Firewall Management Console (36)
Policy-based Controls (36)
Reporting and Logging (36)
Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of FortiGate, and make your voice heard!
Entry-level set up fee?
- No setup fee
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Would you like us to let the vendor know that you want pricing?
Fortinet’s FortiGate is a firewall product with high integrability. It can be deployed on-premises or as a Virtual Machine in a variety of modules. The granularity of the product enables buyers to tailor their purchase to their business needs. FortiGate integrates into multivendor environments, including IaaS cloud platforms and public cloud environments.
FortiGate’s functionality includes the core firewall features, such as intrusion prevention, anti-malware, and web filtering. It also includes SSL inspection, threat protection, and scalable segmentation, all within low-latency standards.
- The Fortinet product can be managed from a single console with the FortiManager product.
- The most valuable feature of Fortinet FortiGate is URL filtering.
- Fortinet FortiGate has many valuable features, such as IDS, and intrusion detection. It has security features that are in part with the technologies that are available in the market.
- Fortinet FortiGate is a scalable solution.
- The most valuable feature of Fortinet FortiGate is the simple configuration.
- There be somethings that look foggy as the classification system.
- Some integrations with Log managers can leak some important fields that you only have to understand if you go deeper and deeper in training and documentation.
- The URL filter link sometimes takes time to kick in and causes a runtime lag.
- Wide NGFW functionality.
- FortiGuard UTM.
- Wide partner network.
- Bundled solution.
- WAF functionality is presented, but it is a minimum set of rules compared to FortiWeb solution.
- Filtering information
- High Availability services.
- Strong security.
- The path to upgrade. Sometimes its way to tedious.
- SD-WAN - Load balancing of Internet traffic is a USP of Fortigate and makes it stand tall in the competition. Be it 3 or more Internet Links, multiple Subnets/segments of users to distribute and bandwidth load balancing for links and users. SLA based monitoring of Internet Links / MPLS links, makes it even better to choose the links on the basis of performance (Latency, packet loss, Jitter etc).
- SSL VPN configuration - As we all have WFH force (to some extend or all employee) during Covid-19, it is impossible to plan BCP without having a SSL VPN. In Fortigate, the SSL VPN configuration is very easy with the help of wizard. The deep CLI-level debugging is also very helpful in troubleshooting. Type of tunnel can be easily configured - Full Tunnel or Split Tunnel for SSL.
- Explicit Proxy - This is also a great feature to shape and re-route the traffic, configuring the Proxy on the Firewall itself. We are using this feature in Pilot for now, and planned to rollout in few weeks looking at the success rate of the POC.
- Though, I think Fortigate is one of the best options for small and mid-sized organisations, there are some areas for improvement. First, the CLI interface is very hard to adapt as the commands and directory hierarchy is very different for common syntax and standards.
- Scalability - this is something that I personally have faced twice in the same organization. Fortigate is not easy on scalability part, you have to change the hardware box in order to scale the firewall as organization grows.
- Fortigate sometimes stucks on GUI, which is basically happens due to Disk error. And the only way to mitigate the issue is to reboot the firewall. Which is very hard if you have a 24x7 production running behind the firewall.
- HA switch over in certain conditions is also have some room to improvement. Basic internet link flapping can cause HA switchover, if not configured wisely and with custom settings. HA switch over also takes more than normal time, approx 4 minutes sometimes.
- This robust network malware scanner program does not interfere with data transmission, and the detailed analytics provide security with a wealth of information to help us to fine-tune our network operations.
- Despite its technical competence, whether it's a hardware firewall or a cloud security layer, Fortinet is simple to download, install and operate.
- The most appreciable feature is that it provides not only Windows version, but also can be easily installed on macOS and Linux.
- FortiGate has the advantage of being able to be implemented in the cloud or on-premises.
- This product is quite pricey.
- I wish that their monitoring and reporting could be more stable and better.
- Application visibility
- Stitching of Security Fabric
- Automation of various tasks
- Some features are only available in CLI, make them available in GUI
- Route maps and prefix list availability in GUI
- Separate QOS section in menu bar
- Multi-links traffic load balance via SDWAN.
- Proxy deployment's if required.
- Remote VPN (Forti VPN)
- Advanced Malware protection
- Cost effective
- CLI Commands
- High Availability
- Content filtering
- Fortinet Advanced Threat Protection and Intelligence
- Fortinet FortiSwitch
- SD-WAN security
- Fortinet Advanced Sanboxing
- Logging and report
- Management console
- Most secure for new zero-day and advanced threats
- CLI commads are very complicated
- SLA issue with Technical support
- SN-Wan is so powerful.
- Application control is so powerful also and updated everyday.
- Web control
- VPN remote control is so easy.
- SLA should have more HTTPS on target.
- The traffic logs should be faster on the box. I read it's better on Forti Analyzer.
- Real UTM
- Remote VPN
- Email filtering as well as content filtering
- No advance routing feature available
- Nating customization options not good as compare to other market available firwall's
- CLI needs to be more easier for begineers
- High performance threat protection.
- Web filtering.
- Anti virus.
- Application filtering.
- Content filtering.
- Email control.
- Highly protected with advanced security features.
- Command line is not easy so you will face problem to remember the commands.
- Not good technical support and issue with SLA.
- Not easy to configure and implement.
- It is the most reliable NGFW that we have ever been touch with it.
- You can easily upgrade the firewall cluster firmware without user attention!!!
- User IDentity based feature is fantastic and intrusion prevention just works with least false-positive possible.
- Very reachfull and intuitive GUI, just love it
- Needs some improvements in SSL Offloading capabilities
- Secure your network
- Use as a mode of VPN
- Manages employees access to the internet
- Have an option to remove presets ports
- publishing API
- automation support for legacy devices
- cleaner web ui.
- VPN client is easy to use and can be customized for your organization.
- All features are enabled on the firewall with little to no impact on performance.
- Easy to configure interface on the firewall but also has a command line available for high level admins.
- Excellent technical support department - very quick response time.
- Pricing was amazing compared to peers.
- Sales team was lacking information (type of licensing, hardware model, etc). Make sure you ask lots of questions.
- Intrusion protection.
- Application control.
- Web filtering.
- Reporting could be better.
My department (Enterprise Managed Services) currently uses Fortinet FortiGate in tens of thousands of locations. We use the whole suite with FortiAP and FortiSwitches. The whole family intertwines fluidly with great features and support. Even better is its policy and configuration management with FortiManager or logging and reporting with FortiAnalyzer. The web interface is so intuitive and the CLI is a breeze to use. The current offerings of FortiGates range from small branch office sized firewalls to large multirack datacenter beasts. The VPN capacity, SSL inspection, and other traffic metrics are insane for the purposes we use them for. The high availability and SD Wan features that customers want are so easy to use and configure. I highly recommend FortiGate as an alternative to more expensive solutions that are still 5 years behind.
Another side note, the support and training portals are very very informative. Even the certification exam materials are now free. FortiGate is definitely pushing boundaries with its UTM devices. Many job listings in Denver are now asking for FortiGate experience! Highly recommended.
- IPv4 Policies
- Web content filtering
- Firmware stability
- Traffic Shaping policies
- Better wizards as it can be cumbersome to some new engineers.
- Due to the FortiGate location, all our systems are in the gateway position. We did not experience any performance problems such as 11.11 during busy campaign periods.
- Easy management and very detailed logging.
- It should not allow two different objects to be defined with the same IP address.
- If the rule that is written during the rule writing matches another rule, it can be warned.
We appreciate the next-gen firewall feature set and ease of building policies to tailor to our client's needs for their infrastructure. While we're a pretty small shop, supporting businesses with < 100 users it's nice to have a very scalable solution that we can lead with for clients of any size. We know there's plenty more to learn and grow into the Fortinet universe - but their partner support team is amazing.
- NextGen Firewall.
- SSL traffic inspection.
- VPN / Remote Access.
- Device telemetry.
- Sometimes it's too smart for the beginner engineer.
We like that FortiGate simplifies the deployment of SSL VPN without added hardware or licensing costs - but if you want to include sandboxing and device endpoint telemetry, you can easily bolt on licenses and leverage cloud management without deploying additional hardware. A huge benefit for smaller clients where it's just not feasible.
Having quick access to support resources without always having to call to speak to some engineer helps us self-resolve a great number of issues on our own and learn more along the way. Candidly though, we just haven't had to call in or open a ticket hardly ever - usually it's more for our channel support to determine license needs or quoting assistance.
- Allow secure access to the network for external vendors.
- Protects the network from nefarious online activities
- It gives us granular control over what we allow in and out of the network and the flow of traffic between network points (LANS & WANS).
- It allows us to connect multiple offices over WAN connections.
- Training - The software and device is complex I believe free training should be offered for administrators to become experts on how the device function as opposed to learning by a bit of trial and error or discovering useful features only when the necessity arises. Companies usually like to avoid the added costs of training. Therefore, free training courses to certification would benefit all shareholders and lead to even further widespread adoption over the competition.
- Any simplification of the user interface to implement essential security features would be welcomed. It can be relatively daunting for a new administrator, especially if having to use the command prompt.
- More screenshots in the online documentation or more videos to guide admins on how to implement useful security features I find the documentation online sometimes a bit hard to follow. Still, if screenshots were added, it would simplify the process.
- It's easy to stand up-the registering process is straight forward.
- The flow of the GUI is second to none- easy to navigate.
- One thing that I have noticed with other vendors like WatchGuard is the automatic creation of policies when configuring a VPN tunnel. That helps speed up the configuration to get that tunnel up faster.
- I would also like to see a traffic monitor that shows all live traffic coming in and out. A great tool to use for troubleshooting, that's a feature on the WatchGuard that I like.
- Ease to configure policies
- VPN performance
- Active directory integration.
- Not so scalable, if you need more performance you need to buy another device
- The traffic shaper could be better
- The Wan load balance could be better
- Firewall protection and monitoring.
- Interface can be not as intuitive for those not specializing in firewalls.
- Proxy is cumbersome.
1. How do we reduce the costs incurred securing our infrastructure and assets, while at the same time not exposing those assets to undue risk; and
2. How do we simply our infrastructure, while increasing our visibility into those assets, with the limited resources available.
Fortinet Fortigate solved both those questions, and actually improved our security posture.
- Fortinet Fortigate created a simplified cost structure for every device we installed, saving our company thousands of dollars compared with our previous vendor of choice.
- Fortinet Fortigate firewalls contain a tremendous and robust feature set allowing our organization better protection while reducing the number of devices and software required to do similar functions if we went with our previous vendor.
- When we switched to Fortinet Fortigate, it took some time getting used to and become familiar with the new interface. Being used to strictly command-line interfaces, a full GUI-based firewall was something brand new. Careful planning had to be done when creating rules to ensure we didn't miss anything. However, once we got used to the new GUI interface, going from one Fortinet product to another was simple, as Fortinet used the same interface for all of its devices.
We had a hard drive failure in one of our Fortinet Fortigate appliances. The tech answered immediately, and started rebuilding the drive after some preliminary investigations. After rebuilding, there were still errors and issues, so they dispatched a brand new Fortinet Fortigate appliance. The tech then backed up the configurations for when the new device came in, which showed up in a few hours. A restore of the configuration took less than a minute, and there were no more errors or issues.
- Very effective firewall. If set up correctly, creates a very secure environment.
- Amazing price when compared to same feature set as other prominent firewalls.
- Updates. I have an HA pair but I always lose connection for a minute or two when upgrading.
- Interface display. I have a bug where I have to refresh several times to view policies and objects.