We use Fortinet FortiGate 100F, which is one of two firewalls that we have, one at the entrance of the DMZ and one just outside. One is facing the internet, and the other is at the entrance of the DMZ. We use the one outside to essentially work as a VPN.

As compared to our previous firewall, WatchGuard, which is a good firewall, the successful hacking attempts were far fewer and further with the Fortinet FortiGate, but at the same time, I don't know if the credit goes to only FortiGate, as we have two firewalls versus one in the second implementation. Overall, it is more secure. The VPN is also more stable than the offering from WatchGuard at that time.

Fortinet FortiGate is one of the most solid and secure firewalls as long as you keep it up to date. The price is right; it's not very expensive. 

It's quite feature-rich. While we've mostly used the VPN, we've also utilized it to create high availability. 

We are pretty happy with it. If anything, I believe the web interface could be simpler, especially for someone who has limited networking experience. I mostly do administration, and I found Cisco to be the hardest major firewall manufacturer to deal with, with Fortinet FortiGate being the second hardest for me. In comparison, there's a bit of an easier and more user-friendly interface with WatchGuard.

I have about three years of experience with the Fortinet FortiGate firewall. We also use FortiClient VPN.

The VPN was more stable than the offering from WatchGuard at that time.

I would evaluate the service and technical support of Fortinet FortiGate as pretty good. Whenever we needed them, they would be there for us. I would rate them a nine out of ten. We had no complaints, although they were sometimes extremely busy.

Positive

Before using Fortinet FortiGate, we were using WatchGuard, which is another good firewall.

The initial setup process was efficient, as it took us less than an hour to set up both firewalls.

I was involved in the deployment of the Fortinet FortiGate, handling the physical deployment myself while our vendor managed the initial setup.

We got the Fortinet FortiGate from Telus, which is a Canadian phone company. Our experience was excellent. They're a major phone company, so the services are never less than stellar.

The maintenance for Fortinet FortiGate involves just the occasional patch update. We have software that informs us whenever there's a new patch, and if it's critical, we run the patch update immediately; if not, we usually run it at the end of the month after it's released.

We had uninterrupted service. If one firewall failed, we still had a secure infrastructure. I believe we essentially had a great VPN compared to the alternative offerings, so that's a good return on investment.

It's good. I would rate the price of the Fortinet FortiGate as an eight out of ten. It's not the cheapest, but it's value for money. Given everything we've got out of it: the DMZ port, the VPN, and the high availability, it's a pretty reasonable price.

I would advise others considering or evaluating the Fortinet FortiGate to buy it. It's one of the best products for the price. 

I would rate Fortinet FortiGate a nine out of ten.

On-premises

In a scenario where FortiGate Next Generation Firewall (NGFW) notably enhanced my customer's network performance, we discussed many points. The graphical user interface is very good, both feature-wise and technology-wise.

The effective feature in FortiGate Next Generation Firewall (NGFW) is DLP.The FortiGate Next Generation Firewall (NGFW) has the feature image of 7100 D.

In FortiGate Next Generation Firewall (NGFW), my concern regarding improvements is the licensing model. In the latest versions, everything moves to licensing only, and to work from SSL VPNs and integrate those features, it is similar across all vendors, but my main concern is the DLP part, which has not advanced significantly.Regarding the AI capabilities of FortiGate Next Generation Firewall (NGFW), these AI features are not present in the latest versions, which is why we are working on those versions. They aren't suitable in a live environment, and while AI features exist, I don't have details about their availability in versions after 7.0, as I believe only versions 6.0 and below have those features.For future improvements in FortiGate Next Generation Firewall (NGFW), features-wise, SD-WAN enhancements are expected, especially in configuration or viewing SD-WAN monitoring, as some minor enhancements would be beneficial.The complexity in configuring the policies needs improvement, and the SD-WAN template should be available in the tunnel. When we create the tunnel, we need to add in SD-WAN, allowing the creation of VPN tunnels from SD-WAN, which requires technical expertise to configure. Automating that would strongly enhance it, as SD-WAN is number one now with FortiGate, and going forward, more customers will move to FortiGate.

FortiGate Next Generation Firewall (NGFW) is recommended for various industries, and its GUI has many enhancements in the latest version, making everything good.In FortiGate Next Generation Firewall (NGFW), we are expecting the effective DLP feature with threat detection capabilities, which works with deep inspection. Some customers are not accepting to install the applications, and sometimes in the guest tunnel, content filtering should be blocked, such as domain blocking for Gmail, as users access only their particular consumer account. If they try to access personal accounts, it should be blocked, requiring configuration settings with deep inspection that needs certificates installed in all systems, which is a time-consuming process that some customers do not accept, questioning the need for installing certificates without deep inspection.The licensing model for FortiGate Next Generation Firewall (NGFW) depends on various types such as the earlier UTM license, FortiCare, and Enterprise license. The Enterprise license includes all features such as FortiManager, FortiAnalyzer, and converter. The UTM licenses include only UTM features such as AV, web filtering, application control, and IPS, while FortiCare is only for hardware.

The typical use cases for Fortinet FortiGate revolve around its security capabilities, as it has a number of features that clients see as necessary for a security solution. This helps them protect various platforms on their networks and infrastructures.

I am involved in implementation as a partner.

It's a good solution. I've not interacted much with it. I know a few features, and it's a nice one.

It's comprehensive and time-saving. It covers several areas regarding security.

Improvements for Fortinet FortiGate could be made by making it easier to implement on networks and simpler to add users and accounts that utilize this solution. That's basically the only challenge that I see.

I have one to two years of experience working with Fortinet FortiGate.

Fortinet FortiGate is a stable solution. While there are issues during implementation, once everything is properly configured, it remains stable. The implementation process can affect users, but those issues get sorted out. 

I find the scalability of this solution to be very good because it allows for easy expansion. You can add more users as needed, which makes it flexible.

I would rate the technical support from Fortinet FortiGate an eight out of ten.

Positive

I normally apply the licensing as a partner, but I am not involved in procurement. 

It's a good product that significantly enhances security and protects organizational data. Therefore, I would recommend considering using it.

I would rate Fortinet FortiGate an eight out of ten.

On-premises

We are using Fortinet FortiGate SWG for web filtering, application control, and IDPS. Additionally, we utilize it for VPN and the main features of a firewall.

Web filtering is very good, as well as IDPS. SD-WAN is a perfect feature. Additionally, the VPN is stable and very good. These features have proven effective in protecting our network, handling large volumes of traffic smoothly without any issues.

More improvement in AI would be a good edge. We would like the VPN to act as a web filtering solution because users outside the company don't have web filtering. It supports web filtering with an additional license.

We have been working with Fortinet FortiGate SWG for more than nine years.

We did not face any challenges during the installation. The process was very smooth.

Fortinet FortiGate SWG works well, handling the whole traffic smoothly with no problems. We have not faced any issues with stability.

The solution is very scalable.

We haven't needed to work directly with Fortinet support recently. Seven years ago, the experience was not good, warranting a rating of five based on that past experience.

Neutral

The initial setup took just a few hours, as it was completed on the same day.

The implementation involved two engineers.

There are financial benefits as Fortinet's products are considered good value for money due to their robust features, despite being priced higher than competitors.

Fortinet products are very expensive compared to competitors like Sophos and SonicWall. From a pricing perspective, I would rate them a six.

Fortinet FortiGate SWG is a leader regarding Gartner. It has a friendly user interface and is very secure compared to others with many features. I recommend it to other companies because of these advantages. I would rate the product a nine. The overall product rating is nine.

Hybrid Cloud

Microsoft Azure

The typical use case for the Fortinet FortiGate firewall for my clients is its ease of use. My clients are using Fortinet FortiGate as SD-WAN.

The effectiveness of Fortinet's unified SASE in providing consistent security policies is notable because there is one security profile from either the head office or the branch office, allowing your profile to move seamlessly with you wherever you go. You have end-to-end visibility, and you can look at the analytics. To me, that moves towards SASE.

My clients appreciate it for its features. It is easy to install and manage, and it offers all-around protection, including web filtering, content filtering, IPS, and IDS.

My clients find the next-generation firewall feature of Fortinet FortiGate to be particularly valuable. It provides internet security, network security, cloud security, ZTNA, and SD-WAN security. There is a unified agent for FortiClient. There is centralized management.

Areas of improvement for Fortinet FortiGate include the need for more training and certification, especially when dealing with distributors globally, which presents challenges in product availability and delivery timelines.

There should also be more training and certification.

I have about 10 years of experience with Fortinet FortiGate.

I find Fortinet FortiGate to be a stable solution.

Fortinet FortiGate is a scalable solution, as you can start small, maybe with FortiGate 40F, and then move to FortiGate 60F or FortiGate 80F, depending on your needs.

It depends on who your distributor is. 

Neutral

It is not straightforward, but the implementation is pretty good overall. Every site is different for me. There is no standard site. We have a few different issues here and there, but overall, it's pretty good and straightforward to install. Its integration is not difficult.

It is a matter of learning and understanding the reasons why people need Fortinet FortiGate.

Fortinet FortiGate positively provides my clients' organizations with a high return on investment. There is visibility into network operations, allowing us to identify network issues. It has advanced security features. You can achieve about 200% ROI over three years, while enhancing IT teams' productivity by about 50%. It simplifies security across branches and enhances hybrid and cloud security. There is even a feature where you can predict the application performance.

It's very competitive.

Many users nowadays prefer agentless installations over installing agents on their devices, which presents challenges for endpoint security, especially concerning ZTNA, VPN, and endpoint protection.

I would rate Fortinet FortiGate an eight out of ten.

On-premises

We don't have any issues regarding security, and our web server is running fine with protection from all threats.

The best features of Fortinet FortiGate are that it does the job effectively and protects our environment. It has a VPN and can create a virtual IP for a web server and functions as a standard firewall.

We faced difficulties with the configuration because there are many features we could optimize using Fortinet FortiGate, but our reseller didn't have a good understanding of it. So, we just use it on a basic level, not with the best practice for using FortiGate.

We have been using Fortinet FortiGate for around five years.

Overall, I find Fortinet FortiGate to be very stable. Fortinet FortiGate demonstrates consistent stability.

In my case, the 101F is not scalable. I faced problems with scalability related to memory. When we hit 100% memory usage, it stops the internet connection, so we need to control the traffic. We cannot increase the memory.

We have about 350 users and only one admin.

My experience with Fortinet's technical support is good and helpful. The response time and overall competence meet our expectations. I would rate their support a seven out of ten.

Neutral

We used Juniper before Fortinet FortiGate. We switched because it was an old one and reached the end of support. We had to change.

We were supported by a third party and the reseller. During deployment, it was not a good experience because of the reseller. We had challenges with the optimized configuration. 

The deployment took around three months.

The reseller helped us with the implementation. It has been a long time since the implementation, so I don't remember the name of the company that helped us.

Our IT has six people for deployment, and we used two staff members.

We have seen a return on investment with Fortinet FortiGate. The ROI calculation is based on potential loss prevention rather than traditional ROI metrics.

Its pricing is good. The advantages of Fortinet FortiGate over its competitors include good pricing and meeting our requirements at a lower cost. Palo Alto's features are superior, but too expensive.

I compared other brands, such as Palo Alto and Sophos, and chose Fortinet FortiGate. Palo Alto is the best, but it is significantly more expensive. Palo Alto has better capabilities than Fortinet FortiGate. Their protection is much more secure, and they excel in detecting intrusion and reading information. 

I would rate Fortinet FortiGate an eight out of ten.

On-premises

In our organization, FortiGate Next Generation Firewall (NGFW) serves as the main security system for our firewall needs. I have utilized it to manage the firewalls and some other security appliances, such as VPNs. Currently, my usage focuses primarily on firewall management. I set up rules, search for logs, and consult logs when issues arise. This approach covers most of our security management tasks.

One of the most valuable features of FortiGate Next Generation Firewall (NGFW) is the ease of usability it offers. It is quite easy for me to learn to use. Additionally, FortiGate Next Generation Firewall (NGFW) has improved our efficiency in setting up security and provided us with more visibility over some issues and incidents we previously faced.

FortiGate Next Generation Firewall (NGFW) could be improved by including more templates for setting rules or regular jobs. I do not recall if the software includes any AI features.

I have had experience with FortiGate Next Generation Firewall (NGFW) for about five or six years.

When deploying FortiGate Next Generation Firewall (NGFW), it required one week for the initial setup and just two hours for effective deployment. There were no significant issues during this process.

In my experience, there are usually no significant stability issues with FortiGate Next Generation Firewall (NGFW). However, updating the software during issues can be quite convoluted, especially if there is an unexpected attack, such as on a Saturday.

Customer service with Fortinet for FortiGate Next Generation Firewall (NGFW) has been quite good. We experienced a major issue during one of the upgrades, and it took about an hour to reach support and rectify the problem.

Positive

Before using FortiGate Next Generation Firewall (NGFW), we used Cisco for our firewall needs. Cisco presented a lot of usability challenges. Setting up firewalls and rules with Cisco was difficult and required extensive knowledge of their system, which led us to switch to FortiGate Next Generation Firewall (NGFW).

The initial setup of FortiGate Next Generation Firewall (NGFW) was relatively smooth. It took about one week for the complete setup and two hours for the actual deployment.

The deployment involved two people from my side, and we also had assistance from a vendor during the setup.

In terms of return on investment, FortiGate Next Generation Firewall (NGFW) has been straightforward. It has notably improved our efficiency and visibility.

The pricing of FortiGate Next Generation Firewall (NGFW) is reasonably affordable. It is suitable for mid-level and high-level companies, though it might not be cheap for small companies.

I would recommend FortiGate Next Generation Firewall (NGFW) to others. Despite some issues with upgrades and vulnerabilities, Fortinet quickly addresses concerns. Overall, on a scale of one to ten, I would rate FortiGate Next Generation Firewall (NGFW) as an eight.

We use Fortinet FortiGate IPS to enhance our network security. It is especially necessary to secure the edge of the company.

The whole IPS suite is valuable, especially with the updates from FortiGuard. It provides real-time updates, offering a good vision on any changes. For example, if the rating of a certain website changes, we can investigate potential malicious content with FortiAnalyzer.

The pricing of Fortinet FortiGate IPS could always be improved.

I have been using Fortinet FortiGate IPS for two and a half years.

The deployment of Fortinet FortiGate IPS was moderate in complexity. It took approximately two hours to deploy, depending on one’s knowledge, and it was carried out by four or five engineers in the company.

Stability is generally good, but if you include FortiOS underlying in the FortiGate, there are often some patches to do and some loopholes. I would rate the stability as eight out of ten.

The scalability of Fortinet FortiGate IPS is good, and I would rate it nine out of ten.

The technical support from Fortinet is rather good, and I would rate it nine out of ten.

Positive

I worked a little bit with WatchGuard, but I do not know a lot about it. I am only here for two years and do not have experience with other vendors.

The initial setup of Fortinet FortiGate IPS took about two hours and was of moderate complexity.

The implementation of Fortinet FortiGate IPS was carried out by my team internally with four or five engineers involved.

I rate the pricing with an eight out of ten. They could always improve the pricing.

No, we are not considering any alternatives for Fortinet FortiGate IPS. We are quite happy with the product.

I would recommend Fortinet FortiGate IPS as it is a core component of cybersecurity for our company. Having a FortiGate without IPS services doesn't make sense for us. I would rate the overall solution nine out of ten.

On-premises

There is a tool called FSSO, which is a single sign-on user ID agent that works perfectly. You can configure anything on it, and it is better than Palo Alto's version.

The GUI is written in JavaScript, so when you move any object or policy to another one, it becomes easy to use. It is user-friendly and not complex for network configuration.

Run Script is the best tool to use in Fortinet FortiGate with multiple environments. You can perform multiple tasks at once with the script functionality. It is available through the GUI, whereas in Palo Alto, you need to run it in a separate tool, such as Python.

I prefer Palo Alto over Fortinet FortiGate. Its IPS engine is not better than the Palo Alto version. The monitoring tool needs improvement, and the syslog configuration needs enhancement.

The management plane and control plane are not separated as they are in the same hardware devices, whereas in Palo Alto, everything is separated. So, if the CPU and GPU usage gets higher in the data plane, the admin also becomes unreachable.

The web filter in Fortinet FortiGate is not very useful. While you can add web filters in security policies, it is difficult to understand and not flexible to use.

Fortinet FortiGate frequently experiences IPS engine problems. 

I have been working with it for four to five years.

In most cases, the IPS engine uses too many resources, which makes Fortinet FortiGate devices unstable. When clients encounter different issues, the IPS engine is usually the problem because it consumes excessive resources.

I have not worked directly with technical support, but I am familiar with the distributor, partner, and vendor. People who work with Fortinet provide adequate service.

Positive

I mostly migrate from Fortinet FortiGate, Check Point, and other solutions to Palo Alto. For migrations from various solutions to Fortinet FortiGate, it takes a few days, depending on the environment.

Fortinet FortiGate is cheaper than Palo Alto. It is about 20% cheaper. 

I prefer Palo Alto over Fortinet FortiGate. Fortinet FortiGate is not the best firewall, but it is acceptable. If you have a budget to buy a firewall and Palo Alto is too expensive, then Fortinet FortiGate can be usable. As an instructor in Palo Alto Networks who knows all the techniques, I naturally prefer Palo Alto.

For a small company or branch, I would choose Fortinet FortiGate because it is cheaper and the features are sufficient. However, for more critical environments, such as government institutions or banks, where privacy and security are paramount, I would opt for Palo Alto.

In a hamburger topology setup with the internet side and internal side, I prefer using Palo Alto Networks on the internet side and Fortinet FortiGate on the internal side. This creates a multi-vendor environment, avoiding dependency on a single vendor. The internet side requires more security, hence I would go for Palo Alto, whereas the internal side would benefit from Fortinet FortiGate's flexibility and ease of use.

I would rate Fortinet FortiGate an eight out of ten.

On-premises

We have two deployments of Fortinet FortiGate at different sites. One is the SD-WAN, and the other is the next-generation firewall.

We secure our perimeter using Fortinet FortiGate. We are using it as a gateway device, and we have all the filters, such as the web filter, the intrusion detection and the anti-virus. We mainly use it to filter our traffic. Most importantly, it serves as our gateway device. That is how we are using it at the end of the day.

We wanted to see how Fortinet FortiGate SD-WAN can help us reach out to our branch, and that was the only reason for enabling it. It pretty much works for connectivity to the branch.

It is very user-friendly compared to other products. It integrates with many other technologies out there. It does not matter what technology you have deployed within your network, it can work with that.

We have not had an issue with the Fortinet FortiGate firewall. We recently renewed the licenses for the firewall and FortiNAC, and it has been working well. I have not had any incidents or instances since the last renewal.

Application control and the web filter are the best features of Fortinet FortiGate. 

Traffic control is available, and I have been using Fortinet FortiGate to allocate bandwidth also, so it helps me manage and allocate bandwidth to my applications. On that side, that has worked for me. Most importantly, it helps to filter unwanted traffic.

Its pricing can be better. I cannot think of anything else because it pretty much satisfies our requirements. I am comfortable with this product. 

The only issue that I have is with FortiNAC. The firewall is fine, but the FortiNAC interface is a little bit too jumbled or too complicated, not as straightforward as it is on the Fortinet FortiGate firewall and FortiAnalyzer. 

I have not faced any stability issues with Fortinet FortiGate. I would give it an eight out of ten for stability.

Fortinet FortiGate is scalable. I would rate it an eight out of ten for scalability.

I raise my tickets for Fortinet FortiGate, and they are handled well. The support is pretty good. I would rate the support an eight out of ten.

Positive

In this work environment, Fortinet FortiGate was the first one we had as our firewall. We had nothing before it.

I have previously worked with Check Point and Cyberoam. Those are the only two products that I can compare with Fortinet FortiGate.

From my experience, administration is a bit complicated on the Check Point side. Most of the concepts are similar, but configuring Fortinet FortiGate is a little bit easier for me compared to Check Point. Cyberoam was resource intensive, which I have not seen in Fortinet FortiGate.

The initial setup of Fortinet FortiGate was handled by a provider to implement it, but the knowledge transfer was pretty much straightforward. It took about two weeks to deploy Fortinet FortiGate.

We are not a business-oriented organization; our primary aim is to make sure that our assets are protected. We had some issues before having this firewall, and we have not had any incidents ever since we implemented Fortinet FortiGate.

When I look around at other products, such as Sophos, Fortinet FortiGate is 20% to 30% more expensive with our current cost.

The license renewal for Fortinet FortiGate has been a little bit costly. When we are paying, we renew both the warranty and licenses for Fortinet FortiGate. That is what makes the whole thing a bit costly.

We normally purchase and renew those licenses for FortiAnalyzer, FortiNAC, and Fortinet FortiGate firewall at the same time. When I look around, I would say Fortinet FortiGate is on the higher side.

The thing that I have not experienced with it is the web application firewall. I was trying to find out from the partner whether it is something that is licensed separately. When you look at the policies, it looks it is not active.

I would recommend using Fortinet FortiGate because of its usability. I would rate it a nine out of ten.

On-premises