this indicates that as the product becomes more successful, it becomes a larger target for hackers. This issue exists with every major vendor.

The scalability of Fortinet FortiGate for our organization is one of the best aspects, as they use the same OS for everything. This means you can find your way back and upgrade without changing everything in terms of configuration. Scaling up infrastructure is not problematic as it doesn't require a major migration.

Based on my experience with their support, I would rate Fortinet FortiGate eight out fo ten. Sometimes it takes more time if the issue is complicated. Overall, the support is good.

We've always used Fortinet; we were working with someone else who was also using Fortinet.

I personally participated in the initial setup and deployment of Fortinet FortiGate a very long time ago. Currently, I am more involved in management than operations, so I no longer follow this aspect.

Fortinet FortiGate is deployed on-premises in my organization.

The return on investment with Fortinet FortiGate is measured in terms of security. A firewall can be nice, however, if it is poorly configured, it will result in poor value for money. 

Return on investment for a firewall is about performing its intended function. Without one or with poor configuration, you can lose substantial money. The return on investment is reflected in the level of protection provided.

I am aware of the pricing of Fortinet FortiGate through our purchasing service. I have access to the list price and know the discounts. The price-quality ratio is very good, and we have an excellent representative who helps us secure good pricing.

I evaluated other options before choosing Fortinet FortiGate through a tender process. They met all the feature requirements and testing criteria. The dedicated ASIC provides very good performance, which was initially the key factor for our needs. We continue monitoring what Palo Alto and Cisco do, but we maintain a partnership agreement with Fortinet.

I have experience comparing Fortinet's SD-WAN with Cisco's solution. We currently don't work with SD-WAN, having returned to an MPLS network since we own the network and cables. 

We don't integrate SD-WAN capabilities with Fortinet FortiGate in our network yet since we own our whole network, including all the cabling and optical fibers in the region. While SD-WAN is a good feature, it's not necessary for our use case. 

Regarding Fortinet Unified SASE, implementation may come in the future. 

We don't use Fortinet FortiGate's data center solution. 

I'd rate the solution eight out of ten. 

We are using Fortinet FortiGate firewall as a data center firewall.

Two aspects I'm happy with regarding Fortinet FortiGate firewall are the easy user interface and its resilience during power interruptions. We experienced two power interruptions where the firewall got disconnected from electricity, but it resumed working normally without any issues. 

The firewall provides enhanced security for our network, and as administrators, we are satisfied with the friendly interface. We are particularly pleased with the Fortinet FortiGate firewall's ability to provide network and security convergence.

We have been using it for three years.

It is scalable.

We did not use any solution before Fortinet FortiGate.

The price-to-performance ratio that we get from using Fortinet FortiGate firewall is very good.

The pricing is affordable. We are satisfied with the Fortinet FortiGate firewall.

I would highly recommend Fortinet FortiGate firewall. We feel more secure after implementing it. We are securing the whole network with the Fortinet FortiGate firewall, not specifically the data. 

On a scale of one to ten, I rate this solution a nine.

It is just for firewalls and network security.

It's mostly compliance, like just meeting our security requirements to keep our data secure. We don't make money out of it. It just keeps our data safe.

I have FortiGate for SD-WAN and all access points here, which has helped with traffic shaping capabilities.

I also use AI (Rapid7) to improve my cybersecurity. 

It's easy to use and provides good visibility of network traffic.

The SD-WAN functionality is a bit overly complicated and not fully documented.

I have been using it for six years. 

The customer service and support are good. I can contact them online or over the phone.

Neutral

I have used Sophos XTM and Palo Alto.

FortiGate is more feature-rich and has a broader range of hardware. They offer switches, access points, firewalls, and the whole network stack, whereas a lot of others only do firewalls.

It's just a good value and the possibility of using those features. We haven't used FortiSwitches yet; we're investigating them at the moment, but we haven't ordered any yet.

The SD-WAN was certainly tricky and took a while to figure out, but the rest of the security features were straightforward.

The deployment took us six months. 

It's hard to measure the return on investment, but it certainly helps us manage our security requirements easier than other solutions that I've used.

It's good value for the money.

It was worth the money overall. It's good value.

Overall, I would rate the solution an eight out of ten. 

Our company uses this solution for endpoint network security. 

The ECC management and the GUI that offers single interface management are the most valuable features of Fortinet FortiGate. 

The documentation available for Fortinet FortiGate should be improved. Often, I find documentation of older models and not the latest version of Fortinet FortiGate. I have to often utilize the older documentation and reengineer the information for the latest model of Fortinet FortiGate. 

There are competitor products in the market that can monitor all logs, which are referred to as SOC; Fortinet FortiGate should have such in-built features. The solution should be able to implement machine learning and analytics of all the logs for threat detection and protection. 

I have been using Fortinet FortiGate for more than a year.

I would rate the stability an eight out of ten. 

The solution is used daily in our organization. I would rate the scalability an eight out of ten. 

I would rate the tech support an eight out of ten. Our company needs to contact customer support on certain issues. The support team is usually able to resolve the issues by communication over call a few times. Sometimes, there was quite some back-and-forth through support tickets with the vendor team before the issues got resolved. 

Positive

Our company previously worked with Juniper, NETGEAR, and Cisco. The devices from the aforementioned vendors reached the End of Life, and their support was expiring in our company, so we switched to Fortinet FortiGate to have visibility and manage all devices through a single vendor. 

I would rate the initial setup a nine out of ten. Due to some network complexities, we had to schedule the downtime of our organization's business, so the initial deployment of Fortinet FortiGate took more time than anticipated. But the setup process was seamless and our company didn't face any abrupt down time. 

At our company, first, we prepared a deployment plan and then divided the services into varying areas based on which the deployment was performed in phases. Only two professionals, a system engineer, and an infrastructure manager, are required to deploy Fortinet FortiGate.

Another two individuals are needed to maintain the solution with the same aforementioned professional job designations. In our company, we didn't face any issues while integrating Fortinet FortiGate with our existing infrastructure and even with other tools.

A third-party team deployed the solution for our organization. 

In our company, we haven't realized an ROI yet, as the solution was implemented just a year ago. There are some devices that I need in addition to other area devices of my company, we are in process of renewing all old devices with newer versions.

In the next few months, our company will be able to obtain the actual capex purchase with at least ten switches. Fortinet FortiGate is worth the money, offers multiple solutions under one roof. 

I would rate the pricing a five out of ten. Our company onboarded the solution through a traditional capex purchase of the standard license with three years of customer support. 

Our company has been using Fortinet FortiGate since 2009 at the firewall level, due to familiarity with the RTO and FortiGate environment, complete adoption of Fortinet FortiGate was an easier choice than other solutions for a single clear management. 

Fortinet FortiGate also had all the features that our company was expecting, and in terms of ease of management, opting for the same vendor from firewall to edge device was a comfortable option. 

Previously, in our organization, we didn't have a network monitoring tool. With the adoption of Fortinet FortiGate, we can now check the port level of the switches that can be witnessed at the EP end, where all devices remain connected to the network. The management and monitoring are the major benefits of Fortinet FortiGate. 

I would advise others to consider adopting the solution without hesitation. I read the latest Gartner Magic Quadrant report, and it mentioned that, based on its track record, Fortinet can compete with the best in terms of network and security solutions.

For the last five years I believe Fortinet has dominated the market. I recently attended a Fortinet event where I met all the local and regional support team; I learned that the vendor is continually expanding, and in our region, we can easily avail support and guidance regarding Fortinet solutions whenever required. 

The monitoring subscription that is provided with the Fortinet FortiGate has built-in AI features for the past three years. I believe Fortinet is in the sixth generation of their AI and ML utilizing the native infrastructure. Thus, the AI features have been available for a long time in Fortinet FortiGate, but they are promoting it now due to the market trends. I would overall rate the solution an eight out of ten. 

I primarily use it for the Nextiva SIM firewall and the website application firewall. We strive to serve our customers, including utilizing the SD-WAN feature in FortiGate in our office.

The features that are beneficial for failure mitigation and security include PPN and firewall security. The integration of multiple networks, especially in complex environments such as the finance and manufacturing industries, makes FortiGate valuable. In these industries, it can be difficult to implement and integrate several applications.

Currently, I am working on improvements. One of the main areas is the processing and integration of new features. In my opinion, refreshing the CPM technology with zero-trust access could enhance its performance.

I have used the solution mostly for maybe ten years.

The product has been very stable, based on my ten to eleven years of experience. When I propose FortiGate to customers, hardware problems have been minimal, which suggests a reliable performance.

Scalability is well-supported, with the notable ability to implement features easily. FortiGate offers robust scalability options.

I find the customer service to be good.

Positive

The initial setup typically takes three to five days.

Sometimes, questions arise about the backup position, especially regarding firewall operations. FortiGate, placed next to Nextiva SIM, excels in terms of pricing and operational efficiency. Customers can easily troubleshoot with great technical support. I would rate it nine out of ten.