Fortinet FortiOS Reviews

We are using the solution as a firewall. It provides portal access.

Feature-wise, the solution is strong. It has SD-WAN, site-to-site VPN, load balancing, and application-based load balancing. 

It's very user-friendly. 

Compared to other OEMs, due to the SD-WAN and the IPsec VPN, there is no need for the licensing for SD-WAN and the IPsec site-to-site on the remote access VPN.

Chipset wise they're using an ACS chipset dedicated to FortiOS.

The interface and dashboard are good. 

We've been happy with the pricing. 

The initial setup is easy.

There aren't any features missing at this time. 

For monitoring purposes, we don't have any option to monitor the ISP link. If the ISP link goes down, then there is no monitoring tool or in-built monitoring tool. We can use a third-party application, like Zoho or PRTG. However, we would like something in-built. 

They need to improve the solution at the application level. 

I've been using the solution for five years. 

Sometimes it is unstable. However, they'll easily fix the issue. We get upgrades and updates. If there is even any vulnerability or malware, we'll get it fixed immediately. They give good responses to the customers.

While there are bugs, sometimes the development team is on top of it and fixes everything fast. They'll send a patch in the next update.

We work with more than 100 customers. 

Technical support is helpful and responsive. 

Positive

I worked on FortiGate and Palo Alto.

The solution is very simple, very straightforward. It's not complex a all. 

How long it takes to deploy depends on the client's requirements. 

For a mid-level customer, we can deploy within an hour. We can complete everything and have it up and running, and the users get internet access. If they need more rules, they need more things, then it could take time, depending on the configuration.

The cost of the solution has been fine. 

You do have to pay for a license. I'm not sure of the exact cost. I'm more of a technical person.

We're a customer and end-user.

We have the solution deployed on the cloud and on-premises. 

I've deployed the 600F model a couple of times.

New users need to do some homework, and then we proceed with the configuration. Security-wise, they need to make the customized port. 

I'd rate the solution eight out of ten. 

Our company is a partner with Fortinet and uses the VDOM to deploy and service virtual firewalls for our customers. 

The solution provides good firewall and antivirus protection via IPX and its security profile.

The solution needs improvement with DDoS protection. 

I have been using the solution for nine years. 

The solution is stable and I rate it an eight out of ten. 

The solution is scalable and I rate it an eight out of ten.

The technical support is excellent. 

Positive

The initial setup was not very easy but the solution does integrate without much complexity. 

Our internal team of two engineers deploys the solution in about three days. 

The licensing costs are paid by our customers on a monthly basis and include maintenance and technical support provided by three of our engineers. 

The solution is quite affordable and I rate the cost a four out of ten. 

The solution is a leader in security according to the Gartner Report and I recommend its use. 

I rate the solution an eight out of ten. 

The most important feature of Fortinet FortiOS is the IPS.

Fortinet FortiOS need to manage its memory and CPU utilization better. It peaks at times, which sometimes can be challenging.

In a feature release, if Fortinet FortiOS could have better cloud functionality would be a benefit.

I have been using Fortinet FortiOS for approximately seven years.

The stability of Fortinet FortiOS is good.

Fortinet FortiOS is scalable.

I rate the support from Fortinet FortiOS a five out of five.

Positive

The initial setup of Fortinet FortiOS is simple.

We evaluated Checkpoint and Cisco before choosing Fortinet FortiOS.

The manageability suit is better in Fortinet in terms of device manageability and  OS upgrades. It has the capability of terminating a leased line, RF, and a USB dongle. When we evaluated Fortinet FortiOS, back in 2015, Cisco and Checkpoint did not have a 4G termination feature. Today if my MPLS goes down, the lease line goes down, I can connect a 4G dongle. In Cisco, you need to have a SIM  embedded in a device and you need to open the device, put it on, and then you need to connect it and extend the cable. It is very complex. In Fortinet it is easy.

I rate Fortinet FortiOS a nine out of ten.

We use it for end-point gateway protection and also use the FortiOS for external user connection and server VPN. We love that clear synchronization as it's almost invisible with the fabric for the guests, externally to connect. The zero-choice engine that they use is pretty good. It is perfect for setting up one-to-one channels for different services that have to pass through the firewall. So it does that seamlessly.

The most valuable features of Fortinet FortiOS are its constant updates and definitions. The new definitions and the content information coming out to the threat labs keeps you updated on your signatures so that you know what's happening out there. And also doing well, for my system, we have, like, what is called, active scans.

It's constantly accessing Sophos into your gateway, even Sophos that you authorized.

I want to see a better integration or a better integration with the endpoint protection or with EDR with the security life cycle. I want to see if that enhances a bit more so I have granular datasets and the user level through to the gateway because that's where most of our threats come from. It's from user activities on the Internet and passes into your files over that gateway. That's where most of our threats would appear and where our exposure to vulnerabilities lies.

So if we can tighten that up, we can harden our infrastructure much better.

I have been using the solution for quite some time.

The customer support team is good and responsive.

We did the initial setup ourselves, so it was easy. The learning curve was that great once you have any experience with any firewall or any experience with any security appliance, you can pull around it. We did get some help from our providers. But that was basic.

The EMS setup was all in-house. Our service provider assisted with the firewall setup. The implementations were very smooth. And the transition of our current from our current security device to that when we did it a couple of years ago, it's seamless.

The pricing is competitive for the medium and high markets but for the small markets it can be expensive.

You have to see what works best for your environment. Each environment is different depending on the applications and different services you are running in that environment. Suppose it's a full Windows environment versus a mixture if you have a hybrid environment. It all depends on the type of environment you're running and finding the right tools that meet your domain.

But for the regular Windows environment, it's perfect.

I rate it eight out of ten.

We use Fortinet FortiOS to protect our office, and we have another deployment in production. We have the PCI DSS environment on which we have deployed the Fortinet Firewall.

I am satisfied with Fortinet FortiOS. It's a cool product and has a lot of UTM features. It has application control, web filtering, antivirus, IPS/IDS, DNS filtering, and many things in that firewall. It also has a web application firewall WAF feature. On the feature side, it's a good firewall.

It would be better if AWS instances were available. If I want to upgrade from T2.small to T2.medium, it should be available rather than having a big instance and paying a lot of money for that.

The issue is that we had deployed in AWS Cloud, and we were using a very small instance. Recently we wanted to move in-house and deploy it on the big instance because it was struggling with the RAM. If we use T2.small, we cannot upgrade it to the T2.medium. It has predefined instances in the marketplace with a lot of cost differences.

If I can increase the RAM, I have to choose the T3.large instance. If I'm paying $270 for the small instance, I have to pay more than double the cost for T3.large. It is about $850, and this is not good. So, it would be better if it was cheaper.

I think both AWS and Fortinet should think about that. They should provide it on lower instances as well. If I want to upgrade it from T2.small to T2.medium, it should be available, but it's a problem.

I have been using Fortinet FortiOS since 2019, so more than three years.

Fortinet FortiOS is a stable product.

Fortinet FortiOS is scalable. 

Technical support is good. When I create the ticket, they respond to me, engage the engineer, and support is good. No issue at all.

The initial setup is not too complex; it's simple.

It would be better if it were cheaper. We have the firewall in our office, and the license is expiring in 20 to 25 days. We got a quote for almost 80,000 Pakistani Rupees, which is a little costly.

If I compare Fortinet FortiOS with Cisco Adaptive Security Appliance (ASA), it's a cool product. The deployment of ASA is a little bit complex because it's GUI-based, and ASA also has a graphical user interface. But I still think Fortinet is a good firewall compared to ASA because if you want to use the IPS/IDS feature in the ASA, you have to deploy the management center and integrate it with the firewall, which is a little complex.

I recommend this solution to potential users because it has many features, and it's a stable product.

On a scale from one to ten, I would give Fortinet FortiOS an eight. 

FortiGate as a product is very easy to configure. There is a lot of data now with switching IDS and IPS. It's a truly complete solution for our customers.

It's a good idea to have the firewall connected to the switches. That way, the firewall is the controller of the switches. We like how the solution is designed with that in mind.

The solution's switches are lacking. They need more features added to them to build them out a bit. The switches are very simple if you compare them with other companies like Cisco or Aruba. Those organizations offer their clients much more.

Technical support could be better. Some competitors have much more responsive support teams.

I know the last version had NAC, network access control, added inside the firewall. It's a process, however. There's still work to do. The next version will be better. Right now, you can't authenticate other devices. You only can authenticate Forti devices and not devices from other companies. This could be the next addition to the solution that will make its performance even better. 

I've been dealing with the solution for ten years now. It's been a decade.

The solution is stable. We have no issues in that regard. There aren't bugs and glitches. It doesn't crash. It's reliable.

The solution is very scalable. We have a solution from the most basic office setup to a very complex data center. It works well in either scenario. If a company requires scale, this solution can provide it.

I have used technical support in the past. It's good for the most part. However, other companies, from my experience, have better technical support. They might be able to improve this aspect of the solution a little bit.

While it's easy to access them, finding a solution to whatever problems you are dealing with takes a long time. They need to get better at turning around queries faster so clients aren't kept waiting for so long.

The initial setup is very straightforward. I wouldn't describe the process as complex.

Deployment takes one to two hours. Everything happens pretty fast.

The pricing is good. They are especially fair when compared with other companies, like Palo Alto, for example, which can get quite expensive.

We work with a lot of manufacturers of firewalls. It's normally Fortinet, however, we also work with Cisco, Palo Alto, and Sophos. My company works with Barracuda as well. To be honest, I am not a specialist with Barracuda. I normally don't work with that.

That said, typically, when we work with clients, one of the first solutions we will suggest will be Fortinet. We do normally also recommend Cisco first, as well, due to the fact we are Cisco partners. We're also partners with Fortinet.

We have a deal with Palo Alto and our security center recommends Barracuda because of their other security solutions like WAF or solutions in the cloud (not their firewall). 

Normally, we use the on-premise deployment model. At this moment, we are working with a public cloud deployment model as well.

I'd rate the solution eight out of ten overall.

The fact that is it has a UTM, a Unified Threat Management feature is the most valuable aspect for us. It's an all in one product. It's like our one-stop-shop to the internet.

The complexity of the VPNs should be improved. Certain versions of the operating system don't function with our current Fortinet unit. For instance, we've got a 60D FortiGate at our branch offices and the 60D FortiGate doesn't support the latest version of the 40 OS. Because of this, certain Wi-Fi access points that depend on those operating systems don't function so well. So that has room for improvement. I'd like to see that happen.

My impression is the solution is very stable.

I find the solution scalable. With my current employer, we have a high available cluster. You can extend it and also extend it with Wi-fi access points because the controller of the Wi-Fi access points is also in the 40GB range. We've got about 300 personnel in the offices and we've got about 1,000 or more employees in the trucks and they all use it, at different times.

Technical support has been pretty good. At one point, because we've got a lot of drivers - we're a transportation organization - those drivers have mobile phones and at one point we implemented a new mobile phone which uses the Wi-Fi network. The new phones couldn't connect with the Wi-Fi access point and Fortinet pretty much came in quickly with a patch for the Wi-Fi access points.

The initial setup was straightforward. It comes with a quick book, a manual, and without any experience from day one, I implemented successfully without any help. It was pretty straightforward.

I implemented the solution myself.

Seven years ago I was looking into Palo Alto Firewalls.

It's a good reliable product. I'd rate it as a solid eight out of 10. It has room left for improvement.

We'd chosen the solution because of the price and the support contract, but just a few years later the support contact pricing was all of a sudden pretty steep. They increased it by 20% to 30% from one year to another year, and it's hard to explain why.

We use the solution for automated solutions.

Fortinet FortiOS's valuable features include intuitive policy creation and deployment, precise parameter settings to determine thresholds, and security profiles such as web filtering and remote application filtering, among others. These features greatly enhance the platform. It includes every available application in terms of features. For example, in RDP, we must control the application. It’s already there whenever we want to apply their role or policy to that application.

Fortinet FortiOS's integration could be improved. It has extensive integration features, such as collectors for other services and third-party intelligence feeds.

I have been using Fortinet FortiOS for six months. We are using the latest version of the solution.

The product is stable.

The solution is scalable. We have around 300 users using this solution.

We initiated support from our servers because the other part of the company was not working. They helped us adjust the tuning, and it is working now.

The initial setup is not complex. It will take around two or three days to deploy. Product cleaning, readjustment, and screening are continuous tasks, as the nature of the work requires tuning and adjustments. To connect the PC to the console, we assign the networking settings, including data capabilities, and then reconfigure them on the web interface (UI). Some settings are also presented in a web-based format in the CLI because they are easier to navigate.

The reserve utilization is very low. Based on my learning, my expectation is for every product to have a good intelligence system and frequently updated threat intelligence. Overall, I rate the solution a nine out of ten.