My use cases for Fortinet FortiGate mostly involve perimeter-based security and fire-walling.

I find that Fortinet FortiGate is pretty easy to use and integrated, offering many features in one box at a decent price compared to other enterprise vendors. When I first used it as a one-for-one replacement, the functionality was basically the same, but the ease of use compared to the old solution increased, so I definitely saw benefits immediately.

Fortinet FortiGate could improve by enhancing FortiManager, which is the centralized management system. It has many inconsistencies and errors with respect to pushing policies, especially when we have a large network team that needs to push different rules. Improving the consistency and allowing proper stability with many users managing hundreds of firewalls would be beneficial. Regarding cloud deployment in public cloud, it is less flexible and scalable, and customers need to provide and take care of resiliency, scalability, and redundancy. This could be a future improvement for Fortinet FortiGate to better adhere to cloud philosophies.

I have been using Fortinet FortiGate for approximately 10 years.

The stability and performance of Fortinet FortiGate have been good, as it has been running at the company for quite a few years since we first implemented it.

Regarding scalability, we have hundreds of physical appliances deployed, which are running adequately. However, in cloud deployment such as public cloud, it is less flexible and scalable. Customers need to provide and take care of resiliency, scalability, and redundancy, which could be a future improvement for Fortinet FortiGate to better adhere to cloud philosophies.

I have contacted technical support regarding FortiSwitch integration issues with Fortinet FortiGate. They are good at responding, though I don't need to call support often. For myself, the experience has been good. On a scale from 1 to 10, I would give Fortinet FortiGate's support an eight. I did have some minor issues with the person I talked to, but overall, they were able to resolve the issue.

I have used alternatives to Fortinet FortiGate.

For someone with a network background deploying Fortinet FortiGate for the first time, the switch is very easy and the UI is easy to navigate. However, their CLI is very difficult to learn, though changes and configurations in the UI are very understandable.

For the deployment of Fortinet FortiGate, it depends on the project, but for smaller or even bigger deployments, one person can easily handle it, excluding data center rack installation.

Fortinet FortiGate requires maintenance, including updates and firmware updates to fix bugs and security vulnerabilities. Overall, it runs fine, but it has security vulnerabilities with respect to some features that may have affected its reputation. Keeping up to date is a normal part of having any product vendor, and their upgrade process has been smooth.

I don't necessarily know directly about their pricing, but Fortinet tends to be lower than Cisco based on the separate projects I've been involved with. In general, Fortinet FortiGate has very competitive pricing.

Cisco Firepower is one alternative to Fortinet FortiGate. Comparing both, ease of use is a major difference. Cisco Firepower's ease of use is very poor, with many bugs and issues that made it non-functional - some things break and pushing policies is very slow.

Previously, I was a customer of Fortinet, but now I am also a reseller partner. I rate Fortinet FortiGate 8 out of 10.

Fortinet FortiGate provides combined features. Some firewalls do not provide many features, but Fortinet FortiGate provides them at a reasonable price. Their pricing has been increasing over time. We can have a low-cost solution with all integration supported, providing a full package cost-effective manager. The solution offers SD-WAN capability, web filtering, application filtering, WAF, and authentication features. Most customers use Fortinet FortiGate for internet facility and outbound traffic. They implement it in high availability mode on their data center side and at the perimeter level.

Fortinet FortiGate provides combined features that other firewalls do not offer. The solution offers these features at a reasonable price, though prices have been increasing over time. They provide a low-cost product with all integration supported, offering a full package cost-effective manager. Most customers use Fortinet FortiGate for internet facility and outbound traffic.

When they release security updates, functionality needs to be cross-checked thoroughly. The firmware updates and patch updates for particular issues can affect other features. Patch testing should be more comprehensive before deployment. The solution could be improved compared to higher-end products in the Fortinet FortiGate line.

I have been using FortiGate for more than 15 years.

For stability, Fortinet FortiGate scores eight out of ten with mature versions. However, when dealing with vulnerabilities and security updates, performance can be affected at the application level and other functionalities. With mature OS versions, the stability rating remains above eight, but during vulnerability and security issues, the rating drops to six or seven. This sometimes requires seeking alternative solutions rather than patching.

The customer service is good. They can easily identify issues and provide solutions efficiently when dealing with bugs.

I previously worked with Aruba Instant.

The initial setup is easy to implement.

Implementation was done through an implementer.

FortiGuard is included in the setup. When deploying Fortinet FortiGate, it is recommended to check which functionalities are required and enable only those needed. This approach ensures optimal performance from the Fortinet FortiGate firewall.

There are other providers available such as Sophos that provide similar features at a lower cost. However, for stability, Fortinet FortiGate provides combined features in a cost-effective manner.

The solution is primarily used for data center solutions, specifically for NGFW and authentication. Most customers use Fortinet FortiGate for internet facility and outbound traffic. The SD-WAN features are commonly used for connectivity, and the bandwidth and ISP connectivity performance is good. There have been no issues with VPN connectivity for site-to-site connections. Multiple load balancing mechanisms show good performance. On a scale of 1-10, this solution receives a rating of 8.

The solution is used for protecting offices for outbound traffic.

To be brutally honest, it wasn't my choice of vendor, but it seems to be able to do everything, though its configurations have to be quite specific. This is neither a positive nor a negative aspect, it is simply how the solution functions.

The operational logic is not as straightforward as a Sophos XGS device. When creating rules in the Sophos firewall, they are more intuitive than in the Fortinet FortiGate IPS device. The Fortinet FortiGate IPS device is more complicated.

The solution needs to be simplified.

I have been using Fortinet FortiGate IPS for six months.

The initial setups are acceptable, though I have not been the one implementing them.

The solution is stable.

It is crucial to size your hardware correctly to avoid problems.

The solution serves about five users.

The support package being an additional extra, even with an enterprise package purchase, is pathetic.

Though I haven't had direct experience with support, the fact that it doesn't come by default, which is very misleading compared to other brands, warrants a rating of two out of ten.

A basic setup can be accomplished in a few hours, but significant customization is required to achieve the desired configuration.

I view it from the perspective that making an investment in the product prevents potentially larger costs when something goes wrong.

The solution is more affordable compared to alternatives.

The solution is suitable for small-medium customers, provided they have the ability to set it up.

The implementation has been successful so far.

On a scale of 1-10, I rate Fortinet FortiGate IPS a seven.

We deal with messaging, specifically A2P, P2P, and RCS, a rich communication service.

We use Fortinet FortiGate 500, 600, and 900E, which are mainly used for data center activities.

Fortinet FortiGate has helped us significantly in many ways. Previously, we had multiple data centers interconnected over IPsec tunnels. Each IPsec tunnel was individual, and if that tunnel went down, manual intervention was needed to reroute the traffic to the available path. To avoid such cases, I introduced the SD-WAN concept using ADVPN (auto-discovery VPN). With this solution, I have almost four sites where critical traffic flows, avoiding many impacts. The reason we prefer Fortinet FortiGate SD-WAN is that it enables automatic establishment of the next available VPN if any connectivity goes down, ensuring all hub and spoke connectivity flows through the hub. Using ADVPN, spoke-to-spoke communication is established so that hub bandwidth or hub firewall does not get overloaded.

The best features in Fortinet FortiGate are the SD-WAN, IPsec tunnel, and the SSL VPN. It is very user friendly, and we can integrate multiple underlay links to the firewall. From there, you can manage it, and by using this SD-WAN concept, the device itself will make decisions about which path to take to reach the destination. If there are any issues on the desired path, it will automatically select the best path based on the configuration defined in the SLAs. This feature is particularly impressive. Before introducing SD-WAN, I had perimeter devices such as independent routers where intelligent routing across the underlay links was not possible.

It is very informative and easy to implement. The GUI is very user friendly. Using this solution, we can easily integrate security profiles based on needs and requirements of internal stakeholders to avoid malicious traffic or security-related issues.

When onboarding any Fortinet FortiGate to your production platform with active internet connectivity, the device connects to FortiGuard to fetch all signatures and behavioral patterns based on your security policy. It detects anomalous traffic and packets undergo deep inspection. If there are any anonymous or malicious activities, it immediately blocks them based on defined policy actions and alerts the end user and network administrator via FortiManager or via the cloud.

I don't have any areas for improvement in terms of features. With the introduction of AI/ML, they are performing behavioral pattern checks in terms of security. They have removed the SSL web-based and tunnel-based features, and they are improving in many aspects including the UI. However, throughout this year, their support has been very poor.

We have been using Fortinet FortiGate for more than 10 years.

It's stable. I would rate it a ten out of ten for stability.

It's scalable. I would rate it a ten out of ten for scalability.

We have clients with more than 2,000 users.

Their support needs improvement. When raising a service request on the portal, it normally takes two to three days for a response. Even for production issues, they do not initiate contact. The customer has to call the TAC before they schedule calls, which is problematic.

The deployment is very easy. People who are familiar with Fortinet FortiGate can implement it through CLI and GUI. It is very user-friendly for deploying complex configurations. There is also a tool called FortiExporter, which can convert all configurations from any OEM to Fortinet FortiGate.

It doesn’t require much maintenance. The only maintenance activity required is firmware updates.

We have approximately 84 devices in production, demonstrating our investment in Fortinet FortiGate and its usefulness in many ways.

We have invested almost 60% to 70% in Fortinet FortiGate as we don't have any other firewall apart from it. In some cases where we had Palo Alto, we removed it and purchased Fortinet FortiGate. We are using Fortinet FortiGate as our production firewalls in our organizations, corporate offices, and all locations.

It's economical.

In terms of cost, features, and security, everything is top-notch. I would recommend everyone to use Fortinet FortiGate instead of purchasing expensive firewalls such as Palo Alto and other OEMs. It is more economical and provides more flexibility and granularity in terms of access.

Fortinet is a market leader. It is phenomenal in terms of price and kind of services.

I would recommend Fortinet FortiGate to others. I would rate it a ten out of ten.

My main use case for Fortinet FortiGate is controlling our incoming and outgoing traffic as it's installed in our data center. We're managing all the VPNs, IPsec VPNs, over 48 VPNs with our Fortinet FortiGate. We are also controlling network attacks and threats using IPS/IDS, using web filter, and URL filtering. We are bounding users to access the relevant sites only by using the URL.

Fortinet FortiGate has positively impacted our organization by providing stronger network security as it's a next-generation firewall. The IPS we have blocks known threats and vulnerabilities in real-time. Application control detects and controls thousands of applications, blocks P2P, and limits social media.

SSL inspection scans encrypted traffic, even TLS 1.3 for hidden threats, advanced web filtering, antivirus, and anti-malware. The result is fewer breaches, blocked attacks, better compliance, and simplified and secure WAN connectivity, intelligent link selection based on latency, load balancing across multiple ISPs, and automated failover.

We can run routing protocols very easily, such as BGP. We are using BGP over IPsec VPN for our multiple branches and different stations. We are using BGP over Fortinet FortiGate so it's automated. If one ISP goes down, it will shift automatically without requiring human or network administration involvement. It improves VPN and remote access, including SSL VPN and IPsec VPN as well.

The best features Fortinet FortiGate offers include the SD-WAN, which really stands out, and the comfortable GUI. The IPsec VPN configuration is very user-friendly. Compared to Huawei firewall, Fortinet FortiGate offers more features and is more user-friendly.

In terms of security features, Fortinet FortiGate has Deep SSL/TLS inspection, which is very limited in Huawei NGFW firewall. The AI-powered features in Fortinet FortiGate are more advanced compared to Huawei's basic filtering. The SD-WAN is built-in and mature, while Huawei's support is less feature-rich.

Application control is very granular with signatures, while Huawei is less extensive. The management and usability of Fortinet FortiGate is clean and user-friendly, compared to Huawei's more complex user interface. FortiOS CLI is popular and well-documented, while Huawei, Cisco, and Juniper differ from standards. Fortinet FortiGate offers centralized management through FortiManager and FortiAnalyzer. The reporting, logs, and firmware updates are excellent and stable in Fortinet FortiGate.

Fortinet FortiGate can be improved, specifically in the user interface and UX enhancement. The GUI, especially in older FortiOS versions, can be cluttered or slow. Improvements could make the UI more modern and responsive with a quick dashboard, real-time visibility, health checks, and improved policy editing with bulk changes and better search filters.

Policy management in a large environment becomes complex when managing dozens or hundreds of policies. This could be improved by introducing better policy grouping and tagging for more intelligent policy optimization suggestions, such as unused rules or shadow rules.

The built-in logging and reporting is limited without FortiAnalyzer. Internal reporting tools should be enhanced with graphs, trends, PDF exports, alert-based thresholds, and real-time traffic summaries without requiring FortiAnalyzer, which requires additional payment.

User identity integration with LDAP, AD, and user-based rules can be tricky or limited. Additionally, SSL users cannot change their passwords themselves, which should be included in the OS functionality.

I have been using Fortinet FortiGate for six years.

Fortinet FortiGate's scalability is good, and it can handle our organization's growth and needs as it's expanding.

When choosing Fortinet FortiGate, you must know your network size and use case. Choose a FortiGate model that fits your current network and allows for future growth. For small offices and branches, you can use 40, 48, 40F, and 60F series. For medium offices, 80F and 100F are suitable. For large enterprises, you need 200F, 400F, 600F. For data centers, 1000F is recommended.

It's advisable not to buy a model that barely fits; choose one with headroom for future expansion. Always check key specs based on your needs, such as firewall throughput, threat protection throughput, VPN throughput, maximum concurrent sessions, and ports. Check if you need SFP, PoE, or 10G ports.

Consider the features you actually need, such as SD-WAN, SSL VPN, application IPS, AV scanning, Wi-Fi AP support, or central management. If you need central management, you can use FortiManager. Look for FortiOS version compatibility as the F-series offers clear advantages. Make sure your team can operate and manage it with experienced Fortinet engineers.

My review rating for Fortinet FortiGate is three out of ten.

The main work for Fortinet FortiGate is the SD WAN solution. They have a good SD WAN solution with the FortiAnalyzer and FortiManager. The company has more than one site, forty-five sites, so we need to connect it altogether.

The main feature in Fortinet FortiGate is the SD WAN functionality. Based on my experience, it was very easy to integrate Fortinet FortiGate with SD WAN. The benefits Fortinet FortiGate provides include easy connectivity, user-friendliness, scalability, and easy configuration management.

I believe Fortinet can make Fortinet FortiGate better with reduced costs, free certification, and improved security.

My experience with Fortinet FortiGate is approximately five to six months.

I would rate the stability of Fortinet FortiGate as eight because there are other solutions that are more secure and more capable.

When talking about scalability for Fortinet FortiGate, I would rate it as nine or higher.

We have not needed technical support from Fortinet until now.

We moved to another vendor. We first moved to Cisco firewall, and then about six months ago, we moved to Fortinet FortiGate.

The initial setup for Fortinet FortiGate was simple. We worked with another vendor, and it was easy to configure and migrate with our current infrastructure.

We implemented through a vendor, through a third party.

There is a feature inside Fortinet FortiGate for AI and ML.

The Sophos XG was only for one branch. We mainly have a HQ Cisco Firepower FMC. I believe Fortinet FortiGate is easier.

There is a feature inside Fortinet FortiGate for AI and ML.

It is acceptable for my feedback about Fortinet FortiGate on PeerSpot to be with my personal name as a personal opinion without contact details or company name.

I am interested in being a reference for the vendor for Fortinet FortiGate, and it would be fine if the vendor contacts me with questions about my review.

In the future, I might have colleagues who can provide reviews about Fortinet FortiGate.

We plan to work with Fortinet Unified Sassy. I can recommend Fortinet FortiGate to other users.

I rate Fortinet FortiGate a nine out of ten overall.

I currently work in the automotive industry, providing software for automotive dealers, and we only use Fortinet FortiGate for corporate purposes.

One of the best features of Fortinet FortiGate is how effectively the software is written; the virtual network interfaces significantly outperform Cisco in my project. I didn't need separate switches or load balancers because I was able to resolve internal FQDNs of the load balancers, which was impressive. The centralized management allowed us to manage 50 devices effectively, which I found better than Cisco.

During a recent upgrade from old devices to the latest ones, corporate IT faced challenges as there was no straightforward migration process, requiring many manual steps. I've completed upgrades with Cisco before where the process was simple, but this time it wasn't the case for corporate IT. I also heard that SSL-based VPN will be discontinued, which could be concerning.

I have used Fortinet FortiGate for several years; initially, I brought FortiGate to my previous company during a project.

Integrating SD-WAN capabilities with Fortinet FortiGate is straightforward, with minimal complexity involved.

My experience with Fortinet FortiGate support has been excellent, as I was fortunate to have an office in Vancouver where Fortinet had staff. We worked closely with tech personnel through the project. While I usually don't give perfect scores, the support was great. However, one area for improvement is that many functions can only be accessed via CLI, which has discrepancies between the web interface and direct connection.

I pushed corporate IT to replace SonicWall with Fortinet FortiGate, and now in my current company, we have FortiGate that we recently upgraded to the latest models.

Managing Fortinet FortiGate involves three corporate IT personnel, and although it initially took them quite a while to handle some tasks, I provided scripts that allowed them to work much quicker. What took them a day or two is now a job of just 10 to 15 minutes. Scripting and utilizing Git repositories would make things smoother, and I intended to publish modules for Terraform but haven't had the time yet.

Overall, I would rate Fortinet FortiGate around an eight, as there is always room for improvement.

It is a next-generation firewall used to create policies to allow and deny any traffic. I have used Fortinet FortiGate in the finance sector previously, and we are now using it in the manufacturing side.

In my opinion, some of the best features of Fortinet FortiGate include its ability to block specific applications. For example, if I want to block someone from using Facebook videos, I can disable or use its application control features to block access. Facebook has many components such as video features, chat features, and VoIP calling features, and I can block any of these features to be more granular.

SD-WAN is an excellent feature where you can route the traffic to other WAN links without manual interruption. Technically, you cannot put two default routes on any firewall, but SD-WAN is a feature we can use to divert our traffic from one ISP to another. The impact of SD-WAN on the network performance has been significant. Previously, when we didn't have Fortinet FortiGate, we had Cisco routers where we used manual routing, and if one of the primary links was down, we had to do manual routing. With Fortinet FortiGate, it's much easier as we don't have to do anything; it's already configured, and if something happens, our configuration automatically changes the link and diverts the traffic when one of the links is down.

Fortinet FortiGate can be improved by being more stable because when we look for logs or open a case, we always find a bug and then we have to upgrade it. However, since it's a cost-effective solution, we are satisfied.

I have more than 10 years of experience with Fortinet FortiGate.

Fortinet FortiGate is stable, but it has some bugs, so you have to upgrade it. I would not say it has all the capabilities, but it's good for a manufacturing site.

Fortinet FortiGate is pretty scalable.

I would rate Fortinet FortiGate's support at a seven out of ten because whenever I open a case with their support, I have to explain everything and clarify the background. They take some time—at least a day—to see what's happening with the firewall. The agents aren't much experienced in providing solutions, but it's better than Palo Alto's support, which is the worst.

Previously, we had Palo Alto firewalls which were expensive—the contracts were particularly expensive. Fortinet FortiGate is not that expensive and is more affordable when comparing pricing. Nowadays, firms usually look for cheaper models and solutions, so Fortinet FortiGates are good, but for financial sectors, Palo Alto is better.

The main differences between Palo Alto and Fortinet FortiGate are that Palo Alto has more features and functionality compared to Fortinet FortiGate. Palo Alto can be slow, but Fortinet FortiGate is fast. With Palo Alto, we have to commit and it takes five minutes for the configuration to push, which isn't the case with Fortinet FortiGate.

The initial setup of Fortinet FortiGate is straightforward. The upgrade process is also straightforward.

It's cost-effective.

I would rate Fortinet FortiGate a nine out of ten. If you are looking for a cost effective solution and want to avoid the risk, go with the Fortinet FortiGate.

I use Fortinet FortiGate's data center solution, and I use the AI and ML-enhanced FortiGuard services within FortiGate.

The best features of Fortinet FortiGate are the integration of SD-WAN capabilities with Fortinet Unified SASE. I utilize Fortinet FortiGate's data center solution, and I use the AI and ML-enhanced FortiGuard services within FortiGate.

The ease of use related to Fortinet FortiGate and FortiNAC is a bit complex when implementing and supporting cases related to a FortiGate firewall. The software contains bugs, particularly in SSL VPN from all the firmware starting from version 7.6.3; the SSL VPN is not found in this version. If customers update the firewall firmware to 7.6.3, they might experience issues with the SSL VPN. In FortiNAC, there are issues with the passive agent on an endpoint. I currently conduct lab tests in my company to apply the FortiNAC agent on my endpoint, but I encounter issues with this application.

I have been using Fortinet FortiGate for three years and FortiNAC for one year.

I do not have information about the license costs for Fortinet FortiGate.

I have experience with Fortinet FortiGate and FortiNAC. I need to apply some labs in my company to finalize the project, so I can identify the disadvantage points to share. The interface of Fortinet FortiGate is simplified and easy to use.

On a scale of 1-10, I rate this solution a 7.