Sold by: Fortinet Inc.
Deployed on AWS
AWS Free Tier
Fortinet FortiGate allows mitigation of blind spots to improve policy compliance by implementing critical security controls within your AWS environment. FortiGate firewall includes all of the security and networking services common to FortiGate physical appliances.
4.4
Overview
Video
Video 1
Video
Video 2
Video
Product video
FortiGate-VM on AWS delivers next-generation firewall and VPN/SD-WAN capabilities for organizations of all sizes. It enables broad network protection and automated security management for consistent enforcement and visibility across your AWS VPCs and hybrid cloud infrastructure. FortiGate natively integrates with AWS Gateway Load Balancer, AWS Transit Gateway and other AWS security services to simplify and deliver enterprise class security for applications and workloads running on AWS.
FortiGate-VM reduces complexity by combining secure connectivity with advanced threat protection capabilities such as powerful intrusion prevention (IPS), malware detection and protection, and continuous threat intelligence from FortiGuard Labs security services. It offers a management console that provides comprehensive network automation and unified visibility across multi-cloud environments.
FortiGate-VM, in concert with other elements of the Fortinet Security Fabric, enables common deployment scenarios such as cloud security services hub, secure remote access, container security, web application security, and critical workload protection.
Visit the FortiGate-VM on AWS Community Resource Hub to find onboarding, deployment, and technical information and join in discussions: https://community.fortinet.com/t5/FortiGate-VM-on-AWS/gh-p/fortigate-vm-on-aws
Please contact AWSsales@fortinet.com with questions.
Highlights
- Delivers complete content and network protection by combining stateful inspection with a comprehensive suite of powerful security features to meet PCI DSS compliance.
- IPS technology protects against current and emerging network-level threats. In addition to signature-based threat detection, IPS performs anomaly-based detection which alerts users to any traffic that matches attack behavior profiles.
- New Docker application control signatures protect your container environments from newly emerged security threats.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 7.6.5
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
This is a BYOL product - there're no refund and cancellation policy applied.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
After deploying the instance, click on Manage in AWS Console to see the running instance and public DNS address to continue the configuration of the FortiGate-VM. Connect to the secured Web UI via the public DNS address: https://<public DNS address>. For any CLI configuration/settings, SSH is required to log into the CLI. Default login credentials are with a username of admin and the AWS Instance ID value as the password. You can reference the FortiGate-VM AWS admin guide is located at: https://docs.fortinet.com/document/fortigate-public-cloud/7.6.0/aws-administration-guide/
Support
Vendor support
By subscribing to these services, you'll receive a timely response to any technical issues as well as complete visibility on the ticket resolution progress. FortiCare Support Services include firmware upgrades, Support portal access, and associated technical resources. FortiGuard Security Services include up-to-the minute threat intelligence delivered in real time to stop the latest threats. http://www.fortinet.com/support/contact_support.html
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
FortiGate-VM delivers next-generation firewall capabilities for organizations of all sizes to protect against malware, exploits, malicious websites, and known and unknown attacks. It enables broad protection and automated management for consistent enforcement and visibility across your cloud environment.
Fortinet Federal FortiGate allows mitigation of blind spots to improve policy compliance by implementing critical security controls within your AWS environment. FortiGate firewall includes all of the security and networking services common to FortiGate physical appliances.
Fortinet FortiGate allows mitigation of blind spots to improve policy compliance by implementing critical security controls within your AWS environment. FortiGate includes all of the security and networking services common to FortiGate physical appliances.
FortiAuthenticator is a centralized user Identity Management solution to transparently identify network users and enforce identity-driven access policy in a Fortinet fabric. It supports FortiToken Two-factor authentication, Certificate and Wireless Guest management and Single Sign On capability.
The Fortinet FortiManager provides easy centralized configuration, policy-based provisioning, update management and end-to-end network monitoring for your Fortinet installed environment.
Fortinet professional design and implementation services for network, application, and cloud-native (CNAPP) security for AWS, hybrid, and multi-cloud environments.
The FortiWeb web application firewall (WAF) defends web-based applications from known and zero-day threats. Its AI-based machine learning identifies threats with virtually no false positive detections.
Customer reviews
Flamur Prapashtica
Network security has improved and team now manages IDS, IPS, WAF and VPN with clear visibility
Reviewed on Jan 19, 2026
Review from a verified AWS customer
What is our primary use case?
We are using Fortinet FortiGate-VM on one VM, and two we are using as a dedicated appliance.
The features that we actually use are the IDS/IPS or IPS feature. We also use Intrusion Detection and WAF , Web Application Firewall . They have their own VDOM. We are using FortiAnalyzer for that separately and FortiBackup.
We are not using it yet. What we are focusing on first was migrating to a new VPN. That was one of the first steps. Then enabling the firewall and moving all the subnets as a gateway through Fortinet FortiGate-VM . If I remember correctly, we also are enabling WAF, enabling SSL inspection, and introducing FortiAnalyzer and so on.
How has it helped my organization?
Security is of course a major improvement, and we have more visibility on the network. We can probably say that the cost is manageable with four or five people managing those since we are a telecom and we also have our SOC. Comparing with others, it's straightforward and simplicity. We are not paying for features we are not using right now, but for the future, probably the Fabric and so on, but we only have those now.
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us.
What is most valuable?
We use an on-premises deployment.
The features that we actually use are the IDS/IPS or IPS feature. We also use Intrusion Detection and WAF, Web Application Firewall. They have their own VDOM. We are using FortiAnalyzer for that separately and FortiBackup.
What needs improvement?
I'm not entirely sure because I have to check now. What we purchased is a licensing for three years. I have to check now because in the coming year, we will be checking those. Probably, I'm not sure what the price is. It might be that it should be a little cheaper for us.
For how long have I used the solution?
We have been using Fortinet FortiGate-VM for two years for the firewalls, and I think four years with our mail, FortiMail .
What do I think about the stability of the solution?
There are not really complexities, so I would say that it's straightforward.
What do I think about the scalability of the solution?
It does not cause issues because actually it makes it longer. We do not only work with Fortinet FortiGate-VM, but I think it was around three months when we established everything. We were not in a hurry, which is why we did it ourselves. We had some kind of process first to determine our design and so on, the basic design. Because we are a telecom, we have to involve a lot of units and so on. But for deployment, it was straightforward. Until we had what we needed, and then we created everything ourselves from firewall. It does not take one hour or one day because we work partially on that and mostly focused on other jobs that we have, then we come back to Fortinet FortiGate-VM and so on. Probably we can say that within three months, we have started moving VLANs and people making through the gateway and so on. We implemented VPNs and some other things.
How are customer service and support?
We have had several cases with some support, but we can make it somewhere around eight.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We are part of Telekom Slovenia. From our mother company, they have infrastructure that we took all the hardware from. I think it's a regional setup on the Adriatic part of East Europe, but I'm not sure.
How was the initial setup?
There are not really complexities, so I would say that it's straightforward.
What about the implementation team?
We did it with our team. We are about four members in my unit who are dealing with Fortinet FortiGate-VM. In the beginning, when we introduced FortiMail , it was from Forti itself with support from them, establishing the first setup. This is regarding the FortiMail VMs. It was some kind of lessons or training. We were together with them, and regarding the Forti Firewall, we did it alone with our team.
My team is mostly dealing with it. I only get some reports from them as my duty. I am not involved directly in implementing it and so on. But I am aware of the functionality and so on from Fortinet FortiGate-VM. We have a team of four people mostly who are dealing with Fortinet FortiGate-VM. There are also two or three others who are dealing with the FortiMail. We also have a SOC here who is dealing with the FortiAnalyzer. As a Head of Security, I am getting those reports and so on. My input or my role is very low on some occasions, but I am not typically managing directly those firewalls.
What was our ROI?
It might be positive.
What's my experience with pricing, setup cost, and licensing?
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us.
I'm not entirely sure because I have to check now. What we purchased is a licensing for three years. I have to check now because in the coming year, we will be checking those. Probably, I'm not sure what the price is. It might be that it should be a little cheaper for us.
Which other solutions did I evaluate?
We are part of Telekom Slovenia. From our mother company, they have infrastructure that we took all the hardware from. I think it's a regional setup on the Adriatic part of East Europe, but I'm not sure.
What other advice do I have?
From our perspective, it's quite good. When we have the visibility, we will make our policies depending on the threats that are coming because we are using many different other security measures. Fortinet FortiGate-VM as an internet gateway or firewall is very good for us. I would rate this review as an eight out of ten.
Vishal Khedekar
Cloud security has become faster to deploy and now supports robust, user-friendly protection
Reviewed on Jan 08, 2026
Review from a verified AWS customer
What is our primary use case?
We are a system integrator, so we are dealing with Fortinet and Sophos. I work with all of them, depending on the customer's needs. I have experience with Fortinet, particularly with deployment experience using Fortinet FortiGate-VM , this particular firewall.
What is most valuable?
For me personally, the best features of Fortinet FortiGate-VM are that it is user-friendly and easy to deploy. The GUI is very user-friendly, so anyone can quickly learn how to use it.
Fortinet FortiGate-VM is time-saving and robust from a security perspective, so it brings positive benefits to the organization.
What needs improvement?
In the future, I would like to see configuration backup on email included in Fortinet FortiGate-VM.
The AI capabilities that they launched last year should be enhanced. If we procure FortiManager, then through FortiAI, we can find out the issues or the configuration changes required as per best practices. Those things need to be added to help us troubleshoot more easily. If the AI helps us even with troubleshooting, it will save a lot of time for us as well.
Some of the compatibility and technical support issues are reasons why I rate it eight instead of nine or ten; the rest of everything is good.
For how long have I used the solution?
I have been working with Fortinet FortiGate-VM for around five to ten years.
What do I think about the stability of the solution?
We were facing challenges while deploying Fortinet FortiGate firewall on AWS with Graviton instances; we were not able to build HA. The Graviton processor has some limitations. I do not know exactly what the issue was, but we changed the instance type and then installed it. There must be some compatibility issues with that particular Graviton CPU and Fortinet.
What do I think about the scalability of the solution?
It took a couple of weeks, approximately two to three weeks, to overcome all those issues.
How are customer service and support?
The technical support is very helpful, but reaching technical support is quite difficult because whenever we have raised a ticket, it takes a lot of time to reach them and even make them understand the issue. When we raise a ticket, it routes to some L1 engineer, and they might not have adequate AWS or Azure knowledge, which is why it took a lot of time to get an L3 or L2 engineer and find a resolution.
What about the implementation team?
We have an entire team of ten to fifteen people involved in the process of deployment, and they are the implementation engineers.
What other advice do I have?
With respect to cloud networks, we may require some detailed documentation because that will help improve our implementation.
It was good; I did not find any challenge with Fortinet Security Fabric 's real-time threat response capabilities.
We do not utilize Fortinet FortiGate-VM's Hybrid Mesh Firewall feature.
It is better how I assess the impact of Fortinet FortiGate-VM's threat detection on our IT security and our customer's IT security after implementation.
It is very affordable and very competitive pricing; I think it is a good solution. I rate this product eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Mohamed Fouad
Firewall has strengthened perimeter security and has reduced incidents through real-time threat blocking
Reviewed on Dec 22, 2025
Review from a verified AWS customer
What is our primary use case?
My main use case for Fortinet FortiGate-VM is that it is used as a main firewall to secure our network as a perimeter firewall for our enterprise network.
As a perimeter firewall, Fortinet FortiGate-VM acts as a firewall for our enterprise network to access multiple VMs, providing security and a basic firewall for these VMs.
In addition to being a perimeter firewall, Fortinet FortiGate-VM helps us with inspecting traffic and blocking malicious activity on these VMs.
What is most valuable?
In my experience, the best features Fortinet FortiGate-VM offers are usability, stability, and return on investment.
Regarding stability, Fortinet FortiGate-VM has had no issues, and we have a great experience with implementing it. About return on investment, it reduced incidents, and fewer people are needed to manage this firewall, so money is saved.
Fortinet FortiGate-VM has positively impacted my organization by providing basic security and capabilities for threat modeling, threat prevention, and IPS. It has powerful IPS that provides the attack signature to be detected in real-time. We have FortiGuard and the license, and once we had the license on Fortinet FortiGate-VM, everything worked well.
What needs improvement?
It would be better to have high availability with hardware for Fortinet FortiGate-VM, as it will be better for implementing high availability.
For how long have I used the solution?
I have been using Fortinet FortiGate-VM for about five years.
What do I think about the stability of the solution?
Fortinet FortiGate-VM is stable.
Since implementing Fortinet FortiGate-VM, we have gained deep insight into network traffic due to its great viewing capabilities, and we can integrate with the cloud or FortiAnalyzer for log retention which is free for seven days and can be purchased for a longer duration. Fortinet FortiGate-VM's stability is the best feature.
What do I think about the scalability of the solution?
Fortinet FortiGate-VM's scalability is great. You can upgrade your licensing module and also purchase a license with the same VM as your organization grows.
How are customer service and support?
Customer support for Fortinet is one of its best features. You can open a ticket and expect a reply and problem-solving from effective engineers in just one hour, which no other vendor can offer.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Previously, I used Palo Alto, and I configured it many times, but I think Fortinet FortiGate-VM is much better than Palo Alto because of licensing cost, complexity, and usability.
How was the initial setup?
My experience with pricing, setup cost, and licensing for Fortinet FortiGate-VM is very good. We have a licensing module along with a next-generation firewall module, and its pricing compared to other vendors is one of the best features of Fortinet as it is cheaper than any vendor, and the low setup cost allows anyone to implement Fortinet FortiGate-VM easily.
What was our ROI?
Specific outcomes from Fortinet FortiGate-VM show that we have reduced incidents as we are actively blocking attacks, which also leads to cost savings.
I have seen a return on investment. We have time saved due to visibility and security in one box, and fewer employees are needed because the usability of Fortinet FortiGate-VM means our management team is smaller.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for Fortinet FortiGate-VM is very good. We have a licensing module along with a next-generation firewall module, and its pricing compared to other vendors is one of the best features of Fortinet as it is cheaper than any vendor, and the low setup cost allows anyone to implement Fortinet FortiGate-VM easily.
Which other solutions did I evaluate?
Before choosing Fortinet FortiGate-VM, I evaluated Palo Alto.
What other advice do I have?
Fortinet FortiGate-VM is deployed in my organization on a public cloud and also on a hybrid cloud.
We use AWS as our cloud provider for both public and hybrid cloud deployments.
I purchased Fortinet FortiGate-VM through the AWS Marketplace .
Fortinet FortiGate-VM has improved our overall network security posture by stopping attacks and benefiting from FortiGuard, which provides attack signatures while applying WAF modules and antivirus signatures to analyze and stop attacks.
With Fortinet FortiGate-VM's threat detection, we can stop attacks in real time, and we have alerts. We also have automations on Fortinet FortiGate-VM, so once the host is compromised, we get notifications, allowing us to integrate Fortinet FortiGate-VM with our infrastructure security. This integration creates a great security fabric, enabling us to detect patient zero on our network and stop advanced attacks in real time.
We have set up automation on Fortinet FortiGate-VM to detect compromised hosts, and upon detection, we execute an action to FortiGate NAC to isolate the compromised host, leading to positive benefits from Fortinet FortiGate-VM.
The integration capability across environments is crucial for us because once we gain visibility, we can effectively deal with attacks and have great useful information to enhance our network security, applying firewall policies according to the logs, thereby enhancing the visibility of our network.
If you are considering using Fortinet FortiGate-VM, you should check Fortinet when deploying a firewall. My recommendation, based on best practices with Fortinet firewall implementation, is that its stability is the best feature. You can have a great licensing module and scalability across all signatures. Once you purchase the license, you will receive the most real-time signatures from FortiGuard, so I strongly recommend using Fortinet FortiGate-VM.
I am just a customer, and my company does not have a business relationship with this vendor. I would rate this product a ten out of ten.
Mohamed Fouad
Centralized management has improved branch security operations and simplified threat prevention
Reviewed on Dec 19, 2025
Review provided by PeerSpot
What is our primary use case?
I have been dealing with Fortinet FortiGate-VM and have implemented it many times at customer sites. We are providing both hardware and VM solutions to connect branch sites and implementing FortiManager to manage Fortinet FortiGate-VMs as a cloud solution or as a dedicated VM to manage all of Fortinet FortiGate-VMs.
I utilize Fortinet FortiGate-VM Hybrid Mesh Firewall feature. We have used it as a demo and have purchased it already, but have not fully configured it.
What is most valuable?
In my opinion, Fortinet FortiGate-VM is stable, and the best aspect is usability. Fortinet has many good things regarding usability. It has a great user interface and you can easily manage it, easily view information, and easily generate reports. This applies not only to Fortinet FortiGate-VM but to all Fortinet products. The support is also one of the most good features of Fortinet.
My impression of Fortinet FortiGate-VM Security Fabric real-time threat response capabilities is that it is a first-world security fabric compared to others.
In assessing the impact of Fortinet FortiGate-VM threat detection on my IT security operations, it relies on FortiGuard. If you have an IP and the correct license, it has powerful capabilities with IPS signatures and updated signatures from FortiGuard about attacks. One of the standout features is providing some models with a WAF module. This can help many customers, including small customers, by providing them with WAF functionality to protect web application servers. I think threat prevention is excellent on Fortinet FortiGate-VM.
What needs improvement?
Fortinet FortiGate-VM can be improved in certain areas. It has most of the features I want, and honestly, it is one of my favorite VMs and one of my favorite vendors. Compared to others, Palo Alto is excellent, and I work with Palo Alto as well, but Fortinet offers a good quality product at a lower price point compared to Palo Alto.
It would be beneficial if Fortinet FortiGate-VM could set up high availability with hardware. Some Fortinet products already have this feature, but I do not think Fortinet FortiGate-VM will do it now. You can make high availability with hardware rather than on the same VM or with the same license requirements. If you have a VM, you can make it a high availability solution with hardware, which would be a great feature. FortiNAC from Fortinet has this feature already, but not Fortinet FortiGate-VM.
For how long have I used the solution?
I would generally recommend Fortinet FortiGate-VM to others. I would strongly recommend using Fortinet FortiGate-VM if you have a requirement to implement a firewall.
How are customer service and support?
The support is one of the most good features of Fortinet. Compared to others, such as IBM, I have had many issues with IBM support. It does not have enough engineers to support many customers. You can open a ticket and expect to receive a response in four business days if you have a medium impact case, which is very critical in SOC environments.
I would rate the technical support by Fortinet at a 10.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of Fortinet FortiGate-VM is straightforward and is the best aspect. It is easy to set up and easy to maintain. All Fortinet portfolio products have a default IP of 192.168.1.99. You can upgrade it in seconds. Compared to others, this is one of the standout features.
Sankha Rajaguru
Cloud firewalls have strengthened real-time threat protection but still need smoother updates
Reviewed on Dec 11, 2025
Review from a verified AWS customer
What is our primary use case?
We are mainly using Fortinet FortiGate-VM firewalls which are particularly hosted in cloud environments. It will connect cloud environments with on-premise networks and secure cloud-hosted VM traffic, both outgoing and incoming traffic. Those are the main requirements we are receiving.
What is most valuable?
Real-time threat response is really good, and sandboxing and all the signatures are most of the time accurate. They are aligned with recent threats, and Fortinet also has Fortinet Labs where they do their own research and publish new signatures and threats in real-time to the firewalls and all the devices, so I think it is pretty good.
When comparing with Sophos, I think Fortinet's Security Fabric is really nice because they do have more signatures. When we talk about IPS and all these security features, I think Fortinet is good in that aspect.
Fortinet does provide a lot of visibility in Fortinet FortiGate-VM , and some devices do not have an inbuilt HDD. For logs and data retention, they provide the FortiCloud free service for seven days. Using those features, we gather information to troubleshoot and find root causes. They also have a FortiView section, which is very useful to find out the top sources, top destinations, and which sessions are running. It is very useful.
What needs improvement?
We mainly get firmware upgrades from time to time, and there are bugs. For the moment, I do not have any features in my mind to mention regarding improvements.
Since I have not worked with VMs so frequently, I cannot tell exact points. Overall, you are asking about the improvements which have to be done on the VM side. They are updating frequently, but sometimes it depends on internet connectivity. Those databases are not getting updated in such cases, so external threat feeds are helpful.
For how long have I used the solution?
I can say it has been about one to two years using it as a company. We use both the platforms.
What do I think about the stability of the solution?
I have not experienced any stability issues.
What do I think about the scalability of the solution?
It is scalable, but as per my knowledge, the license is bound to the hardware it comes with, which I have read.
How are customer service and support?
I have worked with the customer team and also the technical team. When we come to technical support, they provide very professional support to mitigate threats or troubleshoot issues. They provide the expected support.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Three years ago, I worked in a different company. Now I work in a different one.
How was the initial setup?
I think someone who is new to firewalls can do the initial setup without any issue if they follow the guide. It is not that complex.
What about the implementation team?
Most of the time, we are purchasing it through our local partners and local distributors.
What was our ROI?
Obviously, when a customer hosts their firewalls in VMs, they will get ROI because they do not need that many specifications or hardware requirements to host a firewall.
What's my experience with pricing, setup cost, and licensing?
It is reasonable.
Which other solutions did I evaluate?
I am actually working with Fortinet and Sophos, and also I am looking partially for a rival to Checkpoint as well.
What other advice do I have?
Both Fortinet FortiGate-VM and appliance are available. The difference between Fortinet FortiGate-VM and appliance is the platform which you are hosting. In the appliance, I am really seeing the appliance already with the required OS and everything. When we go to the VM side, we have to host the VM according to the defined specifications, and we have to get the licensing for it. Basically, in the firewall maintenance and configuration part, I cannot see any huge difference. It is the same. When we go to the VM side, all the network cable management and some things are happening virtually.
Feature-wise, as per my knowledge, there are no additional features when you go to the VM or the appliance. You can have the same features either you go with the appliance or VM.
Fortinet FortiGate-VM, mainly affordability and flexibility because some customers do have their infrastructure in cloud environments. Some customers do not prefer to use the cloud platform's native firewalls. In those cases, customers are listing to host their own firewall. For cases in those situations, the customer can get the benefit for those areas since it is affordable. I think it is more affordable than cloud-native firewalls.
Benefits mean the main benefit is when a customer is trying to purchase a firewall. They do not need to pay a price for the appliance. They only need to purchase a license. For the appliance, they can use their own platform to host the firewall. I think that is the main benefit when it comes to the VM side.
Overall network security posture: when a customer implements their firewall in the VM in the cloud environment, they can monitor their hosted VMs' outgoing and incoming traffic. They can restrict access, and they can include IPS, AV, ATP, all these things to secure the traffic. I think it is a huge benefit rather than using the native cloud firewall that is provided by the platform.
When we come to threat detection, I can mention IPS as well. Also under the threat landscape, since as I remember, Fortinet FortiGate-VM has the largest signature base in the IPS. They help us to prevent a lot of known threats using their signature database, which updates continuously.
When we compare it with Sophos, I think the most benefits are their security posture. They have a strong security posture in Fortinet FortiGate-VM compared to Sophos. Also the utilization: Fortinet FortiGate-VM OS is very suitable for small hardware because Sophos OS runs on Linux, which requires huge CPU and RAM utilization. Those are the pros and cons when you compare it with Sophos.
We are using that. Recently we have done an implementation where when someone tries to scan our ports in the firewall for a few times, we have scripts to block those IPs. It is very useful and user-friendly. We can get a lot of tasks done through that automation feature.
Rather than depending on Fortinet's security posture, they provide us the possibility to integrate our firewalls with external threat feeds, which is a huge benefit. If Fortinet misses any host or signature update, we can get it updated through the external threat database.
It is very flexible. We can use several external authentication platforms to integrate with our firewall, for example, SAML or LDAP. They provide so many integration points, and as I remember, they are free of charge as well.
You have to size your firewall depending on your connection types and the threat sources. Fortinet FortiGate-VM firewall is based on that. You have to do proper sizing on the VM that you are putting the firewall on.
In our country, Sri Lanka, most of the customers use their internal firewall and perimeter firewalls. When we take all the customers, it is about more than thirty to forty percent using Fortinet FortiGate-VM as their internal or perimeter firewalls. Huge customers, so we do have a high demand for Fortinet for the internal and perimeter levels.
I would rate this product a seven out of ten overall.
Which deployment model are you using for this solution?
Public Cloud