The firewall system we have implemented in my company serves as the gateway to access the internet. We have different VLANs set up on the firewall for various networks. 

We enforce security measures based on policies. When it comes to security, we have web monitoring, application filtering, and MAC address filtering implemented on the firewall. We also utilize VPN and SD-WAN architecture. Everything is functioning well. 

Additionally, we have two ISPs connected for load balancing. We send the logs, and audit logs to FortiCloud for analytics and statistics. 

Moreover, we have an alerting system for FortiGate, which is also functioning properly. The firewall operates in question mode, using round-robin connections, and handles routing as well.

FortiGate is a very good product. It offers a wide range of features, and its availability is almost everywhere. The support, both local and international, is good. Also, they provide certification programs for the next-generation firewalls, which is beneficial. 

The product speaks for itself and holds a strong position in the market. In our company, we highly recommend FortiGate to our colleagues and other IT professionals. Furthermore, it offers cost advantages compared to other products.

The improvement that I would like to see is in the licensing. The licensing process is a bit high. 

Additionally, there have been several vulnerabilities in the firewall. It is hackable, some of the images are hackable. So, upgrading to the latest patch, but these improvements would be more profitable for companies like ours.

I would like to see improvements in license costs and the handling of vulnerabilities.

I have been working with FortiGate NGFW for ten years. I currently use the FortiGate 101E model at a customer site.

I would rate the stability a nine out of ten. It provides a stable network, and I can connect to remote sites as well. I find it reliable because we use SD-WAN. There are no major issues, except when there is an Internet outage. But overall, no significant problems.

The scalability is very good. I would rate the scalability of the solution a nine out of ten because I have encountered no issues so far with the product. The scalability is excellent, very good.

We have 150 users using this solution. Moreover, we have plans to increase the usage. Maybe next year, I plan to upgrade to a newer version of FortiGate, and we have a plan to increase our user count by ten percent by next year. So I'm considering a more powerful firewall for better performance. That's the plan.

In terms of support, they are very responsive. If you reach out to them, they will contact you within 15 minutes. Managing FortiGate is easy and simple compared to other products. It's not too complex. 

Even if we miss renewing our licenses, FortiGate provides a grace period of 90 days, which is exceptional. Most products only offer 30 days. That's the best part, in my opinion.

The support is excellent. I've had very positive experiences with FortiGate's support team. They are friendly and always available. Their support is available 24/7 via phone, email, or chat. 

They even offer remote access if we need help with configuration or auditing logs. Their support is reliable both locally and internationally.

Positive

The availability of product support and its manageability were important factors for me. I found it easy to manage, not too complex. 

Additionally, the product is readily available in my country. Based on the information I found on the Internet, FortiGate seemed to meet my requirements.

The initial setup is straightforward. The setup is pretty simple. However, it acts as an authentic gateway between my routers and the internal network. All the traffic goes through the firewall in cluster mode. If one firewall goes down, the other one takes over until we have time to replace the faulty one. We typically use the firewall for a period of five years before considering a replacement. 

The device is connected to the server room on-premises. We configure it locally, but we utilize FortiCloud for logging and analytics. We manage the number of assets (FortiGate assets) we have, which is manageable through the cloud. That's all.

I have used Barracuda, Sophos, Palo Alto, and more.

My advice would be to start by conducting a Proof of Concept (POC) and test FortiGate NGFW in your own environment. Go through all the necessary configurations and spend around one or two weeks to become familiar with the solution.

After that, you can proceed with the purchase. But if I were to advise someone instantly, I would simply say, go ahead and give it a try.

Overall, I would rate the solution a nine out of ten. 

The primary use case is branch network security.

The solution has helped our organization to secure a network and connect remote sites. 

The most valuable feature is the technical support by FortiGate.

There is an area of improvement in the pricing model and vulnerability management. 

In future releases, I would like to see partnering with cloud suppliers. 

I have been using this solution for less than a year. 

I would rate the stability a seven out of ten. 

I would rate the scalability of this solution a seven out of ten. 

Customer service and support are good. 

Positive

The initial setup was complex. 

I have not seen an ROI yet. We do have plans to increase the usage in near future.

I would suggest not to look for a single solution for all your security requirements and compare the pricing. 

Overall, I would rate the solution a seven out of ten. 

In order to make it even better in the future, improved integration with other vendors' solutions could be beneficial.

FortiGate is compatible enough with other infrastructures, but I encountered difficulties when attempting integration with other infrastructures. So, better compatibility could be an area for improvement.

Another area of improvement could be in terms of changing passwords. For instance, when using FortiGate firewall, you can have the option to set up SSL VPN, allowing users to connect to the network externally. It's like using FortiClient software. But here's the thing, when you have a local account on FortiGate, and you use it to access the network, there is no option to change your password, and that becomes a problem. Especially when you are not using Active Directory and instead relying on the local FortiGate database to create accounts. 

The admin creates the account for you with credentials and a password. But when you try to access using the VPN client software, you have the ability to change your password, and that's not ideal. It's quite challenging. So, if you need to change your password, you have to contact the administrator to change it on the equipment, and that's not convenient, especially in large environments. So, that could be the only solution.

In terms of personal experience, I've been using the product for about seven years. In my current company, it has been three years.

I'm using version 7 for the majority of my equipment, and for some products, it's version 6.6 or something similar.

The product is stable. It offers good stability.

It is a scalable solution. 

The customer service and support have been satisfactory so far.

Positive

FortiGate Next Generation Firewall (NGFW) is easy to deploy. The deployment process is smooth and straightforward.

In my experience, the ROI has been positive.

The price of FortiGate Next Generation Firewall (NGFW) is affordable. I believe it offers reasonable value for the features it provides.

If you're using the IPS version, particularly for ATP, the price is higher due to the IP functionality. However, for other features like web filtering, the price is reasonable. For a year, the license cost for ATP is around $8000. 

So far, I haven't had to pay separately for maintenance or support. It's usually included in the support package, including software support.

Overall, I am satisfied with the product. I would rate it a nine out of ten. 

If you are using it in a small environment, you can go for the FortiGate product. However, if you are implementing it in a very large environment or have specific needs, it's recommended to couple FortiGate with another vendor's solution, like Cisco or Palo Alto. 

It is a firewall solution, so we utilize it regarding policies and security.

The solution is user-friendly and easy to operate.

The solution should have more security features and come with VPN authentication and multi-virus authentication.

We used the previous model, FortiGate 600D. So, I worked with that. I have been using the solution for three years.  We just procured the new solution, but we need to install it right away.

The solution is stable. I would rate the stability of the solution an eight out of ten because there are some issues with security features and aspects like logs not being up to the mark, as well as some challenges with VPN and multiple functionalities.

It's a scalable solution. I would rate the scalability a nine out of ten. There are around 600 users in our organization using this solution. We have plans to increase the usage up to 2000 users. 

The customer service and support team is good. Their response time was great.

The initial setup is straightforward. It has been in use for three years. It may take around four days to make it functional.

Typically, it can be up and running in just one day. However, due to a lack of expertise, it took a bit longer.

I got a consultant to help with the deployment process. One person is enough for the solution; it can be an admin. 

I have definitely seen an ROI. 

I don't want to get the full license as the technology is changing day by day. So, I have I prefer to procure a five-year license, and that's it.

We have used Microsoft Office and Cisco Switches. We have been using the FortiGate firewall.

I advise the users to compare the solution with existing versions before using it.

Overall I would rate the solution an eight out of ten. I would like add more security features to the solution.

We use the solution to provide firewall, cybersecurity, VPN access, and SD-WAN connectivity worldwide.

The GUI is reasonably good. The product is easy to configure.

The product runs out of memory. The web process often has a memory leak. The support cost could be improved.

I have been using the solution for ten years.

The solution’s stability is good. I rate stability a nine out of ten.

The scalability is good. I rate the scalability a ten out of ten. Some customers have 20 users, while others have about 5000 users.

Support is good. It's a bit scripted. It takes a while to get to somebody who knows what they're talking about. It'd be nice to talk to someone technical upfront. Sometimes we have to go through a service desk and go through a whole lot of quick repetitive questions before we get to talk to someone knowledgeable.

I've been working with the product for ten years. I find the initial setup quite simple.

I'm currently deploying 50 units around the country. It'll take me about ten minutes each to configure the solution. Once the product is set up, we need about one or two people to maintain it.

The solution’s price has gone up recently, but it's still good value for money compared to the other firewalls we use. Especially for smaller ones, it is good value for money. Our customers pay for licenses annually or once every two to five years. If we have an older version, the support costs get quite high. I rate the support cost a six out of ten.

I work with lots of firewalls. I deploy the product on FortiManager. It'll take me about a day to configure FortiManager. We have lots of customers. I would recommend the solution to others. Overall, I rate the product a nine out of ten.

First, we use the solution as a native firewall. After a native firewall, we use IPS. We also use NGFW features like antivirus, IPS, and shaping, which are very important features for companies. We also manage all of my products with FortiManager or FortiAnalyzer and collect online data. For another feature, we try to use SD-WAN products. The SD-WAN feature on FortiGate was implemented for a company with thirty or fifty branches. We had a good experience with the conversion between Cisco and FortiGate for secure access points because Now I'm a consultant for network administration, and we have a challenge with choosing one of these, and so for example, someone, if I actually choose a Fortinet product, SD-WAN based on Fortinet, sometimes someone chooses SD-WAN based on Cisco, but because my special is Cisco, I prefer SD-WAN based on Cisco.

One of the weaknesses of the solution is something we noticed, especially after comparing the tool with SD-WAN features, since, unfortunately, in a massive scale size environment, the solution is not good. It cannot be recommended for massive scaling in terms of size, especially for businesses with more than 1,000 branches.

Cisco is very stable, especially on the larger scale side, and it's very important for SD-WAN features. If you try Next Generation Firewall for a big company, then it is good to purchase a Cisco product. However, Cisco's price is a little high and more than Fortinet's prices. But for small companies, it is better to choose Fortinet and FortiGate products, which is important.

A company needs a tool for accounting. Unfortunately, now we don't have any accounting, especially for the quarter and control side. We don't have any solution in FortiGate. However, Sophos Firewall has it, so it is good for Fortinet's next version.

I have been using FortiGate Next Generation Firewall (NGFW) for more than eight years. I am just a technical person, so I'm a solution designer, a network architect involved in network security.

In FortiGate, after FortiOS Version 5.6, it is stable, and there is no problem. However, we had many problems with FortiOS Version 5.0.5 in FortiGate. Now, when we use FortiGate's FortiOS Version 7, we don't have any problems. The solution has improved, and it is a good product now. For a larger scale, my recommendation is to choose a Cisco product like Firepower Services because, in a massive-scale business, stability is very important.

When I survey FortiGate and FortiGate products, I see that they have a good performance, especially in terms of next generation firewalls. In the future, improving such features and performance is absolutely better. Juniper has a better performance compared to FortiGate.

Speaking about technical support, I have a good experience with design, especially in terms of security design and security architecture.

In level one support, they connect to customers directly, which is a part of our work, and we should solve customer problems. But I prefer staying in level two, where we develop, implement, and solve huge and complex problems, because I have had a good experience with this for more than ten years. Also, I think I have good behavior when under heavy pressure.

I think price-wise, the solution is totally reasonable since it has many products to serve, starting from small homes to massive scale sites. A company can choose from one of the offerings by the solution company. Also, it's very important to choose a contract support level. Some companies may choose RMA with support twenty-four hours and seven days a week. So, it depends on the contract support, I think. The Fortinet appliance is a reasonable purchase for companies.

Regarding the license costs, when you choose the 100 series, it is completely different from the 1000 series. It's very important, and so when you choose one-year support or five-year support, or seven-year support, the pricing depends on which one you choose.

In Iran, we have a massive sanction, so we don't use direct support. We don't talk about this. But, concerning my country and direct support from Fortinet, I can't speak about this event. So, in Iran, I don't have an idea about the use of support since we don't use direct support, but we do get indirect support.

When planning to choose FortiGate Next Generation Firewall (NGFW), the scope of the company is very important. Also, it is important for a company to consider if they want one gig, ten gigs, or another concurrent pair concurrent session. Totally, a company's scale and size are very important. After that, for example, we use a prototype with a five gigabit per second, including the performance. However, if we compare Cisco, Fortinet, and other things, Firepower is very good because Cisco's Firepower is a big and active solution which is very strong compared to Fortinet. However, it's very important for a company to have a native firewall, so such companies can't choose from Fortinet series. So, it very much depends on the situation of the company. So, before that, we review a company's requirements and survey network. After that, usually, I recommend the solution. Also, it is very important to have a budget. For example, a company can first tell me about its budget, like, one billion dollars or whatever. After that, we choose a guide and recommend choosing one of the solutions.

I rate the overall solution an eight out of ten.

Our clients use the solution to ensure their environment is secured on all the layers. The application layer all the way to the networking. That's one of the main reasons they use the product in their environment.

It's a seamless product, and it's not buggy. The updates we receive from FortiGate are one of the most important features. The product is user-friendly and not complex.

The solution must improve the support provided for customers around the globe, considering the time differences in different places. The product could add some functionalities and features provided by its competitors to stay ahead in the market.

I have been using the solution for two years.

The product is stable. We haven't had issues so far. I rate the stability a nine out of ten.

The solution is scalable in most cases. It all depends on the customer's requirements. We haven't yet come across a situation whereby scaling is not possible. Our clients are small, medium, and enterprise businesses. Currently, one of our customers is not able to reach the specific level of scalability that they require so far. I rate the scalability an eight out of ten.

The support is great. However, support needs to improve constantly. Even though they are good, they should try to stay ahead of the competitors.

Positive

The solution is easy to install. The ease of setup depends upon the customer’s requirements. I rate the ease of setup a ten out of ten.

The time to deploy the product depends on the clients’ requirements because we have to work hand in hand with the service provider. If we have to terminate a link on the firewall and everything from the networking perspective is all in place, it might just take a couple of minutes to deploy.

We need just need one to three engineers to deploy the solution. It depends on the magnitude of the client. The solution requires maintenance. More than three people are needed to maintain the product.

The product is a little bit expensive. The certifications cost $400. Other vendors provide it for an average of $200 to $300. The product has an annual licensing fee. Additional costs depend on the user's requirements.

People looking to use the product must ensure they have enough engineers who know how to work with it. Overall, I rate the solution a ten out of ten.

The solution is primarily used as a border firewall as well as for internal LAN segregation, internal IPv4 policy management, a VPN for end users, and IPSec tunnels.

Before we implemented this solution, we had only one firewall and old Linux IP tables with no graphical user interface. 

There is no one feature that stands out as most valuable compared to another. All features are correct and no extra items are needed.

The price of licensing could be better. The security of the FortiOS needs improvement, and features are available only in CLI. They could be available also in GUI.

Features like forward traffic capture or NAC in the VPN should take into consideration both Linux devices and Apple devices.

I've used the solution for more than ten years. 

The scalability is okay.

Technical support is not helpful. 

Neutral

We previously worked with Check Point, Palo Alto, Cisco, Watchguard, and PFsense. 

The setup is easy. Support is not helpful.

We handled the initial setup in-house.

The solution is very expensive. 

The price of licensing is too high.

We did not previously evaluate other options before choosing this solution. 

Other Fortinet products are not the best, and Fortinet should take care as this will influence brand reputation.