TrustRadius
FortiGate, from San Francisco-based company Fortinet, is a firewall option.https://dudodiprj2sv7.cloudfront.net/product-logos/xg/Td/W8SSKHRTKKEC.pngExcelent solution, ease to configure and manage with a low costWe have been working with this solution over 5 years and we are very satisfied. We use it for one of our offices and the configuration is very easy and intuitive. You can apply policies by address or by user, the integration with Active Directory is not complicated, the cost of the solution is cheaper in comparison with other vendors and including the same solutions.,Ease to configure policies VPN performance Active directory integration.,Not so scalable, if you need more performance you need to buy another device The traffic shaper could be better The Wan load balance could be better,10,Improve the process agility Help us to offer a better service to our users We improve the perimeter security,Check Point Next Generation Firewall and Palo Alto Networks Next-Generation Firewalls - PA Series,Cisco Webex Room Series (formerly Cisco Spark Room Series), Jabber, SysAid, Trend Micro Worry-Free Business SecurityHigh quality experience of network security and traffic control in a single applianceWe use it as our internal and external firewall. It is also used with all security options, including DDOS protection, in our branches.,Web filtering, which protects the users browsing to non-secure websites Network security between different networks Traffic shaping control for users and applications,Traffic shaping options based more on layer 7, so you could have a more detailed control over the exact sites users are browsing The transition between different major updates More option in fast reports and dashboards A more exact measure of bandwidth to show in dashboard and FortiView,8,Very positive because it helps us reducing cost by avoiding the acquisition of additional network equipment It helps us to easily reach our internal security objectives Bandwidth control,,Cisco Meraki Wireless Access Point, Kaseya Virtual System Administrator (VSA), ManageEngine AssetExplorer, ManageEngine Password Manager Pro,200,2,Security protection WAN links load balance Traffic Shaping,Wan link Load balance and high availability configuration for main ISP connections at the same time in active mode Different ways to apply traffic shaping to the users,Load balancing options Remote site connections,8,Yes,Price Product Reputation Analyst Reports Third-party Reviews,I still will keep it as my option.,Implemented in-house,Change management was a small part of the implementation and was well-handled,Load balance between WANs connections,8,In-person training Self-taught,10,Yes, it was easy, there are a lot of resources in internet that are easy to follow.,9,Fortigate Cookbook it is definitely a good guide to start and follow,Yes - we have customized the interface extensively,No - we have not done any custom code,No,Yes,8,Yes,In some occasion during this year, we experienced a big issue that was causing a degradation in our internet, initially we created several cases requesting support to factory to try to find the origin of the bad internet performance and experience for the users especially in videoconference, after hours of troubleshooting and testing we found that the issue was caused by a security protection of DOS that only was automatically applied during high traffic hours during the day.,Policy creation to allow communication between networks Application traffic Shaping,Make traffic shaping troubleshooting,9,10,10,10,9,10,Additional hour of support in case of an emergency failure or advanced support,No,Yes,New Features available,having access to las network tendencies in market like SDWAN without doing an appliance replacementFortinet and Fortigate: A force to be reckoned with!Our company decided to switch from Checkpoint to Fortinet as a corporate standard. I've used Fortinet products for the last 10 years, and have been incredibly happy with the ease of use, and support resources are not as hard to find as they are for Checkpoint. Additionally, the integrated SD-WAN in more recent versions made us start running out of reasons why we SHOULDN'T use Fortinet FortiGate firewalls.,Integrated SD-WAN functionality Best in class threat protection Single pane of glass (Instead of three in checkpoint),Breakout switch still required to share ethernet connectivity with redundant pair. CLI could use some improvement but is overall good.,10,Positive: SDWAN functionality as part of the software package was the big win. Positive: Low spend allows our company to put our money to use on other projects. We are big fans of getting more done with less money spent. Positive: Threat detection and prevention is best-in-class.,Check Point Next Generation Firewall and Cisco ASA,Juniper Secure Access SSL VPN, Check Point 4000 Appliances, Cisco ASA, MikroTik Routers and Switches, MikroTik Cloud Router Switch, pfSense, Cisco MDS 9100, Cisco MDS 9500, Ubiquiti Networks UniFi, Ubiquiti WLAN, Ubiquiti Wireless WAN, Ruckus ICX Switches (formerly Brocade ICX Switches)Fortinet Fortigate 110C General ReviewWe're currently working with amaze with a FortiGate 110C, that is our front end Firewall for ISP routing and as a first layer to declare web access policies, anti-spam filtering, IPS, application inventory and to implement fail over policies to warranty the Internet connection to all departments. The UTM Solution from Fortinet brings a bundle package of features that is allowing the company to establish a MAN and an extreme secure VPN layer to deliver to our branch offices the WAN access with incredible ease. I do strongly recommend this quite remarkable Security Solution.,An accurate Web Filtering module that will allow to your IT Staff, leverage the administration of the web access from the end point users. Also will allow to customize the policies through a broad presentation of options, where you can customize or schedule the access to specific web sites. AD & LDAP integration will allow you to sync your DC with the Firewall and set the traffic rules and packages with ease. VPN through SSL Web Portals will simplify the scale of adaptation for final user, allowing a customization of the front end portal, with corporate image.,Improve time for releasing bug fixing. Integrate graphical troubleshoot tools for policies based on devices or user identities, will help IT Sec Admins to answer faster to security breaches. Using CLI reference guides and a better sort options.,9,Renewals are quite decent but if you scale them over 2 - 3 years, I strongly recommend updating the unit after that time, will give the more juice from the FortiOS releases. The initial investment from the FortiGate UTM Solutions will always come with a better bundle license and features, also it's an advantage for those who seek to lower the cost of initial investment to enable specific features. ROI will be seen after the 6th month.,,pfSense, Revit, ProcoreGreat product, at a great price pointThe FortiGate in our environment provides protection across the entire organization. We are using SSL VPN, web filter, antivirus, and application monitoring. I can attest that these functions all work really well, and our FortiGate has had high reliability and configuring it is not a laborious task. The few interactions I have had with support have been great.,Web Filter - with the supplied FSSO utility filtering users by groups or department is simple. Application Filtering - insight into what applications are running have been great SSL VPN - SSL VPN is simple to set up AV - has done a great job catching viruses before ever hitting the internal network,Logging can be a somewhat difficult to dig into Occasionally usernames aren't attached to the computers being filtered,9,There's been minimal downtime Policies are simple to set up, so carving out bandwidth for a specific application is painless,Palo Alto Networks Next-Generation Firewalls - PA Series, Cisco ASA and SonicWall TZ,Windows Server, Ubiquiti Networks UniFi, EMC VNX
  3. FortiGate Reviews
Unspecified
Fortinet FortiGate
67 Ratings
Score 8.8 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

FortiGate Reviews

FortiGate
67 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.8 out of 101
Show Filters 
Hide Filters 
Filter 67 vetted FortiGate reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Show All Filters
More Filters 
Less Filters 

Reviews (1-21 of 21)

  Vendors can't alter or remove reviews. Here's why.
Mauro Osvaldo Sepulveda Gutierrez profile photo
January 24, 2019

FortiGate Review: "Excelent solution, ease to configure and manage with a low cost"

Mauro Osvaldo Sepulveda Gutierrez
Score 10 out of 10
Vetted Review
Verified User
Review Source
We have been working with this solution over 5 years and we are very satisfied. We use it for one of our offices and the configuration is very easy and intuitive. You can apply policies by address or by user, the integration with Active Directory is not complicated, the cost of the solution is cheaper in comparison with other vendors and including the same solutions.
  • Ease to configure policies
  • VPN performance
  • Active directory integration.
  • Not so scalable, if you need more performance you need to buy another device
  • The traffic shaper could be better
  • The Wan load balance could be better
Fortigate works pretty well if you choose the correct device based on the number of your users. If you need to apply policies by application this solution can help you. Their other features like web filter, VPN connections, traffic reports, etc work well too. In general terms, the solution is very complete and the cost of this device is cheaper than other vendors.
Read Mauro Osvaldo Sepulveda Gutierrez's full review
Kewyn Medina profile photo
August 27, 2018

FortiGate Review: "High quality experience of network security and traffic control in a single appliance"

Kewyn Medina
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use it as our internal and external firewall. It is also used with all security options, including DDOS protection, in our branches.
  • Web filtering, which protects the users browsing to non-secure websites
  • Network security between different networks
  • Traffic shaping control for users and applications
  • Traffic shaping options based more on layer 7, so you could have a more detailed control over the exact sites users are browsing
  • The transition between different major updates
  • More option in fast reports and dashboards
  • A more exact measure of bandwidth to show in dashboard and FortiView
Very good in the firewall protection between different networks, and also for external protection. It also gives a really good experience in the browsing protection for users, which keep them safe from unsecured websites.

On the other hand, you could have some issues when you are tracking a user in the forward traffic log because is not easy to troubleshoot or find some browsing information because of the main graphical interface.
Read Kewyn Medina's full review
No photo available
February 15, 2019

Review: "Fortinet and Fortigate: A force to be reckoned with!"

Verified User
Score 10 out of 10
Vetted Review
Verified User
Review Source
Our company decided to switch from Checkpoint to Fortinet as a corporate standard. I've used Fortinet products for the last 10 years, and have been incredibly happy with the ease of use, and support resources are not as hard to find as they are for Checkpoint. Additionally, the integrated SD-WAN in more recent versions made us start running out of reasons why we SHOULDN'T use Fortinet FortiGate firewalls.
  • Integrated SD-WAN functionality
  • Best in class threat protection
  • Single pane of glass (Instead of three in checkpoint)
  • Breakout switch still required to share ethernet connectivity with redundant pair.
  • CLI could use some improvement but is overall good.
Fortigate is amazing when attempting to create an SD-WAN between large or small environments. This alleviates the cost of a high priced SD-WAN platform like Cloudgenix (amazing product, but pricey!), and extends that functionality to SMB clients at a very low cost in models like the 61e. We can get most of our locations online, with redundancy for under $2000.00.
Read this authenticated review
Victor Arana profile photo
April 24, 2018

"Fortinet Fortigate 110C General Review"

Victor Arana
Score 9 out of 10
Vetted Review
Verified User
Review Source
We're currently working with amaze with a FortiGate 110C, that is our front end Firewall for ISP routing and as a first layer to declare web access policies, anti-spam filtering, IPS, application inventory and to implement fail over policies to warranty the Internet connection to all departments. The UTM Solution from Fortinet brings a bundle package of features that is allowing the company to establish a MAN and an extreme secure VPN layer to deliver to our branch offices the WAN access with incredible ease. I do strongly recommend this quite remarkable Security Solution.
  • An accurate Web Filtering module that will allow to your IT Staff, leverage the administration of the web access from the end point users. Also will allow to customize the policies through a broad presentation of options, where you can customize or schedule the access to specific web sites.
  • AD & LDAP integration will allow you to sync your DC with the Firewall and set the traffic rules and packages with ease.
  • VPN through SSL Web Portals will simplify the scale of adaptation for final user, allowing a customization of the front end portal, with corporate image.
  • Improve time for releasing bug fixing.
  • Integrate graphical troubleshoot tools for policies based on devices or user identities, will help IT Sec Admins to answer faster to security breaches.
  • Using CLI reference guides and a better sort options.
FortiGate for large scale solutions with a tight budget can work quite remarkably. Making the right design having all the specs for the network workload, and security areas where the Fortinet UTM solution will be involved can give you the exact model and bundle options needed to make an accurate purchase.

For those IT pros that can save money and use their own resources you can have pfSense Firewall to cover SMB, SOHO offices also for mid size companies 50-99, should work perfect and you will save time money, and training.
Read Victor Arana's full review
Derek Aldridge profile photo
March 16, 2018

FortiGate Review: "Great product, at a great price point"

Derek Aldridge
Score 9 out of 10
Vetted Review
Verified User
Review Source
The FortiGate in our environment provides protection across the entire organization. We are using SSL VPN, web filter, antivirus, and application monitoring. I can attest that these functions all work really well, and our FortiGate has had high reliability and configuring it is not a laborious task. The few interactions I have had with support have been great.
  • Web Filter - with the supplied FSSO utility filtering users by groups or department is simple.
  • Application Filtering - insight into what applications are running have been great
  • SSL VPN - SSL VPN is simple to set up
  • AV - has done a great job catching viruses before ever hitting the internal network
  • Logging can be a somewhat difficult to dig into
  • Occasionally usernames aren't attached to the computers being filtered
Fortinet FortiGate is well suited for SMB, and they offer a suite of products that complement each other very well. There is a lot of flexibility for configuration, as there are command line options, and also a GUI that is fairly intuitive. With the range of appliances that Fortinet offers I'm not sure there is an environment that it wouldn't work in.
Read Derek Aldridge's full review
Artur Bittencourt profile photo
December 19, 2017

Review: "Fortigates are good options for Firewalls"

Artur Bittencourt
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Fortigate as our main firewall to protect the network and to establish VPN between 2 sites. We make use of most Fortigate modules and subscription such as anti-spam, anti-virus and Intrusion detection systems. The Fortigates protect our Internal network and the public Wifi we provide to the public. We also take advantage of the Web filtering functionality.
  • Unified Protection: Having firewall, IDS, Anti-virus and Anti-spam on the same appliance is very handy as you don't need to deploy multiple appliances/solutions
  • User Access Control: Setup Firewall rules based on Active Directory User and Groups help with the constant need for firewall changes, saving the network folks a lot of time.
  • GUI Interface: Very intuitive Management interface, makes the need for CLI changes very seldom
  • Non-disruptive upgrades on standalone boxes. Not sure if the technology would allow it but it would be great to have.
  • Subscription signatures auto-deployment could affect production traffic. In some circumstances letting Fortigate accept subscription signatures may cause the device to drop traffic
I've only used Fortigates in small and medium environments with multiple locations and the Fortigates work very well. They are usually very low maintenance and easy to upgrade. Creating site-to-site VPNs, as well as SSLVPNs, are very simple on Fortigates. The low-end Fortigates have pretty much the same functionality as the high end and can be managed the same way.
Read Artur Bittencourt's full review
Harshil Gupta profile photo
November 21, 2017

User Review: "FortiGate, a trustworthy UTM and NGFW"

Harshil Gupta
Score 10 out of 10
Vetted Review
Reseller
Review Source
FortiGate is a gateway firewall in our organization. It is utilized as a UTM. Our network is monitored, analyzed, secured and enhanced by the FortiGate device. Its is utilized across the whole organization. We can secure our network from threats, antivirus, intrusion using the G/W firewall. Cloud based reporting is really a decent feature of FortiGate. QoS, web filtering, AD synchronization, control over applications, SSL/IPSec VPN, and site-to-site IPSec VPN features are utilized by us.
  • Inbuilt wireless controller, which helps to create wireless VLAN. Its an amazing feature provided by FortiGate. There is no need to pay more for this feature. It is an inbuilt controller. I truly appreciate Fortinet to avail this feature avail within the NGFW and strong managing capabilities.
  • The VPN throughput. Hats' off commitment by Fortinet. The words in data-sheet of FortiGate device means it and proved it. We are using the site-to-site VPN, site-to-client VPN, and my clients are happy with the level of connectivity and responsiveness.
  • Security Fabric. Another legitimate feature proves FortiGate out of the box. All the devices installed in end-point or in network , are well synchronized for playing vital roles to provide security. And they are worthy.
  • Post Sale Support, I think. It could be improved. The product has amazing features and commitment towards its dedicated performance. The post-sale service might attract more end customers.
  • The user login client application. Currently it is browser based.
No doubt, what a company's system administrator wants from a UTM device. It has everything and the parameters are proven by NSS Labs. The only need is to size the requirement accurately and the consumer will never regret having it. It's a world-class solution and has continuously secured a leading position in Gartner Magic Quadrants.
Read Harshil Gupta's full review
Adrian Cumberbatch profile photo
February 13, 2018

FortiGate Review: "Probably the best Firewall wall."

Adrian Cumberbatch
Score 10 out of 10
Vetted Review
Verified User
Review Source
Our Fortigate is used as the primary network router and IPSec VPN access point. We have a hub [and] spoke setup between the main office and other remote offices. Users also connect to our fortigate to access the network remotely using SSL VPN with the FortiClient software installed on their PCs or using the SSL web portal.
  • SSL VPN works well and is very configurable for controlling access to internal network resources based on user groups.
  • Fortigate also manages our wireless AP and many SSIDs can be created with either WPA or Enterprise WPA with radius for greater security
  • IPSec VPNs easy to configure between fortigate devices but also not that difficult for other IPSec compatible devices
  • Initial learning curve was difficult coming from a Symantec/Raptor background but not a huge deal
Fortigate is well suited where you have multiple internet connections and you want to provide failover for these connections. This can be done by round-robin or in an active-passive mode when an ISP goes down, traffic is automatically routed across the other device without interruption. Users never notice and it saves a lot of headaches. Of course, monitoring should be done from external sources so that you are aware when a link goes down.
Read Adrian Cumberbatch's full review
Marc-Olivier Turgeon-Ferland profile photo
November 28, 2017

Review: "Everything you need to know about Fortigate before buying it !!"

Marc-Olivier Turgeon-Ferland
Score 7 out of 10
Vetted Review
Verified User
Review Source
We use FortiGate mainly for internet gateway and IPS at each of our offices. It offers us IPS, Firewall, VPN and many more features for a competitive price.
  • User authentication inside firewall rules. It is practically seamless and really easy to setup.
  • Management of firewall rules via the GUI.
  • Management of IPS rules via the GUI.
  • Forticlient with SSL VPN causes a lot more problems than it solves. Windows and Mac updates keep breaking the Forticlient and it takes weeks to get updates. Fortigate updates also sometimes break the SSL VPN. Forticlient crashes and the only fix is to restart the computer to restart the VPN driver. We had this problem for 3 years and they still don't have a fix for that. We now use L2TP-IPsec and Cisco-IPsec with Windows and Mac embedded VPN clients because of all that.
  • Memory issues with IPS. We tried all the firmware versions and IPS engines given to us by the Fortinet support and we are still experiencing memory leaks once in a while with the IPS engine. The only provided solution is to restart the IPS engine via CLI.
  • FortiView only works properly if you disable ASIC routing. Their marketing always says that their ASICs is the reason their appliances are better than competition but you can't use it if you want reports or to be able to drill down on network usage.
  • Every time they release a new firmware version, it takes 3-6 revisions for it to be free from major bugs. We are still waiting for a 5.6 revision that will not have major bugs within the features we use.
  • Active-Active clusters do not offer much resilience when problems are software based. If for example the IPS engine has a memory leak, it will not automatically fallback on the other Fortigate, even if the primary one reboots.
  • Everything related to virus, spam and intrusion detection (Forticlient, IPS, mail antispam, etc.) needs a lot of tweaking otherwise you will get a lot of false positive. It is also lacking in the type of actions you can do when those are detected. It is designed more for blocking than anything else.
For the money, even with all the bugs, I think it is the application that offers the most features.

If you need a lot of those features and you are ready to put the time into tweaking your FortiGates, I really think it will give you the most value.

If you have the money to buy the best VPN appliance, the best Firewall, the best IPS appliance and the time to set them with each other then FortiGate is not for you. If money is not the main concern and you only need the best, FortiGate is not for you but I really doubt it will be the case for most.
Read Marc-Olivier Turgeon-Ferland's full review
Tommy Boucher profile photo
November 29, 2017

FortiGate Review: "Great solution for all budgets"

Tommy Boucher
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Fortigate in 3 locations, for a total of 5 units (two locations are clustered). Mainly used as router / NAT, we also use it for a large number of Site-to-Site VPNs. We have also recently started using it as IPS, Antivirus, Webfiltering, etc.

We have many policies, with some schedule, very easy to use.
  • Site-to-Site VPN. Easy to setup, and reliable.
  • Not the best strength of the Fortigate, but very powerful.
  • Firewall Policies. Drag and drop, dropdown, schedule, etc. Simple.
  • NAT publishing is a bit a pain. Need to create virtual service, virtual address, virtual IP, and publish it thru a policy... so many clicks.
  • SSL VPN isn't very reliable, a lot of 98% Connecting issues.
  • Monitoring and Troubleshooting can sometime be a pain.
They have a lot of different models of Fortigate, from simple Wifi router, to very large clustered deployment. It is well suited for almost any scenario.

Both a small office and a large datacenter can use the power of a Fortigate.
Read Tommy Boucher's full review
No photo available
October 10, 2017

Review: "Fortinet Fortigate - my top choice for medium enterprise networks."

Verified User
Score 10 out of 10
Vetted Review
Verified User
Review Source
This device is being used across the entire organization. We are using it as our primary Internet facing firewall. It is protecting our network from outside threats and ensuring that the users inside the organization are protected as well. All authorized users have access to the FortiClient VPN software so they can access resources from remote locations.
  • VPN client is easy to use and can be customized for your organization.
  • All features are enabled on the firewall with little to no impact on performance.
  • Easy to configure interface on the firewall but also has a command line available for high level admins.
  • Excellent technical support department - very quick response time.
  • Pricing was amazing compared to peers.
  • Sales team was lacking information (type of licensing, hardware model, etc). Make sure you ask lots of questions.
Our firewall is fantastic. It's very quick and easy to configure. Fortigate offered a lot of assistance during setup so that our downtime when switching was very limited. The technical support team is amazing and have a very quick response time. Compared to it's peers, Fortigate has exceptional pricing for the same or better feature set.
Read this authenticated review
No photo available
November 21, 2017

User Review: "Fortigate, the best"

Verified User
Score 9 out of 10
Vetted Review
Reseller
Review Source
We use and recommend Fortinet Fortigate to all our customers as the main firewall at the internet access point of the organization. We use it mainly as a firewall but we also make use of its anti-virus capabilities and as a web filter. The VPN is an additional plus.
  • fire wall
  • antivirus
  • VPN
  • GUI
  • wizards
  • price
Any company that takes information security serious should use Fortinet Fortigate as their primary firewall for the first line protection. Likewise, a company with multiple sites should make use of Fortinet Fortigate's tunneling options. If users need to be able to access the office remotely, there is nothing like Fortinet Fortigate's VPN to do so.
Read this authenticated review
No photo available
November 21, 2017

FortiGate Review: "Forti-UTM"

Verified User
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Fortigate across the whole organization. It is used for firewall/IPS/Web filtering.
  • UTM provides comprehensive security, which is great
  • Easy to use GUI
  • Great support
  • Site-to-site vpn - would like to configure using wizard. currently, I use manual configuration.
  • Additional reports on web site usage statistics
  • Failover / redundancy
Great for small-medium companies. Not sure how it will scale for large companies.
Read this authenticated review
Fabrizio Volpe profile photo
June 08, 2017

"A FortiGate firewall and UTM appliances review"

Fabrizio Volpe
Score 9 out of 10
Vetted Review
Verified User
Review Source
  • FortiGate is a label that Fortinet applies to a really large number of products having a part of shared features.
  • Possible usage scenarios include:
    • VPN Gateway
    • Small offices connection endpoints
    • Enterprise proxy, firewall and threats management with UTM (Unified Threat Management)
    • Routing and layer 3 management
    • High availability
  • Virtualized FortiGates are also an option, and it is something that is interesting for companies with a good virtualization infrastructure.
  • FortiGate is not just a firewall but a full Unified Threat Management (UTM) solution. So, a FortiGate can be used as the single security point to check on security risks like SPAM, infected attachments, spyware and so on).
  • Smaller devices (series 90 and 30) have a limited subset of the above features.
  • The routing and VPN performances are really good too, so a company network could easily use a correctly dimensioned appliance as the core of the layer 3 and routing infrastructure.
  • FortiOS (Fortinet's network security operating system) is used on all the appliances, so security people are able to move from a smaller device to really large deployments with (relative) ease.
  • Having a single solution used to manage security risks (using the UTM) is really something that reduces complexity of the network administration and deployment.
  • The NAT and routing management that a FortiGate is able to deliver is one of the best I have seen so far. I had to configure really peculiar addressing requests and the FortiOS gave me a range of solutions that made it doable.
  • The graphical interface of the FortiOS makes it look like an easy to use tool. This perception is true if you are going to do a really limited use of the appliance. However, it could create a false sense of confidence in using something that is really complex.
  • In the past months I know that a few customers were not happy about the quality of the support they received, especially from sales people. If it is true (I have no first hand evidence) it could be an important point to fix.
  • Some of the services and upgrades are costly. I am not saying they are not worth the money, but in a market that is really crowded, cost is a decision factor that could push companies to different platforms.
FortiGate is well suited for medium/large companies (I suggest it for businesses having 500 or more users). It is a good VPN solution, mail gateway, routing device and (of course) firewall appliance. For a small deployment, it could be overkill (or the smaller devices could be too limited). In a really large enterprise, it is still a great security solution, while for the routing and switching part other competitors could be a better fit.
Read Fabrizio Volpe's full review
Johannes Weber profile photo
April 18, 2017

Review: "FortiGate - a good all-in-one firewall with some design weaknesses"

Johannes Weber
Score 8 out of 10
Vetted Review
Verified User
Review Source
For customers with 50-200 users we are using FortiGate as the central firewall. That is, internal users are surfing the Internet (URL filtering, antivirus), servers in the DMZ are reached from the Internet, partners are connected via static site-to-site VPNs, and home office users are able to log into the company network via a VPN with two-factor authentication.
  • Good summary GUI: The basic steps such as adding new policies or users can be done through the GUI. The GUI is fast and has a couple of options. There is a CLI-widget on the dashboard which enables the usage of CLI commands through the GUI - nice.
  • Counters and bars for policies and VPNs: Within the GUI you have several counters of packets/bytes/sessions that make it easy to understand whether some policies of VPNs are functional and in use.
  • Built-In two-factor authentication possibility: You can use a two-factor auth via SMS out of the box. You simply need an email-to-SMS provider and you're done.
  • Though the GUI is fast, it lacks many options. In many cases, you can only configure the first 20% of options while the other 80% must be done through the CLI. This won't be a problem for experienced (Cisco) admins but it's a challenge for normal IT workers that are not working with FortiGate every day.
  • Separate security policy for IPv4 and IPv6: This is a really bad design because you need to manage two independent security policies! Other firewall vendors have a single policy which can be used for both Internet protocols.
  • No configuration revisions: There is no store for old configuration snapshots. Don't forget to backup the config manually before doing an upgrade!
  • No dedicated out-of-band management plane: FortiGate can only be managed in-line. You must connect to some data ports. (That is: You don't have the possibility to configure a management-only interface with its own default route.)
FortiGate has a good price performance ratio. That is you get a good all-in-one appliance for accessing the Internet, while allowing/blocking traffic to your servers, using the VPNs, etc. The firewall can also be used as a fast router with only layer-4 policies (port-based), e.g., for LAN segmentation. However, note that the throughput dramatically decreases when advanced features are enabled.
Read Johannes Weber's full review
Adithyo Dewangga Wijaya profile photo
April 18, 2017

FortiGate Review: "Fortinet FIrewalls"

Adithyo Dewangga Wijaya
Score 8 out of 10
Vetted Review
Verified User
Review Source
Fortinet's version of throughput is good and It has a strong active cluster, as you can have between three and 32 units to a cluster. The most important factor is that you choose a firewall or UTM solution that fits your organization's security requirements. Begin by determining what business problem you are trying to solve, what technical controls you need to implement (Firewall, IPS, NAC, VPN, endpoint, mobility, web filtering, malware detection, etc.). Then, determine what hardware features you need such as (HA clustering, link aggregation or 10Gb, port density), and what kind of throughput, and how many concurrent connections.
  • Easy to set up
  • 9/10 Customer Service
  • 9/10 Technical Supports
  • Security
  • LAN
  • WAN
Variables in TCL scripts via FortiManager
Read Adithyo Dewangga Wijaya's full review
Troy Smith profile photo
March 20, 2017

User Review: "Fortigate Firewalls"

Troy Smith
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use the Fortigates as our primary firewalls at our primary and DR locations. We also use them for creating VPN tunnels between outlying branches for secure communication over the internet. They are also used as another layer of anti-virus, DDOS, etc., for our organization.
  • Very easy to create VPN tunnels between Fortigate devices.
  • Easy set up and configuration.
  • Firewall rules are straight forward to setup.
  • The logs can be troublesome to work through to try and find why information is not being passed through.
  • Creating a VPN tunnel to a non-Fortigate can be difficult.
  • Reporting function and GUI interface takes up a very large amount of CPU. Many times I have seen the CPU usage hit 100% with very little traffic being processed.
As a primary firewall for internet access the devices work great. If you want to use them to include VOIP or time sensitive applications, be aware of the CPU usage.
Read Troy Smith's full review
No photo available
March 13, 2017

FortiGate Review: "Fortinet from a SysAdmin perspective"

Verified User
Score 10 out of 10
Vetted Review
Verified User
Review Source
Fortigate is a very simple solution to deploy and it helps to handle web users and to apply policies to those users according to departments or user's roles. This solution was deployed across the whole organization and it helped to manage limited resources as well as network bandwidth. You can manage resources to power or limit users. You can always define new roles and filter websites accordingly.
  • Web filtering. It has specific categories to filter web pages. You can always customize them and also create new ones.
  • Security. FortiGate provides a good security to guarantee that no users override the system.
  • You can find different categories where you can filter services. Something like IM, Social Networks, etc. You can also filter ports and create proxy-like routes.
  • I think that the GUI can be improved to make it friendlier.
  • License fee could be lower.
  • Logs and the information that comes out of it [don't have] much information to debug.
Fortinet is well suited for a working environment and when you want to manage how users interact with web services. In this case, Fortinet is doing it very well when it comes to assigning web profiles to users and granting or denying access to specific websites, ports or services (IM, Social Networks, etc.).
Read this authenticated review
Steve Jenovai profile photo
December 28, 2015

User Review: "Fortigate -great product, great price"

Steve Jenovai
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use a variety of Fortigate models across our and our customer organizations. We use it as a firewall/security/VPN appliance and also as a high availability gateway at several locations. We needed to find a product that was quick to setup, easy to manage, and provided advanced security features. Netflow/S-flow are built into Foritgate, which met another one of our requirements for traffic monitoring. We also needed a company that had a product line that could tolerate environmental extremes in an industrial environment. Fortigate has such a product line.

The Fortigate GUI is intuitive and provides easy visibility into multiple network activities. When we are trouble-shooting for our customers, this interface has often proven invaluable in quickly getting to the heart of network or security issues.
  • Forigate's FortiOS is feature rich, giving good value for the money spent. The GUI is intuitive and makes configuration easy and fast.
  • Documentation is well written and easy to read. Diagrams and illustrations clearly illustrate principles and concepts, making it easier to make configuration decisions
  • The consistency of features and GUI across the product line has made Fortigate implementation very easy.
  • The form factor on the industrial units such as the 60D is not idea for DIN Rails, taking up more space than is needed. There needs to be an option for 24V power in the industrial units.
Foritgate has products that are well suited for harsh industrial environments and can provide a secured peripheral network outside the conventional data center. Because of the ease of manageability, it allows us to easily manage and secure remote sites without the need to travel to locations that are often a challenge to get to.
Read Steve Jenovai's full review
No photo available
July 15, 2016

User Review: "Fortinet Fortigate"

Verified User
Score 9 out of 10
Vetted Review
Verified User
Review Source
Firewalls were deployed at HQ, remote offices, and used as our primary gateway, UTM/NGFW for 2 production datacenters. Only firewall, UTM modules, and basic routing were used, no dynamic routing, wireless, vpn client or endpoint protection software.
  • Very fast and effective at overall UTM functionality
  • Best management UI I've seen across comparable vendors
  • Overall value, lower cost than competitors with similar features.
  • Support is downright horrid. Level 1 support will ask you (or even do it themselves) to *reboot* appliances. In a production datacenter. Level 2 will only do very basic support and will generally refuse bugs exist, in an overwhelming flood of proof.
  • Reliability isn't quite up to par. Although it's still a stable device, there are nuances you don't see in simpler deprecated devices like an ASA. But this comes with the territory of UTM/NGFW appliances.
Unless there's a killer feature in another brand you must have, there's no situation I can think of that I would suggest another UTM.
Read this authenticated review
No photo available
July 15, 2016

Review: "FortiGate: one of the best FW products for Enterprise Org"

Verified User
Score 8 out of 10
Vetted Review
Reseller
Review Source
We deploy multiple clusters of FortiGate 1500Ds nation-wide for our customers' centralized firewall as well as VPN concentrators. We also installed remote office class Fortigate to customer's locations to set up a VPN from the locations into the VPN concentrators.
  • FortiGuard (cloud-base AV/IPS/Webfiltering database) services regarless of the type of FortiGate on site are their main sell.
  • They cover most aspects of network needs with Forti-xxxx products integrated with FortiGate, such as FortiManager, FortiAnalyzer, FortiAP, FortiSwitch, and so on.
  • They have top class support services like Cisco and Juniper [do].
  • Their business model relies on recurring revenue sources; service/support contract for bigger/more expensive hardware. It's not cheap to keep them for years unless yours are small enough to feel ease of annual cost.
  • Although they add some key routing/switching features from time to time, FortiGate has never been a "router" or "switch", or "L2/L3 router/switch". It's a "firewall". You can't expect the same level of routing/switching feature sets like Cisco or Juniper L2/L3 router/switch provide.
  • The level of support you can get may vary depending on how busy the support teams are. You might need to escalate if you don't think you're getting proper support.
  • They're very successful with enterprise customers/users. Mean Network Provider customers, like us, often take a back seat especially for new feature development.
Smaller organizations who need cloud-based firewall services would get the most benefit out of FortiGate products. Provider class users need a full evaluation on exactly how they need/want to deploy. They should also see if FortiGate fits in the bigger picture (including the total cost analysis).
Read this authenticated review

FortiGate Scorecard Summary

Likelihood to Recommend (67)
8.8
Likelihood to Renew (2)
8.9
Usability (3)
9.0
Availability (2)
10.0
Performance (1)
10.0
Support (4)
8.6
In-Person Training (1)
10.0
Implementation (4)
8.4
Product Scalability (2)
9.1

About FortiGate

FortiGate, from San Francisco-based company Fortinet, is a firewall option.
Categories:  Firewall

FortiGate Technical Details

Operating Systems: Unspecified
Mobile Application:No