Sold by: Fortinet Inc.
Deployed on AWS
AWS Free Tier
FortiGate-VM delivers next-generation firewall capabilities for organizations of all sizes to protect against malware, exploits, malicious websites, and known and unknown attacks. It enables broad protection and automated management for consistent enforcement and visibility across your cloud environment.
4.3
Overview
Video
Video 1
Video
Video 2
Video
Product video
FortiGate-VM on AWS delivers next-generation firewall and VPN/SD-WAN capabilities for organizations of all sizes. It enables broad network protection and automated security management for consistent enforcement and visibility across your AWS VPCs and hybrid cloud infrastructure. FortiGate natively integrates with AWS Gateway Load Balancer, AWS Transit Gateway and other AWS security services to simplify and deliver enterprise class security for applications and workloads running on AWS.
FortiGate-VM reduces complexity by combining secure connectivity with advanced threat protection capabilities such as powerful intrusion prevention (IPS), malware detection and protection, and continuous threat intelligence from FortiGuard Labs security services. It offers a management console that provides comprehensive network automation and unified visibility across multi-cloud environments.
FortiGate-VM, in concert with other elements of the Fortinet Security Fabric, enables common deployment scenarios such as cloud security services hub, secure remote access, container security, web application security, and critical workload protection.
Visit the FortiGate-VM on AWS Community Resource Hub to find onboarding, deployment, and technical information and join in discussions: https://community.fortinet.com/t5/FortiGate-VM-on-AWS/gh-p/fortigate-vm-on-aws
Please contact AWSsales@fortinet.com with questions.
Highlights
- ADVANCED THREAT PROTECTION - FortiGate identifies thousands of applications inside network traffic for deep inspection and granular policy enforcement. It protects against malware, exploits, malicious websites, and known and unknown attacks using powerful Intrusion Prevention Service (IPS) and continuous threat intelligence from FortiGuard Labs security services.
- PRICE PERFORMANCE - Fortigate on Graviton-based EC2 instances provide organizations with better cost optimized options compared to other instance types. Also see: https://www.fortinet.com/blog/business-and-technology/fortinet-collaborates-with-aws-to-deliver-low-cost--high-perform
- SECURE CONNECTIVITY and SIMPLIFIED MANAGEMENT - FortiGate provides core networking functionality, including SSL or IPSec VPN to AWS-based workloads, and scales to deliver secure SD-WAN Cloud on-ramp for organizations of all sizes. FortiGate also includes a management console that is simple to use and provides comprehensive network automation and unified visibility across multi-cloud environments.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (Arm) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 7.0.19
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
This is a BYOL product - there're no refund and cancellation policy applied.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (Arm) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
After deploying the instance, click on Manage in AWS Console to see the running instance and public DNS address to continue the configuration of the FortiGate-VM. Connect to the secured Web UI via the public DNS address: https://<public DNS address>. For any CLI configuration/settings, SSH is required to log into the CLI. Default login credentials are with a username of admin and the AWS Instance ID value as the password. You can reference the FortiGate-VM AWS admin guide is located at: https://docs.fortinet.com/document/fortigate-public-cloud/7.0.0/aws-administration-guide/
Resources
Support
Vendor support
By subscribing to these services, you'll receive a timely response to any technical issues as well as complete visibility on the ticket resolution progress. FortiCare Support Services include firmware upgrades, Support portal access, and associated technical resources. FortiGuard Security Services include up-to-the minute threat intelligence delivered in real time to stop the latest threats. http://www.fortinet.com/support/contact_support.html
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Fortinet FortiGate allows mitigation of blind spots to improve policy compliance by implementing critical security controls within your AWS environment. FortiGate includes all of the security and networking services common to FortiGate physical appliances.
FortiAuthenticator is a centralized user Identity Management solution to transparently identify network users and enforce identity-driven access policy in a Fortinet fabric. It supports FortiToken Two-factor authentication, Certificate and Wireless Guest management and Single Sign On capability.
The Fortinet FortiManager provides easy centralized configuration, policy-based provisioning, update management and end-to-end network monitoring for your Fortinet installed environment.
Fortinet professional design and implementation services for network, application, and cloud-native (CNAPP) security for AWS, hybrid, and multi-cloud environments.
The FortiWeb web application firewall (WAF) defends web-based applications from known and zero-day threats. Its AI-based machine learning identifies threats with virtually no false positive detections.
Customer reviews
Hassan Wali Khan
Virtual firewall deployment has protected data center apps and simplified threat management
Reviewed on Feb 04, 2026
Review provided by PeerSpot
What is our primary use case?
Fortinet FortiGate-VM is used for virtual machine deployment within data centers to protect applications. Some customers do not want to deploy hardware firewalls due to budget constraints. With a good hypervisor, they can deploy Fortinet FortiGate-VM firewall in their data center as a virtual firewall.
For example, if you have applications hosted in a data center and do not want to deploy Fortinet FortiGate hardware firewalls due to budget constraints and have a good hypervisor, you can secure your application by deploying Fortinet FortiGate-VM on your hypervisor in the data center to protect the application directly. Traffic comes first to Fortinet FortiGate-VM, and then clean or secure traffic reaches the data center server.
What is most valuable?
Fortinet FortiGate-VM is similar to a Fortinet FortiGate hardware firewall, and we can get all the same features. It is a good solution with Fortinet FortiGate-VM firewall.
Deployment is easy within any hypervisor cloud, whether Citrix Xen, VMware, or Nutanix.
The threat detection capabilities are excellent. I would rate this as ten out of ten because of the good features that come with the services and FortiGuard connection. You can get signatures every hour, including IPS signatures, anti-malware signatures, web filters, and application filters. These signatures come directly from the firewalls. An additional feature is the ability to create custom signatures in Fortinet FortiGate-VM, such as application signatures and IPS signatures.
What needs improvement?
Regarding the solutions, more features need to be introduced. Fortinet FortiGate-VM has FortiWAF features, but they are limited. These features need to be enhanced in Fortinet FortiGate-VM itself. Although Fortinet FortiGate has FortiWAF feature as a standalone feature, more features need to be onboarded into this firewall. Additionally, some features should be offered for free. For example, the minimum comes with two CPU, but at least four CPU license-based or still two CPU should be free.
For how long have I used the solution?
I have been using Fortinet FortiGate-VM for the last six to seven years.
What do I think about the stability of the solution?
Stability is ten out of ten. Stability and scalability are both ten out of ten.
What do I think about the scalability of the solution?
Stability and scalability are both ten out of ten.
How are customer service and support?
The technical support of Fortinet FortiGate-VM and Fortinet FortiGate is eight or nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Regarding Fortinet FortiGate-VM, I do not see any virtual machine of Cisco firewall to deploy in any hypervisor. This is the only time I have seen Fortinet FortiGate-VM with the feature to deploy on any hypervisor. Usually, these features are not available in other vendors.
How was the initial setup?
Setup can be completed within ten to fifteen minutes. Operational tasks and maintenance are very easy.
What about the implementation team?
Five people, all technical staff, are capable of deploying Fortinet FortiGate-VM.
What was our ROI?
Integration capabilities are very good. I deployed and integrated Fortinet FortiGate-VM with Microsoft AD server. Integration is very easy and can be completed within two to three minutes with Microsoft AD or any other third-party servers.
What's my experience with pricing, setup cost, and licensing?
Pricing cannot be said to be cheap because the pricing is not fixed. Pricing varies based on the size of the deal. If you have a good size deal, you can get more discount from Fortinet FortiGate team. If you buy a single Fortinet FortiGate-VM, you will not get as much discount from the Fortinet team. This can be marked as six, seven, or eight.
What other advice do I have?
Many organizations, enterprises, oil and gas companies, public sector, and commercial sector are all using these firewalls. The banking sector is also using them.
Automation can be configured in Fortinet FortiGate-VM. For example, if someone logs into Fortinet FortiGate-VM from an IP address, I can receive an email with the user login IP address, username, login time, and date.
I recommend this one hundred percent if you want to deploy a solution, have budget constraints, and do not want to buy hardware Fortinet FortiGate-VM. I will recommend using Fortinet FortiGate-VM deployed on your hypervisor. I would rate this solution ten out of nine. My overall review rating for this product is nine out of ten.
reviewer2283873
Security has improved with deep visibility and zero trust, but performance sizing needs work
Reviewed on Jan 30, 2026
Review from a verified AWS customer
What is our primary use case?
Network and infrastructure security can be used depending on the environment which a customer has, but it is usually more useful in virtual data center protection. Fortinet FortiGate-VM can protect VM infrastructure, virtual infrastructure, or cloud infrastructure in AWS , Azure , or other cloud vendor providers, as well as virtual infrastructure on premises in your own private data center.
What is most valuable?
I would say that it is cheaper than other vendors. In comparison of features, it is at the same level as Palo Alto and Check Point. It is a leader in the Gartner quadrant with the same feature set but at a lower price. However, it also has some weak points that require careful sizing of the solution before using it with all security features switched on, because it has a significant downgrade of throughput capacity when switching on more security features. If you need all features switched on with all signatures and SSL inspection, then you need to check for a higher grade model.
Fortinet FortiGate-VM provides integration across various environments, which is important especially for integration with domain controllers and authentication services. This is very important nowadays. All other integrations depend on the project and company needs.
With this solution, you can apply the zero trust concept in place with role-based access to the internet. URL filtering works well, and it is flexible. At the same time, with integration with other security solutions, you can quickly respond to incidents if anything happens. In total, fewer security incidents appear and you can respond more quickly.
After deployment, you have better visibility. You can see who, where, when, and how, and you can make reports.
What needs improvement?
I would say that it is cheaper than other vendors. In comparison of features, it is at the same level as Palo Alto and Check Point. It is a leader in the Gartner quadrant with the same feature set but at a lower price. However, it also has some weak points that require careful sizing of the solution before using it with all security features switched on, because it has a significant downgrade of throughput capacity when switching on more security features. If you need all features switched on with all signatures and SSL inspection, then you need to check for a higher grade model.
Real-time threat response is better in Palo Alto because they have an embedded machine learning engine which can detect viruses. In Check Point, you have to have a sandbox or be connected to the sandbox to check for unknown threats.
These are not problems per se, but you need to be more careful and more experienced when choosing this solution. You should not look just at a data sheet, but also look at real tests in the field and load tests from companies who are making them. The best way to choose is to test in your environment, see the capacity and throughput which you need, and then choose the model after a proof of concept.
For how long have I used the solution?
Fifteen years.
What do I think about the stability of the solution?
If it is sized in a proper way, there would be no downtime. If it is sized in an improper way, there would be questions.
What do I think about the scalability of the solution?
It is scalable.
How are customer service and support?
I was a tech support person, so I did not have a chance to escalate. I faced issues and fixed them myself. I did not escalate to the second level, so I do not closely work with their support team.
How would you rate customer service and support?
How was the initial setup?
It depends on the project. If you need just an internet connection for a few people, you just plug it in and it is done. You write two rules which allow access and apply basic URL filtering. If it is a data center segmentation solution, you need to plan a lot before you deploy it, and deployment would be complicated with any product. For basic setups for small businesses, it is easy and plug and play. However, for big projects like data center protection, it is complicated with any vendor, not just easy.
What was our ROI?
It is difficult to count honestly. When you need a cheap solution, you go for Fortinet. If you have more money, it is a matter of choosing between Android phone or iPhone. Both products are good, but one is a little bit better. If you do not have money to overpay, then you go for the cheaper one. If you have budget, then you can go for a more expensive one.
What other advice do I have?
I work with the product both as a customer and as a partner integrator, and also as a reseller.
There is a significant impact because you see full network visibility from layer three to layer seven, all threats, and all vulnerability exploitation attempts. With SIEM integration, it highlights a lot of data which can be used with PI solutions and also for incident response.
It is scalable. As for technical support, I was a tech support person, so I did not have a chance to escalate. I faced issues and fixed them myself. I did not escalate to the second level, so I do not closely work with their support team.
Regarding real-time threat response capabilities, I think they are better in Palo Alto because they have an embedded machine learning engine which can detect viruses. In Check Point, you have to have a sandbox or be connected to the sandbox to check for unknown threats.
The impact of threat detection on IT security operations is significant because you see full network visibility from layer three to layer seven, all threats, and all vulnerability exploitation attempts. With SIEM integration, it highlights a lot of data which can be used with PI solutions and for incident response.
As a reseller and a user, the biggest benefit that stands out is that it is cheaper than other vendors. In comparison of features, it is at the same level as Palo Alto and Check Point. It is a leader in the Gartner quadrant with the same feature set but at a lower price. However, it also has some weak points that require careful sizing of the solution before using it with all security features switched on, because it has a significant downgrade of throughput capacity when switching on more security features. If you need all features switched on with all signatures and SSL inspection, then you need to check for a higher grade model.
Fortinet FortiGate-VM has some embedded features for automation such as tagging and dynamic groups. Using the API, you can respond and integrate with SIEM solutions. However, this requires technical background and work effort.
My overall review rating for this product is seven out of ten.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Vaibhav Patkar
Cloud firewall deployment has improved real-time threat response and centralized control
Reviewed on Jan 27, 2026
Review provided by PeerSpot
What is our primary use case?
I am still working with all these vendors today: Scion, Kaseya, and SolarWinds, as I use these products for usage as well as I support these products because we sell the solutions also. We sell Fortinet FortiGate-VM , we sell Palo Alto, and we sell most of them. I have been selling it probably in the last five years.
What is most valuable?
When you say VM, Fortinet FortiGate-VM is essentially a firewall in a cloud, which is Fortinet on a cloud, eliminating the need for a physical apparatus or physical appliance to run this solution. In the old days, you required a physical box in your environment to install physically in your data center and configure that box and communicate with wherever you wanted to do. Now with Fortinet FortiGate-VM kind of a system, the physical appliance is no longer required. All you require is a cloud-based or a software firewall that you can utilize anywhere, anyhow. The advantage here is you can start the implementation within no time; as soon as the order is received and the tenant is ready to start implementation, you do not require a mandatory delivery time of six to eight weeks. This can happen within probably four or five days or maybe two days itself after the confirmed order. That is one of the biggest advantages of having a VM-based firewall because you do not require any physical configuration. You can do a virtual or a software configuration, and you can be in business within the shortest possible time. Customers appreciate that because the delay in terms of deliveries is no longer available. Either you can install it on customer premises or we can install it on a cloud also.
Hybrid Mesh Firewall feature is beneficial because even if you have a Mesh Firewall, how it works is if you have an architecture designed in such a way that it will be controlled from centrally but utilized locally. You have a mesh of ten firewalls, but you are located at ten different locations and you want to go to the internet and you probably have a local gateway. In the older design, you have to come through a central location and then access your internet and go out, which becomes problematic because your latency would be very high. You will get a delayed response for anything and everything you want to access. However, with a meshed environment and a proper internet POP, you can have the standard controls implemented across. At the same time, since you are accessing the systems locally over the internet, the response time or latency is fast. That is one of the biggest advantages one gets with a mesh firewall and centralized management.
I also speak about real-time threat response capability, and it is real time. You get fast access and people are happy because when they ask for any query, you get an immediate response rather than waiting earlier for a longer time. That is the advantage.
Fortinet FortiGate-VM definitely improves overall security posture because it has better features in terms of better management or better configuration options and parameters. Any firewall cannot be configured with default parameters because it will probably give you issues. If you can configure it properly, and it has a GUI interface, the graphical interface actually helps you configure things much faster and in a better manner.
One benefit with such VM-based solutions is that if you are connected to the internet, all the updates and all the threat intelligence platforms are always kept online and up to the mark. You do not have to wait for an update which will happen probably a week, ten days, or a month later. Whatever updates are required are instantly available. Therefore, threat detection, even if it is a zero-day, can occur in a much better way because if it gets updated at the central Fortinet level, it gets percolated directly to the firewall's database, making it a better option.
I have been using Security Fabric Automation features to generate alerts or automate threat response because that is essential. When you have a fabric implemented, any issues with the firewalls can be immediately known, and you can take actions accordingly. That is a good feature.
What needs improvement?
Negatives are it could be the same as physical, because if the physical box has some defects, obviously it does not work. The same thing happens if the cloud has issues or a VM is not working well. Those are typical unavailability problems. Usually when it is VM or a cloud, you get better availability. But you never know what problems can happen. At least what I have seen is if the configuration is right and if you have a decent way of doing things, usually there are no issues. If the configuration has challenges then obviously configuration and availability are the main keys in terms of having a better one. They could be negatives also because if you do not configure, you have a problem. If the VM is not available, then also you have a problem because you cannot communicate. Those are the negatives I would address.
What do I think about the stability of the solution?
The general stability of Fortinet FortiGate-VM is very stable.
What do I think about the scalability of the solution?
The scalability of Fortinet FortiGate-VM depends on the VM configuration. Assuming I know that there are twenty, I am giving an example. Let us say the solution requires the base one supports five locations, and if you want to increase the number of locations and the bandwidth requirements, then obviously I can just increase my VM CPU or the basic. Alternatively, I can create a bigger VM or the larger VM and just implement this, which will take lesser time. It is not that complicated to do it, but it is possible to do it without much downtime.
How are customer service and support?
I rate customer support and technical support from Fortinet at a nine because we have certified people on our roles for such products. Most of the problems are troubleshot by my own team. Only when there are some peculiar issues do I have to talk to support and get the necessary done. Once the tickets are raised and severity is defined, then they are pretty prompt in supporting also.
How would you rate customer service and support?
Positive
How was the initial setup?
The implementation and deployment part is really straightforward because there is no hardware involved. If there is no hardware, then obviously software-wise you can configure it much faster and much better because as soon as you get the license. All these things are controlled by an activation key which is at Fortinet's side. When I am talking about Fortinet FortiGate-VM, the VM requirements are already set. I can immediately implement that, download the part, and for activation, if I get the key, I can be starting in no time. If I had to wait for an appliance, the appliance takes probably six to eight weeks to deliver. I should not have to wait for six to eight weeks when I can get things done without much of a challenge.
What other advice do I have?
The accessibility of integration across various environments in Fortinet FortiGate-VM is very easy, I would say, because we integrate with multiple SIEM systems. We have found that integration is relatively easier. As soon as you integrate with your SIEM , even we have integrated with our ticketing system, that is also possible, and we have done that. All you require is a little bit of understanding regarding parameters, and if you know what to look for and where to look, I think those are possible to do.
In terms of how the price of Fortinet compares to other products on the market, I think Fortinet is a much better product in terms of availability and support from Fortinet's side as well. My company has a long relationship with Fortinet. We deal mostly with Palo Alto on an appliance basis. They may be having such a product, but at least my experience with Fortinet is better than others.
Regarding TCO related to Fortinet, I think the customer is the right person to talk about that because I can only talk from a features point of view. In terms of similar size equipment, the customer must have a comparison with, let us say, Palo Alto or Juniper versus Fortinet. I think Palo and other products are a little expensive. Unless you go with some cheaper options, maybe a Cisco or Sophos kind of thing, those are cheaper options but still give you value for money. That is why I believe a customer chooses Fortinet. There is also an architecture thought process that goes behind. An enterprise customer will always go with an internal firewall and external firewall architecture and frequently choose one OEM for internal and another for external. Therefore, they will have a mixed bag kind of a thing, like Fortinet and Check Point or Fortinet and Juniper. It all depends on the architecture as well. To answer that question in terms of TCO is relative compared to the customer, and I will not be in a right position to provide an incorrect answer. I would rate this solution a nine overall.
Flamur Prapashtica
Network security has improved and team now manages IDS, IPS, WAF and VPN with clear visibility
Reviewed on Jan 19, 2026
Review from a verified AWS customer
What is our primary use case?
We are using Fortinet FortiGate-VM on one VM, and two we are using as a dedicated appliance.
The features that we actually use are the IDS/IPS or IPS feature. We also use Intrusion Detection and WAF , Web Application Firewall . They have their own VDOM. We are using FortiAnalyzer for that separately and FortiBackup.
We are not using it yet. What we are focusing on first was migrating to a new VPN. That was one of the first steps. Then enabling the firewall and moving all the subnets as a gateway through Fortinet FortiGate-VM . If I remember correctly, we also are enabling WAF, enabling SSL inspection, and introducing FortiAnalyzer and so on.
How has it helped my organization?
Security is of course a major improvement, and we have more visibility on the network. We can probably say that the cost is manageable with four or five people managing those since we are a telecom and we also have our SOC. Comparing with others, it's straightforward and simplicity. We are not paying for features we are not using right now, but for the future, probably the Fabric and so on, but we only have those now.
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us.
What is most valuable?
We use an on-premises deployment.
The features that we actually use are the IDS/IPS or IPS feature. We also use Intrusion Detection and WAF, Web Application Firewall. They have their own VDOM. We are using FortiAnalyzer for that separately and FortiBackup.
What needs improvement?
I'm not entirely sure because I have to check now. What we purchased is a licensing for three years. I have to check now because in the coming year, we will be checking those. Probably, I'm not sure what the price is. It might be that it should be a little cheaper for us.
For how long have I used the solution?
We have been using Fortinet FortiGate-VM for two years for the firewalls, and I think four years with our mail, FortiMail .
What do I think about the stability of the solution?
There are not really complexities, so I would say that it's straightforward.
What do I think about the scalability of the solution?
It does not cause issues because actually it makes it longer. We do not only work with Fortinet FortiGate-VM, but I think it was around three months when we established everything. We were not in a hurry, which is why we did it ourselves. We had some kind of process first to determine our design and so on, the basic design. Because we are a telecom, we have to involve a lot of units and so on. But for deployment, it was straightforward. Until we had what we needed, and then we created everything ourselves from firewall. It does not take one hour or one day because we work partially on that and mostly focused on other jobs that we have, then we come back to Fortinet FortiGate-VM and so on. Probably we can say that within three months, we have started moving VLANs and people making through the gateway and so on. We implemented VPNs and some other things.
How are customer service and support?
We have had several cases with some support, but we can make it somewhere around eight.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We are part of Telekom Slovenia. From our mother company, they have infrastructure that we took all the hardware from. I think it's a regional setup on the Adriatic part of East Europe, but I'm not sure.
How was the initial setup?
There are not really complexities, so I would say that it's straightforward.
What about the implementation team?
We did it with our team. We are about four members in my unit who are dealing with Fortinet FortiGate-VM. In the beginning, when we introduced FortiMail , it was from Forti itself with support from them, establishing the first setup. This is regarding the FortiMail VMs. It was some kind of lessons or training. We were together with them, and regarding the Forti Firewall, we did it alone with our team.
My team is mostly dealing with it. I only get some reports from them as my duty. I am not involved directly in implementing it and so on. But I am aware of the functionality and so on from Fortinet FortiGate-VM. We have a team of four people mostly who are dealing with Fortinet FortiGate-VM. There are also two or three others who are dealing with the FortiMail. We also have a SOC here who is dealing with the FortiAnalyzer. As a Head of Security, I am getting those reports and so on. My input or my role is very low on some occasions, but I am not typically managing directly those firewalls.
What was our ROI?
It might be positive.
What's my experience with pricing, setup cost, and licensing?
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us.
I'm not entirely sure because I have to check now. What we purchased is a licensing for three years. I have to check now because in the coming year, we will be checking those. Probably, I'm not sure what the price is. It might be that it should be a little cheaper for us.
Which other solutions did I evaluate?
We are part of Telekom Slovenia. From our mother company, they have infrastructure that we took all the hardware from. I think it's a regional setup on the Adriatic part of East Europe, but I'm not sure.
What other advice do I have?
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us. I would rate this review as an eight out of ten.
Vishal Khedekar
Cloud security has become faster to deploy and now supports robust, user-friendly protection
Reviewed on Jan 08, 2026
Review from a verified AWS customer
What is our primary use case?
We are a system integrator, so we are dealing with Fortinet and Sophos. I work with all of them, depending on the customer's needs. I have experience with Fortinet, particularly with deployment experience using Fortinet FortiGate-VM , this particular firewall.
What is most valuable?
For me personally, the best features of Fortinet FortiGate-VM are that it is user-friendly and easy to deploy. The GUI is very user-friendly, so anyone can quickly learn how to use it.
Fortinet FortiGate-VM is time-saving and robust from a security perspective, so it brings positive benefits to the organization.
What needs improvement?
In the future, I would like to see configuration backup on email included in Fortinet FortiGate-VM.
The AI capabilities that they launched last year should be enhanced. If we procure FortiManager, then through FortiAI, we can find out the issues or the configuration changes required as per best practices. Those things need to be added to help us troubleshoot more easily. If the AI helps us even with troubleshooting, it will save a lot of time for us as well.
Some of the compatibility and technical support issues are reasons why I rate it eight instead of nine or ten; the rest of everything is good.
For how long have I used the solution?
I have been working with Fortinet FortiGate-VM for around five to ten years.
What do I think about the stability of the solution?
We were facing challenges while deploying Fortinet FortiGate firewall on AWS with Graviton instances; we were not able to build HA. The Graviton processor has some limitations. I do not know exactly what the issue was, but we changed the instance type and then installed it. There must be some compatibility issues with that particular Graviton CPU and Fortinet.
What do I think about the scalability of the solution?
It took a couple of weeks, approximately two to three weeks, to overcome all those issues.
How are customer service and support?
The technical support is very helpful, but reaching technical support is quite difficult because whenever we have raised a ticket, it takes a lot of time to reach them and even make them understand the issue. When we raise a ticket, it routes to some L1 engineer, and they might not have adequate AWS or Azure knowledge, which is why it took a lot of time to get an L3 or L2 engineer and find a resolution.
What about the implementation team?
We have an entire team of ten to fifteen people involved in the process of deployment, and they are the implementation engineers.
What other advice do I have?
With respect to cloud networks, we may require some detailed documentation because that will help improve our implementation.
It was good; I did not find any challenge with Fortinet Security Fabric 's real-time threat response capabilities.
We do not utilize Fortinet FortiGate-VM's Hybrid Mesh Firewall feature.
It is better how I assess the impact of Fortinet FortiGate-VM's threat detection on our IT security and our customer's IT security after implementation.
It is very affordable and very competitive pricing; I think it is a good solution. I rate this product eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)