We use the solution to provide firewall, cybersecurity, VPN access, and SD-WAN connectivity worldwide.

The GUI is reasonably good. The product is easy to configure.

The product runs out of memory. The web process often has a memory leak. The support cost could be improved.

I have been using the solution for ten years.

The solution’s stability is good. I rate stability a nine out of ten.

The scalability is good. I rate the scalability a ten out of ten. Some customers have 20 users, while others have about 5000 users.

Support is good. It's a bit scripted. It takes a while to get to somebody who knows what they're talking about. It'd be nice to talk to someone technical upfront. Sometimes we have to go through a service desk and go through a whole lot of quick repetitive questions before we get to talk to someone knowledgeable.

I've been working with the product for ten years. I find the initial setup quite simple.

I'm currently deploying 50 units around the country. It'll take me about ten minutes each to configure the solution. Once the product is set up, we need about one or two people to maintain it.

The solution’s price has gone up recently, but it's still good value for money compared to the other firewalls we use. Especially for smaller ones, it is good value for money. Our customers pay for licenses annually or once every two to five years. If we have an older version, the support costs get quite high. I rate the support cost a six out of ten.

I work with lots of firewalls. I deploy the product on FortiManager. It'll take me about a day to configure FortiManager. We have lots of customers. I would recommend the solution to others. Overall, I rate the product a nine out of ten.

First, we use the solution as a native firewall. After a native firewall, we use IPS. We also use NGFW features like antivirus, IPS, and shaping, which are very important features for companies. We also manage all of my products with FortiManager or FortiAnalyzer and collect online data. For another feature, we try to use SD-WAN products. The SD-WAN feature on FortiGate was implemented for a company with thirty or fifty branches. We had a good experience with the conversion between Cisco and FortiGate for secure access points because Now I'm a consultant for network administration, and we have a challenge with choosing one of these, and so for example, someone, if I actually choose a Fortinet product, SD-WAN based on Fortinet, sometimes someone chooses SD-WAN based on Cisco, but because my special is Cisco, I prefer SD-WAN based on Cisco.

One of the weaknesses of the solution is something we noticed, especially after comparing the tool with SD-WAN features, since, unfortunately, in a massive scale size environment, the solution is not good. It cannot be recommended for massive scaling in terms of size, especially for businesses with more than 1,000 branches.

Cisco is very stable, especially on the larger scale side, and it's very important for SD-WAN features. If you try Next Generation Firewall for a big company, then it is good to purchase a Cisco product. However, Cisco's price is a little high and more than Fortinet's prices. But for small companies, it is better to choose Fortinet and FortiGate products, which is important.

A company needs a tool for accounting. Unfortunately, now we don't have any accounting, especially for the quarter and control side. We don't have any solution in FortiGate. However, Sophos Firewall has it, so it is good for Fortinet's next version.

I have been using FortiGate Next Generation Firewall (NGFW) for more than eight years. I am just a technical person, so I'm a solution designer, a network architect involved in network security.

In FortiGate, after FortiOS Version 5.6, it is stable, and there is no problem. However, we had many problems with FortiOS Version 5.0.5 in FortiGate. Now, when we use FortiGate's FortiOS Version 7, we don't have any problems. The solution has improved, and it is a good product now. For a larger scale, my recommendation is to choose a Cisco product like Firepower Services because, in a massive-scale business, stability is very important.

When I survey FortiGate and FortiGate products, I see that they have a good performance, especially in terms of next generation firewalls. In the future, improving such features and performance is absolutely better. Juniper has a better performance compared to FortiGate.

Speaking about technical support, I have a good experience with design, especially in terms of security design and security architecture.

In level one support, they connect to customers directly, which is a part of our work, and we should solve customer problems. But I prefer staying in level two, where we develop, implement, and solve huge and complex problems, because I have had a good experience with this for more than ten years. Also, I think I have good behavior when under heavy pressure.

I think price-wise, the solution is totally reasonable since it has many products to serve, starting from small homes to massive scale sites. A company can choose from one of the offerings by the solution company. Also, it's very important to choose a contract support level. Some companies may choose RMA with support twenty-four hours and seven days a week. So, it depends on the contract support, I think. The Fortinet appliance is a reasonable purchase for companies.

Regarding the license costs, when you choose the 100 series, it is completely different from the 1000 series. It's very important, and so when you choose one-year support or five-year support, or seven-year support, the pricing depends on which one you choose.

In Iran, we have a massive sanction, so we don't use direct support. We don't talk about this. But, concerning my country and direct support from Fortinet, I can't speak about this event. So, in Iran, I don't have an idea about the use of support since we don't use direct support, but we do get indirect support.

When planning to choose FortiGate Next Generation Firewall (NGFW), the scope of the company is very important. Also, it is important for a company to consider if they want one gig, ten gigs, or another concurrent pair concurrent session. Totally, a company's scale and size are very important. After that, for example, we use a prototype with a five gigabit per second, including the performance. However, if we compare Cisco, Fortinet, and other things, Firepower is very good because Cisco's Firepower is a big and active solution which is very strong compared to Fortinet. However, it's very important for a company to have a native firewall, so such companies can't choose from Fortinet series. So, it very much depends on the situation of the company. So, before that, we review a company's requirements and survey network. After that, usually, I recommend the solution. Also, it is very important to have a budget. For example, a company can first tell me about its budget, like, one billion dollars or whatever. After that, we choose a guide and recommend choosing one of the solutions.

I rate the overall solution an eight out of ten.

Our clients use the solution to ensure their environment is secured on all the layers. The application layer all the way to the networking. That's one of the main reasons they use the product in their environment.

It's a seamless product, and it's not buggy. The updates we receive from FortiGate are one of the most important features. The product is user-friendly and not complex.

The solution must improve the support provided for customers around the globe, considering the time differences in different places. The product could add some functionalities and features provided by its competitors to stay ahead in the market.

I have been using the solution for two years.

The product is stable. We haven't had issues so far. I rate the stability a nine out of ten.

The solution is scalable in most cases. It all depends on the customer's requirements. We haven't yet come across a situation whereby scaling is not possible. Our clients are small, medium, and enterprise businesses. Currently, one of our customers is not able to reach the specific level of scalability that they require so far. I rate the scalability an eight out of ten.

The support is great. However, support needs to improve constantly. Even though they are good, they should try to stay ahead of the competitors.

Positive

The solution is easy to install. The ease of setup depends upon the customer’s requirements. I rate the ease of setup a ten out of ten.

The time to deploy the product depends on the clients’ requirements because we have to work hand in hand with the service provider. If we have to terminate a link on the firewall and everything from the networking perspective is all in place, it might just take a couple of minutes to deploy.

We need just need one to three engineers to deploy the solution. It depends on the magnitude of the client. The solution requires maintenance. More than three people are needed to maintain the product.

The product is a little bit expensive. The certifications cost $400. Other vendors provide it for an average of $200 to $300. The product has an annual licensing fee. Additional costs depend on the user's requirements.

People looking to use the product must ensure they have enough engineers who know how to work with it. Overall, I rate the solution a ten out of ten.

The solution is primarily used as a border firewall as well as for internal LAN segregation, internal IPv4 policy management, a VPN for end users, and IPSec tunnels.

Before we implemented this solution, we had only one firewall and old Linux IP tables with no graphical user interface. 

There is no one feature that stands out as most valuable compared to another. All features are correct and no extra items are needed.

The price of licensing could be better. The security of the FortiOS needs improvement, and features are available only in CLI. They could be available also in GUI.

Features like forward traffic capture or NAC in the VPN should take into consideration both Linux devices and Apple devices.

I've used the solution for more than ten years. 

The scalability is okay.

Technical support is not helpful. 

Neutral

We previously worked with Check Point, Palo Alto, Cisco, Watchguard, and PFsense. 

The setup is easy. Support is not helpful.

We handled the initial setup in-house.

The solution is very expensive. 

The price of licensing is too high.

We did not previously evaluate other options before choosing this solution. 

Other Fortinet products are not the best, and Fortinet should take care as this will influence brand reputation.