Filter Ratings and Reviews
Filter 127 vetted FortiGate reviews and ratings
Reviews (1-25 of 45)
February 18, 2020
Excellent solution, easy to configure and manage with a low cost
We have been working with this solution over 5 years and we are very satisfied. We use it for one of our offices and the configuration is very easy and intuitive. You can apply policies by address or by user, the integration with Active Directory is not complicated, the cost of the solution is cheaper in comparison with other vendors and including the same solutions.
- Ease to configure policies
- VPN performance
- Active directory integration.
- Not so scalable, if you need more performance you need to buy another device
- The traffic shaper could be better
- The Wan load balance could be better
January 02, 2020
One of the Best and Cost Effective Firewalls
We have deployed the FortiGate firewall in all our 5 branches. There is site-to-site connectivity between all the branches over IPSEC and MPLS. We have enabled the IPS, web filter, application filter and have written the policies based on the IP and user group. A self-signed SSL certificate has also been pushed through AD to decrypt the HTTPS traffic. We are able to monitor and block the malicious URL. We have done both source NAT and destination NAT successfully.
- The GUI is very simple and understandable.
- It is a very cost effective firewall with all the enterprise grade features.
- There are some bugs in the newer versions and patches.
- Sometimes the firewall gets stuck we need to do a hard reboot which impacts the production.
February 12, 2020
Reduce Your Corporate Risk with Fortinet Fortigate
Fortinet Fortigate is the Firewall of choice in our organization now. We use them at every location, in every city or town, in every building, as well as in the homes of employees requiring remote access to the organization systems. Fortinet Fortigate solved two problems in our organization:
1. How do we reduce the costs incurred securing our infrastructure and assets, while at the same time not exposing those assets to undue risk; and
2. How do we simply our infrastructure, while increasing our visibility into those assets, with the limited resources available.
Fortinet Fortigate solved both those questions, and actually improved our security posture.
1. How do we reduce the costs incurred securing our infrastructure and assets, while at the same time not exposing those assets to undue risk; and
2. How do we simply our infrastructure, while increasing our visibility into those assets, with the limited resources available.
Fortinet Fortigate solved both those questions, and actually improved our security posture.
- Fortinet Fortigate created a simplified cost structure for every device we installed, saving our company thousands of dollars compared with our previous vendor of choice.
- Fortinet Fortigate firewalls contain a tremendous and robust feature set allowing our organization better protection while reducing the number of devices and software required to do similar functions if we went with our previous vendor.
- When we switched to Fortinet Fortigate, it took some time getting used to and become familiar with the new interface. Being used to strictly command-line interfaces, a full GUI-based firewall was something brand new. Careful planning had to be done when creating rules to ensure we didn't miss anything. However, once we got used to the new GUI interface, going from one Fortinet product to another was simple, as Fortinet used the same interface for all of its devices.
March 03, 2020
Enterprise Level Protection for your business
Fortinet Fortigate currently sits on the edge of our network, and it is used to monitor all incoming and outgoing traffic on the network. It allows us to shut down access to the network and restrict access only to applications and protocols that should be allowed based on the services we currently use. It is a core component of our IT security strategy for the organization.
- Allow secure access to the network for external vendors.
- Protects the network from nefarious online activities
- It gives us granular control over what we allow in and out of the network and the flow of traffic between network points (LANS & WANS).
- It allows us to connect multiple offices over WAN connections.
- Training - The software and device is complex I believe free training should be offered for administrators to become experts on how the device function as opposed to learning by a bit of trial and error or discovering useful features only when the necessity arises. Companies usually like to avoid the added costs of training. Therefore, free training courses to certification would benefit all shareholders and lead to even further widespread adoption over the competition.
- Any simplification of the user interface to implement essential security features would be welcomed. It can be relatively daunting for a new administrator, especially if having to use the command prompt.
- More screenshots in the online documentation or more videos to guide admins on how to implement useful security features I find the documentation online sometimes a bit hard to follow. Still, if screenshots were added, it would simplify the process.
February 22, 2020
Fortigate-The Enterprise Solution
We use Fortinet FortiGate to terminate to our AWS instances for monitoring thousands of customer devices. Using the Fortigate was the answer to the overlapping network issues we had with customers. It's working as designed
- It's easy to stand up-the registering process is straight forward.
- The flow of the GUI is second to none- easy to navigate.
- One thing that I have noticed with other vendors like WatchGuard is the automatic creation of policies when configuring a VPN tunnel. That helps speed up the configuration to get that tunnel up faster.
- I would also like to see a traffic monitor that shows all live traffic coming in and out. A great tool to use for troubleshooting, that's a feature on the WatchGuard that I like.
We use our FortiGate as the primary firewall for our centralized district-wide Internet as well as a secure VPN for the few users that use this within our organization. It addresses the need we had for a Next Generation Firewall that was easy to transition to, very secure, full featured, well supported and at a reasonable price.
- Very effective firewall. If set up correctly, creates a very secure environment.
- Amazing price when compared to same feature set as other prominent firewalls.
- Updates. I have an HA pair but I always lose connection for a minute or two when upgrading.
- Interface display. I have a bug where I have to refresh several times to view policies and objects.
FortiGate devices are used in our organization as firewalls and VPN servers. Main internet connections used Palo Alo firewalls, FortiGates are used on the secondary ones, as the cost of the FortiGates is significantly lower. SSL client-server VPN is used with Fortinet's Forticlient software as a client piece on PC and Mac computers. Fortinet subscription services are used for web filtering.
- Compared to Palo Alto, FortiGates are significantly less expensive. I would advise organizations to use them in cases where funds are limited.
- FortiGates are easy to configure via GUI - it is very simple and logical. Compared to Palo Alto or Cisco ASAs, Fortinet products are easier to work with for less experienced admins.
- Web filtering subscription services are not as good as Palo Alto's. Palos had a smaller number of false negatives in my experience.
- Log filtering is better on Palo Altos. It is easier to find log entries for particular events on the Palo Altos.
Fortinet FortiGate is used to secure our network across 17 buildings. We also use it for home filtering of devices and VPN connections for a few home users.
- Filtering.
- Firewall protection and monitoring.
- Interface can be not as intuitive for those not specializing in firewalls.
- Proxy is cumbersome.
We use this software to protect the company in various ways. For example, as a content filter, and also as a firewall to administrate inbound and outbound traffic by closing ports. Finally, with the reports we do some useful analytics in order to make decisions and better understand the final users in the network.
- Web filtering.
- Command line interface is a little bit hard to use.
- Lack of AI.
December 03, 2019
A firewall that works and doesn't eat your budget
We use Fortinet Fortigates as perimeter and WAN firewalls nationally and use them for intrusion prevention, web filtering, application filtering, VPN, and proxy.
- Ease to deploy and manage.
- Very cost effective when compared to competitors.
- Good, local, reactive support.
- Upgrades are always "risky" (usually wait for 2 upgrades before upgrading).
- Some of the settings don't make sense at first look.
Right now Fortinet is being used in our labs for training and testing. Since we wanted that environment off our normal and production network we implemented Fortinet in our training and testing environment.
- Was easy to implement in our large enterprise environment
- Flexible
- Everything included ie antivirus, web-filtering, etc.
- Might not be practical in our environment
Fortinet is our main firewall. We use it for IPS, Network Antivirus, application control, and web filtering. The FortiGate is used across our entire school district. It does a tremendous job of safeguarding our district from cyber threats.
- Intrusion protection.
- Application control.
- Web filtering.
- Reporting could be better.
We currently have two FortiGate firewalls that we use for city and county Internet gateway connections. All the traffic for each organization flows out to the Internet through one of these firewalls. We also use these firewalls as connectors for each organizations DMZ networks using VLAN technology. As our edge/gateway devices, these firewalls serve several purposes. All inbound and outbound connections are explicitly set, which is intended to limit exposure to ports used by bad actors. The software features included in the firewall inspect all traffic for security including https traffic. We are using firewall software to provide web filtering in an effort to increase productivity and reduce access to potentially bad sites. We are planning on deploying more Fortigate firewalls, including virtualized versions, in an effort to segment internal networks. The FortiGate product is also part of our overarching effort to use Fortinet switches and APs to provide what Fortinet considers a security fabric in an effort to make many of our security products work in concert.
- My favorite aspect of the Fortigate product is the ease of use. The GUI is very easy to get around. The products rules and configuration are easy to learn and apply. The informational tools are easy to look at and produce results that are intuitive and quick to assess.
- Another great attribute of the FortiGate product was reasonable pricing for the product and then the ongoing support. Living in the SMB space with tight governmental budgets is a huge factor in all my decisions. When a company like Fortinet comes along and produces good products at very reasonable prices it is good for SMB companies like mine. Many vendors price their products in a fashion that is beyond consideration by SMBs like myself.
- Support is always a big factor in consideration of any product for our organization. Fortinet support has been extremely good. They have provided an onsite engineer at no cost to help us design, implement and maintain new products when needed. The call support has also been excellent, with quick response times and knowledgeable technicians.
- It looks like they are making an effort to produce a centralized management interface with the integration of switches and APs into the FortiGate interface. They have a good start, but it needs continued work. While you can do some basic tasks for these external devices in that GUI, you must change over to the main browser page of the device itself to do many configuration tasks and check performance issues. I hope that they will add all this functionality into the main FortiGate GUI.
- One other area of improvement I would like to see is the time to show real-time events in log screens. The results always seem to be a bit behind and you have to refresh to get them to show current things. The FortiAnalyzer product that works in conjunction with the FortiGate firewall addresses this but it would be nice if the default logging was more timely.
We use it for policies and DMZ access. We currently use it also for natting for the outside presence of websites for users. We use if for the entire district.
- The GUI is easy so that is a major plus.
- The cost is really good. Others we've seen are pretty costly, especially if you are on a budget.
- An engineer to help with the installation at no cost is really good. Too many times you had to pay for that and travel at times.
- Management needs a little work but we can get by with a few tweaks.
- Real-time would be good.
- Some logging features could use a little lift but not too bad. It depends on what you're looking for.
Fortinet Fortigate is a complex solution to assure the security of your network perimeter. It has a very simple interface with sufficient functionality. We like this tool because it is easy to install, easy to administer, has a good price, and good protection. We would say that Fortinet Fortigate is the best in its class because of its high availability, speed, resilience, and the vendor offers very qualitative support.
- Very easy-to-use interface
- Good resilience
- High availability and speed
- Easy installation
- More complex configurations must be done via the console
- Licensing options can be improved
We like to use it between physical servers and virtual servers to create a stricter zone of security, but it is also well suited in a top-down architecture network.
- Secure the network from botnet, spyware.
- You can use URL filters to block certain pages by content or categories.
- Great site-to-site VPN.
- Command line interface is a little bit hard to use.
- HA is not reliable.
We use Fortinet FortiGate throughout our organization to protect our internal network for its IPS, web filtering, and application control.
- Long list of alliance partners
- Threat Protection
- SSL Inspection
- Performance
- Cloud features
We normally use FortiGate to make a secure connection between our sites and for remote users (employees) to continue working when they travel. We configured HA on them to prevent any disasters in the case devices fail.
- VPN - Great for remote users.
- Site-to-site VPN.
- Prevent any unwanted connection from outside.
- Firmware releases - Sometimes you have to follow an upgrade path. If you don't follow it, you could brick it.
Fortinet FortiGate is a mature solution that help us to assure perimeter security of our network. The implementation was pretty easy. We purchased support from the vendor for implementation. The integration with another solution is very easy: SIEM, DLP, proxy. Very user friendly interface and very intuitive. Detailed logs that can be easy send to the SIEM solution.
- User-friendly interface
- Detailed logs
- IDS and IPS work without any problems
- Easy to set and manage rules
- User documentation can be more detailed
- FortiClient - the app for VPN connection sometime get errors
- Another problem we did not find
June 24, 2019
Best for office location configurations
Fortigate is used by our organization as a firewall and a VPN for our office internet services and some datacenter configurations. We use multiple devices to manage internet traffic and also use it to gain access via VPN to our internet network.
- VPN routing.
- Firewall protection.
- Traffic management.
- Process of updating firmware configurations.
- Licensing costs could be lower.
- Having to look for updates for software.
We use FortiGate mainly for internet gateway and IPS at each of our offices. It offers us IPS, Firewall, VPN and many more features for a competitive price.
We also use Fortigate captive portal with their 2FA (mobile or physical) keys to offer an additional validation before accessing our service backend networks.
We also use Fortigate captive portal with their 2FA (mobile or physical) keys to offer an additional validation before accessing our service backend networks.
- User authentication inside firewall rules. It is practically seamless and really easy to setup.
- Management of firewall rules via the GUI.
- Management of IPS rules via the GUI.
- Forticlient with SSL VPN causes a lot more problems than it solves. Windows and Mac updates keep breaking the Forticlient and it takes weeks to get updates. Fortigate updates also sometimes break the SSL VPN. Forticlient crashes and the only fix is to restart the computer to restart the VPN driver. We had this problem for 3 years and they still don't have a fix for that. We now use L2TP-IPsec and Cisco-IPsec with Windows and Mac embedded VPN clients because of all that.
- Memory issues with IPS. We tried all the firmware versions and IPS engines given to us by the Fortinet support and we are still experiencing memory leaks once in a while with the IPS engine. The only provided solution is to restart the IPS engine via CLI.
- FortiView only works properly if you disable ASIC routing. Their marketing always says that their ASICs is the reason their appliances are better than competition but you can't use it if you want reports or to be able to drill down on network usage.
- Every time they release a new firmware version, it takes 3-6 revisions for it to be free from major bugs. We are still waiting for a 5.6 revision that will not have major bugs within the features we use.
- Active-Active clusters do not offer much resilience when problems are software based. If for example the IPS engine has a memory leak, it will not automatically fallback on the other Fortigate, even if the primary one reboots.
- Everything related to virus, spam and intrusion detection (Forticlient, IPS, mail antispam, etc.) needs a lot of tweaking otherwise you will get a lot of false positive. It is also lacking in the type of actions you can do when those are detected. It is designed more for blocking than anything else.
Fortinet's version of throughput is good and It has a strong active cluster, as you can have between three and 32 units to a cluster. The most important factor is that you choose a firewall or UTM solution that fits your organization's security requirements. Begin by determining what business problem you are trying to solve, what technical controls you need to implement (Firewall, IPS, NAC, VPN, endpoint, mobility, web filtering, malware detection, etc.). Then, determine what hardware features you need such as (HA clustering, link aggregation or 10Gb, port density), and what kind of throughput, and how many concurrent connections.
- Easy to set up
- 9/10 Customer Service
- 9/10 Technical Supports
- Multiple layers of security
- Security
- LAN
- WAN
March 06, 2019
Probably the best Firewall wall.
Our Fortigate is used as the primary network router and IPSec VPN access point. We have a hub [and] spoke setup between the main office and other remote offices. Users also connect to our fortigate to access the network remotely using SSL VPN with the FortiClient software installed on their PCs or using the SSL web portal.
- SSL VPN works well and is very configurable for controlling access to internal network resources based on user groups.
- Fortigate also manages our wireless AP and many SSIDs can be created with either WPA or Enterprise WPA with radius for greater security
- IPSec VPNs easy to configure between fortigate devices but also not that difficult for other IPSec compatible devices
- Initial learning curve was difficult coming from a Symantec/Raptor background but not a huge deal
February 28, 2019
Fortinet FortiGate 1500D Series Product Review
We have two FortiGate 1500D firewalls, one at each datacenter. They are configured as active-passive. All traffic coming and going passes through them for the entire organization. This ensures that all packets to and from users are managed and controlled.
- Creating and managing access control policies that allow specific traffic in and out of the network. Once you get it set up, it's easy to create new policies, specify ports, and configure IP ranges.
- Active-Passive failover works well.
- It generally works pretty well without much care and feeding.
- Their web filtering module makes it pretty easy to block malicious websites quickly.
- We tried to roll out the client about five years ago. This is used both for VPN, as well as antivirus/web filtering. Any policies set at the firewall would be automatically pushed to the client and enforced. It was a great idea, but the drive mapping feature never worked consistently in our environment, so we were forced to find alternative solutions for both VPN and antivirus. Too bad, really.
- We have had a couple times when one of the firewalls would hang for no apparent reason. Support engineers were never able to pinpoint the problem either time. It only happened a couple times.
March 05, 2019
Great solution for all budgets
We use Fortigate in 3 locations, for a total of 5 units (two locations are clustered). Mainly used as router / NAT, we also use it for a large number of Site-to-Site VPNs. We have also recently started using it as IPS, Antivirus, Webfiltering, etc.
We have many policies, with some schedule, very easy to use.
We have many policies, with some schedule, very easy to use.
- Site-to-Site VPN. Easy to setup, and reliable.
- Not the best strength of the Fortigate, but very powerful.
- Firewall Policies. Drag and drop, dropdown, schedule, etc. Simple.
- NAT publishing is a bit a pain. Need to create virtual service, virtual address, virtual IP, and publish it thru a policy... so many clicks.
- SSL VPN isn't very reliable, a lot of 98% Connecting issues.
- Monitoring and Troubleshooting can sometime be a pain.
FortiGate Scorecard Summary
Feature Scorecard Summary
About FortiGate
Fortinet’s FortiGate is a firewall product with high integrability. It can be deployed on-premises or as a Virtual Machine in a variety of modules. The granularity of the product enables buyers to tailor their purchase to their business needs. FortiGate integrates into multivendor environments, including IaaS cloud platforms and public cloud environments.
FortiGate’s functionality includes the core firewall features, such as intrusion prevention, anti-malware, and web filtering. It also includes SSL inspection, threat protection, and scalable segmentation, all within low-latency standards.
FortiGate Technical Details
| Operating Systems: | Unspecified |
|---|---|
| Mobile Application: | No |