Fortinet FortiGate-VM Reviews

The virtual and hardware versions of the solution are mostly the same. 

The VM it's very quick for deployment. If we need to have a POC for a customer, if we don't have any hardware physically at our premises, at our store, in our office, we can download the VM from Fortinet and install all the VM to their environment in order to run it. If we have a customer that says "let's start tomorrow" we are able to do that in a way that's not possible with a hardware version.

Normally Fortinet is very flexible that it supports almost all environments. 

The solution is user friendly.

The cost of the solution is pretty fair.

The documentation is very good.

The SD-WAN is very good, as compared to, for example, Citrix SD-WAN which has an overall lack of security and needs to leverage other devices, like Palo Alto, to cover this.

The licensing needs to be improved. We need longer licensing periods, especially for POCs and trials. It should be for six months. Right now, it's too short of a timeframe. 

Overall as I say, the features-wise and performance-wise the VM and hardware versions are the same. The main difference is that the hardware-based option ins is more powerful compared to the VM version. 

Their technical support is not helpful and I try to avoid using it.

I've been using the solution for ten years. It's been a decade now.

We do occasionally get bugs on the solution, and when that happens, we do need to go to technical support to get the issue resolved.

Let's say tomorrow we want to upgrade in terms of memory, in terms of processor. If we are VM  based we are using files and by default, we have some spec which is set to the VM. If tomorrow we need more capacity for this logging, we can just upgrade it. We take an analyzer like G1 or G5 and we upload the license, and it will upgrade automatically. 

It's so much easier as compared to hardware, due to the fact that, with hardware, you need to change everything completely. 

We have nine people on our team working with the solution regularly.

The support for Fortinet is not very good, and so I tend not to contact them if I can avoid it. They are not good in their general response time. Some team members are quite technical, however, that's not everyone, and you aren't guaranteed to get someone who knows what they are talking about. Sometimes their answers are irrelevant as if they aren't even replying to your actual questions. Other times they tell you what you need is not possible.   

Fortinet has forums for users, and if you go there, you'll see that there are a lot of others saying they are unhappy with support as well. While I'm a big fan of Fortinet, I do not like their support.

We only really use it now if we have an issue with a bug and there's no workaround except to go right to them. Otherwise, we don't contact them.

The cost of the solution is good.

Normally I don't really push a virtual appliance. Some customers may be interested in a virtual appliance for scalability. For most of our customers, we are pushing hardware-based solutions and not a virtual appliance.

For example, if we have a customer that has a private data center in Mauritius and wants to have a hybrid solution, let's say to interconnect on the public cloud, and they want to do SD-WAN to secure it from the public to its current on-premises data center, normally we will go with the virtual appliance on the public side. 

I would recommend Fortinet's hardware 100% of the time, especially in comparison to Palo Alto. With the VM, it's a harder question to answer. A better question would be: what do you will prefer for a next-generation firewall? Do you prefer Fortinet? Do you recommend Fortinet or Cisco or Palo Alto? I would say personally I always recommend Fortinet. I will continue to due to the fact that the cost and the integration, and the general user-friendliness, are all impressive.

I'd rate the solution eight out of ten. I'd rate it higher if it had a longer trial, better licensing, and stronger technical support. There are still places for improvement in the solution.

The solution is mainly used for remote connectivity and endpoint and gateway network security.

The most valuable aspect of the solution is the V-Scanner which is the monitoring software. That's something that I love. 

We are able to closely monitor the usages of individual users and see their usage habits and other items, including the data itself, which gives us quite a bit of visibility.

I think one thing we couldn't find in the software console was all of our logs. In the logs themselves, for example, we couldn't find if a user was accessing all of the VPN. We don't get to know or we don't have a report that shows on what date or for how long and from what time he user has logged on. We don't have that particular feature or that kind of visibility. That could be improved. Reporting, therefore, in general, could be improved.

The one thing that could be improved is the integration with the exchange. The gateway level controls can be enhanced a bit more. For example, it's still little here and there. You do get malicious attacks and suspicious emails like spam. It's not like Sophos where we got a lot of spam email, and yet, it's still relatively vulnerable. It can be upgraded, maybe with a fifth-generation firmware that it is ready for unknown threats. 

Especially after this pandemic situation, it requires a little more enhancement. For an SME level organization, it's okay, but when it comes to corporate and banking enterprises it still requires a lot of enhancement. Comparing it to Palo Alto, for example, it's still very behind the curve.

We've been using the solution for two years.

The solution is very stable. It's reliable, for the most part.

It's stable, comparatively, to the fifth generation UDL appliances or other software that is available in the market. It's quite stable for the integration. It still requires more of a formal enhancement for speedy patches and speedy updates.

The solution has a moderate amount of scalability potential. I wouldn't say it's the best, however, it is possible to scale it if you need to.

We have about 25-30 people on the VM currently.

We've never had to contact Fortigate's technical support, so I can't speak to their quality of service. If we have any issues on the solution, we tend to handle the problem internally.

We used to have Sophos and we shifted to Fortinet about two years ago.

The integration of the active directory with Sophos was not up to spec. We decided to drop it and instead went ahead with Fortinet.

The initial setup was a bit difficult. It's not perfectly straightforward. This may have been due to the fact that we were using ISA, which is pretty determined, and we had to migrate from ISA to Sophos and from Sophos to Fortinet. It was a little difficult, but not that complex.

For us, the implementation took about two weeks.

Each quarter we have a managed service contract with the integrator and they do any preventative maintenance every quarter. We have four visits in a year that we have agreed upon. Every quarter they come to us and they do some penetration testing and see the usability features and give us a report.

We outsourced the implementation to an integrator that handled the setup for us. They also handle quarterly maintenance for us.

The pricing of the solution is moderate. It's competitive, although I wouldn't consider it a cheap solution per se.

Aside from the licensing, there are some add-ons that need to be added that we personally haven't added. There are features such as content filtering, etc., that we haven't opted for. However, users can add them on if they need to for an additional cost.

We're just customers. We don't have a professional relationship with the organization. We're using the latest version of the solution.

I have learned that they have some internal resources available. However, those who are not trained and certified should not be experimenting with it. 

I'd advise other organizations that, if they don't have a proper administrator who can monitor and maintain their appliance, it's better they if don't implement it. It's not like somebody who has a background of software can handle Fortinet. They need to be properly trained and knowledgable.

I'd rate the solution seven out of ten overall.

The primary use case for Fortinet FortiGate-VM involves formulating policies and services within the environment.

They could provide more integration options with different platforms.

We have been using Fortinet FortiGate-VM for six months.

I rate the platform's stability an eight out of ten.

We have 200 Fortinet FortiGate-VM users in our organization. I rate the scalability a ten out of ten.

The initial setup process is simple. It involves defining the parameters for deployment, such as the number of sites, PCs, and Wi-Fi users.

We don't have to pay for the licenses. But we might purchase licenses in the future.

FortiGate improved security within our virtualized environment by providing robust first-line defense capabilities and optimized cost-effectiveness.

It provides an ease of management and configuration as well. I rate it a nine out of ten.

We work in the archiving domain where a secure environment is very important. We have some special requirements regarding the security of infrastructure.

The product has issues with integration. I would like to see better integration in future releases of the product. 

I have using the product for five years. 

I would rate the solution's stability a ten out of ten. 

I would rate the product's scalability a ten out of ten. My company's four administrators have access to the solution. 

We required a solution that offered maintenance and support. Hence, we chose this product. 

The product's setup is not complex. The tool's deployment gets completed in a couple of hours. 

The solution's deployment was done in-house. 

We have seen ROI with the product's use. 

Fortinet FortiGate-VM is used as a firewall for multiple servers.

Price is okay and can be considered in the middle range, provided we compare it with other solutions. So, the solution can be made cheaper.

Fortinet FortiGate-VM should have a public forum where engineers can ask and answer questions. This would make it easy for anyone to search for incidents and find solutions quickly without needing to ask for support. The forum should contain a lot of information to help users troubleshoot issues on their own.

The solution's support can be considered a bit slow since it takes some time to resolve issues. So, support needs to be improved.

Sizing can be challenging for customers interested in using Fortinet FortiGate-VM. They often ask for guidance on how to size the virtual machine for their needs properly.

I have been using Fortinet FortiGate-VM for three years. Also, my company is an integrator for the solution, and I am using its first version since we did not have to update it.

Stability-wise, I rate the solution a ten out of ten.

I never had any problem with the solution's scalability. The solution's final customer can comment on its scalability.

In general, its scalability is good. Scalability-wise, I rate the solution a nine out of ten.

The technical support is okay. I rate the technical support an eight out of ten. Sometimes we need to find information quickly, and it can take time to open a ticket and go through the procedures of providing logs. But the support team is good. However, if we compare it to open-source solutions, developers can find information quickly over platforms like Slack. Network or site engineers need to open a ticket, and some of these tickets are not open-source. If we compare it to development engineers who can find answers quickly by searching on Google, there is a difference in the speed of finding solutions.

Positive

I don't have experience working with solutions deployed on the cloud, but I have experience with products deployed on-premises, like Veeam, which was deployed on the server, and VMware. I have worked with Palo Alto, which is a complicated solution.

The solution's initial setup process was very easy. The solution was deployed on the private cloud. The deployment process can be carried out in two weeks, and only three engineers are required. Maintenance can be carried out efficiently.

On a scale of one to ten, where ten is very expensive, I rate the solution around two or three. I think the solution's prices are okay, considering the services and features they offer.

Fortinet FortiGate-VM is easy to test due to the available videos and QuickBooks with a lot of information. The solution is presented simply and is more robust in security compared to Palo Alto, which is complicated. For our team, Fortinet FortiGate-VM is the best choice as information is easily available on the internet, and it is open source. Unlike other solutions, we can find everything on how to deploy, manage, and support it. Moreover, we were provided Fortinet FortiGate-VM for free, which helped us develop our skills quickly.

It is a stable and good solution. Those planning to use the solution should go through Fortinet FortiGate-VM's guide and prepare for the integration while having a good design and good view. Also, it is important to plan deployment steps since step-by-step deployment of the solution is needed to avoid any problems. I rate the overall solution a ten out of ten.

We primarily use the solution as a virtual machine for firewalling.

The solution is very user-friendly. 

We have a next-generation firewall and can lock things in on a parameter level very effectively.

It is easy to set up the solution. 

The solution is stable.

I've found the technical support to be helpful and responsive. 

I can't recall any aspects that need improvement.

The pricing could be a bit better.

We'd like to have more customization and easier customization of policies. 

The scaling can be a bit better. 

I've been using the solution for the last two years. 

The solution is okay in terms of stability. We have not had issues. It's not too difficult to work with it. 

I'm the only person working directly with the product.

The scalability is limited. If we have to scale, we need to upgrade licenses after the license is up for renewal. Otherwise, we need to buy replacement licenses on top of the licenses we've already purchased instead of just expanding and adding onto what we have.

I've worked with technical support in the past. They are very good. When we open tickets, they respond quickly. I'm happy with the level of support overall. 

I have worked with other firewalls. Which is best depends on the requirements. It is also dependent on the budget. We need to consider performance and scalability and take onto consideration how much support will be available as well. 

The solution is easy to set up. There is a lot of documentation provided. For 70% to 80% we can do just fine, and for the rest, we just request documentation and can finish the job. 

We do not need much maintenance. We handle that ourselves, and it's not too difficult. 

The solution is set up and configured in-house. 

The pricing is okay. However, it could always be better. When you need to scale, you need to buy bigger, different licenses. 

We are using the latest version of the solution. 

I'd recommend the solution to others, depending on the business requirements. It's a pretty good solution in general. 

I'd rate the product eight out of ten. 

Whenever I need to deploy a Fortigate firewall, I go on Fortinet and do a trial license and work on it.  

The use case depends on the requirements. The requirements change from client to client. 

The virtual firewall feature is very good.

The solution is easy to deploy and manage, which makes it easy to test.

The products never disappoint us.

There are a lot of features that overlap and are similar to other products.

The setup is simple.  

I haven't had much of a chance to work on the VM environment too much. I don't have any notes for improvement. 

Technical support could be better. 

I've used the solution for two or three years on and off. 

The solution is stable and reliable. There are no bugs or glitches when handling testing in the lab environment. 

The solution is scalable. You can expand it easily. 

I'm not sure if there is a local person in Pakistan. Whenever I try to contact support, there is always a delay and I have not been so happy with the support services on offer. 

I also use Sophos. 

The initial setup is pretty straightforward. With the deployment of any type of firewall, you do have to do some workarounds. As long as you know the specifications, you are good to go. I'd state the ease of setup eight out of ten. 

The deployment, so long as it is not a migration, only takes a few hours. 

They do offer a one-month free trial. 

They offer affordable pricing. It was not expensive. I'd rate it seven or eight out of ten in terms of affordability. 

We are Fortinet partners. 

The solution is pretty good. 

I would recommend the solution to others. I've had a great experience with the virtual environment. 

I'd rate the solution eight out of ten. 

We use Fortinet FortiGate-VM as a firewall, for intrusion detection and prevention to protect our Azure data center, principal operation sites, and our mobile users. 

Together with the FortiAnalizer we have a better grasp of our security position and understand the type of adversary attacks our installations.

The thing that I like the most is that they're very willing to work with us to resolve issues that they haven't taken care of before in their product. 

The end-user protection suite is very good, including the log analysis feature that they now have.

The Fortinet solution has resolved the issues with Microsoft Azure active directory.  This integration allows us to build rules based on Grupo membership for access to data center assets on individual bases.

We have used the Fortigate and Forticlient solutions for three years and they have proven to be very stable solutions.  

Fortinet FortiGate-VM is very stable.

The solution has proven to be scalable to all our requirements. In the years using Fortinet, we have had no cases of scalability due to Fortinet. We have had to increase the firewall resources to deal with a large increase in Forticlient connections.

The technical support is very good.

Positive

We previously used Check Point. Though it is a good solution, the license costs became too high for our organization and obliged us to look for another option.

The initial setup was a little complicated due to our engineers working on knowledge of Checkpoint and trying to replicate the same configurations.  Hindsight finds it may have been less complicated to build the rules from the ground up rather than importing them.

Mostly through a vendor team at first, however, the process was plagued by miscommunications and inadequate scope definitions.

Be very clear with your security consultant who is proposing Fortinet as a solution regarding all the features and integrations you expect to achieve with the solution.

We reviewed Palo Alto, Barracuda, and Sophos.

Overall, on a scale from one to ten, I would give this solution a rating of eight.