Overall Satisfaction with Fortinet FortiGate
We use Fortigate as our main firewall to protect the network and to establish VPN between 2 sites. We make use of most Fortigate modules and subscription such as anti-spam, anti-virus and Intrusion detection systems. The Fortigates protect our Internal network and the public Wifi we provide to the public. We also take advantage of the Web filtering functionality.
- Unified Protection: Having firewall, IDS, Anti-virus and Anti-spam on the same appliance is very handy as you don't need to deploy multiple appliances/solutions
- User Access Control: Setup Firewall rules based on Active Directory User and Groups help with the constant need for firewall changes, saving the network folks a lot of time.
- GUI Interface: Very intuitive Management interface, makes the need for CLI changes very seldom
- Non-disruptive upgrades on standalone boxes. Not sure if the technology would allow it but it would be great to have.
- Subscription signatures auto-deployment could affect production traffic. In some circumstances letting Fortigate accept subscription signatures may cause the device to drop traffic
- Fortigates have an interesting bundle model for support and subscription services that make it an attractive option to deploy Firewall, IDS, Ant-virus, anti-SPAM in a single device. The cost of the bundle is pretty much what you pay for the device, not requiring huge expenditures on it's time to renew the hardware.
Fortigate is a lot easier to configure and manage than a Cisco ASA Firewall. Fortinet feels a lot more intuitive and easier to configure than Cisco. Fortinet is a lot more innovative and have easier to use products.