Sold by: Fortinet Inc.
Deployed on AWS
Free Trial
Fortinet FortiGate allows mitigation of blind spots to improve policy compliance by implementing critical security controls within your AWS environment. FortiGate includes all of the security and networking services common to FortiGate physical appliances.
4.2
Overview
Video
Video 1
Video
Video 2
Video
Product video
FortiGate-VM on AWS delivers next-generation firewall and VPN/SD-WAN capabilities for organizations of all sizes. It enables broad network protection and automated security management for consistent enforcement and visibility across your AWS VPCs and hybrid cloud infrastructure. FortiGate natively integrates with AWS Gateway Load Balancer, AWS Transit Gateway and other AWS security services to simplify and deliver enterprise-class security for applications and workloads running on AWS.
FortiGate-VM reduces complexity by combining secure connectivity with advanced threat protection capabilities such as powerful intrusion prevention (IPS), malware detection and protection, and continuous threat intelligence from FortiGuard Labs security services. It offers a management console that provides comprehensive network automation and unified visibility across multi-cloud environments.
FortiGate-VM, in concert with other elements of the Fortinet Security Fabric, enables common deployment scenarios such as cloud security services hub, secure remote access, container security, web application security, and critical workload protection.
Visit the FortiGate-VM on AWS Community Resource Hub to find onboarding, deployment, and technical information and join in discussions: https://community.fortinet.com/t5/FortiGate-VM-on-AWS/gh-p/fortigate-vm-on-aws
Please contact awssales@fortinet.com with any questions.
Highlights
- FortiGate offers protection from a broad array of threats, with support for all of the security and networking services offered by the FortiOS operating system.
- Delivers complete content and network protection by combining stateful inspection with a comprehensive suite of powerful security features to meet PCI DSS compliance.
- IPS technology protects against current and emerging network-level threats. In addition to signature-based threat detection, IPS performs anomaly-based detection which alerts users to any traffic that matches attack behavior profiles.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 7.0.19
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5n.xlarge Recommended | $1.02 |
c7i.xlarge | $1.02 |
c7i.2xlarge | $1.60 |
c5n.18xlarge | $5.16 |
c6i.2xlarge | $1.60 |
c6i.24xlarge | $6.19 |
c7i.4xlarge | $3.29 |
c4.8xlarge | $4.10 |
c4.large | $0.88 |
c6in.16xlarge | $5.16 |
Vendor refund policy
You may terminate the instance at anytime to stop incurring charges.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
Please ensure the connectivity to FortiCare (https://directregistration.fortinet.com:443 ) by checking all related setup on security groups, ACLs, IGW, route tables, public IP address...etc.
After deploying the instance, click on Manage in AWS Console to see the running instance and public DNS address to continue the configuration of the FortiGate-VM. Connect to the secured Web UI via the public DNS address: https:// <public DNS address>. For any CLI configuration/settings, SSH is required to log into the CLI. Default login credentials are with a username of admin and the AWS Instance ID value as the password. The FortiGate-VM AWS Install and Configure guide is located at https://docs.fortinet.com/document/fortigate-public-cloud/7.0.0/aws-administration-guide/
Support
Vendor support
This product is intended for On-Demand subscription. Please contact Customer Support with the following information instead of trying to register in FortiGate management GUI:
- The serial number of your FortiGate instance
- The email ID of your Fortinet account. If you do not have an account yet, please sign using the link below
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Fortinet Inc.
By Check Point Software Technologies
By Palo Alto Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Intrusion Prevention System
IPS technology with signature-based and anomaly-based detection to protect against current and emerging network-level threats and attack behavior profiles
Threat Protection Capabilities
Advanced threat protection including intrusion prevention, malware detection and protection, and continuous threat intelligence from FortiGuard Labs security services
AWS Native Integration
Native integration with AWS Gateway Load Balancer, AWS Transit Gateway, and other AWS security services for VPC and hybrid cloud infrastructure protection
Stateful Inspection and Content Filtering
Stateful inspection combined with comprehensive security features including content and network protection to meet PCI DSS compliance requirements
Unified Management and Visibility
Management console providing comprehensive network automation and unified visibility across multi-cloud environments
Advanced Threat Prevention Capabilities
Firewall, Data Loss Prevention (DLP), Intrusion Prevention System (IPS), application control, IPsec VPN, URL filtering, antivirus, and anti-bot protection against known and unknown threats.
Network Traffic Inspection and Control
Inspects and secures encrypted data flows between on-premises networks and AWS VPCs, including North-South traffic entering and exiting private subnets and East-West traffic between VPCs.
Unified Security Management
Centralized management via Check Point CloudGuard Security Management Server enabling consistent policy, log, and report management across AWS, hybrid, and on-premises environments.
Infrastructure-as-Code Integration
Integrates with Terraform and Ansible for policy automation and cloud-native scaling with dynamic adaptation of security policies based on real-time cloud metadata.
AWS Service Integration
Supports Gateway Load Balancer, AWS Security Hub, VPC Ingress Routing, AWS Traffic Mirroring, AWS Transit Gateway, AWS Outposts, and Amazon Macie with deployment options including auto-scaling groups and multi-AZ redundancy.
Traffic Identification and Classification
Powerful traffic identification technology for complete visibility and control over network traffic
Malware Prevention
Malware prevention capabilities to protect applications and data from known and unknown attacks
Dynamic Policy Management
Dynamically updated whitelisting and segmentation policies based on AWS tags for reduced attack surface
High-Performance Processing
DPDK support on C5, C5n, M5, and M5n instances running on AWS Nitro System for efficient traffic processing
Cloud-Native Integration
AWS Auto Scaling, ELB integration, Transit VPC with AWS Transit Gateway, and Gateway Load Balancer support for large-scale deployments
Standard contract
No
No
No
Customer reviews
Srinivasan Arumugam
Security has improved with deep inspection and vpn access, but reporting and upgrades need work
Reviewed on Mar 11, 2026
Review provided by PeerSpot
What is our primary use case?
I have been using Fortinet FortiGate for the past six years.
I have been using Fortinet FortiGate to provide security for network and perimeter networks and gateways, and I rely on Fortinet FortiGate to protect my applications from various Layer 4 and Layer 7 attacks and traffic from malicious IPs while blocking traffic from unwanted IPs.
Fortinet FortiGate is also mainly used to establish IPsec tunnel connectivity with other networks, and users from outside the office network can connect to resources via IPsec VPN as well as site-to-site and client-to-site VPN, which leverages access and resource availability across various networks and simplifies resource accessibility worldwide.
One of the main features that I use in real time with Fortinet FortiGate is web filtering and App IDs based on application control. Previously, I allowed application access policies based on ports, but it could not prevent traffic based on the same application port with different use cases. For example, port 443 can be used for various purposes, but it could not restrict access for some specific applications. The App ID based control is useful for me to restrict traffic based on application usage and user access, which is the primary purpose of Fortinet FortiGate in real time.
What is most valuable?
Fortinet FortiGate offers next-generation firewall features and security features that restrict access for malicious traffic, URLs, and IPs, which is a major feature that Fortinet FortiGate offers.
The next-generation firewall capabilities including deep packet inspection and application controls via App IDs, Intrusion Prevention Systems, web filtering, URL filtering, and anti-malware protections are essential features that are present in Fortinet FortiGate to prevent various cyber attacks and threats in the network.
Fortinet FortiGate is also mainly used to establish IPsec tunnel connectivity with other networks, and users from outside the office network can connect to resources via IPsec VPN as well as site-to-site and client-to-site VPN, which leverages access and resource availability across various networks and simplifies resource accessibility worldwide.
What needs improvement?
The security features could have been more similar to those in the Palo Alto firewall with major data protections and WildFire, and deeper inspection capabilities, which Fortinet FortiGate lacks. Additionally, I notice that Fortinet FortiGate often experiences resource utilization problems where memory is heavily occupied regularly, necessitating cleanup tasks.
During firmware upgrades, the process is not smooth; one of the VMs often goes out of sync and exits the HA cluster. Therefore, I separate the HA between the firewalls and perform upgrade activities one by one manually. The graphical dashboard representation of the data is frequently inaccurate, leading me to rely on syslogs for more dependable information. The log retention period on the device seems too short despite having ample memory and disk capacity, which is a major issue.
For how long have I used the solution?
I have been working in my current field for the past seven years.
What do I think about the scalability of the solution?
The scalability experience indicates that if I need additional features or security capabilities, such as sandbox features, I can add them by opting for separate licenses, making it convenient for me.
How are customer service and support?
Fortinet FortiGate customer support appears somewhat good, but for complex cases or major incidents, I often do not receive prompt support from the OEM, resulting in multiple follow-ups to get the necessary assistance.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Previously, I used to have a Cisco ASA firewall, which had fewer security features for protecting the network from day-to-day attacks and threats. Fortinet FortiGate firewall has next-generation capabilities with various security features including deep inspections, filters, URL filters, URL categories, and IPS protections while controlling application access based on application IDs, along with anti-malware protections to safeguard applications from malicious threats and attacks. By using Fortinet FortiGate, I significantly reduced major attacks that could exploit my network.
What other advice do I have?
I would advise others considering Fortinet FortiGate, particularly those concerned about budget and pricing with decent performance and support, to proceed with Fortinet FortiGate, as compared to other next-generation firewall products, Fortinet FortiGate has lower license support costs, which is a significant advantage. Moreover, from my experience, it performs its job effectively with no major issues related to performance or functionalities including policy control, VPN, and security features. I would rate this product a 7 out of 10.
reviewer2808123
Long-term deployment has supported flexible security services for diverse customer needs
Reviewed on Mar 11, 2026
Review provided by PeerSpot
What is our primary use case?
I integrate service with Fortinet FortiGate . I integrate service, and some manage service, so the customer already has the firewall and we manage them, or we sell the hardware. But mostly for hardware, there are a lot of sellers, so mostly we do the services.
If the customer wants Fortinet FortiGate , I give Fortinet FortiGate. If the customer wants Sophos, I give Sophos. Both have a different market and different customer profile.
Whatever the customer asks, we provide. I'm running Fortinet FortiGate now because a customer wants that in my data center.
What is most valuable?
I find Fortinet FortiGate valuable due to Fortinet's ASIC, as I have known Fortinet FortiGate since a long time ago, from the first time they ran. They use ASIC. While Sophos also has a special hardware solution such as Xstream, they have all different purposes and different advantages, so I can utilize both. It depends on the customer.
I don't have any problem with Fortinet Unified SASE . Mostly in Indonesia, in our market, customers buy the brand without knowing the full capability of it. So actually with Fortinet FortiGate, you also have to implement FortiManager, FortiAnalyzer and for hardware control, FortiNAC and so on. But because it's so modular, sometimes customers mistakenly just buy the firewall. The firewall doesn't work right. That's a problem. I understand that this product design philosophy of Fortinet FortiGate is meant to serve very big corporations which have established SOC teams. They put segmentation of who is the manager and who is the analyzer. That's why they put the separate server for that. But because the brand is so famous, even small customers want to buy it.
What needs improvement?
For how long have I used the solution?
I have been working with Fortinet FortiGate for maybe five or six years, or maybe longer than that. It could be 10 years as well.
What other advice do I have?
I have been working with Fortinet FortiGate for quite a long time, but I am not a partner yet. Last year I took partnership with Sophos, so we do both.
I don't have experience integrating SD-WAN capabilities with Fortinet FortiGate yet, as we had a case but the project didn't go. SD-WAN is not mostly firewall. Yesterday, I just had a discussion with a new customer that wants to buy ZTNA and NAC.
I think the pricing of Fortinet FortiGate is affordable to some small customers, but they can only afford the firewall without the other components. Mostly firewall, so it's just selling products, not selling a security system.
In my opinion, Fortinet FortiGate doesn't need to be improved. It's because it has a different market. I had a case maybe five or six years ago. There was a tender of SD-WAN implementation for 10,000 mini marts. A company that has 10,000 outlets of mini marts needs security. In the data center at their headquarters, they need a very big firewall, up to 500 Gbps. But in the outlet, which is a small store or mini mart, they need a very small firewall that's capable to do SD-WAN, authentication, security, VPN and so on. Fortinet FortiGate has it all. Fortinet FortiGate is suitable for that kind of organization. They have a special SOC, so they buy FortiManager, FortiAnalyzer and so on. I rate this review an 8.
reviewer2292894
Security platform has strengthened multi-purpose protection and supports AI-driven threat defense
Reviewed on Mar 10, 2026
Review from a verified AWS customer
What is our primary use case?
There are many main use cases for Fortinet FortiGate for my clients, including network firewall, VPN, ZTNA , and SD-WAN. The firewall is basically the primary function and one of the best features in Fortinet FortiGate .
How has it helped my organization?
The AI aspect has helped to protect data centers at scale by improving the reduction of false positive errors and handling unknown threats.
What is most valuable?
I have hands-on experience with demos and implementation of Fortinet FortiGate. The AI and ML enhanced FortiGuard services are quite new, and I have some experience but not much since they are a new feature.
What needs improvement?
The stability and performance of Fortinet FortiGate are mixed, as some features are quite good and very stable while others are quite new and very buggy.
There are quite a lot of bugs in Fortinet FortiGate, and they introduce new features every day that come with problems. I think they introduce them too fast.
Fortinet brings in new products every year and acquires new companies while inventing new products, which is good but also bad because they introduce a lot of workload and problems or bugs onto the table.
For how long have I used the solution?
I have been using Fortinet FortiGate for almost three years.
What do I think about the stability of the solution?
The stability and performance of Fortinet FortiGate are mixed, as some features are quite good and very stable while others are quite new and very buggy.
What do I think about the scalability of the solution?
Scalability highly depends on the purchase decision. If the user bought the appliance, then it is not scalable, but for the VM on the software side, it can expand.
How are customer service and support?
I have some experience with Fortinet's customer service and technical support. I would rate the technical support of Fortinet on a scale of 1 to 10 around a 7 or 8, primarily because they have local operations in Thailand, so they have at least some people who can speak Thai.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I do have experience in working with technologies other than email security solutions.
How was the initial setup?
If talking about the general product, the initial setup of Fortinet FortiGate is quite straightforward, simple, and easy. However, it depends on the DNA of the product. If the Fortinet product was acquired from another company, that is a different story.
What about the implementation team?
My role is usually on the pre-sales and the POC role in integrating SD-WAN capabilities with Fortinet FortiGate. I am not involved in the implementation side and cannot tell much about it.
What other advice do I have?
In Thailand, the concept of unified SASE is not very popular because the traffic has to go through the cloud, and they are not very afraid of the cloud or highly adopting it at this time.
I know about dynamic segmentation in Fortinet FortiGate from the book and theory side, but on the implementation side, there are not many projects that implement it that way. It is probably never done.
There are several benefits that Fortinet FortiGate brings to the table, and I cannot speak of only one or two as it is too extensive. It highly depends on the use case, and the only word I can tell is that it is very multi-purpose or all-purpose and highly usable in many use cases.
Fortinet FortiGate is quite a mix for organizations considering it, as some products are very easy and straightforward to start, making it easy to sell, and then they can expand to other more complex and advanced products.
reviewer1929939
Reliable security has improved internet routing and optimized multi-site traffic performance
Reviewed on Mar 03, 2026
Review provided by PeerSpot
What is our primary use case?
As a customer, we work with Fortinet FortiGate. Our major use case for Fortinet FortiGate is our Internet, serving as the main device for routing, firewall features, and everything.
What is most valuable?
Fortinet FortiGate is one of the best firewalls in the market currently, with a lot of next generation firewall features embedded into it, including SD WAN, which is one of the best services for traffic steering, managing packet log jitter and latency for any applications, making it unbeatable in terms of pricing compared to other firewalls.
It has a significant impact on our network performance as we are a health care company where users access health care business website URLs, and any latency is managed by SD WAN without manual intervention, benefiting the operation as we have more than a thousand users across different locations.
Fortinet FortiGate Unified SASE is effective in providing security policies across multiple locations, incorporating zero touch provisioning that is very impactful and beneficial in managing network problems.
In terms of hardware-assisted DDoS protection with Fortinet FortiGate, it is performance-based, depending on the number of concurrent sessions, users, and the specifications of the hardware product.
What needs improvement?
The one concern I have with Fortinet FortiGate is the firmware versions, which often have many bugs when upgraded, leading us to revert back to older versions multiple times in my lifecycle.
For example, when upgrading the firmware version, we noticed that one of the services was not working, resulting in no packet flow for a VLAN until we reverted back.
The main area for improvement in Fortinet FortiGate is the firmware versions, as we face uncertainties regarding upgrades and frequent bugs that require self-fixing of problems.
For how long have I used the solution?
We have been using Fortinet FortiGate since two thousand three.
What do I think about the scalability of the solution?
Fortinet FortiGate is very much scalable, with all models from Fortinet being impactful.
How are customer service and support?
Technical support from Fortinet is generally good, though there are times when it could be better.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We have used other firewalls, including Palo Alto, which we find to be very pricey compared to Fortinet FortiGate.
How was the initial setup?
The deployment process for Fortinet FortiGate is straightforward.
What about the implementation team?
We conducted the deployment ourselves without the help of an integrator or consultant.
What was our ROI?
The return on investment with Fortinet FortiGate is very good, as it is one of the best products available in the market.
What's my experience with pricing, setup cost, and licensing?
In terms of price for Fortinet FortiGate, it is not considered that expensive when compared to other products; it is medium priced for SMB businesses.
Which other solutions did I evaluate?
Palo Alto is a premier product, but both solutions have their unique advantages, making it difficult to declare one superior to the other.
What other advice do I have?
We have Fortinet FortiGate in different locations, where every location serves as a data center using hub and spoke technology, connecting all spokes to a primary hub and a secondary hub for reliability.
We use segmentation in core switches; however, the segmentation features are primarily managed by Cisco switches and not by Fortinet FortiGate firewall.
The effects of SD WAN integration on remote users and application performance are very positive, as we integrate all traffic through Fortinet FortiGate SD WAN and aim for configurations that enhance efficiency across locations.
We have been using SD WAN with Fortinet FortiGate for more than five or six years.
Fortinet FortiGate Unified SASE is effective in providing security policies across multiple locations, incorporating zero touch provisioning that is very impactful and beneficial in managing network problems.
The effects of SD WAN integration on remote users and application performance are very positive, as we integrate all traffic through Fortinet FortiGate SD WAN and aim for configurations that enhance efficiency across locations.
With Fortinet FortiGate, the SD WAN feature is included with no additional costs, which stands in contrast to other products like Cisco and Palo Alto, which charge extra for similar features.
I would rate this review an eight out of ten.
reviewer2803671
Unified security has protected diverse environments and supports consistent policies everywhere
Reviewed on Mar 03, 2026
Review from a verified AWS customer
What is our primary use case?
I used to work with Fortinet FortiGate and I am using Fortinet solutions as well. I still use Fortinet FortiGate . Everything regarding Fortinet FortiGate, I was working in a telecom operator who was a partner to Fortinet FortiGate and we were reselling Fortinet solutions to our enterprise customers. Plus, Fortinet has a lot of solutions for telecom network operators as well. So we have deployed a Fortinet solution for protecting our infrastructure as well. In my current role also, we are using Fortinet solutions as security operation center tools.
So we were using SD-WAN of Fortinet FortiGate as well and we used to sell Fortinet FortiGate SD-WAN to our enterprise clients as well, and the feedback is pretty good. The box is quite good, especially on the throughput. So usually for other vendors and the market leader vendors, whenever SD-WAN is activated on the box, the throughput of the box reduces while in Fortinet FortiGate boxes, the throughput remains consistent and you can turn on and off the features as you want, and it is quite intuitive to use Fortinet FortiGate solutions.
So we use Fortinet FortiGate data center firewall and with IDPS functionality. FortiAI is the add-on on top of Fortinet FortiGate firewall. So we use those solutions which help us to protect our setup from cyber attacks and in near real time it gives a lot of visibility using machine learning and helps us remediate the incident in near real time basis.
I work with other solutions such as VMware, Cisco, and a few more SD-WAN vendors.
What is most valuable?
Fortinet FortiGate has started as a firewall solution for branch locations and protecting a smaller branch of say 50 or 100 users to start with. Then Fortinet FortiGate has enhanced their offerings and now they are offering solutions for protecting data centers, branches, head offices, cloud infrastructure and everything. So Fortinet is one of the players who is having the full bucket of solutions for protecting applications across the deployment locations, being a branch or a head office or a data center or in the cloud as well.
Regarding Fortinet FortiGate, one of the key fundamental principles they are following while creating products is affordability. Second one is a uniform software code which they use for creating products and the interoperability with the Fortinet ecosystem. So as I said, Fortinet has started as a firewall vendor and then now Fortinet is offering SD-WAN, software-defined LAN, Wi-Fi, plus a lot of solutions for protecting cloud-based deployments and applications. I understand that I am using a few of the solutions which are required for running a managed security service provider setup and security operations center. So those products are also quite promising. To summarize, one is affordability and the efficacy of solutions. Plus I understand Fortinet keeps on investing high in their R&D budget. So that's where they are able to bring a lot of innovation and they make their product quite contemporary in that sense.
Regarding the effectiveness of Fortinet unified SASE , it provides necessary uniform security policies across multiple locations, being in the cloud or in a branch location or in some data center or anywhere in the world actually. So that's where SASE plays a pretty important part and Fortinet has achieved that objective very well.
Regarding the experience with the unified agent in Fortinet unified SASE, it impacts our operations mostly positively. That helps us reduce our overhead for managing the endpoint deployment. With the agent, it is a single agent that does multiple jobs. And this agent signals very well with Fortinet FortiGate SASE deployments and the overall experience is pretty good. It is easy to deploy, easy to manage, and most effective.
Regarding the dynamic segmentation feature, it is a very fantastic feature and one has to have that feature for protecting the lateral movement of cyber threats or maybe when hackers are trying to orchestrate the larger cyber attacks. So this dynamic segmentation really helps us provide a segregation of the application landscape as well as ensuring that the cross talk between the applications does not go uncontrolled. Secondly, if any malware is deployed somewhere, it helps us protect those malware implications within a certain segment only and not span across the data center.
Regarding DDoS protection for managing data center traffic, I understand Fortinet has solutions for DDoS but I do not see those being used in the market. The market is controlled, rather dominated by two or three vendors, and I guess Fortinet is not a preferred vendor for having DDoS solutions.
What needs improvement?
I would say 8 out of 10 regarding the stability of Fortinet FortiGate. It requires a lot of bug fixing and what I understand, Fortinet is fast enough to provide bug fixes and patches, but usually I suggest Fortinet should do thorough testing of their releases and software releases and once probably they can reduce the frequency of new releases but make it stable. That's what my recommendation is.
As far as the core objective of Fortinet FortiGate is concerned, I think they are meeting the targets but I guess for rolling out new features and new updates, they are doing a bit of hurry just to cope with the market dynamics. But possibly, I understand that they are compromising on the quality of the software and stability. So over there they have to improve. Rest of the aspects, I guess they are doing pretty good. We are happy.
Regarding my experience with Fortinet FortiGate in comparison to maybe some other vendors such as CyberArk, Fortinet is in the top three and they give a lot of competition to their nearest peers in the market. But I guess Fortinet is really struggling in software-defined LAN, Wi-Fi, and FortiSwitches space. So they have to make their products more affordable in Forti-switching and Forti-WiFi space. They are not able to compete effectively with the nearest competitor HP Enterprise and HP Aruba.
For how long have I used the solution?
Around now it's almost 18 years that I've been working specifically with Fortinet FortiGate.
What do I think about the stability of the solution?
Regarding technical support from Fortinet, whenever the bug has been reported or stability issues are reported, we see the support provided by Fortinet is good. But again, rather than controlling damage, I guess they should be working more towards preventing the damage rather than controlling the damage.
What do I think about the scalability of the solution?
Regarding scalability for Fortinet FortiGate, my experience says for branch networking, the product is excellent and it supports the scalability of 2X or 3X at times. But for data centers, one has to size the components and size the solution very carefully because these components are deployed one time and remain in life for at least five to seven years. So one has to keep in mind, it is not so easy to replace the boxes. For Fortinet cloud solution, I guess they have achieved the required elastic scales. One has to only upgrade the licenses and go for a higher tier of subscription and then the scalability is achieved in a very seamless way. But for hardware products, especially in data center and head office environments, one has to carefully size the products because they are not so elastic actually. One has to size it well.
How are customer service and support?
I would rate them seven.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I work with HP to some extent.
How was the initial setup?
Regarding deployment process, Fortinet has a component called FortiManager and FortiAnalyzer. So these two platforms are providing many templates to automate workflows and achieve zero-touch provisioning. So that way deployment is pretty straightforward and easy.
What about the implementation team?
I have deployed a lot of Fortinet solutions on AWS cloud using FortiManager's FortiAnalyzer, Manager, and FortiGate virtual appliances on the AWS Marketplace .
What was our ROI?
This is clear good ROI wherever Fortinet is used as a security product, but not in the Forti-WiFi and Forti-Switching products for sure.
What's my experience with pricing, setup cost, and licensing?
It's quite affordable for Fortinet FortiGate. It's quite affordable for branch networking for sure. For core security components such as firewall, IDPS, and all those things, they are pretty affordable. That's why they won the market and are now market leaders. But some solutions, such as running SOC tools, Fortinet SIM, or Forti-WiFi and Forti-switches, they are coming on a higher side. They're more expensive than their better competitors.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)