My main use case for this product is a firewall.

I appreciate the ease of use, ease of setup, and the different abilities it has. I have been very pleased with it over SonicWall. The interface of Fortinet FortiGate is a lot easier to use and more robust, plus their VPN option is much better; SonicWall is ridiculously slow. I have been very happy with the effectiveness of the unified SASE for providing consistent security policies across multiple locations. It has positively impacted my organization by freeing me up regarding administration; I spend a lot less time on administration. It probably saves me about 30 to 45 minutes a week.

They could continuously focus their improvements on network perimeter security, as that's what they're best at.

I have had four years of experience with Fortinet FortiGate, going on four, possibly five. I cannot remember if we switched over to them in 2020 or 2021, but I think it was 2020.

Fortinet FortiGate is very stable. I don't have any issues with Fortinet FortiGate freezing up or needing frequent restarts. The firmware updates are automatic, and I have just been really happy.

While we're a single office with a single server, I can say that it can definitely be scaled up.

I had a little help from Fortinet FortiGate support, but other than that, it was just me deploying it. I would rate their support a 10; they're fantastic. Their knowledge makes them fantastic; if they had to research something and get back to me, it was very quick, and usually I get an answer right away.

The unit itself is probably comparable in price, maybe a little more expensive than SonicWall; however, the yearly maintenance is quite a bit more, but it is more robust and worth it.

For a firewall, the initial setup was pretty straightforward for us.

I had a little help from Fortinet FortiGate support, but other than that, it was just me deploying it.

I believe all use cases could work for this solution. For us, Fortinet FortiGate is deployed on-premises. We purchased Fortinet FortiGate through a Fortinet reseller. Their knowledge makes them fantastic; if they had to research something and get back to me, it was very quick, and usually I get an answer right away.

I would rate Fortinet FortiGate an 8 or a 9 overall; everything always has room for improvement, but I'm pretty pleased with it.

We deployed Fortinet FortiGate SD-WAN into one of our customers, and they are satisfied. We utilized Fortinet FortiGate's data center solution; we took in three units: FortiGate ADC 1101 and 2600, and we deployed them into a customer, with no issues so far. The impact of these services on data center protection at scale is still on the launch side; the production will be up maybe this month, but so far, there are no issues.

The best features I have already seen in Fortinet FortiGate are the automatic updates, the easiness of deployment, and the capacity. These three features are the best.

A shorter response time when we have questions could improve Fortinet's first-level support quality. The knowledge base is comprehensive, so that is okay. For additional features that could make Fortinet FortiGate even better in the future, they have the SD-WAN, but I do not know if they have quantum VPN. 

I saw one brand that has a quantum random number generator, so maybe that could enhance security, along with a smaller version of their product to fit into the budgets of smaller departments.

I have been dealing with Fortinet FortiGate since April.

I think Fortinet FortiGate is overall stable.

There are a lot of people using it, maybe more than a thousand.

The technical support by Fortinet is okay; they are very responsive, and they know what they are doing. If you ask them questions, they can easily answer.

I have no experience working with any other firewalls before using Fortinet FortiGate.

I was not a part of the technical team that deployed Fortinet FortiGate for integrating SD-WAN capabilities. I am actually with the research team, and I relate the feedback I get from their experience with Fortinet FortiGate.

The pricing of Fortinet FortiGate is a little pricey from my perspective. It is expensive comparatively to its competitors. The brand has its own price concerning the licensing model of Fortinet FortiGate.

We are dealing with other vendors besides Fortinet; we are constantly searching for brands and comparing their features side by side. Besides Fortinet, we are currently dealing with Palo Alto, Sophos, and my friends also did Check Point and another Korean brand. For Sophos, we are mostly dealing with firewalls. The Sophos products we are dealing with are firewalls. For Palo Alto, we are in the same category with firewalls.

I would recommend Fortinet FortiGate to others, specifically for larger companies but not for smaller companies because of the price-sensitive Philippine market, where you would not find a lot of companies buying premium products. I do not know if I can see room for improvement in Fortinet FortiGate because I am not so techie myself. I would rate Fortinet FortiGate as a product an eight out of 10.

We are using Fortinet FortiGate for branch-to-branch connectivity. It handles internet outages, internet breaks to the cloud, and internet connectivity to the internal systems in the branches.

The SD-WAN and VPN tunnels are the best features of Fortinet FortiGate in my opinion. My major workload runs on Fortinet FortiGate, as it serves as the main backbone of the network.

The firmware in Fortinet FortiGate needs improvement. Some firmwares have many bugs, such as filter issues and VPN connectivity problems. Last month, with version 7.4.6, we experienced web filter issues. They need to fix the bugs before releasing firmware.

We have been using Fortinet FortiGate for up to 15 years, and it performs well.

In my opinion, Fortinet FortiGate is a stable solution.

Fortinet FortiGate's scalability is flexible and scalable.

The customer service and technical support of Fortinet FortiGate rates seven out of ten. The technical support and RMA process are acceptable. We don't raise many tickets, but when we do, we receive late responses for technical tickets, which is why I rate it seven out of ten.

We used Palo Alto and Cisco Meraki before choosing Fortinet FortiGate.

The initial setup of Fortinet FortiGate is very easy.

We used in-house resources for our setup instead of an integrator, reseller, or consultant.

We currently have approximately 110 Fortinet FortiGates and 40 managers. Each year we increase by almost 10 to 20 FortiGates. We are also considering FortiSASE and have discussed this with Fortinet FortiGate. We are planning changes in return on investment from this solution this quarter.

The pricing depends on market competition, which is high because Cisco Meraki and Palo Alto offer similar costs for pricing, setup, and licensing of Fortinet FortiGate. They need to compete with lower margins as prices are getting high for Fortinet FortiGate.

We are currently using Palo Alto and Cisco due to some issues with the Fortinet FortiGate sales people. We have installed equipment in almost four locations, and we are using these three solutions simultaneously.

We are planning to implement SASE and have already discussed this with Fortinet FortiGate. We are currently only discussing the possibility of using SASE.

The integration of SD-WAN capabilities with Fortinet FortiGate has positively impacted application performance. The implementation is straightforward for new users. My experience in integrating SD-WAN capabilities with Fortinet FortiGate has been excellent, rating it 10 out of 10.

Overall, I rate Fortinet FortiGate 9 out of 10.

Our primary deployment of FortiGate 3401E (v7.2.11-17.40) is as the perimeter and east-west firewall for four geographically distributed data centers, each secured with an HA-paired cluster. We handle over 500 Gbps of mixed Layer 3 to Layer 7 traffic across our data centers, where FortiGate 3401E appliances perform deep-packet inspection, SSL/TLS termination, and real-time application control to secure critical services.FortiGate enforces blacklists for unwanted apps and CVE-based signatures, isolates services via VDOMs (enterprise, core, billing, WAF), and automatically blocks zero-day threats using FortiGuard IPS feeds

Since deploying FortiGate 3401E clusters, we have observed:

Dramatic Reduction in Risk Exposure. Blocked peer-to-peer and unauthorized applications (e.g., BitTorrent) at the perimeter and east-west segments, eliminating a major source of malware and bandwidth abuse. Proactive IPS signature updates from FortiGuard closed zero-day and known-CVE gaps faster than our previous Huawei solution. Enhanced Visibility & Forensics. Full-packet captures and rich metadata logging in FortiAnalyzer enable sub-minute root-cause analysis of security events. Custom dashboards surface top-talkers and rule-hit counts, letting us fine-tune policies and prove compliance to auditors. Operational Efficiency. VDOM-based segmentation simplifies multi-tenant and multi-service management within a single chassis and no additional hardware required.

Analytics with FortiAnalyzer. Being able to pull in logs not just from our FortiGates but from all our other firewalls and then get them in one view has been a game changer. Whether I’m building an executive dashboard or doing a deep dive forensics session, I get everything I need without navigating consoles.Straightforward Application Control. FortiGate spots and blocks unwanted apps (eq. like BitTorrent or streaming services) with accuracy. Segmentation with VDOMs. We’ve carved our data center into four logical ‘mini-firewalls’ enterprise, core, billing, and WAF—all on one box. Each has its own rules and logs, and any traffic between them still gets inspected. It’s like having multiple appliances without the extra hardware. Always-Up-to-Date Threat Feeds. Daily signature updates and AI-driven threat sensing mean we’re blocking the latest vulnerabilities almost as soon as they’re announced.

The CPU spikes sometimes go up to 40 percent occur during background IPS updates, but there’s no visibility into which subsystem is responsible. Current Gap: Despite scheduling daily signature downloads, updates sometimes run outside the configured window triggering unplanned performance hits.

I have been working with Fortinet FortiGate for almost six to seven years.

six to seven years in production with only two brief downtimes
both incidents stemmed from firmware upgrade bugs and were promptly identified
infosec alerts and FortiGuard advisories guide our version choices
support response and resolution averaged four to five hours per ticket
instituted rollback validation and staging procedures to avoid repeats
outside of upgrade windows the HA clusters have delivered near-100 percent uptime

It is scalable.

For Fortinet FortiGate, I would rate their technical support a nine out of ten. Compared to other products, Fortinet FortiGate provides timely updates, even coordinating with engineers for coverage. I've worked with other products, so I recognize their strengths in terms of support.

Positive

our core perimeter and east–west inspection point was a Huawei Eudemon firewall cluster. While it handled basic stateful filtering it lacked Deep Packet Inspection Eudemon could not parse or enforce Layer-7 application contexts, leaving blind spots for evasive or nonstandard-port traffic. it also did Granular threat Intelligence, and it was limited, and updates were infrequent, delaying remediation of newly disclosed CVEs. Unified Logging and Forensics erm the Eudemon’s logging interface offered only summary-level records, forcing manual packet captures for any detailed analysis

implementation used FortiGate 3401E running firmware 7.2.11 build 17.40

partner provided detailed timelines and low-level designs that we followed step by step

grace period and dedicated engineer ensured any questions were answered immediately

cut-over executed without major issues or unplanned downtime

post-deployment support window allowed smooth transition to steady-state operations

overall process was seamless and delivered on schedule

There was involvement from a partner, although I can’t recall their name off the top of my head. I believe they were based in Nigeria. They were indeed helpful. They were great. Whenever we had an issue, we could call them at any time, and they would assist us promptly. They were genuinely helpful, no doubt about that.

I believe we purchased it through the third-party vendor they provided us with. So, the third party handled the purchase, interfacing with FortiGate, while we communicated with the vendor directly, if I remember correctly.

onboarded three times more customers without adding firewall hardware
cut network expansion capital expenses by roughly 40 percent through VDOM consolidation
reduced vulnerability remediation costs by about 60 percent thanks to automated FortiGuard updates
shortened policy-deployment time by over 50 percent, freeing up 10 plus hours of engineering effort weekly
achieved payback on the initial FortiGate investment within 9 months via increased tenancy revenue and lower OPEX

Check Point Infinity

Strengths- mature threat prevention suite, granular policy controls, strong management console

Weaknesses – high total cost of ownership, steep learning curve and management overhead at scale

Cisco Firepower

Strengths – tight integration with existing Cisco switching and routing fabric, robust SSL decryption

Weaknesses – underwhelming layer 7 DPI performance in our live 5G billing environment; fragmented logging requiring multiple consoles; protracted support cycles

Palo Alto Networks excluded from this evaluation to diversify our vendor mix and avoid single-vendor lock-in

FortiGate emerged as the best balance of performance, visibility and TCO after six months of PoC across four data centers

I like how the role-based access control with granular admin profiles reduces risk of misconfiguration in multi-team environments

automatic configuration backups and revision history simplify audit compliance and rollback in case of errors

built-in high availability health checks and session-sync ensure seamless failover during maintenance or hardware faults

Me and my team have been managing site-to-site and remote access VPNs. We have been doing centralized logging through FortiManager and applying security policies, such as web filtering and application control across distributed branch locations. 

I have also handled firmware upgrades, security patching, and integrating the Fortinet FortiGate logs within SIEM tools, such as Splunk, for threat monitoring.

I have integrated SD-WAN capabilities with Fortinet FortiGate by configuring multiple WAN links for dynamic path selection, load balancing, and failover based on performance metrics. I have used application-aware routing to prioritize critical traffic, such as VoIP or business apps, over high-quality links, while sending less critical traffic over backup circuits. We have managed and monitored these through FortiManager and FortiAnalyzer, ensuring visibility and automated alerts if link performance degrades.

The network performance has shown a significant positive impact. By utilizing features such as dynamic path selection and application-aware routing, we've been able to reduce latency for critical applications such as VoIP and video by 20-30% during peak times. Additionally, we’ve minimized downtime through automatic failover between links. This approach has also allowed us to cut costs by routing non-critical traffic over lower-cost circuits while keeping high-priority applications on premium links.

I have used the unified SASE feature a little bit, and it is very effective because it consolidates firewall, IPS, and other features such as sandbox into a single platform. It simplifies the management since we do not have to rely on separate appliances. It also helps with faster threat detection and response, especially when paired with FortiAnalyzer and SIEM tools, such as QRadar. The logs and events are correlated automatically, which makes a significant difference.

Something that stood out for me once I started using Fortinet FortiGate was the centralized management through FortiManager and how easily I could deploy consistent policies across multiple sites. The VPN configuration was also very straightforward compared to some other platforms. The integration with SIEM tools makes monitoring and incident response much smoother, which stood out to me. 

For the future, one improvement area is the complexity of SD-WAN configuration. When managing a large number of sites, the GUI is user-friendly, but when scaling deployments, it sometimes requires more manual fine-tuning or scripting. 

Another concern is reporting. FortiAnalyzer is powerful, but generating customized reports can be cumbersome compared to some other tools. Additionally, seeing deeper automation and API integrations would be beneficial so that policy updates and SD-WAN changes can be pushed faster across large environments.

I have been using FortiGate for about four to five years in various settings. My experience includes working with Fortinet FortiGate and other firewalls and Panorama across multiple roles. I have been involved in designing as well as managing policies. Additionally, I have handled upgrades and migrations.

The performance and stability of Fortinet FortiGate has been strong in both small and large environments. The throughput and latencies are very good, even with multiple security features such as IPS, antivirus, or SSL inspection enabled simultaneously. I have found them to be reliable with minimum downtime. The Fortinet high availability features work effectively to ensure continuous network availability.

Scalability is quite straightforward. They can scale from small branch offices to large enterprise environments. Their model hardware options and virtual firewall instances allow flexible deployment. For larger data centers or higher complex environments, sometimes Palo Alto or Cisco solutions offer more advanced scaling options, but Fortinet FortiGate is definitely competitive for enterprise needs.

I have worked with them a bit, and we usually start by opening a support ticket through the Fortinet support portal. I also remember calling their TAC hotline directly for priority one issues, particularly for major VPN outages or SD-WAN failures.

I typically provide the necessary diagnostics upfront, such as logs, packet captures, and debug outputs, so we can move quickly towards a resolution. Most cases are resolved fairly quickly, but for more complex bugs, they may suggest fixes or recommend firmware updates. In such cases, it just takes a bit more time.

I would rate their support an eight out of ten. They are generally very responsive and knowledgeable, especially regarding firewall and VPN issues. While resolutions can take longer for complex problems or new features, overall, the support team is very helpful and proactive in providing patches and workarounds.

Positive

I have used many alternatives to Fortinet FortiGate, including Palo Alto Networks firewalls and Cisco ASA Firepower. Palo Alto has strong application visibility and threat prevention, while Cisco excels in routing and integration. I have also worked with Juniper, which is great for scalability, and Check Point. I am comfortable adapting to different firewall ecosystems depending on the environment and requirements.

It wasn't that hard. Overall, it was pretty straightforward. For smaller sites or branch offices, the GUI is intuitive and clear. FortiManager helped streamline policy pushes across multiple devices, which made it easy to manage. However, for more complex deployments that involved SD-WAN or advanced features, there was some initial complexity in fine-tuning configurations and integrating with our existing infrastructure. Despite this, it was manageable with good planning and testing. Overall, the process was relatively easy.

Maintenance is definitely a part of my role. I am responsible for applying firmware updates, security patches, and configuration backups on FortiGate devices to ensure stability and security. While Fortinet provides regular updates and technical support, the day-to-day maintenance, monitoring, and troubleshooting are handled internally by our network team.

I haven't looked into that directly, as I am not involved in the purchasing or budgeting aspects. However, I believe Fortinet offers competitive pricing compared to other enterprise firewall vendors. Their licensing model is straightforward, especially regarding security features like anti-filtering, IPS, and web filtering.

The choice really depends on the specific features needed, such as advanced SD-WAN capabilities, which can increase costs. Therefore, it is important for organizations to plan their licensing effectively to optimize value.

I have used FortiClient as part of the Fortinet SASE deployment, primarily for remote users, providing secure access via VPN and ZTNA, along with endpoint protection such as web filtering and threat detection. I have also deployed it to integrate with Fortinet FortiGate and the cloud so users can get consistent policies whether they are on-site or remote. It is useful because it centralizes management and policy enforcement, but I have noticed it can use more system resources on endpoints, so tuning the profiles is important for performance.

I would rate Fortinet FortiGate an eight out of ten. It offers a great balance of performance, security features, and ease of management. However, there is room for improvement in areas such as scalability for extremely large environments and deeper automation. Nonetheless, it is a solid platform that fits well in most enterprise networks. Therefore, I would give it an eight out of ten.

I handle solutions architecture for security and systems design. I have customers who use Fortinet FortiGate. 

All the features of Fortinet FortiGate are good. When customers have issues, it's very easy to talk them through the interface, and when they've got any support issues and they want to figure them out themselves, it's very easy for them to contact the FortiGate support. All the knowledge bases have various information and knowledge articles to assist them in getting solutions as quickly as possible.

We use SASE, and it's a great product; I wish FortiGate had come out with it sooner because it helps significantly.

Fortinet FortiGate stands out due to its functionality and longevity. It's stable once you've completed the setup.

In Fortinet FortiGate, they've already improved many areas and built in new features. When considering what can be improved in Fortinet FortiGate, more competitive pricing is needed more than anything else. Fortinet FortiGate is a very good product, but when we look at the South African market, they just need to relook at the pricing because it's a bit pricey for some of the local government organizations.

I've been using Fortinet FortiGate for the last 15 years.

The stability of Fortinet FortiGate rates as a nine out of ten.

It is scalable. I would rate it a nine out of ten for scalability.

Our clients range from across the board.

It's easy for customers to get assistance with the product.

I would rate their support a nine out of ten. I don't have any problems with the vendors.

Positive

It's mostly on prem. I'm going to do data center solutions and cloud deployment.

It's very easy to do the implementations. Even training the customers on how to do their own rules and whitelists is very easy. On average, it takes me about two and a half hours with all the customization for the clients.

Fortinet FortiGate does not require any maintenance. Once it's done, the only times we do maintenance is if the customer wants something or there are updates.

I've shown them how it works with FortiSIEM, so now I can get them to actually do inspections on their infrastructures every six months, do penetration testing, and see that their environments are secure.

When you look at certain sectors of the market, the pricing is a little high. 

We are implementing FortiGate's data center solution now because I'm starting to let local government sites work through one data center. 

With FortiGate SD-WAN, the impact has been very little on the network performance because we've done certain things at night and certain things during the day, so the impact on the network is very low. In my organization, there are about three Fortinet specialists focusing on FortiGate.

I'd recommend Fortinet FortiGate to other users. Overall, I'd give Fortinet FortiGate an eight out of ten, with pricing being the main factor preventing a higher score.

We integrate SD-WAN capabilities with Fortinet FortiGate frequently. Integrating SD-WAN is very easy and almost plug and play. In many cases, it's accomplished by using the built-in features. For more advanced SD-WAN configuration, it's very well documented and described in the Fortinet documents, which helps significantly. It works flawlessly most of the time and is very easy to administer.

I haven't worked extensively with Fortinet Unified SASE yet. We will probably work more with it, but since Norway is quite a small country, we don't have the same use cases as America has, which has many branches of their customers. Our big clients are usually what the US refers to as a small business. We have many smaller locations, which have fewer security needs in a SASE way, as of yet. We are starting to see that the thinking about SASE is changing and more companies are actually starting to open up for the idea of having SASE. I still haven't actually implemented it. I've done several labs with Fortinet and workshops with them. I don't have the experience to actually say how it works because I haven't implemented it with a working customer yet.

I have used Fortinet FortiGate's data center solution. In some cases, we use the high-end data center Fortinet FortiGate. We currently don't utilize machine learning in our data center solutions. We have not implemented any AI capabilities in our production environments due to security concerns. We prefer to avoid using newer and potentially untested technologies in critical environments. Our focus is on maintaining security, and we believe in having a hands-on approach to fully understand the processes involved. Although we’re not using AI, we have had a lot of success with FortiGate for data centers. They are very effective, and I personally enjoy using them. One of the advantages of FortiGate for data centers is that it operates exactly the same way as a regular FortiGate. This means you don't have to relearn everything just because you’re using a higher-end product; it's extremely powerful without requiring a significant adjustment. Overall, we appreciate the ease of transitioning to these systems.

We’re not necessarily a bigger part of the development as a partner, but I feel we’re more informed and more welcomed into the process of actually building the Fortinet FortiGate features because we can easily create a feature request and they will actually take it seriously if it’s something that they see a use case for, and they will publish it. I feel we have a great say in what could be improved feature-wise. I also feel they are very attentive when we’re giving them constructive criticism and they actually take it seriously, which not all vendors are. Being that we’re a small country, it speaks volumes that they care what we say because we’re not that big of a deal in the global picture of Fortinet sales, but they still care what we mean and what we say. It’s very nice to feel that.

The best features of Fortinet FortiGate would be the throughput for the value for money in regards to throughput and security. Many companies have security, many companies have throughput, but very few have throughput and security bundled together in the same price range. It's very easy to use compared to competitors, easy to understand, and the training material is readily available and not hidden behind paywalls as much as many competitors have chosen to do. It's easier to get knowledge, easier to get understanding, and it's a wide portfolio of training material, which is easy to access, which is very good for new technicians. It's also very good for the customer if they want to get a deeper understanding of the product they are actually buying, which they often do.

There's not much to improve except getting rid of more bugs earlier in the software versions so you don't have to be one and a half years behind on software because you're afraid of bugs in the newer releases. I do understand why they have feature releases, which are the newer software releases, but when Fortinet themselves say, don't use feature releases if you don't need the features in production environments, I would really prefer to have more stable software releases, so you don't have to be scared when upgrading.

I have worked on and off with Fortinet FortiGate for about seven years. My main focus has been Fortinet FortiGate for around four years now. It was a part of my work day earlier and now it's one of my main responsibilities to develop our Fortinet FortiGate use for customer cases in our company.

Considering the last three years, I would put Fortinet FortiGate at a seven out of ten because there have been many bugs and vulnerabilities, which forces us to do updates very hastily. I do understand that other competitors also have vulnerabilities. I just feel that Fortinet FortiGate has had many vulnerabilities in the last three years, which forces us to do unscheduled downtime for upgrades. Most of the time in large data center installations, you don’t really notice the downtime because it’s high availability, so the other one takes over. We have many customers that don’t have high availability, so it really sends a message that we are using a product that’s maybe not the most secure regarding vulnerabilities, which is unfortunate. Most customers understand it, but it’s still a nuisance to have unscheduled downtime because of a vulnerability.

The scalability of Fortinet FortiGate rates a perfect ten out of ten. Scalability is one of the biggest upsides of it. It doesn’t create a problem if the customer wants to upscale or extend or do anything to scale the solution. Even downscaling works very well.

We're taking the large customers in Norway. In the last eight months, we had the two biggest Fortinet sales in Norway's history, so we're focusing on high-end customers.

Most of the time, vendor support for Fortinet FortiGate rates a ten out of ten. They’re very helpful and sincere. They really try their best to help us with our problems and challenges, and they never back down from wanting to help. Sometimes it’s an eight out of ten because we sometimes get in the same cases as a competitor of ours, not a competitor of Fortinet, and they tend to say that they’re treating us equally, while we know they are not. I know they’re trying their best to be equal, but there are many levels of why it’s hard. Most of the time, it would be a ten out of ten with no issues at all.

Positive

As a company, we've gone from only selling Fortinet FortiGate as an accessory to creating an entire department in our business dedicated to selling Fortinet products in the span of three years.

I find that with the proper experience using Fortinet FortiGate, the deployment process is quite straightforward. However, it does take some time to become familiar with the deployment tools like FortiManager. While FortiManager is highly beneficial, mastering it requires considerable time and effort since it operates differently than FortiGate. Therefore, you need to learn a new product in order to use it effectively. Also, a lot of technicians use that as an excuse to not learn it that well and continue to use Fortinet FortiGate, which kind of eliminates the purpose of FortiManager. The skill requirements for using FortiManager are somewhat high. This perspective is based on our Norwegian segment, where most of our customers have fewer than ten Fortinet FortiGate. In many cases, they likely don't need FortiManager at all.

The initial deployment takes days. There’s tuning and everything, but the initial deployment and getting it up in production is usually completed in days. Most of the time we actually do it in one day. After hours on a weekday, we usually deploy big Fortinet FortiGate for the biggest customers. We usually finish that before the next work day. The initial setup takes days, not weeks. Completing the setup completely is a continual thing, so that’s never really done because we’re fine-tuning everything all the time. It’s not something I can put a time estimate on.

It's easy to maintain, but it does require upkeep, as all security products do. You can't just deploy and forget about it. This is especially true for security systems, since new vulnerabilities and methods of exploitation arise every day. However, this is not unique to Fortinet; it's a reality across the entire industry. Keeping that in mind, maintaining a Fortinet FortiGate is still quite straightforward, and there are no significant issues in doing so.

Implementation is usually done internally with highly trained staff in our department dedicated to Fortinet FortiGate, without extensive use of external consultants.

We're starting a new division, a group of FortiGate and Fortinet specialists. Right now, I'm focused on creating and launching this group. Currently, we have ten experts on board, with four or five who are very familiar with the product. I would categorize five to six of them as high-level experts. The remaining team members are also knowledgeable; they may not all be classified as experts by Fortinet, but I consider them to be. These individuals are well-versed in FortiGate and are capable of handling complete installations for large customers independently. I would estimate that there are about seven of them with this level of expertise.

I don't have many insights on numbers, but we’ve gone from only selling Fortinet FortiGate as an accessory to creating an entire department in our business dedicated to selling Fortinet products in the span of three years. That’s very quick in our business, which signals it’s a very good return on investment. We have a very big focus internally on getting more people on board with Fortinet, even moving people from other vendors to Fortinet to create a better understanding of the entire Fortinet portfolio to be able to take those cases because we see the customers really want Fortinet FortiGate and we want to deliver it. That’s one of the main focuses we have now, getting more people on board.

There are levels to it, but the newer FortiGate models offer a very good value for money. It's not too cheap but also not too expensive. I find it to be fairly priced and almost the standard of what the competitors should offer as well.

Regarding how I compare Fortinet FortiGate to other solutions on the market or other vendors, I feel we’re not necessarily a bigger part of the development as a partner, but I feel we’re more informed and more welcomed into the process of actually building the Fortinet FortiGate features because we can easily create a feature request and they will actually take it seriously if it’s something that they see a use case for, and they will publish it.

I would absolutely recommend Fortinet FortiGate. It makes a complex area easy to understand and easy to administer. It’s a very complex world protecting from the scary outside internet, but Fortinet FortiGate makes it very easy and they do have easy to use guidance built into the Fortinet FortiGate itself that helps you make good choices. You can also use the built-in features to scan your deployment to see if anything is done out of the norm. If you’ve misclicked something and done anything wrong, you would get a message if you just use the tools in the gate. It’s a quick and easy way to deal with something very complex.

My overall rating for Fortinet FortiGate would be a nine out of ten.

The main use cases for Fortinet FortiGate usually include security to filter traffic to inside the network, load balancing and QoS for the user side, as well as Zero Trust Network Access, allowing users outside and inside the network fabric to connect to our application that is under the firewall.

The most useful features in Fortinet FortiGate are the security features, where we can analyze what kind of traffic is inside our network, and we also utilize ZTNA for limiting and managing our network access. 

The issue with Fortinet FortiGate is the many security CVEs around; I have read there are probably multiple critical CVEs above 9.0 in Fortinet FortiGate products. There appear to be fewer issues with other brands such as Palo Alto or Check Point, but especially with Fortinet FortiGate, there are many vulnerabilities that can be found. The way we manage this is by applying updates whenever new ones are available, but the high critical CVEs generate concern, as we buy security products for our safety and when we find that attackers can easily breach them, it makes us question the safety of the product itself. 

I hope we can deploy the product in an active-active configuration since we currently have two units in an active and passive setup. There are limitations when trying to install it with active-active, but we hope to run it that way.

I have been working with the Fortinet FortiGate firewall for two years.

Stability wise, Fortinet FortiGate is quite good; we rarely have issues with stability, and compared to the previous solution we had, which was much worse, Fortinet FortiGate has had no issues so far.

Fortinet FortiGate is not very scalable. We use the appliance, and once we are out of capacity, we have to buy a new one, as there is no way through scalability. I would rate scalability as a seven out of ten.

I rarely use customer support, but there are a few cases where I tried to reach out before, and it was handled and closed properly, so I had no issues. I would rate the support as nine, based on my experience.

The previous solution we used was Sophos. Sophos had stability problems.

The setup is not complex. It's quite straightforward.

The return on investment after implementing Fortinet FortiGate has been quite okay, allowing us to get the value of what we paid for.

The benefit is more like we are buying insurance. All of the security products may be optional, but having them helps us feel safer and assures us that our network is protected from attackers.

It's affordable. We usually pay about 10K USD annually for the license on a yearly basis.

We have experience with integrating SD-WAN capabilities in Fortinet FortiGate. It is only useful if we have multiple internet operators; if we use a one-to-one connection, there are no benefits. Some of our sites do have multiple internet access, allowing us to use SD-WAN to manage the connection, making it easier to treat it as a single connection while SD-WAN helps manage and load balance between those two.

We do not use Fortinet Unified SASE now, but we are considering implementing it. In the data center, we actually have another solution, but Fortinet FortiGate is used only for our customer-facing side.

My advice to those planning to use Fortinet FortiGate is to check for updates often. We had several issues before due to the firmware we used, but after upgrading to the 7.4 firmware, a lot of issues were resolved just by applying the update regularly. Actually, compared to other firewalls, it is on the very affordable side.

I would rate Fortinet FortiGate an eight out of ten.

We use Fortinet FortiGate as edge protection for the customer site. Right now, we are trying FortiNAC before deploying it for our customer. We link Fortinet FortiGate Firewall to our SIEM solution. We have a cybersecurity department, and we aggregate all the logs of the firewall, the proxy, the PC, virtual machine, and other systems.

The interest of the Fortinet FortiGate appliance is the ability to manage quickly and easily the different functionalities. It's easier to use rather than Palo Alto, for example. AI should be a good improvement. The only difficulty that I have today with the Fortinet FortiGate is that on the Forti appliance, there are many functionalities.

As we are trying FortiNAC right now, there is some improvement needed on the product. For the rest, perhaps having more packages would be beneficial. We do not use FortiManager for our own usage. We have developed some scripts using Ansible and we automate everything.

We have been using the solution for more than 10 years.

The question concerns failures on the appliance or security breaches.

Not all functionalities are scalable.

The access to the support is good. When specific information or professional services support is needed, the professional services are very expensive.

Most of the time we are implementing the UTP service.

The implementation is handled by my team. They are involved in the deployment for the customer and use it day by day. We have three people dedicated to the security part on the Fortinet FortiGate and roughly eight people working on it in the security team.

The cost reduction potential exists but is difficult to quantify.

Fortinet is increasing its value in this area. It's easier to use compared to Palo Alto.

The functionality is acceptable but nothing really impressive. For some customers, we are using Fortinet FortiGate, FortiNAC, FortiAnalyzer. FortiMonitor is used for one customer. For FortiMonitor it's FortiAnalyzer. We don't use FortiAnalyzer on AWS. For both, we need the approval of the head office.

On a scale of 1-10, I would rate this solution between seven and eight.

Fortinet FortiGate provides combined features. Some firewalls do not provide many features, but Fortinet FortiGate provides them at a reasonable price. Their pricing has been increasing over time. We can have a low-cost solution with all integration supported, providing a full package cost-effective manager. The solution offers SD-WAN capability, web filtering, application filtering, WAF, and authentication features. Most customers use Fortinet FortiGate for internet facility and outbound traffic. They implement it in high availability mode on their data center side and at the perimeter level.

Fortinet FortiGate provides combined features that other firewalls do not offer. The solution offers these features at a reasonable price, though prices have been increasing over time. They provide a low-cost product with all integration supported, offering a full package cost-effective manager. Most customers use Fortinet FortiGate for internet facility and outbound traffic.

When they release security updates, functionality needs to be cross-checked thoroughly. The firmware updates and patch updates for particular issues can affect other features. Patch testing should be more comprehensive before deployment. The solution could be improved compared to higher-end products in the Fortinet FortiGate line.

I have been using FortiGate for more than 15 years.

For stability, Fortinet FortiGate scores eight out of ten with mature versions. However, when dealing with vulnerabilities and security updates, performance can be affected at the application level and other functionalities. With mature OS versions, the stability rating remains above eight, but during vulnerability and security issues, the rating drops to six or seven. This sometimes requires seeking alternative solutions rather than patching.

The customer service is good. They can easily identify issues and provide solutions efficiently when dealing with bugs.

I previously worked with Aruba Instant.

The initial setup is easy to implement.

Implementation was done through an implementer.

FortiGuard is included in the setup. When deploying Fortinet FortiGate, it is recommended to check which functionalities are required and enable only those needed. This approach ensures optimal performance from the Fortinet FortiGate firewall.

There are other providers available such as Sophos that provide similar features at a lower cost. However, for stability, Fortinet FortiGate provides combined features in a cost-effective manner.

The solution is primarily used for data center solutions, specifically for NGFW and authentication. Most customers use Fortinet FortiGate for internet facility and outbound traffic. The SD-WAN features are commonly used for connectivity, and the bandwidth and ISP connectivity performance is good. There have been no issues with VPN connectivity for site-to-site connections. Multiple load balancing mechanisms show good performance. On a scale of 1-10, this solution receives a rating of 8.