Skip to main content
TrustRadius
FortiConverter

FortiConverter

Overview

What is FortiConverter?

The FortiConverter firewall configuration migration tool is primarily for third-party firewall configuration migration to FortiOS—for routing, firewall, NAT, and VPN policies and objects.

Read more

Learn from top reviewers

FortiConverter - Best Choice

Rating: 10 out of 10
September 2, 2021
IncentivizedVetted ReviewVerified User
FortiConverter is being used for all firewall migrations to FortiGate from legacy platforms. FortiConverter enables a smooth staged migration with minimal to no outages during...
Continue reading
Shahab Razak
Engineer - Information Technology
Senior Network Architect
Finastra
FortiConverter3 years of experience
Log in with LinkedIn to see content from your network
Return to navigation

Pricing

View all pricing
FortiConverter

FortiConverter

N/A
Unavailable

What is FortiConverter?

The FortiConverter firewall configuration migration tool is primarily for third-party firewall configuration migration to FortiOS—for routing, firewall, NAT, and VPN policies and objects.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

1 person also want pricing

Alternatives Pricing

Cloudiway Migration Platform

Cloudiway Migration Platform

$9.50
one-time fee per user
What is Cloudiway Migration Platform?

Founded in 2010, Cloudiway is a cloud migration and enterprise coexistence SaaS that help to migrate mailboxes, documents, groups, sites, archives, teams between different productivity and collaboration systems such as Google Workspace and Microsoft 365. Cloudiway supports cross-tenant, on-premises…

Return to navigation

Product Details

What is FortiConverter?

The FortiConverter Service helps migrate to the latest version of FortiOS. The service is used to migrate from a pre-existing third-party firewall policy to a new FortiGate appliance, or even an older FortiGate policy to a new one.

It is designed to:
-Reduces migration complexities
-Eliminates common migration configuration errors
-Include change logs to documents that were migrated

FortiConverter Service supports migration of interface NAT, firewall policy and address objects, as well as static routes for third-party vendor configuration to FortiGate configuration. All FortiGate to FortiGate configurations are fully supported.

FortiConverter Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

View all reviews
Companies can't remove reviews or game the system. Here's why
(1-1 of 1)

FortiConverter - Best Choice

Rating: 10 out of 10
Incentivized
September 02, 2021
SR
Shahab Razak
Senior Network Architect
Finastra (Financial Services, 5001-10,000 employees)
Vetted Review
Verified User
FortiConverter
3 years of experience
View profile
Use Cases and Deployment Scope
FortiConverter is being used for all firewall migrations to FortiGate from legacy platforms. FortiConverter enables a smooth staged migration with minimal to no outages during the cutover windows. We have used it to migrate all Cisco ASA firewalls (virtual and physical) to FortiGate appliances. FortiConverter allows us to properly audit the existing rules and ensure that we do not migrate obsolete, zero hit, and nested or shadow rules to the new platform.
Pros
  • Audit existing rulesets from CheckPoint, Cisco, Juniper and other platforms
  • Build migration rulesets to FortiGate
  • Stages migration before actual cutover
  • Reduces or eliminates obsolete and shadow rules
  • Simple logic
Cons
  • Programming or scripting skills are not needed but highly recommended
  • Requires excellent command of REGEX
  • Interface Mapping from complex topologies requires a deep understanding of FortiGate interface capabilities and scripting
Likelihood to Recommend
Unless you are rebuilding rules from scratch, FortiConverter is a must-have when migrating legacy rulesets from competing platforms such as Cisco ASA, CheckPoint, Juniper, etc. to FortiGate Appliances. Without FortiConverter, guaranteed there will be some flows you missed and you will be troubleshooting them during your cutover maintenance window. Utilizing FortiConverter, you will minimize such issues as cutover time because you have the ability to stage the new ruleset in advance. Complex topologies and multi-platform migrations require highly skilled consultation from experts that [have] done this several times before.
Most Important Features
  • Multi-platform migration support to FortiGate
  • Easy to use interface for simple topologies
  • Support migration to multiple VDOMs (virtual FortiGate FWs)
  • Advance routing support (e.g. Policy-based routing, BGP, etc.)
  • Enterprise centralized management
  • Easy to script changes
Return on Investment
  • Streamlined migrations successful on the first try
  • Simple and fast cutover maintenance window
  • Audit and tune existing rule base
  • Quickly identify shadow rules
  • Quickly identify rules with elevated access
Alternatives Considered
FortiConverter is the easiest of the firewall migration tools to use compared to Checkpoint SmartMove, Cisco Firewall Migration Tool, FWMIG, etc. It has a more robust user interface and allows you to customize the rule imports as needed. Rulebase analysis, hit count, NAT, and dynamic routing are presented in an easy to understand format with FortiConverter.
Other Software Used
Users and Roles
5
Network Engineers on the Firewall Migration Team utilize the FortiConverter tool to migrate legacy rulebase on competitor platforms to the FortiGate platform. Existing rules are imported and analyzed in FortiConverter, tuned, then migrated to the FortiGate platform. This reduces the risk of errors and allows for a smooth and fast cutover.
Support Headcount Required
5
A DevOps skillset is recommended to operate FortiConverter as scripting and code writing skills will help tremendously when converting rules from a legacy platform such as CheckPoint, Cisco ASA, Juniper, etc. to the FortiGate platform. An expert level knowledge of REGEX is also highly recommended.
Business Processes Supported
  • Firewall migration to FortiGate platform
  • Staging firewall migrations
  • Analyzing existing ruleset
  • Identifying and removing shadow rules
  • Consolidating rules
Innovative Uses
  • Firewall rule consolidation
  • Identifying shadow rules
  • Tuning existing rule sets
Future Planned Uses
  • When upgrading to higher powered appliances
  • Cloning firewalls in the cloud
  • Migrating physical firewalls to the cloud
Likelihood to Renew
10
FortiConverter is currently the best option to assist in migrating legacy firewalls to FortiGate firewalls. FortiConverter is flexible enough to be the single tool to use when migrating Check Point, Cisco ASA, Juniper and other platforms to FortiGate Firewalls. FortiConverter is not a multi-user software however it is easy for multiple engineers to work on a single or multiple migration projects.
Products Replaced
No
Key Differentiators
  • Product Features
  • Product Usability
FortiConverter is provided by the firewall vendor we are migrating to, FortiGate and for this reason it was the best alternative to manual processes, building from scratch. FortiConverter was built for the platform we are migrating to and therefore contained the features and capabilities tested in the field. FortiNet also provided full support for the FortiConverter software.
Evaluation Lessons Learned
Our approach was to migrate context by context, vdom by vdom in a singular fashion. The network topology allowed us to do this on a firewall by firewall basis and stage and test the migration using FortiConverter prior to the maintenance window. This allowed for a very streamlined swing over of physical interfaces and IP addresses. This left lots of room for testing all the applications on the new platform within a regular maintenance window.
Return to navigation