A FortiGate firewall and UTM appliances review
June 08, 2017
A FortiGate firewall and UTM appliances review
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Fortinet FortiGate
- FortiGate is a label that Fortinet applies to a really large number of products having a part of shared features.
- Possible usage scenarios include:
- VPN Gateway
- Small offices connection endpoints
- Enterprise proxy, firewall and threats management with UTM (Unified Threat Management)
- Routing and layer 3 management
- High availability
- Virtualized FortiGates are also an option, and it is something that is interesting for companies with a good virtualization infrastructure.
- FortiGate is not just a firewall but a full Unified Threat Management (UTM) solution. So, a FortiGate can be used as the single security point to check on security risks like SPAM, infected attachments, spyware and so on).
- Smaller devices (series 90 and 30) have a limited subset of the above features.
- The routing and VPN performances are really good too, so a company network could easily use a correctly dimensioned appliance as the core of the layer 3 and routing infrastructure.
- FortiOS (Fortinet's network security operating system) is used on all the appliances, so security people are able to move from a smaller device to really large deployments with (relative) ease.
- Having a single solution used to manage security risks (using the UTM) is really something that reduces complexity of the network administration and deployment.
- The NAT and routing management that a FortiGate is able to deliver is one of the best I have seen so far. I had to configure really peculiar addressing requests and the FortiOS gave me a range of solutions that made it doable.
- The graphical interface of the FortiOS makes it look like an easy to use tool. This perception is true if you are going to do a really limited use of the appliance. However, it could create a false sense of confidence in using something that is really complex.
- In the past months I know that a few customers were not happy about the quality of the support they received, especially from sales people. If it is true (I have no first hand evidence) it could be an important point to fix.
- Some of the services and upgrades are costly. I am not saying they are not worth the money, but in a market that is really crowded, cost is a decision factor that could push companies to different platforms.
- The ROI is usually good, especially if the FortiGate is used as the single solution for multiple security threats.
- Impact on the company is really much related to the expertise of the solution architect/consultant. So far, the only unhappy users I have seen were the one receiving sub-optimal technical advice.
When you talk about firewalling, the competitors are the usual big names (Cisco and Check Point). Both of them are (in my opinion) more costly and more complex to manage. If we talk about other security threats, as I said, having one device able to do (almost) everything is a really good scenario. Usually, the competitors use different appliances/solutions for the different security related features, which could create the requirement for a lot of additional work (just for updating and monitoring, for example).