FortiManager delivers unified management for consistent security across complex hybrid environments, providing protection against security threats. Key benefits include accelerated zero-touch provisioning with best-practice templates for deployment at scale of SD-WAN and streamlined workflows between the Fortinet Security Fabric and integrations with 500+ ecosystem partners.
N/A
SolarWinds Network Configuration Manager (NCM)
Score 9.1 out of 10
N/A
SolarWinds Network Configuration Manager is network diagnostics and troubleshooting technology, from Austin-based SolarWinds.
LogicMonitor is very basic when it comes to config management, with support for a limited number of devices (though sufficient for us) and minimal frills/features. While we could have used it for the BC/DR portion of our solution, we wanted the better config diffs, compliance …
FortiManager is well suited for larger organizations which require unified configurations and IT departments that need quick turn around on firewall related tickets. I believe MSPs can also benefit with the use of the VDOM feature, if strict separation between clients is needed. FortiManager wouldn't be ideal for 1-3 site operations, unless their configurations are extremely complex or have a high number of active users.
If your IT team isn't proficient in automation and scripting, Solarwinds NCM can fill that gap (assuming your company's security team signs off on approving SW in your environment given the hack.) Basic device configuration, pushing mass changes reliably and backups are NCM's strong suites. If you have a complex scenario where if/then cases are needed, NCM is a bit lack luster. Auto discovery isn't as easy either as certain parameters need to be met for that feature to work 100% of the time
Various bugs: The software is buggy, and if you don't have a good understanding of it's underlaying operation, you can get confused or stuck when pushing a configuration. There are lots of little quirks you will have to learn, which are not described in any documentation.
Conflict resolution: Occasionally, during larger changes, bringing new devices in, pushing a config will fail due to dependencies, conflicts, or other software bugs. This is somewhat time consuming because the error messages provided aren't descriptive
CLI Options: Some configuration changes require creating scripts that execute on each device, and can't be done via the GUI
For our use case, it does everything great and some of the features we underutilize but I would like to be able to set a configuration baseline when initially adding a node instead of after the configuration is pulled but it's not a particularly big deal to let it pull the configuration then set it as the baseline.
Medium complexity to set up in the beginning if using any non-standard devices or configurations, else fairly easy (e.g. Cisco Nexus or IOS-based devices). Reports are fairly straightforward to set up. Updates to the platform are fairly straightforward and don't take a major effort. Easy to add or remove devices.
The user interface is lacking. It is difficult to navigate at times and things can be done multiple ways. Quite often I am confused by how their notification structure works. It is not very intuitive. They do offer a free Academy. They also offer a community of other technical folks. I have enjoyed both.
To be fair, I have not had to involve Support in a number of years, but when I did, I was greeted with enthusiastic engineers who wanted to understand and solve the issue. It was a fairly complex scenario and I have discovered in my most recent implementation that engineering included that option as a standard now.
Solarwinds has actually produced new training since I last used it that is available on their site at any time. Their previous training was more than enough to get us started but now there is significantly more content. Since I'm comfortable with the Orion platform and the products we use I haven't checked the new training out yet but we have new staff go through portions of that training and they always come away with an understanding of the platform and ready to use it
it was a fairly easy implementation and everything was pretty straightforward. only challenge we had was getting all the snmp communities updated on the networking equipment
FortiManager is the best choice for managing numerous FortiGate firewalls. It allows for easy integration into ServiceNow and automates simple repetitive tasks that are very straightforward. Role-based access control is easy to enable and you can get quite granular with user permissions. Administrative Domains help segregate firewall management and compliance within the FortiManager console, by almost any classification method that makes sense to your organization.
Red Hat Ansible Automation Platform is a great tool and matches much of the functionality of SolarWinds Network Configuration Manager. Nothing about Ansible will likely be overwhelming to an engineer with a little time to spare, but that spare time combined with SolarWinds already being our monitoring tool made the decision easy. Time is at a premium in small teams and SolarWinds Network Configuration Manager is very easy to use right out of the box without all the tweaking required by powerful command line driven tools like Ansible.
