Cisco's Software-Defined Access (SD-Access) provides automated end-to-end segmentation to separate user, device and application traffic without redesigning the network. Cisco SD-Access automates user access policy so organizations can make sure the right policies are established for any user or device with any application across the network.
N/A
FortiGate
Score 8.6 out of 10
N/A
FortiNet FortiGate is a firewall option with high integrability. It offers a variety of deployment options and next-gen firewall capabilities, including integration with IaaS cloud platforms and public cloud environments.
N/A
Pricing
Cisco Software-Defined Access (SD-Access)
Fortinet FortiGate
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cisco SD-Access
FortiGate
Free Trial
No
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
FortiGate pricing starts at $250 for home office use, up to $300,000 for large enterprise appliances.
Must contact sales team for pricing.
It's well suited in our corporate offices, where all our business users resides and where we can control all their accesses. What doesn't really fit well is when we have our branch fronts, where all the software domain access features aren't utilized to its fullest, due to the fact that customers and users don't really need to have all the security features that SDA provides.
Fortinet FortiGate addressed an immediate security issue we had a few years ago. The device gave us a much clearer picture of the activities on our network and also more importantly, increased our awareness of threats from the internet as a whole. Fortinet FortiGate helps us to mitigate these threats with regular signature updates from Fortiguard labs, identifying certain characteristics which, once recognised by Fortinet FortiGate, can be harnessed to deploy powerful 'playbooks'.
SD-WAN - Load balancing of Internet traffic is a USP of Fortigate and makes it stand tall in the competition. Be it 3 or more Internet Links, multiple Subnets/segments of users to distribute and bandwidth load balancing for links and users. SLA based monitoring of Internet Links / MPLS links, makes it even better to choose the links on the basis of performance (Latency, packet loss, Jitter etc).
SSL VPN configuration - As we all have WFH force (to some extend or all employee) during Covid-19, it is impossible to plan BCP without having a SSL VPN. In Fortigate, the SSL VPN configuration is very easy with the help of wizard. The deep CLI-level debugging is also very helpful in troubleshooting. Type of tunnel can be easily configured - Full Tunnel or Split Tunnel for SSL.
Explicit Proxy - This is also a great feature to shape and re-route the traffic, configuring the Proxy on the Firewall itself. We are using this feature in Pilot for now, and planned to rollout in few weeks looking at the success rate of the POC.
Fortinet's products have kept improving with new software releases and they continue to deliver great value. Their support is also very good. I believe that as a small enterprise, their products have given us competitive advantage delivering features and functionality that enable us to innovate and do things better. They also continue to be a leader in the markets they serve.
It is difficult to start using the product due to its unfamiliar name and acronyms. ,The task should be accomplished in a specific order to ensure success
The firewall runs very well, firmware updates are fairly quick but you must follow the upgrade path. Neglecting this step will cause a lot of pain. If you decide to go with Fortinet FortiGate switches and/or access points, they can be managed within the firewall which is great. We're also using the FortiAnalyzer which easily plugs into the firewall for any reporting you may require.
As far as my experience with SD-Access -I'd say things that can be improved are - better functionality with ISE, ease to understand licensing and better documentation for configuration (add-ons, etc), and licensing.
The Support team at Fortinet is excellent. They can not only help you configure the device for what you are trying to do, they offer suggestions on improving rules, and troubleshooting issues. Their response time is fast, ensuring you are up and running immediately with no questions asked. We had a hard drive failure in one of our Fortinet Fortigate appliances. The tech answered immediately, and started rebuilding the drive after some preliminary investigations. After rebuilding, there were still errors and issues, so they dispatched a brand new Fortinet Fortigate appliance. The tech then backed up the configurations for when the new device came in, which showed up in a few hours. A restore of the configuration took less than a minute, and there were no more errors or issues.
I rated the training an 8 because overall, it was well-structured, and the instructor was highly knowledgeable on the subject matter. The content was relevant, and I appreciated the clear explanations of complex topics. However, I felt that some sections were covered too quickly, making it difficult to fully absorb the information before moving on. Additionally, I would have liked more time dedicated to Q&A, as there were moments when I had questions but didn’t get the opportunity to ask them due to time constraints. Adding more interactive discussions or hands-on exercises could further enhance the learning experience and make it even more engaging
Automation, pushing template-based configuration to multiple devices in one push saves time and manpower. Assurance helps trace issues related to devices, clients, and provide the troubleshoot as the best practices. Segmentation, with the use of the SGT tags, we are able to achieve segmentation and micro-segmentation securely.
[Fortinet] FortiGate is not only cost effective but it gives the comprehensive security against the APT attacks and gives the complete traffic visibility and granular control. You can easily create the VDOMs (Virtual firewall) within a Fortigate firewall and customize the dashboard as per your requirement if you have multiple VDOMs within a single firewall.
The pricing given to us for our firewall was well within what we were already spending for other vendors solutions and had the added value of eliminating a separate expense for a dedicated web filtering appliance.
We have also adopted Fortinet's security fabric approach and thus changed vendors for our switch and AP devices. These devices have come at reduced prices as compared to another previous vendor we were using, particularly in relation to ongoing annual maintenance costs.