TrustRadius
FortiGate, from San Francisco-based company Fortinet, is a firewall option.https://media.trustradius.com/product-logos/xg/Td/W8SSKHRTKKEC.pngFortinet FortiGate ReviewFortinet Fortigate is a complex solution to assure the security of your network perimeter. It has a very simple interface with sufficient functionality. We like this tool because it is easy to install, easy to administer, has a good price, and good protection. We would say that Fortinet Fortigate is the best in its class because of its high availability, speed, resilience, and the vendor offers very qualitative support.,Very easy-to-use interface Good resilience High availability and speed Easy installation,More complex configurations must be done via the console Licensing options can be improved,10,We are more secure with Fortinet FortiGate. We have the possibility to administrate servers with VPN and to do daily work with VPN. Monitor and prevent cyber attacks.,Cisco ASA,McAfee NAC (Discontinued), Cisco IronPort Web Security Appliance, Cisco Aironet and Catalyst Access PointsEverything you need to know about Fortigate before buying it !!We use FortiGate mainly for internet gateway and IPS at each of our offices. It offers us IPS, Firewall, VPN and many more features for a competitive price. We also use Fortigate captive portal with their 2FA (mobile or physical) keys to offer an additional validation before accessing our service backend networks.,User authentication inside firewall rules. It is practically seamless and really easy to setup. Management of firewall rules via the GUI. Management of IPS rules via the GUI.,Forticlient with SSL VPN causes a lot more problems than it solves. Windows and Mac updates keep breaking the Forticlient and it takes weeks to get updates. Fortigate updates also sometimes break the SSL VPN. Forticlient crashes and the only fix is to restart the computer to restart the VPN driver. We had this problem for 3 years and they still don't have a fix for that. We now use L2TP-IPsec and Cisco-IPsec with Windows and Mac embedded VPN clients because of all that. Memory issues with IPS. We tried all the firmware versions and IPS engines given to us by the Fortinet support and we are still experiencing memory leaks once in a while with the IPS engine. The only provided solution is to restart the IPS engine via CLI. FortiView only works properly if you disable ASIC routing. Their marketing always says that their ASICs is the reason their appliances are better than competition but you can't use it if you want reports or to be able to drill down on network usage. Every time they release a new firmware version, it takes 3-6 revisions for it to be free from major bugs. We are still waiting for a 5.6 revision that will not have major bugs within the features we use. Active-Active clusters do not offer much resilience when problems are software based. If for example the IPS engine has a memory leak, it will not automatically fallback on the other Fortigate, even if the primary one reboots. Everything related to virus, spam and intrusion detection (Forticlient, IPS, mail antispam, etc.) needs a lot of tweaking otherwise you will get a lot of false positive. It is also lacking in the type of actions you can do when those are detected. It is designed more for blocking than anything else.,7,Because we use FortiGate in all our offices and all FortiGates run on the same firmware/OS, it is really easy to setup cross-site configuration or deploy firewall/IPS rules company wide. Fortinet always does things a bit differently than the rest which sometimes makes it easier to set up but most of times means that you need to contact support or search online to know what options really do. This can cost a lot of man-hour in the long run. The man-hour needed to fix or workaround all the small bugs as to be the most impacting thing to consider before buying FortiGate. If you really use most of the features, you will need to put the time into learning this product. Also for some reason their support doesn't seem to be trained on a lot of features they have inside the product. I often have to link Fortinet documentations to the support technician for them to even understand which feature I am trying to implement.,Sophos Firewall, Palo Alto VPN Appliance, Palo Alto Networks Threat Protection and WatchGuard NGFW,Microsoft System Center Configuration Manager, System Center Operations Manager, Cisco Ethernet Switches, Nginx, Microsoft Office 365, SysAid,Yes,Price Product Features Existing Relationship with the Vendor Positive Sales Experience with the Vendor Analyst Reports,If we had to do it again now we would probably evaluation the more expensive options that were out of the budget at the time. Now though we have so much time and experience on the platform that the alternatives would need to be an order of magnitude better even with the bigger budget.,Yes,Our SE always provides support that goes beyond what is expected. One time we were diagnosing a slowness when doing SMB traffic over L2TP VPN and even though support was trying to help but not finding the problem our SE was continually giving us things to try in parallel and in the end it wasn't even the Fortigate that was causing the problem, it was some regkey in Windows.,7,Windows and macOS embedded VPN clients FortiManager FortiAnalyzer FortiAuthenticator,OpenVPN as a VPN client Clearpass,File import/export Single Signon API (e.g. SOAP or REST) Javascript widgets,7,You should probably stick to Fortinet products if you want to use Fortigate as they are not the best at being vendor agnostic. Sometimes they will use standard protocols and it will be possible to use third party but you will need figure out mostly by yourself if it's even possible and then how to do it.Fortinet FIrewallsFortinet's version of throughput is good and It has a strong active cluster, as you can have between three and 32 units to a cluster. The most important factor is that you choose a firewall or UTM solution that fits your organization's security requirements. Begin by determining what business problem you are trying to solve, what technical controls you need to implement (Firewall, IPS, NAC, VPN, endpoint, mobility, web filtering, malware detection, etc.). Then, determine what hardware features you need such as (HA clustering, link aggregation or 10Gb, port density), and what kind of throughput, and how many concurrent connections.,Easy to set up 9/10 Customer Service 9/10 Technical Supports Multiple layers of security,Security LAN WAN,8,With the Fortinet solution store connectivity can be restored in about 20 minutes. Estimating an average of one outage a year and a potential for average hourly earnings at a store of $$$ an hour,Cisco ASA,No,Price Product Features Product Usability Product Reputation Prior Experience with the Product Vendor Reputation Existing Relationship with the Vendor Positive Sales Experience with the Vendor Analyst Reports Third-party Reviews,Yes,10,No,Great with 4-Hour On-site Engineer: Parts delivered on-site with an engineer, 24 hours a day, 7 days a week within 4 hours of RMA approval by Fortinet support.,GUI Reports,Scripting,Yes, but I don't use it,10Probably the best Firewall wall.Our Fortigate is used as the primary network router and IPSec VPN access point. We have a hub [and] spoke setup between the main office and other remote offices. Users also connect to our fortigate to access the network remotely using SSL VPN with the FortiClient software installed on their PCs or using the SSL web portal.,SSL VPN works well and is very configurable for controlling access to internal network resources based on user groups. Fortigate also manages our wireless AP and many SSIDs can be created with either WPA or Enterprise WPA with radius for greater security IPSec VPNs easy to configure between fortigate devices but also not that difficult for other IPSec compatible devices,Initial learning curve was difficult coming from a Symantec/Raptor background but not a huge deal,10,Fortigate has made it easy for users to connect remotely and securely with Forticlient 2fa. Fortigate has offered a number of devices that are appropriately sized for the various locations so we never have to over purchase. Fortigate allows us to have multiple links between locations for redundancy making it easy to keep users connected.,,100,2,Remote access for users Inter-office VPN links using SD-WAN Network segmentation to protect and isolate various network segments Wan failover source and destination routing of network traffic,SDWan has allowed us to utilize our multiple internet circuits to provide the best connection for inter office VPN. Before using SDWan features, we would have to be continuously monitoring VPN links and manually switching routing priority from links with degraded performance. This resulted in numerous complaints from users, but now SDWan keeps choosing the optimal circuit between ISPs which has dramatically improved things,We are hoping to use more SDWan features in the future to segregate the types of traffic on our VPNs, so that higher priority business traffic is placed on premium DIA circuits, and backup replication traffic is placed on cheaper broadband circuits. Currently we have to use all traffic on the same DIA link which is less capacity and is expensive.,10,Yes,9,No,My last support call was with a SSL VPN portal issue which had to be escalated to a level 2 engineer. The engineer came up with a way to troubleshoot the issue which was affecting another product we were testing, and even spent time on two calls with engineers from the other vendor so that we could find a work-around. This went on for about 3 weeks and he constantly updated me with progress he was making.,8,10Fortinet FortiGate 1500D Series Product ReviewWe have two FortiGate 1500D firewalls, one at each datacenter. They are configured as active-passive. All traffic coming and going passes through them for the entire organization. This ensures that all packets to and from users are managed and controlled.,Creating and managing access control policies that allow specific traffic in and out of the network. Once you get it set up, it's easy to create new policies, specify ports, and configure IP ranges. Active-Passive failover works well. It generally works pretty well without much care and feeding. Their web filtering module makes it pretty easy to block malicious websites quickly.,We tried to roll out the client about five years ago. This is used both for VPN, as well as antivirus/web filtering. Any policies set at the firewall would be automatically pushed to the client and enforced. It was a great idea, but the drive mapping feature never worked consistently in our environment, so we were forced to find alternative solutions for both VPN and antivirus. Too bad, really. We have had a couple times when one of the firewalls would hang for no apparent reason. Support engineers were never able to pinpoint the problem either time. It only happened a couple times.,7,It's performed as expected. I think that is about as good as it gets for an appliance that's sole job is to be invisible. In an environment with staffing challenges, it's imperative that we pick solutions that make our jobs more manageable. I would put this product in that category.,,Nutanix, Nutanix Prism, Exagrid EX Series, SolarWinds Network Device Monitor, Barracuda Load Balancer, Zoom, Ivanti Endpoint Manager (formerly LANDESK Management Suite), Sophos Endpoint Protection, ForeScout CounterACT, Dude Solutions Help Desk (formerly SchoolDude)Excelent solution, ease to configure and manage with a low costWe have been working with this solution over 5 years and we are very satisfied. We use it for one of our offices and the configuration is very easy and intuitive. You can apply policies by address or by user, the integration with Active Directory is not complicated, the cost of the solution is cheaper in comparison with other vendors and including the same solutions.,Ease to configure policies VPN performance Active directory integration.,Not so scalable, if you need more performance you need to buy another device The traffic shaper could be better The Wan load balance could be better,10,Improve the process agility Help us to offer a better service to our users We improve the perimeter security,Check Point Next Generation Firewall and Palo Alto Networks Next-Generation Firewalls - PA Series,Cisco Webex Room Series (formerly Cisco Spark Room Series), Jabber, SysAid, Trend Micro Worry-Free Business SecurityGreat solution for all budgetsWe use Fortigate in 3 locations, for a total of 5 units (two locations are clustered). Mainly used as router / NAT, we also use it for a large number of Site-to-Site VPNs. We have also recently started using it as IPS, Antivirus, Webfiltering, etc. We have many policies, with some schedule, very easy to use.,Site-to-Site VPN. Easy to setup, and reliable. Not the best strength of the Fortigate, but very powerful. Firewall Policies. Drag and drop, dropdown, schedule, etc. Simple.,NAT publishing is a bit a pain. Need to create virtual service, virtual address, virtual IP, and publish it thru a policy... so many clicks. SSL VPN isn't very reliable, a lot of 98% Connecting issues. Monitoring and Troubleshooting can sometime be a pain.,9,They are very cheap compared to other solutions, the ROI is very easy. When used as a router, you can use the IPS between VLANs, and catch the problem before it hits the antivirus. All-in-One UTM, don't have to log to many UIs to manage your network.,WatchGuard NGFW and pfSense,Remote Desktop Manager, Microsoft Data Protection Manager, Microsoft System Center, FreeNAS, ownCloud, Microsoft Office 365,No,8,Yes,During an upgrade, some of the feature stopped working, and everything was down. We called them, and they assisted us, step by step, to reverse, and get it back online. It was in the middle of the night and support was very helpful. They came back to us after with the solutions, and a fix, so we could do the upgrade again.Fortinet FortiGate - Fantastic platform, hardware and service!We are using Fortigate Firewalls at all of our properties, from large campus installs to small branch office locations. We use Fortigate units to route traffic and as a Next Generation Firewall, to allow policy based security at all of our locations. The Fortigate units allow us to secure our networks, while providing a great experience for our administrators,Simple but complete GUI allows for easy management. Intuitive CLI allows experienced CLI users from other platforms to come up to speed quickly. Unit comes out of the box with a feature rich logging capability, FortiAnalyzer brings it to the next level and is very easy to install. Licensing is easy to understand, The device is a single line item and support has 2 options 8x5 and 24x7.,Fortigate's SSL VPN client isn't available via MSI with an easy options for mass deployment and configuration out of the box. You need to have a Fortinet Developer Network license to create a custom deploy image. Fortinet's after hours support is overseas and is adequate. Not stellar.,10,Increased visibility into our traffic flow We've experienced no outages during business hours since installing the devices 4 years ago.,Palo Alto Networks Next-Generation Firewalls - PA Series, Cisco ASA and Check Point 12000 Appliances,FortiClientFortinet Fortigate - my top choice for medium enterprise networks.This device is being used across the entire organization. We are using it as our primary Internet facing firewall. It is protecting our network from outside threats and ensuring that the users inside the organization are protected as well. All authorized users have access to the FortiClient VPN software so they can access resources from remote locations.,VPN client is easy to use and can be customized for your organization. All features are enabled on the firewall with little to no impact on performance. Easy to configure interface on the firewall but also has a command line available for high level admins. Excellent technical support department - very quick response time. Pricing was amazing compared to peers.,Sales team was lacking information (type of licensing, hardware model, etc). Make sure you ask lots of questions.,10,The sales team recommended the wrong product for us initially. It was unable to keep up with the traffic load at our location, even with everything disabled. They resolved the issue by finding the appropriate device for us and giving us a steep discount due to the previous issues. Since switching to the appropriate hardware we have had an increased in availability. No longer experiencing outages or slowdowns due to insufficient equipment,,Cisco ASA and SonicWall TZ,Cisco ASA, Cisco Catalyst, Ubiquiti WLAN,NoA mature security solutionFortinet FortiGate is a mature solution that help us to assure perimeter security of our network. The implementation was pretty easy. We purchased support from the vendor for implementation. The integration with another solution is very easy: SIEM, DLP, proxy. Very user friendly interface and very intuitive. Detailed logs that can be easy send to the SIEM solution.,User-friendly interface Detailed logs IDS and IPS work without any problems Easy to set and manage rules,User documentation can be more detailed FortiClient - the app for VPN connection sometime get errors Another problem we did not find,10,Assure security of our network perimetre Assure compliance with international standards VPN connection for remote administration Prevent and detect counterattacks,,Cisco IronPort Web Security Appliance, MobileIron, ManageEngine Password Manager ProFortinet from a SysAdmin perspectiveFortigate is a very simple solution to deploy and it helps to handle web users and to apply policies to those users according to departments or user's roles. This solution was deployed across the whole organization and it helped to manage limited resources as well as network bandwidth. You can manage resources to power or limit users. You can always define new roles and filter websites accordingly.,Web filtering. It has specific categories to filter web pages. You can always customize them and also create new ones. Security. FortiGate provides a good security to guarantee that no users override the system. You can find different categories where you can filter services. Something like IM, Social Networks, etc. You can also filter ports and create proxy-like routes.,I think that the GUI can be improved to make it friendlier. License fee could be lower. Logs and the information that comes out of it [don't have] much information to debug.,10,Fortinet helps you manage Internet bandwidth and web connections. This tool helps any IT admin to assign resources accordingly depending on the user's roles. You can protect your network from viruses and malware by restricting access to unsecured websites. You can use this tool when you have different networks on your domain.,,Avaya Communicator, Cisco Catalyst,700,4,Web filtering using the website lists Grant different access levels to the web Creating a DMZ in the network,The organization implemented a group of rules to give different levels of access to employees using their job functions.,Allow remote users to log onto the network.,10Fortinet for small businessWe are using Fortinet FortiGate as our firewall for our office as well as its client VPN capabilities for certain users to connect back remotely. The firewall provides some website and antivirus filtering to help keep our network secure without solely relying on desktop antivirus programs. It's critical for some workers to be able to connect back to office resources securely with the client VPN installed on their laptops.,It's a cost effective solution for a smaller business like ours. Consulting companies like the one we bought this thru offer support for the product Performance of the firewall and VPN are good,The VPN client install is not very clear. It includes other features like antivirus that we are not wanting to use but you have to know where to look to prevent that from being installed. Configuring the firewall is a bit complicated. It really helps to have someone familiar with it do that for you.,7,ROI has been good in that we had it installed and configured and haven't had to touch it. The initial cost was reasonable so the total outcome of expense has been good.,SonicWall TZ and SonicWall VPN Clients,Microsoft Office 2016FortiGate ReviewFortiGate is used as our enterprise firewall used across the organization. It addresses securing our network from outside attacks with policy control, antivirus, IPS, application and web filtering.,Their ASIC technology has very high-performance. The hardware is fast. Easy to manage. Rule creation is easy and flexible. Logging is detailed. GUI allows you to add/remove columns to get the detail you want.,There seems to be a lack of quality control with new versions and service pack releases. GUI menus fail to load. Features get pulled out. What's in this release might not be in the next. Random bugs you would not expect to see. Alerting options are not flexible. Very basic and limited options. VPN logging is not very detailed for troubleshooting.,7,The bundled options reduce the need for multiple systems. Firewall segmentation helps meet compliance requirements separating protected data from general data.,Cisco ASA,McAfee Web Gateway, SafeNet Authentication Service (SAS), Trend Micro Deep SecurityBest for office location configurationsFortigate is used by our organization as a firewall and a VPN for our office internet services and some datacenter configurations. We use multiple devices to manage internet traffic and also use it to gain access via VPN to our internet network.,VPN routing. Firewall protection. Traffic management.,Process of updating firmware configurations. Licensing costs could be lower. Having to look for updates for software.,9,Protection from attacks. Protection for stabilizing our internet traffic. Security to see any type of negative traffic by IP.,,Barracuda Web Application FirewallFortinet FortiGate ReviewWe use Fortinet FortiGate as our firewall at all three of our offices. We use the Fortiguard service on the firewalls, which includes anti-malware, intrusion protection and the Next Generation Firewall. Before we added the Fortiguard services we were unprotected against bad actors from around the world trying to brute force our RDP servers. Now I am confident that all of those actors are being blocked/banned at the firewall.,The Fortinet FortiGate firewall software includes a full function graphical user interface that makes firewall administration easy without having to know the command line interface commands. The FortiGate does an excellent job of protecting devices behind the firewall, its integrated Spam, anti-malware and IPS services all work very well. FortiGate licensing costs are reasonable and much more affordable that Cisco's offerings.,The only complaint I have about the FortiGate is the fact that the advanced services like IPS, anti-malware and spam filtering are add-on services. It would be great if they were a part of the firewall offering.,9,The Fortinet FortiGate allows us to meet our business objectives of keeping our data and systems safe from external actors with bad intentions. Without FortiGate I could not rest easy at night knowing the sheer number of attackers trying to access our network on a daily basis. With FortiGate, I sleep like a baby at night.,Cisco ASA,Captora, Microsoft Office 365, Hyper-VFortinet and Fortigate: A force to be reckoned with!Our company decided to switch from Checkpoint to Fortinet as a corporate standard. I've used Fortinet products for the last 10 years, and have been incredibly happy with the ease of use, and support resources are not as hard to find as they are for Checkpoint. Additionally, the integrated SD-WAN in more recent versions made us start running out of reasons why we SHOULDN'T use Fortinet FortiGate firewalls.,Integrated SD-WAN functionality Best in class threat protection Single pane of glass (Instead of three in checkpoint),Breakout switch still required to share ethernet connectivity with redundant pair. CLI could use some improvement but is overall good.,10,Positive: SDWAN functionality as part of the software package was the big win. Positive: Low spend allows our company to put our money to use on other projects. We are big fans of getting more done with less money spent. Positive: Threat detection and prevention is best-in-class.,Check Point Next Generation Firewall and Cisco ASA,Juniper Secure Access SSL VPN, Check Point 4000 Appliances, Cisco ASA, MikroTik Routers and Switches, MikroTik Cloud Router Switch, pfSense, Cisco MDS 9100, Cisco MDS 9500, Ubiquiti Networks UniFi, Ubiquiti WLAN, Ubiquiti Wireless WAN, Ruckus ICX Switches (formerly Brocade ICX Switches)High quality experience of network security and traffic control in a single applianceWe use it as our internal and external firewall. It is also used with all security options, including DDOS protection, in our branches.,Web filtering, which protects the users browsing to non-secure websites Network security between different networks Traffic shaping control for users and applications,Traffic shaping options based more on layer 7, so you could have a more detailed control over the exact sites users are browsing The transition between different major updates More option in fast reports and dashboards A more exact measure of bandwidth to show in dashboard and FortiView,8,Very positive because it helps us reducing cost by avoiding the acquisition of additional network equipment It helps us to easily reach our internal security objectives Bandwidth control,,Cisco Meraki Wireless Access Point, Kaseya Virtual System Administrator (VSA), ManageEngine AssetExplorer, ManageEngine Password Manager Pro,200,2,Security protection WAN links load balance Traffic Shaping,Wan link Load balance and high availability configuration for main ISP connections at the same time in active mode Different ways to apply traffic shaping to the users,Load balancing options Remote site connections,8,Yes,Price Product Reputation Analyst Reports Third-party Reviews,I still will keep it as my option.,Implemented in-house,Change management was a small part of the implementation and was well-handled,Load balance between WANs connections,8,In-person training Self-taught,10,Yes, it was easy, there are a lot of resources in internet that are easy to follow.,9,Fortigate Cookbook it is definitely a good guide to start and follow,Yes - we have customized the interface extensively,No - we have not done any custom code,No,Yes,8,Yes,In some occasion during this year, we experienced a big issue that was causing a degradation in our internet, initially we created several cases requesting support to factory to try to find the origin of the bad internet performance and experience for the users especially in videoconference, after hours of troubleshooting and testing we found that the issue was caused by a security protection of DOS that only was automatically applied during high traffic hours during the day.,Policy creation to allow communication between networks Application traffic Shaping,Make traffic shaping troubleshooting,9,10,10,10,9,10,Additional hour of support in case of an emergency failure or advanced support,No,Yes,New Features available,having access to las network tendencies in market like SDWAN without doing an appliance replacementFortinet Fortigate 110C General ReviewWe're currently working with amaze with a FortiGate 110C, that is our front end Firewall for ISP routing and as a first layer to declare web access policies, anti-spam filtering, IPS, application inventory and to implement fail over policies to warranty the Internet connection to all departments. The UTM Solution from Fortinet brings a bundle package of features that is allowing the company to establish a MAN and an extreme secure VPN layer to deliver to our branch offices the WAN access with incredible ease. I do strongly recommend this quite remarkable Security Solution.,An accurate Web Filtering module that will allow to your IT Staff, leverage the administration of the web access from the end point users. Also will allow to customize the policies through a broad presentation of options, where you can customize or schedule the access to specific web sites. AD & LDAP integration will allow you to sync your DC with the Firewall and set the traffic rules and packages with ease. VPN through SSL Web Portals will simplify the scale of adaptation for final user, allowing a customization of the front end portal, with corporate image.,Improve time for releasing bug fixing. Integrate graphical troubleshoot tools for policies based on devices or user identities, will help IT Sec Admins to answer faster to security breaches. Using CLI reference guides and a better sort options.,9,Renewals are quite decent but if you scale them over 2 - 3 years, I strongly recommend updating the unit after that time, will give the more juice from the FortiOS releases. The initial investment from the FortiGate UTM Solutions will always come with a better bundle license and features, also it's an advantage for those who seek to lower the cost of initial investment to enable specific features. ROI will be seen after the 6th month.,,pfSense, Revit, ProcoreGreat product, at a great price pointThe FortiGate in our environment provides protection across the entire organization. We are using SSL VPN, web filter, antivirus, and application monitoring. I can attest that these functions all work really well, and our FortiGate has had high reliability and configuring it is not a laborious task. The few interactions I have had with support have been great.,Web Filter - with the supplied FSSO utility filtering users by groups or department is simple. Application Filtering - insight into what applications are running have been great SSL VPN - SSL VPN is simple to set up AV - has done a great job catching viruses before ever hitting the internal network,Logging can be a somewhat difficult to dig into Occasionally usernames aren't attached to the computers being filtered,9,There's been minimal downtime Policies are simple to set up, so carving out bandwidth for a specific application is painless,Palo Alto Networks Next-Generation Firewalls - PA Series, Cisco ASA and SonicWall TZ,Windows Server, Ubiquiti Networks UniFi, EMC VNXFortigates are good options for FirewallsWe use Fortigate as our main firewall to protect the network and to establish VPN between 2 sites. We make use of most Fortigate modules and subscription such as anti-spam, anti-virus and Intrusion detection systems. The Fortigates protect our Internal network and the public Wifi we provide to the public. We also take advantage of the Web filtering functionality.,Unified Protection: Having firewall, IDS, Anti-virus and Anti-spam on the same appliance is very handy as you don't need to deploy multiple appliances/solutions User Access Control: Setup Firewall rules based on Active Directory User and Groups help with the constant need for firewall changes, saving the network folks a lot of time. GUI Interface: Very intuitive Management interface, makes the need for CLI changes very seldom,Non-disruptive upgrades on standalone boxes. Not sure if the technology would allow it but it would be great to have. Subscription signatures auto-deployment could affect production traffic. In some circumstances letting Fortigate accept subscription signatures may cause the device to drop traffic,9,Fortigates have an interesting bundle model for support and subscription services that make it an attractive option to deploy Firewall, IDS, Ant-virus, anti-SPAM in a single device. The cost of the bundle is pretty much what you pay for the device, not requiring huge expenditures on it's time to renew the hardware.,Cisco AS5800 Series,Palo Alto Networks Next-Generation Firewalls - PA Series, Microsoft Azure, Amazon Web ServicesFortiGate, a trustworthy UTM and NGFWFortiGate is a gateway firewall in our organization. It is utilized as a UTM. Our network is monitored, analyzed, secured and enhanced by the FortiGate device. Its is utilized across the whole organization. We can secure our network from threats, antivirus, intrusion using the G/W firewall. Cloud based reporting is really a decent feature of FortiGate. QoS, web filtering, AD synchronization, control over applications, SSL/IPSec VPN, and site-to-site IPSec VPN features are utilized by us.,Inbuilt wireless controller, which helps to create wireless VLAN. Its an amazing feature provided by FortiGate. There is no need to pay more for this feature. It is an inbuilt controller. I truly appreciate Fortinet to avail this feature avail within the NGFW and strong managing capabilities. The VPN throughput. Hats' off commitment by Fortinet. The words in data-sheet of FortiGate device means it and proved it. We are using the site-to-site VPN, site-to-client VPN, and my clients are happy with the level of connectivity and responsiveness. Security Fabric. Another legitimate feature proves FortiGate out of the box. All the devices installed in end-point or in network , are well synchronized for playing vital roles to provide security. And they are worthy.,Post Sale Support, I think. It could be improved. The product has amazing features and commitment towards its dedicated performance. The post-sale service might attract more end customers. The user login client application. Currently it is browser based.,10,(Positive) The network is secured. (Positive) As an analyst, I have to convince C level executives regarding protection from threats, intrusion, and productivity of the network resources. And I am achieving all the segments with ease of access. (Neutral) The unavailability of post-sale service requires improvements. But due to the vast community of users and excellent documentation of the product, hides the lack of post-sale service availability.,Sophos Cyberoam and Sonicwall,FortiAP, FortiDDoSFortigate, the bestWe use and recommend Fortinet Fortigate to all our customers as the main firewall at the internet access point of the organization. We use it mainly as a firewall but we also make use of its anti-virus capabilities and as a web filter. The VPN is an additional plus.,fire wall antivirus VPN,GUI wizards price,9,Main ROI is security Difficult to recognize real ROI as you don't know losses incurred without. Fortinet could show clearer which attacks were averted in order to highlight ROI,Check Point 4000 Appliances,Windows Server, Eset Smart Security, Symantec Backup ExecForti-UTMWe use Fortigate across the whole organization. It is used for firewall/IPS/Web filtering.,UTM provides comprehensive security, which is great Easy to use GUI Great support,Site-to-site vpn - would like to configure using wizard. currently, I use manual configuration. Additional reports on web site usage statistics Failover / redundancy,9,Easy to maintain, which means less time spent to monitor URL filtering is great Fortianalyzer is a plus,Cisco ASA,Cisco Application Control Engine, FortiGuard Web Filtering Service,250,2,Geo block URL filtering IPS/Firewall,Web filter bypass Geo block,Automatic failover Redundancy,10,Yes,Price Product Features Product Usability Third-party Reviews,none - happy with Fortigate,Vendor implemented Implemented in-house,Yes,Change management was a small part of the implementation and was well-handled,Before and after network diagram Up to date documentation Tribal knowledge,9,Yes,9,No,We had to come up with a way to block certain web sites for all users but allow it for a few users. support provided a workaround, which worked.,URL filtering Geo block Site to site vpn,Log analyzer Wizard for site to site vpn will be a plus,Yes, but I don't use it,9A FortiGate firewall and UTM appliances reviewFortiGate is a label that Fortinet applies to a really large number of products having a part of shared features.Possible usage scenarios include:VPN GatewaySmall offices connection endpointsEnterprise proxy, firewall and threats management with UTM (Unified Threat Management)Routing and layer 3 managementHigh availabilityVirtualized FortiGates are also an option, and it is something that is interesting for companies with a good virtualization infrastructure.FortiGate is not just a firewall but a full Unified Threat Management (UTM) solution. So, a FortiGate can be used as the single security point to check on security risks like SPAM, infected attachments, spyware and so on).Smaller devices (series 90 and 30) have a limited subset of the above features. The routing and VPN performances are really good too, so a company network could easily use a correctly dimensioned appliance as the core of the layer 3 and routing infrastructure.,FortiOS (Fortinet's network security operating system) is used on all the appliances, so security people are able to move from a smaller device to really large deployments with (relative) ease. Having a single solution used to manage security risks (using the UTM) is really something that reduces complexity of the network administration and deployment. The NAT and routing management that a FortiGate is able to deliver is one of the best I have seen so far. I had to configure really peculiar addressing requests and the FortiOS gave me a range of solutions that made it doable.,The graphical interface of the FortiOS makes it look like an easy to use tool. This perception is true if you are going to do a really limited use of the appliance. However, it could create a false sense of confidence in using something that is really complex. In the past months I know that a few customers were not happy about the quality of the support they received, especially from sales people. If it is true (I have no first hand evidence) it could be an important point to fix. Some of the services and upgrades are costly. I am not saying they are not worth the money, but in a market that is really crowded, cost is a decision factor that could push companies to different platforms.,9,The ROI is usually good, especially if the FortiGate is used as the single solution for multiple security threats. Impact on the company is really much related to the expertise of the solution architect/consultant. So far, the only unhappy users I have seen were the one receiving sub-optimal technical advice.,Cisco ASA and Check Point Next Generation Firewall,Skype for Business, Windows Server, Microsoft Office 365FortiGate - a good all-in-one firewall with some design weaknessesFor customers with 50-200 users we are using FortiGate as the central firewall. That is, internal users are surfing the Internet (URL filtering, antivirus), servers in the DMZ are reached from the Internet, partners are connected via static site-to-site VPNs, and home office users are able to log into the company network via a VPN with two-factor authentication.,Good summary GUI: The basic steps such as adding new policies or users can be done through the GUI. The GUI is fast and has a couple of options. There is a CLI-widget on the dashboard which enables the usage of CLI commands through the GUI - nice. Counters and bars for policies and VPNs: Within the GUI you have several counters of packets/bytes/sessions that make it easy to understand whether some policies of VPNs are functional and in use. Built-In two-factor authentication possibility: You can use a two-factor auth via SMS out of the box. You simply need an email-to-SMS provider and you're done.,Though the GUI is fast, it lacks many options. In many cases, you can only configure the first 20% of options while the other 80% must be done through the CLI. This won't be a problem for experienced (Cisco) admins but it's a challenge for normal IT workers that are not working with FortiGate every day. Separate security policy for IPv4 and IPv6: This is a really bad design because you need to manage two independent security policies! Other firewall vendors have a single policy which can be used for both Internet protocols. No configuration revisions: There is no store for old configuration snapshots. Don't forget to backup the config manually before doing an upgrade! No dedicated out-of-band management plane: FortiGate can only be managed in-line. You must connect to some data ports. (That is: You don't have the possibility to configure a management-only interface with its own default route.),8,From my point of view, FortiGate has the best price-performance ratio. The usage of URL filtering and antivirus is a good (and easy) first step in reducing unwanted traffic for your users. Due to the fast routing capabilities, FortiGate can be used as a LAN segmentation router for smaller locations. No need for an extra router.,Palo Alto Networks PA-3000 Series,Palo Alto Networks PA-3000 Series, Cisco ASA, Tufin
Unspecified
Fortinet FortiGate
88 Ratings
Score 8.9 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

FortiGate Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow'>Customer Verified: Read more.</a>
FortiGate
88 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.9 out of 101
TrustRadius Top Rated for 2019
Show Filters 
Hide Filters 
Filter 88 vetted FortiGate reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-25 of 29)

  Vendors can't alter or remove reviews. Here's why.
Neil Johnson profile photo
June 05, 2019

"Fortinet FortiGate Review"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Fortinet Fortigate is a complex solution to assure the security of your network perimeter. It has a very simple interface with sufficient functionality. We like this tool because it is easy to install, easy to administer, has a good price, and good protection. We would say that Fortinet Fortigate is the best in its class because of its high availability, speed, resilience, and the vendor offers very qualitative support.
  • Very easy-to-use interface
  • Good resilience
  • High availability and speed
  • Easy installation
  • More complex configurations must be done via the console
  • Licensing options can be improved
We use Fortinet FortiGate to assure the security of our network. It's a good IDS/IPS with real-time attack information on dashboards. There are daily reports with a lot of intuitive information. It's a good VPN solution for administrators and for users. We've had no incompatibilities or issues working with any of our equipment. Fortinet is a very good appliance with a very good price.
Read Neil Johnson's full review
Marc-Olivier Turgeon-Ferland profile photo
April 01, 2019

Review: "Everything you need to know about Fortigate before buying it !!"

Score 7 out of 10
Vetted Review
Verified User
Review Source
We use FortiGate mainly for internet gateway and IPS at each of our offices. It offers us IPS, Firewall, VPN and many more features for a competitive price.

We also use Fortigate captive portal with their 2FA (mobile or physical) keys to offer an additional validation before accessing our service backend networks.
  • User authentication inside firewall rules. It is practically seamless and really easy to setup.
  • Management of firewall rules via the GUI.
  • Management of IPS rules via the GUI.
  • Forticlient with SSL VPN causes a lot more problems than it solves. Windows and Mac updates keep breaking the Forticlient and it takes weeks to get updates. Fortigate updates also sometimes break the SSL VPN. Forticlient crashes and the only fix is to restart the computer to restart the VPN driver. We had this problem for 3 years and they still don't have a fix for that. We now use L2TP-IPsec and Cisco-IPsec with Windows and Mac embedded VPN clients because of all that.
  • Memory issues with IPS. We tried all the firmware versions and IPS engines given to us by the Fortinet support and we are still experiencing memory leaks once in a while with the IPS engine. The only provided solution is to restart the IPS engine via CLI.
  • FortiView only works properly if you disable ASIC routing. Their marketing always says that their ASICs is the reason their appliances are better than competition but you can't use it if you want reports or to be able to drill down on network usage.
  • Every time they release a new firmware version, it takes 3-6 revisions for it to be free from major bugs. We are still waiting for a 5.6 revision that will not have major bugs within the features we use.
  • Active-Active clusters do not offer much resilience when problems are software based. If for example the IPS engine has a memory leak, it will not automatically fallback on the other Fortigate, even if the primary one reboots.
  • Everything related to virus, spam and intrusion detection (Forticlient, IPS, mail antispam, etc.) needs a lot of tweaking otherwise you will get a lot of false positive. It is also lacking in the type of actions you can do when those are detected. It is designed more for blocking than anything else.
For the money, even with all the bugs, I think it is the application that offers the most features.

If you need a lot of those features and you are ready to put the time into tweaking your FortiGates, I really think it will give you the most value.

If you have the money to buy the best VPN appliance, the best Firewall, the best IPS appliance and the time to set them with each other then FortiGate is not for you. If money is not the main concern and you only need the best, FortiGate is not for you but I really doubt it will be the case for most.
Read Marc-Olivier Turgeon-Ferland's full review
Adithyo Dewangga Wijaya profile photo
March 10, 2019

FortiGate Review: "Fortinet FIrewalls"

Score 8 out of 10
Vetted Review
Verified User
Review Source
Fortinet's version of throughput is good and It has a strong active cluster, as you can have between three and 32 units to a cluster. The most important factor is that you choose a firewall or UTM solution that fits your organization's security requirements. Begin by determining what business problem you are trying to solve, what technical controls you need to implement (Firewall, IPS, NAC, VPN, endpoint, mobility, web filtering, malware detection, etc.). Then, determine what hardware features you need such as (HA clustering, link aggregation or 10Gb, port density), and what kind of throughput, and how many concurrent connections.
  • Easy to set up
  • 9/10 Customer Service
  • 9/10 Technical Supports
  • Multiple layers of security
  • Security
  • LAN
  • WAN
Variables in TCL scripts via FortiManager
Read Adithyo Dewangga Wijaya's full review
Adrian Cumberbatch profile photo
March 06, 2019

FortiGate Review: "Probably the best Firewall wall."

Score 10 out of 10
Vetted Review
Verified User
Review Source
Our Fortigate is used as the primary network router and IPSec VPN access point. We have a hub [and] spoke setup between the main office and other remote offices. Users also connect to our fortigate to access the network remotely using SSL VPN with the FortiClient software installed on their PCs or using the SSL web portal.
  • SSL VPN works well and is very configurable for controlling access to internal network resources based on user groups.
  • Fortigate also manages our wireless AP and many SSIDs can be created with either WPA or Enterprise WPA with radius for greater security
  • IPSec VPNs easy to configure between fortigate devices but also not that difficult for other IPSec compatible devices
  • Initial learning curve was difficult coming from a Symantec/Raptor background but not a huge deal
Fortigate is well suited where you have multiple internet connections and you want to provide failover for these connections. This can be done by round-robin or in an active-passive mode when an ISP goes down, traffic is automatically routed across the other device without interruption. Users never notice and it saves a lot of headaches. Of course, monitoring should be done from external sources so that you are aware when a link goes down.
Read Adrian Cumberbatch's full review
Shawn Umansky profile photo
February 28, 2019

"Fortinet FortiGate 1500D Series Product Review"

Score 7 out of 10
Vetted Review
Verified User
Review Source
We have two FortiGate 1500D firewalls, one at each datacenter. They are configured as active-passive. All traffic coming and going passes through them for the entire organization. This ensures that all packets to and from users are managed and controlled.
  • Creating and managing access control policies that allow specific traffic in and out of the network. Once you get it set up, it's easy to create new policies, specify ports, and configure IP ranges.
  • Active-Passive failover works well.
  • It generally works pretty well without much care and feeding.
  • Their web filtering module makes it pretty easy to block malicious websites quickly.
  • We tried to roll out the client about five years ago. This is used both for VPN, as well as antivirus/web filtering. Any policies set at the firewall would be automatically pushed to the client and enforced. It was a great idea, but the drive mapping feature never worked consistently in our environment, so we were forced to find alternative solutions for both VPN and antivirus. Too bad, really.
  • We have had a couple times when one of the firewalls would hang for no apparent reason. Support engineers were never able to pinpoint the problem either time. It only happened a couple times.
If you have straight forward needs, this thing is a good workhourse. We are not in the console every day. It is mostly set it and forget it for us. If this is what you need, it's not a bad solution.
Read Shawn Umansky's full review
Mauro Osvaldo Sepulveda Gutierrez profile photo
January 24, 2019

FortiGate Review: "Excelent solution, ease to configure and manage with a low cost"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We have been working with this solution over 5 years and we are very satisfied. We use it for one of our offices and the configuration is very easy and intuitive. You can apply policies by address or by user, the integration with Active Directory is not complicated, the cost of the solution is cheaper in comparison with other vendors and including the same solutions.
  • Ease to configure policies
  • VPN performance
  • Active directory integration.
  • Not so scalable, if you need more performance you need to buy another device
  • The traffic shaper could be better
  • The Wan load balance could be better
Fortigate works pretty well if you choose the correct device based on the number of your users. If you need to apply policies by application this solution can help you. Their other features like web filter, VPN connections, traffic reports, etc work well too. In general terms, the solution is very complete and the cost of this device is cheaper than other vendors.
Read Mauro Osvaldo Sepulveda Gutierrez's full review
Tommy Boucher profile photo
March 05, 2019

FortiGate Review: "Great solution for all budgets"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Fortigate in 3 locations, for a total of 5 units (two locations are clustered). Mainly used as router / NAT, we also use it for a large number of Site-to-Site VPNs. We have also recently started using it as IPS, Antivirus, Webfiltering, etc.

We have many policies, with some schedule, very easy to use.
  • Site-to-Site VPN. Easy to setup, and reliable.
  • Not the best strength of the Fortigate, but very powerful.
  • Firewall Policies. Drag and drop, dropdown, schedule, etc. Simple.
  • NAT publishing is a bit a pain. Need to create virtual service, virtual address, virtual IP, and publish it thru a policy... so many clicks.
  • SSL VPN isn't very reliable, a lot of 98% Connecting issues.
  • Monitoring and Troubleshooting can sometime be a pain.
They have a lot of different models of Fortigate, from simple Wifi router, to very large clustered deployment. It is well suited for almost any scenario.

Both a small office and a large datacenter can use the power of a Fortigate.
Read Tommy Boucher's full review
No photo available
March 06, 2019

Review: "Fortinet FortiGate - Fantastic platform, hardware and service!"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using Fortigate Firewalls at all of our properties, from large campus installs to small branch office locations. We use Fortigate units to route traffic and as a Next Generation Firewall, to allow policy based security at all of our locations. The Fortigate units allow us to secure our networks, while providing a great experience for our administrators
  • Simple but complete GUI allows for easy management.
  • Intuitive CLI allows experienced CLI users from other platforms to come up to speed quickly.
  • Unit comes out of the box with a feature rich logging capability, FortiAnalyzer brings it to the next level and is very easy to install.
  • Licensing is easy to understand, The device is a single line item and support has 2 options 8x5 and 24x7.
  • Fortigate's SSL VPN client isn't available via MSI with an easy options for mass deployment and configuration out of the box. You need to have a Fortinet Developer Network license to create a custom deploy image.
  • Fortinet's after hours support is overseas and is adequate. Not stellar.
Fortinet's Fortigate units are very solid Next Generation Firewalls. In my experience they have done very well both at our branch offices and our Corporate Offices. They are feature packed, the support is fantastic and we've experienced fantastic stability. Anyone with experience managing enterprise class firewalls will have a shallow learning curve moving to the Fortigate units.
Read this authenticated review
No photo available
March 05, 2019

Review: "Fortinet Fortigate - my top choice for medium enterprise networks."

Score 10 out of 10
Vetted Review
Verified User
Review Source
This device is being used across the entire organization. We are using it as our primary Internet facing firewall. It is protecting our network from outside threats and ensuring that the users inside the organization are protected as well. All authorized users have access to the FortiClient VPN software so they can access resources from remote locations.
  • VPN client is easy to use and can be customized for your organization.
  • All features are enabled on the firewall with little to no impact on performance.
  • Easy to configure interface on the firewall but also has a command line available for high level admins.
  • Excellent technical support department - very quick response time.
  • Pricing was amazing compared to peers.
  • Sales team was lacking information (type of licensing, hardware model, etc). Make sure you ask lots of questions.
Our firewall is fantastic. It's very quick and easy to configure. Fortigate offered a lot of assistance during setup so that our downtime when switching was very limited. The technical support team is amazing and have a very quick response time. Compared to it's peers, Fortigate has exceptional pricing for the same or better feature set.
Read this authenticated review
No photo available
May 13, 2019

FortiGate Review: "A mature security solution"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Fortinet FortiGate is a mature solution that help us to assure perimeter security of our network. The implementation was pretty easy. We purchased support from the vendor for implementation. The integration with another solution is very easy: SIEM, DLP, proxy. Very user friendly interface and very intuitive. Detailed logs that can be easy send to the SIEM solution.
  • User-friendly interface
  • Detailed logs
  • IDS and IPS work without any problems
  • Easy to set and manage rules
  • User documentation can be more detailed
  • FortiClient - the app for VPN connection sometime get errors
  • Another problem we did not find
The IDS and IPS solution work great. Identity and prevent attacks is easy. Offenses are very intuitive. The VPN is very good. Easy to set to endpoints. You can easily manage rules and configuration without any deep knowledge. Scheduled reports send to the persons responsible for security is very useful. In conclusion - a mature and stable solution
Read this authenticated review
No photo available
March 16, 2019

FortiGate Review: "Fortinet from a SysAdmin perspective"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Fortigate is a very simple solution to deploy and it helps to handle web users and to apply policies to those users according to departments or user's roles. This solution was deployed across the whole organization and it helped to manage limited resources as well as network bandwidth. You can manage resources to power or limit users. You can always define new roles and filter websites accordingly.
  • Web filtering. It has specific categories to filter web pages. You can always customize them and also create new ones.
  • Security. FortiGate provides a good security to guarantee that no users override the system.
  • You can find different categories where you can filter services. Something like IM, Social Networks, etc. You can also filter ports and create proxy-like routes.
  • I think that the GUI can be improved to make it friendlier.
  • License fee could be lower.
  • Logs and the information that comes out of it [don't have] much information to debug.
Fortinet is well suited for a working environment and when you want to manage how users interact with web services. In this case, Fortinet is doing it very well when it comes to assigning web profiles to users and granting or denying access to specific websites, ports or services (IM, Social Networks, etc.).
Read this authenticated review
No photo available
March 14, 2019

FortiGate Review: "Fortinet for small business"

Score 7 out of 10
Vetted Review
Verified User
Review Source
We are using Fortinet FortiGate as our firewall for our office as well as its client VPN capabilities for certain users to connect back remotely. The firewall provides some website and antivirus filtering to help keep our network secure without solely relying on desktop antivirus programs. It's critical for some workers to be able to connect back to office resources securely with the client VPN installed on their laptops.
  • It's a cost effective solution for a smaller business like ours.
  • Consulting companies like the one we bought this thru offer support for the product
  • Performance of the firewall and VPN are good
  • The VPN client install is not very clear. It includes other features like antivirus that we are not wanting to use but you have to know where to look to prevent that from being installed.
  • Configuring the firewall is a bit complicated. It really helps to have someone familiar with it do that for you.
If you buy it from a consulting company where they can configure it for you it's pretty much a set it and forget it solution. This suits our needs well. If you are constantly tweaking applications or services in your environment you may have to spend a little time getting familiar with its configuration to be able to manage that yourself.
Read this authenticated review
No photo available
March 02, 2019

"FortiGate Review"

Score 7 out of 10
Vetted Review
Verified User
Review Source
FortiGate is used as our enterprise firewall used across the organization. It addresses securing our network from outside attacks with policy control, antivirus, IPS, application and web filtering.
  • Their ASIC technology has very high-performance. The hardware is fast.
  • Easy to manage. Rule creation is easy and flexible.
  • Logging is detailed. GUI allows you to add/remove columns to get the detail you want.
  • There seems to be a lack of quality control with new versions and service pack releases. GUI menus fail to load. Features get pulled out. What's in this release might not be in the next. Random bugs you would not expect to see.
  • Alerting options are not flexible. Very basic and limited options.
  • VPN logging is not very detailed for troubleshooting.
FortiGate offers several sizing options to suit any size organization from small businesses to large enterprises. The licensing options are flexible as well, allowing organizations to choose their level of protection. Options include antivirus, web filtering, DNS filtering, application control, intrusion prevention, anti-spam, web application firewall, and SSL inspection. They also include a cloud sandbox with their offering.
Read this authenticated review
No photo available
June 24, 2019

FortiGate Review: "Best for office location configurations"

Score 9 out of 10
Vetted Review
Verified User
Review Source
Fortigate is used by our organization as a firewall and a VPN for our office internet services and some datacenter configurations. We use multiple devices to manage internet traffic and also use it to gain access via VPN to our internet network.
  • VPN routing.
  • Firewall protection.
  • Traffic management.
  • Process of updating firmware configurations.
  • Licensing costs could be lower.
  • Having to look for updates for software.
Fortinet FortiGate has been great in rate limiting traffic for our offices by IP address when a user is using up a high amount of bandwidth, and also by allowing VPN access to our internal network, as well as protecting us from any type of attacks. It has been great for our multiple locations, but it may be overkill for smaller office setups.
Read this authenticated review
No photo available
February 27, 2019

"Fortinet FortiGate Review"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Fortinet FortiGate as our firewall at all three of our offices. We use the Fortiguard service on the firewalls, which includes anti-malware, intrusion protection and the Next Generation Firewall. Before we added the Fortiguard services we were unprotected against bad actors from around the world trying to brute force our RDP servers. Now I am confident that all of those actors are being blocked/banned at the firewall.
  • The Fortinet FortiGate firewall software includes a full function graphical user interface that makes firewall administration easy without having to know the command line interface commands.
  • The FortiGate does an excellent job of protecting devices behind the firewall, its integrated Spam, anti-malware and IPS services all work very well.
  • FortiGate licensing costs are reasonable and much more affordable that Cisco's offerings.
  • The only complaint I have about the FortiGate is the fact that the advanced services like IPS, anti-malware and spam filtering are add-on services. It would be great if they were a part of the firewall offering.
Fortinet FortiGate is well suited for any sized business to protect its internal network from external forces with bad intents. Common sense and best practices dictate that all private networks should be protected by a firewall, and just as importantly the FortiGuard services add-on (IPS, Anti-malware and spam filtering).
Read this authenticated review
No photo available
February 15, 2019

Review: "Fortinet and Fortigate: A force to be reckoned with!"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Our company decided to switch from Checkpoint to Fortinet as a corporate standard. I've used Fortinet products for the last 10 years, and have been incredibly happy with the ease of use, and support resources are not as hard to find as they are for Checkpoint. Additionally, the integrated SD-WAN in more recent versions made us start running out of reasons why we SHOULDN'T use Fortinet FortiGate firewalls.
  • Integrated SD-WAN functionality
  • Best in class threat protection
  • Single pane of glass (Instead of three in checkpoint)
  • Breakout switch still required to share ethernet connectivity with redundant pair.
  • CLI could use some improvement but is overall good.
Fortigate is amazing when attempting to create an SD-WAN between large or small environments. This alleviates the cost of a high priced SD-WAN platform like Cloudgenix (amazing product, but pricey!), and extends that functionality to SMB clients at a very low cost in models like the 61e. We can get most of our locations online, with redundancy for under $2000.00.
Read this authenticated review
Kewyn Medina profile photo
August 27, 2018

FortiGate Review: "High quality experience of network security and traffic control in a single appliance"

Score 8 out of 10
Vetted Review
Verified User
Review Source
We use it as our internal and external firewall. It is also used with all security options, including DDOS protection, in our branches.
  • Web filtering, which protects the users browsing to non-secure websites
  • Network security between different networks
  • Traffic shaping control for users and applications
  • Traffic shaping options based more on layer 7, so you could have a more detailed control over the exact sites users are browsing
  • The transition between different major updates
  • More option in fast reports and dashboards
  • A more exact measure of bandwidth to show in dashboard and FortiView
Very good in the firewall protection between different networks, and also for external protection. It also gives a really good experience in the browsing protection for users, which keep them safe from unsecured websites.

On the other hand, you could have some issues when you are tracking a user in the forward traffic log because is not easy to troubleshoot or find some browsing information because of the main graphical interface.
Read Kewyn Medina's full review
Victor Arana profile photo
April 24, 2018

"Fortinet Fortigate 110C General Review"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We're currently working with amaze with a FortiGate 110C, that is our front end Firewall for ISP routing and as a first layer to declare web access policies, anti-spam filtering, IPS, application inventory and to implement fail over policies to warranty the Internet connection to all departments. The UTM Solution from Fortinet brings a bundle package of features that is allowing the company to establish a MAN and an extreme secure VPN layer to deliver to our branch offices the WAN access with incredible ease. I do strongly recommend this quite remarkable Security Solution.
  • An accurate Web Filtering module that will allow to your IT Staff, leverage the administration of the web access from the end point users. Also will allow to customize the policies through a broad presentation of options, where you can customize or schedule the access to specific web sites.
  • AD & LDAP integration will allow you to sync your DC with the Firewall and set the traffic rules and packages with ease.
  • VPN through SSL Web Portals will simplify the scale of adaptation for final user, allowing a customization of the front end portal, with corporate image.
  • Improve time for releasing bug fixing.
  • Integrate graphical troubleshoot tools for policies based on devices or user identities, will help IT Sec Admins to answer faster to security breaches.
  • Using CLI reference guides and a better sort options.
FortiGate for large scale solutions with a tight budget can work quite remarkably. Making the right design having all the specs for the network workload, and security areas where the Fortinet UTM solution will be involved can give you the exact model and bundle options needed to make an accurate purchase.

For those IT pros that can save money and use their own resources you can have pfSense Firewall to cover SMB, SOHO offices also for mid size companies 50-99, should work perfect and you will save time money, and training.
Read Victor Arana's full review
Derek Aldridge profile photo
March 16, 2018

FortiGate Review: "Great product, at a great price point"

Score 9 out of 10
Vetted Review
Verified User
Review Source
The FortiGate in our environment provides protection across the entire organization. We are using SSL VPN, web filter, antivirus, and application monitoring. I can attest that these functions all work really well, and our FortiGate has had high reliability and configuring it is not a laborious task. The few interactions I have had with support have been great.
  • Web Filter - with the supplied FSSO utility filtering users by groups or department is simple.
  • Application Filtering - insight into what applications are running have been great
  • SSL VPN - SSL VPN is simple to set up
  • AV - has done a great job catching viruses before ever hitting the internal network
  • Logging can be a somewhat difficult to dig into
  • Occasionally usernames aren't attached to the computers being filtered
Fortinet FortiGate is well suited for SMB, and they offer a suite of products that complement each other very well. There is a lot of flexibility for configuration, as there are command line options, and also a GUI that is fairly intuitive. With the range of appliances that Fortinet offers I'm not sure there is an environment that it wouldn't work in.
Read Derek Aldridge's full review
Artur Bittencourt profile photo
December 19, 2017

Review: "Fortigates are good options for Firewalls"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Fortigate as our main firewall to protect the network and to establish VPN between 2 sites. We make use of most Fortigate modules and subscription such as anti-spam, anti-virus and Intrusion detection systems. The Fortigates protect our Internal network and the public Wifi we provide to the public. We also take advantage of the Web filtering functionality.
  • Unified Protection: Having firewall, IDS, Anti-virus and Anti-spam on the same appliance is very handy as you don't need to deploy multiple appliances/solutions
  • User Access Control: Setup Firewall rules based on Active Directory User and Groups help with the constant need for firewall changes, saving the network folks a lot of time.
  • GUI Interface: Very intuitive Management interface, makes the need for CLI changes very seldom
  • Non-disruptive upgrades on standalone boxes. Not sure if the technology would allow it but it would be great to have.
  • Subscription signatures auto-deployment could affect production traffic. In some circumstances letting Fortigate accept subscription signatures may cause the device to drop traffic
I've only used Fortigates in small and medium environments with multiple locations and the Fortigates work very well. They are usually very low maintenance and easy to upgrade. Creating site-to-site VPNs, as well as SSLVPNs, are very simple on Fortigates. The low-end Fortigates have pretty much the same functionality as the high end and can be managed the same way.
Read Artur Bittencourt's full review
Harshil Gupta profile photo
November 21, 2017

User Review: "FortiGate, a trustworthy UTM and NGFW"

Score 10 out of 10
Vetted Review
Reseller
Review Source
FortiGate is a gateway firewall in our organization. It is utilized as a UTM. Our network is monitored, analyzed, secured and enhanced by the FortiGate device. Its is utilized across the whole organization. We can secure our network from threats, antivirus, intrusion using the G/W firewall. Cloud based reporting is really a decent feature of FortiGate. QoS, web filtering, AD synchronization, control over applications, SSL/IPSec VPN, and site-to-site IPSec VPN features are utilized by us.
  • Inbuilt wireless controller, which helps to create wireless VLAN. Its an amazing feature provided by FortiGate. There is no need to pay more for this feature. It is an inbuilt controller. I truly appreciate Fortinet to avail this feature avail within the NGFW and strong managing capabilities.
  • The VPN throughput. Hats' off commitment by Fortinet. The words in data-sheet of FortiGate device means it and proved it. We are using the site-to-site VPN, site-to-client VPN, and my clients are happy with the level of connectivity and responsiveness.
  • Security Fabric. Another legitimate feature proves FortiGate out of the box. All the devices installed in end-point or in network , are well synchronized for playing vital roles to provide security. And they are worthy.
  • Post Sale Support, I think. It could be improved. The product has amazing features and commitment towards its dedicated performance. The post-sale service might attract more end customers.
  • The user login client application. Currently it is browser based.
No doubt, what a company's system administrator wants from a UTM device. It has everything and the parameters are proven by NSS Labs. The only need is to size the requirement accurately and the consumer will never regret having it. It's a world-class solution and has continuously secured a leading position in Gartner Magic Quadrants.
Read Harshil Gupta's full review
No photo available
November 21, 2017

User Review: "Fortigate, the best"

Score 9 out of 10
Vetted Review
Reseller
Review Source
We use and recommend Fortinet Fortigate to all our customers as the main firewall at the internet access point of the organization. We use it mainly as a firewall but we also make use of its anti-virus capabilities and as a web filter. The VPN is an additional plus.
  • fire wall
  • antivirus
  • VPN
  • GUI
  • wizards
  • price
Any company that takes information security serious should use Fortinet Fortigate as their primary firewall for the first line protection. Likewise, a company with multiple sites should make use of Fortinet Fortigate's tunneling options. If users need to be able to access the office remotely, there is nothing like Fortinet Fortigate's VPN to do so.
Read this authenticated review
No photo available
November 21, 2017

FortiGate Review: "Forti-UTM"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Fortigate across the whole organization. It is used for firewall/IPS/Web filtering.
  • UTM provides comprehensive security, which is great
  • Easy to use GUI
  • Great support
  • Site-to-site vpn - would like to configure using wizard. currently, I use manual configuration.
  • Additional reports on web site usage statistics
  • Failover / redundancy
Great for small-medium companies. Not sure how it will scale for large companies.
Read this authenticated review
Fabrizio Volpe profile photo
June 08, 2017

"A FortiGate firewall and UTM appliances review"

Score 9 out of 10
Vetted Review
Verified User
Review Source
  • FortiGate is a label that Fortinet applies to a really large number of products having a part of shared features.
  • Possible usage scenarios include:
    • VPN Gateway
    • Small offices connection endpoints
    • Enterprise proxy, firewall and threats management with UTM (Unified Threat Management)
    • Routing and layer 3 management
    • High availability
  • Virtualized FortiGates are also an option, and it is something that is interesting for companies with a good virtualization infrastructure.
  • FortiGate is not just a firewall but a full Unified Threat Management (UTM) solution. So, a FortiGate can be used as the single security point to check on security risks like SPAM, infected attachments, spyware and so on).
  • Smaller devices (series 90 and 30) have a limited subset of the above features.
  • The routing and VPN performances are really good too, so a company network could easily use a correctly dimensioned appliance as the core of the layer 3 and routing infrastructure.
  • FortiOS (Fortinet's network security operating system) is used on all the appliances, so security people are able to move from a smaller device to really large deployments with (relative) ease.
  • Having a single solution used to manage security risks (using the UTM) is really something that reduces complexity of the network administration and deployment.
  • The NAT and routing management that a FortiGate is able to deliver is one of the best I have seen so far. I had to configure really peculiar addressing requests and the FortiOS gave me a range of solutions that made it doable.
  • The graphical interface of the FortiOS makes it look like an easy to use tool. This perception is true if you are going to do a really limited use of the appliance. However, it could create a false sense of confidence in using something that is really complex.
  • In the past months I know that a few customers were not happy about the quality of the support they received, especially from sales people. If it is true (I have no first hand evidence) it could be an important point to fix.
  • Some of the services and upgrades are costly. I am not saying they are not worth the money, but in a market that is really crowded, cost is a decision factor that could push companies to different platforms.
FortiGate is well suited for medium/large companies (I suggest it for businesses having 500 or more users). It is a good VPN solution, mail gateway, routing device and (of course) firewall appliance. For a small deployment, it could be overkill (or the smaller devices could be too limited). In a really large enterprise, it is still a great security solution, while for the routing and switching part other competitors could be a better fit.
Read Fabrizio Volpe's full review
Johannes Weber profile photo
April 18, 2017

Review: "FortiGate - a good all-in-one firewall with some design weaknesses"

Score 8 out of 10
Vetted Review
Verified User
Review Source
For customers with 50-200 users we are using FortiGate as the central firewall. That is, internal users are surfing the Internet (URL filtering, antivirus), servers in the DMZ are reached from the Internet, partners are connected via static site-to-site VPNs, and home office users are able to log into the company network via a VPN with two-factor authentication.
  • Good summary GUI: The basic steps such as adding new policies or users can be done through the GUI. The GUI is fast and has a couple of options. There is a CLI-widget on the dashboard which enables the usage of CLI commands through the GUI - nice.
  • Counters and bars for policies and VPNs: Within the GUI you have several counters of packets/bytes/sessions that make it easy to understand whether some policies of VPNs are functional and in use.
  • Built-In two-factor authentication possibility: You can use a two-factor auth via SMS out of the box. You simply need an email-to-SMS provider and you're done.
  • Though the GUI is fast, it lacks many options. In many cases, you can only configure the first 20% of options while the other 80% must be done through the CLI. This won't be a problem for experienced (Cisco) admins but it's a challenge for normal IT workers that are not working with FortiGate every day.
  • Separate security policy for IPv4 and IPv6: This is a really bad design because you need to manage two independent security policies! Other firewall vendors have a single policy which can be used for both Internet protocols.
  • No configuration revisions: There is no store for old configuration snapshots. Don't forget to backup the config manually before doing an upgrade!
  • No dedicated out-of-band management plane: FortiGate can only be managed in-line. You must connect to some data ports. (That is: You don't have the possibility to configure a management-only interface with its own default route.)
FortiGate has a good price performance ratio. That is you get a good all-in-one appliance for accessing the Internet, while allowing/blocking traffic to your servers, using the VPNs, etc. The firewall can also be used as a fast router with only layer-4 policies (port-based), e.g., for LAN segmentation. However, note that the throughput dramatically decreases when advanced features are enabled.
Read Johannes Weber's full review

Feature Scorecard Summary

Identification Technologies (3)
9.7
Visualization Tools (3)
9.7
Content Inspection (3)
9.7
Policy-based Controls (3)
9.7
Active Directory and LDAP (3)
9.7
Firewall Management Console (3)
9.7
Reporting and Logging (3)
9.7
VPN (3)
10.0
High Availability (3)
9.3
Stateful Inspection (3)
9.7
Proxy Server (3)
9.7

About FortiGate

FortiGate, from San Francisco-based company Fortinet, is a firewall option.
Categories:  Firewall

FortiGate Technical Details

Operating Systems: Unspecified
Mobile Application:No