We deploy the FortiGate Next Generation Firewall (NGFW) mainly in education, with retail, big retails, and other industries such as manufacturing, agriculture, and some banking.

Some of the best features with the FortiGate Next Generation Firewall (NGFW) particularly are its security focus, the easy to configure IPS, the Layer 7 capabilities, and the easy way to configure different VDOMs in each equipment so we can separate the different features or the different sites that the client may use in one data center.

The application control feature has helped manage the network traffic with filtering and antivirus capabilities. When we use it in SD-WAN solutions, we can apply in a unified and easy way the different profiles for each branch, and we can also have one profile for the hub if they have a data center with some servers connecting to the FortiGate. We can have different profiles, and it helps us to detect easily any threat that we may have in the network and control the outbound traffic to the internet, restricting those applications or those web services that the final users don't need to have access to.

The FortiGate Next Generation Firewall (NGFW)'s anti-malware protection is very effective, as we have demonstrated through our work with this feature.

The FortiGate's analytic tools have provided insights into network security events by implementing the IOC license, Indicator of Compromise, in some customers, which has been very helpful because it demonstrates that we can identify the threats more easily or the difference in the way that the customers use the network. We can identify the possible behavior of the customers on the network and can identify the possible threats and isolate that customer if we receive any threat for the network or the company.

The web filtering has also helped for maintaining network security because we have been implementing some filters in customers so they don't have access to potential sites that can make a threat to our network, for example, to access peer-to-peer networks or any other sites that are not allowed in the company.

The FortiGate Next Generation Firewall (NGFW) could be improved in application control if they can have a bigger baseline of applications that they can identify, because this is something that is always growing. I know that Fortinet with the team is updating this database, but it's something that grows at a pace that is very difficult sometimes to keep up. This applies to all vendors, not only Fortinet.

I would rate their support for the FortiGate Next Generation Firewall (NGFW) on a scale of one to ten as 7.5.

Positive

The pricing for the FortiGate Next Generation Firewall (NGFW) is fair.

My company has a business relationship with Fortinet as we are both resellers and we also use the technology. If they had any questions regarding my feedback on the FortiGate solution, not the NGFW, but the FortiGate, it would be okay for them to contact me in that regard. I rate the FortiGate Next Generation Firewall (NGFW) 8.5 out of 10.

I am working as a presales engineer or system engineer, designing solutions for other clients.

The clients use this solution for their data centers and perimeter security.

The main reason customers prefer Fortinet FortiGate is that it's security-centric, allowing them to implement security features such as a next-generation firewall and translate this to the WAN or SD-WAN architectures, or as a base if they want to grow in more security features or other verticals such as ZTNA and SASE. It's a little baseline for the rest of the verticals or features that can be exploited.

Fortinet FortiGate compares favorably to others in terms of the technology. Second, it's about the relationship they build with their customers. I'm in Colombia, and I can say they have an excellent sales and engineering team that provides a great experience for their clients. They are very attentive and engaged. This company has a rich history; they grow alongside their clients. They take the time to show clients all the benefits and features of the technology they offer. It’s a much more personal experience for everyone involved.

Fortinet Unified SASE is strong for providing consistent security policies across multiple locations. Working with Fortinet in the SASE aspect has been easy. Customers appreciate the features we can offer with Fortinet SASE and ZTNA solutions. They particularly appreciate how they can integrate everything with the baseline of Fortinet FortiGate, and how they can easily apply all the features they need to secure access to different applications from a single console. Some clients use the Fortinet FortiGate data center solution for their data centers as a hub and the perimeter security service.

My experience integrating SD-WAN capabilities with Fortinet FortiGate is in the middle ground. Fortinet FortiGate, as a security-centric fabric, can implement an SD-WAN solution. It can be somewhat manual in some cases, but using other tools that Fortinet has, such as FortiManager, makes implementing an SD-WAN network easier with less effort.

The implementation depends more on the engineer's skill when integrating SD-WAN with Fortinet FortiGate. If you don't have extensive skills in implementing Fortinet FortiGate, it can be difficult, but with more experience, it becomes easier.

In the presales team, I have been working with Fortinet FortiGate for about five years, and as a customer, I worked with it for about two years between 2016 and 2018.

Fortinet FortiGate is very stable and secure for customers.

It's easy with Fortinet FortiGate as they have a very good solution for scalability. If we need to grow in branches or licenses, we can easily do it. The most important aspect of growing this solution is their strong enterprise-level account managers, who always help customers find the best solution and an easy path to grow their architecture with Fortinet.

I would rate their customer service around eight because not everything is perfect, but they have very good customer experience and relationship management.

Positive

It depends on the size of the company or the solution they want to implement with Fortinet FortiGate. Most companies could have another vendor or baseline products, so we need to depend on the scenario.

It is very straightforward to set up initially. The duration depends on the size of the company and the solution they want to implement. They might already have another vendor or a different baseline of products, which makes things more complex.

As for deployment models, we typically offer both on-premises and cloud options. We have been working with AWS, and it has been a very positive experience. They provide readily available machines, and everything is easy to find in the marketplace.

I believe it's a fair price for the kind of technology they offer their customers. Sometimes, I think they could apply more discounts to engage customers further. This approach would be beneficial, as it helps us expand the solutions available to clients. As for discounts, they do engage clients with them, particularly in strategic business situations, such as with large accounts in sectors like banking and big retail.

When comparing Fortinet to other vendors, Fortinet generally tends to offer better discounts. However, this does not imply that their solutions are of lower quality; rather, they demonstrate expertise in meeting customer needs.

Some users utilize AI and machine learning enhanced features, such as the FortiGuard services, though not all do as the AI features are relatively new. However, we have successfully positioned some features, particularly in areas such as AI. For example, the threat detection capabilities and the AI assistant available in the FortiAnalyzer service are noteworthy. Fortinet offers a license that can be utilized for AI features, especially in FortiManager. Users appreciate this feature because it helps them achieve better network configuration. If they encounter any issues within the network, they can easily leverage AI to find solutions to those problems.

Overall, I would rate Fortinet FortiGate a nine out of ten because while not everything is perfect, they're really doing their best and demonstrating it through their technology.

I am working with Fortinet FortiGate and FortiMail.

I assess Fortinet FortiGate firewall as a one-stop shop that helps me secure and protect mission-critical data. Fortinet FortiGate also has products for protecting the edge. Everything can be managed through one dashboard, so I cannot quantify the time saved. Fortinet FortiGate has helped me remediate threats more quickly.

At the moment, I cannot think of any areas where Fortinet FortiGate could be improved. In future updates, I would like to see more RAM and lower prices.

I have probably been using Fortinet FortiGate for eight years.

I would rate support from Fortinet as a nine.

I did previously use other software before Fortinet FortiGate. I was using Cisco and Sophos.

The installation of Fortinet FortiGate was very easy.

In the scenarios coming from Cisco, Fortinet FortiGate has helped reduce my total cost of ownership. In the scenarios coming from Sophos, it has not.

I would say I am average in my satisfaction with the licensing cost for Fortinet FortiGate. I am satisfied with the price-to-performance ratio that I get from using Fortinet FortiGate firewall.

I switched from Cisco and Sophos to Fortinet FortiGate because it is easier to manage.

I have been using the Fortinet FortiGate firewall for a significant time and I am very happy with it. I have seen a lot of time saved for my company from using Fortinet FortiGate. Fortinet FortiGate has helped me reduce Mean Time To Respond, or MTTR. Fortinet FortiGate helped my organization consolidate all of the tools in one application. This product does not require any maintenance from my side. I would recommend Fortinet FortiGate to other organizations because it is a one-stop shop for all security features in Fortinet, and I can manage everything on the same dashboard. The vendor can contact me in case they have questions regarding my review. I wish to be anonymous at the moment.

I would rate Fortinet FortiGate in general as a nine.

In the last months, we use Fortinet FortiGate for internal segmentation firewalls and also for the OT for the production to separate ICS components; that's the most reason why we implemented a Fortinet FortiGate firewall.

The most valuable features of Fortinet FortiGate that I found are its next-generation firewall capabilities with stateful inspection and antivirus, along with features such as a reverse proxy that are missed by some other firewall products such as Palo Alto or Check Point. We have a product suitable for the mid-sized market where we can handle all necessary features without the need to build every security feature with a separate device or product; thus, Fortinet FortiGate offers the completest feature set for a firewall on the perimeter to the internet or for internal segmentation.

The main issue we have dealt with in the last few months is the number of vulnerabilities, which has caused concerns for both customers and integrators regarding whether Fortinet is a secure product; this has affected my rating, as it is why I do not give a ten, instead rating it an eight. The feature set works, but the excessive vulnerabilities bring risks, necessitating upgrades and patches, which complicate matters.

I have been working with Fortinet FortiGate firewall for more than 10 years.

We do not have any problems with the stability of the Fortinet FortiGate product, but we have had problems with vulnerabilities. There are many vulnerabilities in the last few months, leading some customers to question whether Fortinet is a really secure product, which has created issues for us.

For Fortinet FortiGate's scalability, we have many different appliances available, and for the internal segmentation as well as the firewall components in the OT, the scalability is very good, so we do not face any problems there. That's one of the main reasons we use Fortinet FortiGate—because there are many different appliances available and we can select the one that we need without having to buy a bigger, more costly appliance.

My experience with Fortinet FortiGate customer service and technical support is that when we need assistance, we receive fast and competent support. We are certified with this product, and we do not encounter any problems, as they are quick and possess the know-how that we need.

Most issues are related to integration and operations, and since I'm only a consultant, I am not directly involved in these aspects. Engineers handle the implementation and operations, and while I know they use third-party products to integrate different firewall policies, I do not have any negative feedback regarding the implementation, so I cannot compare Fortinet FortiGate against other products.

In the last 12 months, I only worked with Guardicore, but now other products are coming up: ColorTokens and Illumio, though I do not have any experience with these two products. We have many collaboration tools such as Webex Teams and others; however, I only use them as a usual user and not as an administrator of these tools. I do not have any experience with Fortinet FortiGate's SD-WAN. I know the product but do not have experience with Fortinet Unified SASE; as I mentioned earlier, my focus in the last months was on internal segmentation, which means I could not use a cloud solution. I do not have any experience with Fortinet FortiGate's data center solution. There have been no benefits or improvements for the organization since the deployment of Fortinet FortiGate. 

Overall, I would rate Fortinet FortiGate an eight out of ten.

Fortinet FortiGate is mainly used for next-generation firewall features.

Most of our customers primarily use FortiGate as a general-purpose firewall and for remote work. During COVID, they needed to enable the SSL VPN licenses, which was a straightforward process, and they benefited greatly from that. However, apart from this, I don’t see a significant differentiator between FortiGate and other firewalls.

Most of our implementations are standalone. We have a few integrations as well with Active Directory and other things. It is pretty straightforward, and we have not had any issues.

The main value comes from the simplicity of the product in terms of configuring and managing. 

Their user interface could be improved from a configuration perspective.

I have personally used it for about five years, but the organization has been using Fortinet FortiGate for the organization and customers for about 10 years.

Stability is excellent. We have not had issues from the product itself.

We have deployed Fortinet FortiGate from 50 user locations to 100-200 user locations. We have not had any issues with any of those models.

I would rate their support an eight out of ten. There's always room for improvement. 

Positive

We are a small system integrator and an authorized partner for Fortinet FortiGate, Cisco, Cisco Meraki, Palo Alto, Sophos, and Check Point. We cater to the SMB and upper SMB market and some enterprise customers. Most customers do not require fully fledged integrated solutions.

In Sri Lanka, there is about 40% market penetration for Fortinet. They have partnerships with two telcos, so most corporates with MPLS links who wanted to move out with the operator are offered managed SD-WAN solutions using Fortinet FortiGate.

We have Cisco customers as well, including local customers and global customers whom we support using Cisco firewalls. Comparing Cisco and Fortinet firewalls is challenging. You cannot compare a Ferrari with a normal Nissan sedan from a product and feature perspective. The SMB market segment and the upper SMB market segment are very price-conscious. Cisco does not offer firewalls that are competitively priced for this market segment, especially compared to Fortinet's offerings. They only recently released the 200 series, which can compete with the FortiGate 50 models that we sell.

Fortinet FortiGate is pretty straightforward compared to Cisco.

It is mostly on-prem. One or two clients are using it on the cloud.

Our customers get their ROIs on the price points that we sell in this market.

For the market and the segment that we cater to, the FortiGate pricing structure is sufficient.

I would rate Fortinet FortiGate a nine out of ten.

My main use case for this product is a firewall.

I appreciate the ease of use, ease of setup, and the different abilities it has. I have been very pleased with it over SonicWall. The interface of Fortinet FortiGate is a lot easier to use and more robust, plus their VPN option is much better; SonicWall is ridiculously slow. I have been very happy with the effectiveness of the unified SASE for providing consistent security policies across multiple locations. It has positively impacted my organization by freeing me up regarding administration; I spend a lot less time on administration. It probably saves me about 30 to 45 minutes a week.

They could continuously focus their improvements on network perimeter security, as that's what they're best at.

I have had four years of experience with Fortinet FortiGate, going on four, possibly five. I cannot remember if we switched over to them in 2020 or 2021, but I think it was 2020.

Fortinet FortiGate is very stable. I don't have any issues with Fortinet FortiGate freezing up or needing frequent restarts. The firmware updates are automatic, and I have just been really happy.

While we're a single office with a single server, I can say that it can definitely be scaled up.

I had a little help from Fortinet FortiGate support, but other than that, it was just me deploying it. I would rate their support a 10; they're fantastic. Their knowledge makes them fantastic; if they had to research something and get back to me, it was very quick, and usually I get an answer right away.

The unit itself is probably comparable in price, maybe a little more expensive than SonicWall; however, the yearly maintenance is quite a bit more, but it is more robust and worth it.

For a firewall, the initial setup was pretty straightforward for us.

I had a little help from Fortinet FortiGate support, but other than that, it was just me deploying it.

I believe all use cases could work for this solution. For us, Fortinet FortiGate is deployed on-premises. We purchased Fortinet FortiGate through a Fortinet reseller. Their knowledge makes them fantastic; if they had to research something and get back to me, it was very quick, and usually I get an answer right away.

I would rate Fortinet FortiGate an 8 or a 9 overall; everything always has room for improvement, but I'm pretty pleased with it.

We deployed Fortinet FortiGate SD-WAN into one of our customers, and they are satisfied. We utilized Fortinet FortiGate's data center solution; we took in three units: FortiGate ADC 1101 and 2600, and we deployed them into a customer, with no issues so far. The impact of these services on data center protection at scale is still on the launch side; the production will be up maybe this month, but so far, there are no issues.

The best features I have already seen in Fortinet FortiGate are the automatic updates, the easiness of deployment, and the capacity. These three features are the best.

A shorter response time when we have questions could improve Fortinet's first-level support quality. The knowledge base is comprehensive, so that is okay. For additional features that could make Fortinet FortiGate even better in the future, they have the SD-WAN, but I do not know if they have quantum VPN. 

I saw one brand that has a quantum random number generator, so maybe that could enhance security, along with a smaller version of their product to fit into the budgets of smaller departments.

I have been dealing with Fortinet FortiGate since April.

I think Fortinet FortiGate is overall stable.

There are a lot of people using it, maybe more than a thousand.

The technical support by Fortinet is okay; they are very responsive, and they know what they are doing. If you ask them questions, they can easily answer.

I have no experience working with any other firewalls before using Fortinet FortiGate.

I was not a part of the technical team that deployed Fortinet FortiGate for integrating SD-WAN capabilities. I am actually with the research team, and I relate the feedback I get from their experience with Fortinet FortiGate.

The pricing of Fortinet FortiGate is a little pricey from my perspective. It is expensive comparatively to its competitors. The brand has its own price concerning the licensing model of Fortinet FortiGate.

We are dealing with other vendors besides Fortinet; we are constantly searching for brands and comparing their features side by side. Besides Fortinet, we are currently dealing with Palo Alto, Sophos, and my friends also did Check Point and another Korean brand. For Sophos, we are mostly dealing with firewalls. The Sophos products we are dealing with are firewalls. For Palo Alto, we are in the same category with firewalls.

I would recommend Fortinet FortiGate to others, specifically for larger companies but not for smaller companies because of the price-sensitive Philippine market, where you would not find a lot of companies buying premium products. I do not know if I can see room for improvement in Fortinet FortiGate because I am not so techie myself. I would rate Fortinet FortiGate as a product an eight out of 10.

We are using Fortinet FortiGate for branch-to-branch connectivity. It handles internet outages, internet breaks to the cloud, and internet connectivity to the internal systems in the branches.

The SD-WAN and VPN tunnels are the best features of Fortinet FortiGate in my opinion. My major workload runs on Fortinet FortiGate, as it serves as the main backbone of the network.

The firmware in Fortinet FortiGate needs improvement. Some firmwares have many bugs, such as filter issues and VPN connectivity problems. Last month, with version 7.4.6, we experienced web filter issues. They need to fix the bugs before releasing firmware.

We have been using Fortinet FortiGate for up to 15 years, and it performs well.

In my opinion, Fortinet FortiGate is a stable solution.

Fortinet FortiGate's scalability is flexible and scalable.

The customer service and technical support of Fortinet FortiGate rates seven out of ten. The technical support and RMA process are acceptable. We don't raise many tickets, but when we do, we receive late responses for technical tickets, which is why I rate it seven out of ten.

We used Palo Alto and Cisco Meraki before choosing Fortinet FortiGate.

The initial setup of Fortinet FortiGate is very easy.

We used in-house resources for our setup instead of an integrator, reseller, or consultant.

We currently have approximately 110 Fortinet FortiGates and 40 managers. Each year we increase by almost 10 to 20 FortiGates. We are also considering FortiSASE and have discussed this with Fortinet FortiGate. We are planning changes in return on investment from this solution this quarter.

The pricing depends on market competition, which is high because Cisco Meraki and Palo Alto offer similar costs for pricing, setup, and licensing of Fortinet FortiGate. They need to compete with lower margins as prices are getting high for Fortinet FortiGate.

We are currently using Palo Alto and Cisco due to some issues with the Fortinet FortiGate sales people. We have installed equipment in almost four locations, and we are using these three solutions simultaneously.

We are planning to implement SASE and have already discussed this with Fortinet FortiGate. We are currently only discussing the possibility of using SASE.

The integration of SD-WAN capabilities with Fortinet FortiGate has positively impacted application performance. The implementation is straightforward for new users. My experience in integrating SD-WAN capabilities with Fortinet FortiGate has been excellent, rating it 10 out of 10.

Overall, I rate Fortinet FortiGate 9 out of 10.

Our primary deployment of FortiGate 3401E (v7.2.11-17.40) is as the perimeter and east-west firewall for four geographically distributed data centers, each secured with an HA-paired cluster. We handle over 500 Gbps of mixed Layer 3 to Layer 7 traffic across our data centers, where FortiGate 3401E appliances perform deep-packet inspection, SSL/TLS termination, and real-time application control to secure critical services.FortiGate enforces blacklists for unwanted apps and CVE-based signatures, isolates services via VDOMs (enterprise, core, billing, WAF), and automatically blocks zero-day threats using FortiGuard IPS feeds

Since deploying FortiGate 3401E clusters, we have observed:

Dramatic Reduction in Risk Exposure. Blocked peer-to-peer and unauthorized applications (e.g., BitTorrent) at the perimeter and east-west segments, eliminating a major source of malware and bandwidth abuse. Proactive IPS signature updates from FortiGuard closed zero-day and known-CVE gaps faster than our previous Huawei solution. Enhanced Visibility & Forensics. Full-packet captures and rich metadata logging in FortiAnalyzer enable sub-minute root-cause analysis of security events. Custom dashboards surface top-talkers and rule-hit counts, letting us fine-tune policies and prove compliance to auditors. Operational Efficiency. VDOM-based segmentation simplifies multi-tenant and multi-service management within a single chassis and no additional hardware required.

Analytics with FortiAnalyzer. Being able to pull in logs not just from our FortiGates but from all our other firewalls and then get them in one view has been a game changer. Whether I’m building an executive dashboard or doing a deep dive forensics session, I get everything I need without navigating consoles.Straightforward Application Control. FortiGate spots and blocks unwanted apps (eq. like BitTorrent or streaming services) with accuracy. Segmentation with VDOMs. We’ve carved our data center into four logical ‘mini-firewalls’ enterprise, core, billing, and WAF—all on one box. Each has its own rules and logs, and any traffic between them still gets inspected. It’s like having multiple appliances without the extra hardware. Always-Up-to-Date Threat Feeds. Daily signature updates and AI-driven threat sensing mean we’re blocking the latest vulnerabilities almost as soon as they’re announced.

The CPU spikes sometimes go up to 40 percent occur during background IPS updates, but there’s no visibility into which subsystem is responsible. Current Gap: Despite scheduling daily signature downloads, updates sometimes run outside the configured window triggering unplanned performance hits.

I have been working with Fortinet FortiGate for almost six to seven years.

six to seven years in production with only two brief downtimes
both incidents stemmed from firmware upgrade bugs and were promptly identified
infosec alerts and FortiGuard advisories guide our version choices
support response and resolution averaged four to five hours per ticket
instituted rollback validation and staging procedures to avoid repeats
outside of upgrade windows the HA clusters have delivered near-100 percent uptime

It is scalable.

For Fortinet FortiGate, I would rate their technical support a nine out of ten. Compared to other products, Fortinet FortiGate provides timely updates, even coordinating with engineers for coverage. I've worked with other products, so I recognize their strengths in terms of support.

Positive

our core perimeter and east–west inspection point was a Huawei Eudemon firewall cluster. While it handled basic stateful filtering it lacked Deep Packet Inspection Eudemon could not parse or enforce Layer-7 application contexts, leaving blind spots for evasive or nonstandard-port traffic. it also did Granular threat Intelligence, and it was limited, and updates were infrequent, delaying remediation of newly disclosed CVEs. Unified Logging and Forensics erm the Eudemon’s logging interface offered only summary-level records, forcing manual packet captures for any detailed analysis

implementation used FortiGate 3401E running firmware 7.2.11 build 17.40

partner provided detailed timelines and low-level designs that we followed step by step

grace period and dedicated engineer ensured any questions were answered immediately

cut-over executed without major issues or unplanned downtime

post-deployment support window allowed smooth transition to steady-state operations

overall process was seamless and delivered on schedule

There was involvement from a partner, although I can’t recall their name off the top of my head. I believe they were based in Nigeria. They were indeed helpful. They were great. Whenever we had an issue, we could call them at any time, and they would assist us promptly. They were genuinely helpful, no doubt about that.

I believe we purchased it through the third-party vendor they provided us with. So, the third party handled the purchase, interfacing with FortiGate, while we communicated with the vendor directly, if I remember correctly.

onboarded three times more customers without adding firewall hardware
cut network expansion capital expenses by roughly 40 percent through VDOM consolidation
reduced vulnerability remediation costs by about 60 percent thanks to automated FortiGuard updates
shortened policy-deployment time by over 50 percent, freeing up 10 plus hours of engineering effort weekly
achieved payback on the initial FortiGate investment within 9 months via increased tenancy revenue and lower OPEX

Check Point Infinity

Strengths- mature threat prevention suite, granular policy controls, strong management console

Weaknesses – high total cost of ownership, steep learning curve and management overhead at scale

Cisco Firepower

Strengths – tight integration with existing Cisco switching and routing fabric, robust SSL decryption

Weaknesses – underwhelming layer 7 DPI performance in our live 5G billing environment; fragmented logging requiring multiple consoles; protracted support cycles

Palo Alto Networks excluded from this evaluation to diversify our vendor mix and avoid single-vendor lock-in

FortiGate emerged as the best balance of performance, visibility and TCO after six months of PoC across four data centers

I like how the role-based access control with granular admin profiles reduces risk of misconfiguration in multi-team environments

automatic configuration backups and revision history simplify audit compliance and rollback in case of errors

built-in high availability health checks and session-sync ensure seamless failover during maintenance or hardware faults

Me and my team have been managing site-to-site and remote access VPNs. We have been doing centralized logging through FortiManager and applying security policies, such as web filtering and application control across distributed branch locations. 

I have also handled firmware upgrades, security patching, and integrating the Fortinet FortiGate logs within SIEM tools, such as Splunk, for threat monitoring.

I have integrated SD-WAN capabilities with Fortinet FortiGate by configuring multiple WAN links for dynamic path selection, load balancing, and failover based on performance metrics. I have used application-aware routing to prioritize critical traffic, such as VoIP or business apps, over high-quality links, while sending less critical traffic over backup circuits. We have managed and monitored these through FortiManager and FortiAnalyzer, ensuring visibility and automated alerts if link performance degrades.

The network performance has shown a significant positive impact. By utilizing features such as dynamic path selection and application-aware routing, we've been able to reduce latency for critical applications such as VoIP and video by 20-30% during peak times. Additionally, we’ve minimized downtime through automatic failover between links. This approach has also allowed us to cut costs by routing non-critical traffic over lower-cost circuits while keeping high-priority applications on premium links.

I have used the unified SASE feature a little bit, and it is very effective because it consolidates firewall, IPS, and other features such as sandbox into a single platform. It simplifies the management since we do not have to rely on separate appliances. It also helps with faster threat detection and response, especially when paired with FortiAnalyzer and SIEM tools, such as QRadar. The logs and events are correlated automatically, which makes a significant difference.

Something that stood out for me once I started using Fortinet FortiGate was the centralized management through FortiManager and how easily I could deploy consistent policies across multiple sites. The VPN configuration was also very straightforward compared to some other platforms. The integration with SIEM tools makes monitoring and incident response much smoother, which stood out to me. 

For the future, one improvement area is the complexity of SD-WAN configuration. When managing a large number of sites, the GUI is user-friendly, but when scaling deployments, it sometimes requires more manual fine-tuning or scripting. 

Another concern is reporting. FortiAnalyzer is powerful, but generating customized reports can be cumbersome compared to some other tools. Additionally, seeing deeper automation and API integrations would be beneficial so that policy updates and SD-WAN changes can be pushed faster across large environments.

I have been using FortiGate for about four to five years in various settings. My experience includes working with Fortinet FortiGate and other firewalls and Panorama across multiple roles. I have been involved in designing as well as managing policies. Additionally, I have handled upgrades and migrations.

The performance and stability of Fortinet FortiGate has been strong in both small and large environments. The throughput and latencies are very good, even with multiple security features such as IPS, antivirus, or SSL inspection enabled simultaneously. I have found them to be reliable with minimum downtime. The Fortinet high availability features work effectively to ensure continuous network availability.

Scalability is quite straightforward. They can scale from small branch offices to large enterprise environments. Their model hardware options and virtual firewall instances allow flexible deployment. For larger data centers or higher complex environments, sometimes Palo Alto or Cisco solutions offer more advanced scaling options, but Fortinet FortiGate is definitely competitive for enterprise needs.

I have worked with them a bit, and we usually start by opening a support ticket through the Fortinet support portal. I also remember calling their TAC hotline directly for priority one issues, particularly for major VPN outages or SD-WAN failures.

I typically provide the necessary diagnostics upfront, such as logs, packet captures, and debug outputs, so we can move quickly towards a resolution. Most cases are resolved fairly quickly, but for more complex bugs, they may suggest fixes or recommend firmware updates. In such cases, it just takes a bit more time.

I would rate their support an eight out of ten. They are generally very responsive and knowledgeable, especially regarding firewall and VPN issues. While resolutions can take longer for complex problems or new features, overall, the support team is very helpful and proactive in providing patches and workarounds.

Positive

I have used many alternatives to Fortinet FortiGate, including Palo Alto Networks firewalls and Cisco ASA Firepower. Palo Alto has strong application visibility and threat prevention, while Cisco excels in routing and integration. I have also worked with Juniper, which is great for scalability, and Check Point. I am comfortable adapting to different firewall ecosystems depending on the environment and requirements.

It wasn't that hard. Overall, it was pretty straightforward. For smaller sites or branch offices, the GUI is intuitive and clear. FortiManager helped streamline policy pushes across multiple devices, which made it easy to manage. However, for more complex deployments that involved SD-WAN or advanced features, there was some initial complexity in fine-tuning configurations and integrating with our existing infrastructure. Despite this, it was manageable with good planning and testing. Overall, the process was relatively easy.

Maintenance is definitely a part of my role. I am responsible for applying firmware updates, security patches, and configuration backups on FortiGate devices to ensure stability and security. While Fortinet provides regular updates and technical support, the day-to-day maintenance, monitoring, and troubleshooting are handled internally by our network team.

I haven't looked into that directly, as I am not involved in the purchasing or budgeting aspects. However, I believe Fortinet offers competitive pricing compared to other enterprise firewall vendors. Their licensing model is straightforward, especially regarding security features like anti-filtering, IPS, and web filtering.

The choice really depends on the specific features needed, such as advanced SD-WAN capabilities, which can increase costs. Therefore, it is important for organizations to plan their licensing effectively to optimize value.

I have used FortiClient as part of the Fortinet SASE deployment, primarily for remote users, providing secure access via VPN and ZTNA, along with endpoint protection such as web filtering and threat detection. I have also deployed it to integrate with Fortinet FortiGate and the cloud so users can get consistent policies whether they are on-site or remote. It is useful because it centralizes management and policy enforcement, but I have noticed it can use more system resources on endpoints, so tuning the profiles is important for performance.

I would rate Fortinet FortiGate an eight out of ten. It offers a great balance of performance, security features, and ease of management. However, there is room for improvement in areas such as scalability for extremely large environments and deeper automation. Nonetheless, it is a solid platform that fits well in most enterprise networks. Therefore, I would give it an eight out of ten.