Fortinet FortiGate Next-Generation Firewall

For FortiGate Next Generation Firewall (NGFW) , I use it primarily to connect with other companies through IPsec VPN. Any other security measures are on AWS  itself, not on FortiGate . I'm someone who's familiar with FortiGate  from previous jobs, so I use that, but it's how we're using it right now.

The IPsec feature of FortiGate Next Generation Firewall (NGFW)  is valuable to our company because we need to connect quickly VPN connections with other companies in our networks, and there are many connections in some cases. We need to keep it as secure as possible, maybe one-way connections or particular ports. FortiGate is the best option, at least that I'm familiar with, that can answer all of that in one product that is mostly easy to use.

In our case, the deployment options of FortiGate Next Generation Firewall (NGFW) are not scalable, but in terms of connectivity to other companies, that's exactly what we needed, and that's exactly what it does perfectly, what is needed.

The most valuable feature for our company using FortiGate Next Generation Firewall (NGFW) is the IPsec feature, but actually FortiGate is known for good UTM products such as application filter and web filtering. We don't use it here, but in previous companies I used it on a daily basis.

One of the benefits I've realized from using FortiGate Next Generation Firewall (NGFW) is that it's secure and allows functions such as VPN. You can control Wi-Fi and other things from within, if you have FortiNet devices. It's an easy to use product, yet it allows you all that is needed, or at least all that you can do. Whenever there is a security breach, FortiGate is known to patch it very quickly from what I've seen.

Since FortiGate Next Generation Firewall (NGFW) was implemented, there was a thought in the company about using the VPN that AWS  itself provides, but it's far from being as good as FortiGate.

The process can be improved in terms of explaining exactly how the installation should be done step-by-step on AWS, because there are network considerations such as security groups. From what I could find, I didn't do extensive research, but it didn't seem obvious enough in that case.

I do not utilize the intrusion prevention and web filtering features of FortiGate Next Generation Firewall (NGFW).

The ability of FortiGate Next Generation Firewall (NGFW) to inspect SSL encrypted traffic is not applicable in the current position, but in previous companies, it was really seamless whenever we used it. It just worked seamlessly.

I don't recall if we use a centralized management console for FortiGate Next Generation Firewall (NGFW) in maintaining oversight across distributed networks.

In my opinion, FortiGate Next Generation Firewall (NGFW) could be better by having specific models for home usage. I'd wish to have a FortiGate in my home, but the licensing isn't something that I want to purchase for home usage.

I have been using FortiGate Next Generation Firewall (NGFW) almost since day one at this company, which I have been with for three years and something.

I experienced the stability and availability of FortiGate Next Generation Firewall (NGFW) more in the previous company. In terms of stability, mostly it is okay; however, in some cases, there are features, especially the UI, that tend to have issues. In some cases, you need to restart it, but mostly, it's working flawlessly, especially if you have an HA environment, high availability.

In our case, the deployment options of FortiGate Next Generation Firewall (NGFW) are not scalable, but in terms of connectivity to other companies, that's exactly what we needed, and that's exactly what it does perfectly, what is needed.

I'm certain that what it allows us in terms of connections to other companies is a straightforward solution that you don't have to use something else. It's easy to configure a new connection, and it works in a few minutes if everything works fine.

In this company, I may have worked with FortiGate Next Generation Firewall (NGFW) support one time, but in my previous company, I actually worked with them extensively. We had multiple FortiGate devices across multiple offices around the world, and we needed to switch them from one account to another sometimes. So I encountered FortiGate support quite frequently.

I would evaluate the level of support for FortiGate Next Generation Firewall (NGFW) somewhere between seven and eight. My experience might be outdated because lately, I haven't had much experience with that. In some cases, you need to come prepared because the people there work by the book and ask for particular things. If you don't have them, you cannot proceed, but if you know what they need, after some time, it's pretty easy to get support or whatever you need.

Neutral

I don't have enough information on other products that I can tell the pros and cons of FortiGate Next Generation Firewall (NGFW) versus its competitors.

The setup was already done, but from what I read, we considered putting it in another environment that we have, yet we didn't because we didn't actually need the environment at all.

I don't know if my company has seen return on the investment from FortiGate Next Generation Firewall (NGFW), but I'm certain that what it allows us in terms of connections to other companies is a straightforward solution that you don't have to use something else. It's easy to configure a new connection, and it works in a few minutes if everything works fine.

Pricing isn't something applicable for me regarding FortiGate Next Generation Firewall (NGFW) because it was already set up once I came to this company.

Since FortiGate Next Generation Firewall (NGFW) was implemented, there was a thought that crossed in the company about using the VPN that AWS itself provides, but it's far from being as good as FortiGate.

I would rate FortiGate Next Generation Firewall (NGFW) as a solution a 10 out of 10. I do love FortiGate.

I give it a 10 because, in my experience, FortiGate Next Generation Firewall (NGFW) is a product that allows you to do many things very easily. If you don't appreciate something about the way it works, you have enough playground to change it to suit your needs.

For someone considering FortiGate Next Generation Firewall (NGFW) for their company, there was a demo online version that they have on their website that is easy to access. You can play with it and see almost all the features in action. That's an easy thing to actually test. Obviously, you cannot connect it to your network and see things live in your case, but it is still a good example of how things work.

Public Cloud

Amazon Web Services (AWS)

I have experience with Fortinet solutions.

I have had experience recently with FortiGate as well.

All the basic and important features needed for perimeter solutions to protect branches and headquarters are valuable with the FortiGate Next Generation Firewall (NGFW).

The FortiGate Next Generation Firewall (NGFW) is deployed in a company that is a carrier of telecommunication services, providing solutions to all kinds of companies around the world, especially in Mexico.

It addresses new and emerging security threats in the telecommunications industry, as we recognize that it is a highly effective solution that provides robust protection. That's the reason it was the main product we used to sell for perimeter security.

We use FortiGate Next Generation Firewall (NGFW) for the access points and their switches.

All the basic and important features needed for perimeter solutions to protect branches and headquarters are valuable with this solution.

The antivirus, malware, anti-malware, anti-spam, IP VPN connections, and firewall rules bring the most value for me and my clients. 

The segmentation capabilities enhance our security posture because they work effectively combined with the switching solutions, allowing us to easily combine switching with the firewall, as we could segregate the VLANs. They were powerful and appropriate for the solution we needed while supporting all the adequate features we required.

I'm not completely sure how Fortinet can improve the FortiGate Next Generation Firewall (NGFW), however, there were situations of availability related to their switching solutions due to box errors. Fixing the bugs in their switching solutions is necessary because I have faced several situations where we lost connectivity because of their firmware.

I have almost 12 years of experience with FortiGate Next Generation Firewall (NGFW).

Regarding next-generation firewalls, I would give the FortiGate Next Generation Firewall (NGFW) a rating of ten out of ten for stability.

The scalability of the FortiGate Next Generation Firewall (NGFW) is quite good; it is easy to make it scalable.

I would place the scalability between nine and ten on a scale of one to ten.

I would rate Fortinet's support a ten out of ten. They are excellent and very available whenever we needed their help.

Positive

We used to struggle with Cisco because it didn't have most of the features that Fortinet has, and when comparing with Palo Alto or Check Point, the prices are higher, which is important for solutions needed by mid-sized companies.

Their deployment team is substantial, consisting of between 100 and 150 people.

Most clients realize the benefits from deployment immediately. They look for internet availability and the security needed for their endpoints.

Fortinet has good prices compared to other vendors; there were cheaper options, and when we compared Cisco, Fortinet's prices were lower.

I don't remember how I bought the FortiGate Next Generation Firewall (NGFW), so I can't say if it was purchased through AWS Marketplace.

The FortiGate Next Generation Firewall (NGFW) helps with the economic aspect because it effectively protects what we needed with the companies in designing the products and solutions.

I'm not familiar with how the FortiGate Next Generation Firewall (NGFW) utilizes artificial intelligence or if it has AI-driven features to improve threat detection and response, so I cannot detail its existence or help.

I would recommend FortiGate Next Generation Firewall (NGFW) to others. It is a very good product. In my position, I sold approximately 1,000 units.

On a scale of one to ten, I rate this solution a ten.

On-premises

Other

We put FortiGate Next Generation Firewall (NGFW)  after the ISP; we use the internet, and before we put our server through the internet, we put FortiGate Next Generation Firewall (NGFW)  as a firewall in our internal network.

We follow ISO 27001, which includes web filtering, spam, and IPS functionality.

We sometimes face challenges if we have new server configurations and need to consider compatibility with FortiGate .

We hope that FortiGate  uses AI to carefully identify something abnormal, and we believe that will be helpful.

The multi-threat protection feature helps us secure our organization.

We understand that FortiGate cannot be standalone without others, such as FortiManager, so for small businesses, if FortiGate can provide something similar to FortiManager, it will be better.

I have been using FortiGate Next Generation Firewall (NGFW) for about nine years.

I would rate the stability of FortiGate Next Generation Firewall (NGFW) as a nine.

I would rate the scalability as a nine also.

I would rate the technical support as a seven.

The installation of FortiGate Next Generation Firewall (NGFW) is actually moderate; it depends on the needs, so it's not so easy but it's not so difficult.

The installation requires a couple of days, and actually, it takes about one day because some parameters need to be set, especially if there are a lot of users.

I have a person in charge of that.

From a cost perspective, I think it's quite reasonable, not so cheap, but I think it's quite similar compared to others.

Two people are involved in the maintenance.

We use many FortiGates. We are using the 60F and 100F, which are the newest versions.

Our staff handles maintenance ourselves; we are not using a third-party service.

About 30 people are using this product in our organization.

We are payroll outsourcing consultants, so basically they calculate payroll.

I would recommend FortiGate Next Generation Firewall (NGFW) to others.

I would rate FortiGate Next Generation Firewall (NGFW) in general as an eight.

On-premises

In a scenario where FortiGate Next Generation Firewall (NGFW)  notably enhanced my customer's network performance, we discussed many points. The graphical user interface is very good, both feature-wise and technology-wise.

The effective feature in FortiGate Next Generation Firewall (NGFW)  is DLP .The FortiGate Next Generation Firewall (NGFW) has the feature image of 7100 D.

In FortiGate Next Generation Firewall (NGFW), my concern regarding improvements is the licensing model. In the latest versions, everything moves to licensing only, and to work from SSL VPNs and integrate those features, it is similar across all vendors, but my main concern is the DLP  part, which has not advanced significantly.Regarding the AI capabilities of FortiGate Next Generation Firewall (NGFW), these AI features are not present in the latest versions, which is why we are working on those versions. They aren't suitable in a live environment, and while AI features exist, I don't have details about their availability in versions after 7.0, as I believe only versions 6.0 and below have those features.For future improvements in FortiGate Next Generation Firewall (NGFW), features-wise, SD-WAN enhancements are expected, especially in configuration or viewing SD-WAN monitoring, as some minor enhancements would be beneficial.The complexity in configuring the policies needs improvement, and the SD-WAN template should be available in the tunnel. When we create the tunnel, we need to add in SD-WAN, allowing the creation of VPN tunnels from SD-WAN, which requires technical expertise to configure. Automating that would strongly enhance it, as SD-WAN is number one now with FortiGate , and going forward, more customers will move to FortiGate .

FortiGate Next Generation Firewall (NGFW) is recommended for various industries, and its GUI has many enhancements in the latest version, making everything good.In FortiGate Next Generation Firewall (NGFW), we are expecting the effective DLP feature with threat detection capabilities, which works with deep inspection. Some customers are not accepting to install the applications, and sometimes in the guest tunnel, content filtering should be blocked, such as domain blocking for Gmail, as users access only their particular consumer account. If they try to access personal accounts, it should be blocked, requiring configuration settings with deep inspection that needs certificates installed in all systems, which is a time-consuming process that some customers do not accept, questioning the need for installing certificates without deep inspection.The licensing model for FortiGate Next Generation Firewall (NGFW) depends on various types such as the earlier UTM license, FortiCare, and Enterprise license. The Enterprise license includes all features such as FortiManager, FortiAnalyzer, and converter. The UTM licenses include only UTM features such as AV, web filtering, application control, and IPS, while FortiCare is only for hardware.

In our organization, FortiGate Next Generation Firewall (NGFW)  serves as the main security system for our firewall needs. I have utilized it to manage the firewalls and some other security appliances, such as VPNs. Currently, my usage focuses primarily on firewall management. I set up rules, search for logs, and consult logs when issues arise. This approach covers most of our security management tasks.

One of the most valuable features of FortiGate Next Generation Firewall (NGFW)  is the ease of usability it offers. It is quite easy for me to learn to use. Additionally, FortiGate Next Generation Firewall (NGFW) has improved our efficiency in setting up security and provided us with more visibility over some issues and incidents we previously faced.

FortiGate Next Generation Firewall (NGFW) could be improved by including more templates for setting rules or regular jobs. I do not recall if the software includes any AI features.

I have had experience with FortiGate Next Generation Firewall (NGFW) for about five or six years.

When deploying FortiGate Next Generation Firewall (NGFW), it required one week for the initial setup and just two hours for effective deployment. There were no significant issues during this process.

In my experience, there are usually no significant stability issues with FortiGate Next Generation Firewall (NGFW). However, updating the software during issues can be quite convoluted, especially if there is an unexpected attack, such as on a Saturday.

Customer service with Fortinet for FortiGate Next Generation Firewall (NGFW) has been quite good. We experienced a major issue during one of the upgrades, and it took about an hour to reach support and rectify the problem.

Positive

Before using FortiGate Next Generation Firewall (NGFW), we used Cisco for our firewall needs. Cisco presented a lot of usability challenges. Setting up firewalls and rules with Cisco was difficult and required extensive knowledge of their system, which led us to switch to FortiGate Next Generation Firewall (NGFW).

The initial setup of FortiGate Next Generation Firewall (NGFW) was relatively smooth. It took about one week for the complete setup and two hours for the actual deployment.

The deployment involved two people from my side, and we also had assistance from a vendor during the setup.

In terms of return on investment, FortiGate Next Generation Firewall (NGFW) has been straightforward. It has notably improved our efficiency and visibility.

The pricing of FortiGate Next Generation Firewall (NGFW) is reasonably affordable. It is suitable for mid-level and high-level companies, though it might not be cheap for small companies.

I would recommend FortiGate Next Generation Firewall (NGFW) to others. Despite some issues with upgrades and vulnerabilities, Fortinet quickly addresses concerns. Overall, on a scale of one to ten, I would rate FortiGate Next Generation Firewall (NGFW) as an eight.