What is our primary use case?
We use FortiGate for security.Some clients use the whole Fortinet solution, including FortiSwitch, FortiAP, and FortiExtender, butFortiGate is mybread and butter.
We have ahybrid deployment. A lot of it is onsite, andwe have data center collocations. Somecustomers docollocations with us, but others request connectivity to Azure or another cloud services provider. Fortinet has plugins forAzure, AWS, or Google that make it easy to configureVPNs out of the data center or off-site.
Typically, westick with Azure because their support is better,but we do have a handful of customers that choose AWS.We have the solution deployedacross Canada. One of our biggest customers isa retail company with manylittle stores under their umbrella. We cover everything fromBritish Columbia to a couple of sites in Newfoundland. I estimate that we have around1,200 users.
How has it helped my organization?
We need to allow a set of websites or block another set.FortiGate gives us theability to do it based onURL domain. It's so mucheasier because you input the domainmicrosoft.com instead of adding the specificURL. Other firewalls can't do that the wayFortiGate does. It helps us withcompliance and security.
What is most valuable?
FortiGate's web and URL filtering are unlike anyother firewall I've used. The functionality of URL filtering in those solutionsis problematic because everything is encrypted, and firewalls can't break that encryption protocol.
Fortinet has anSSL proxy, sothe encryption is done before the packet ever leaves the FortiGate. The URL filter is definitely one of the most helpful features.
What needs improvement?
My only complaint aboutFortiGate is a lack ofQinQ VLAN tunneling. I haven't found this feature in any Fortinet product. You can do this onall Cisco routers, including the smaller models. However, QinQ isn't available onthe biggest, most expensive Fortinet units.They still don't have that. I think now we're on software version 6.0, and they still haven't found a solution for QinQ. It isn't a dealbreaker, but that's my main complaint.
Free Report: Fortinet FortiGate Reviews and More
Learn what your peers think about Fortinet FortiGate. Get advice and tips from experienced pros sharing their opinions. Updated: February 2023.
677,200 professionals have used our research since 2012.
For how long have I used the solution?
I've been using Fortinet solutions for about four or five years now.
What do I think about the stability of the solution?
I think FortiGate isgoing to be around forever. If I don't see their stock price double in the nexttwo years, I'm going to be surprised. I think it's a very underrated solution.
What do I think about the scalability of the solution?
Scaling up only requires adding a router. Once you have your network in place and a basic template, you buy another router and add it to the mix. It's incredibly easy to add and configure devices.
How are customer service and support?
I rate Fortinet support 10 out of 10.The support gets better as you get more certifications. I'm trying to get my certification to see how much better it can be. With an NSE 7 certification, you can contact Tier 3 support directly. I'm already getting my cases resolved in 24 to 48 hours usingTier 1 and 2 support.
Which solution did I use previously and why did I switch?
We used Juniper firewalls in the past. The two solutions are similar in terms of features, butFortinet blew it out of the waterwith regards topricing and user-friendliness.
The main difference is CLI versus GUI. You have to know what you're doing on a Juniper because it's all command-line based, but Fortinet is 99 percentGUI-based. You log in to Fortinet and check off what you want toallow or block.
How was the initial setup?
Our biggest Fortinet solution was 500 plus retail sites. This customer chose the whole nine yards, includingFortiGate, FortiSwitch, FortiAPs, and the FortiExtender, which is the LTE router.
I made the templates for the configuration for our bottom tiers because they were the ones rolling them out. I made a standard template config and wrote notes specifying necessary changesfor each site.
The primary difficulty wastrying to understand our customer's requirements and concerns because they were with an old provider. The provider had a lot of things on-site that weren't necessary. Deploying the Fortinet solution itselfwasn't hard.
Getting there was hard because we had to sitdown with the customer and their tech team to determine whatwas needed because they had old Cisco routers. That took about three weeks and required alot of on-site visits, but it wasn't hard to deploy thesolution once we got an understanding of the requirements was not hard.
We trained the customers to manage and maintain the solution themselves.The only maintenance we do is emailingthem monthly when we get notifications from Fortinet about router upgrades. You can configure it and then forget it.
What about the implementation team?
We are the integrator/consultant for the solution. We are the one in between the client and theinternet service provider.
What was our ROI?
FortiGate firewallspay for themselves. We bought our first FortiGate when they came out with the 50Fs and thought we would never see the return on investment. However,they paid for themselves because we rent them out, and customers loved them so much that we just retired our Juniper andCisco solutions.
What's my experience with pricing, setup cost, and licensing?
Fortinet's pricing is more straightforward than other solutions.If Fortinet doesn't stick out when you're searching for a solution, you are a glutton for punishment. You only need to know two things when purchasing aFortinet solution: your total bandwidth and bandwidth at the site. Youneed to estimate the futurebandwidth with other solutions if your customer plans toupgrade.
You have to consider whether you'll need to resell your licenses or wait until they expire and get new ones. You need to worry aboutout-of-pocket costs with other solutions, butyou could pay for a higher-tier Fortinet license. You don't need toworry about it for 10 years and still be under budget.
Fortinet encourages people tobuy their base product and then add what they need. That mentality goes a lot farther in the game because it affords people security. That's how they got into the market and became so competitive.
Which other solutions did I evaluate?
We evaluated Meraki,Dell's old SD-WAN, and Cisco's Viptela. Price andflexibility were the main factors. Viptela, Juniper, and others make it so hard to pick a solution. You have to be highly specific about what you want, includingthe amount of bandwidth and encryptionlevel at every site. You haveto pick a different router per site, depending on your functionality and requirements.
What other advice do I have?
I rate FortiGate 10 out of 10. It's a tremendous little firewall. It takes care of all your security concerns. When people say, "I need to make my organization more secure," the first thing that comes to mind is Fortinet.Everyone is talking about Cisco, Juniper, Palo Alto, and Check Point but overlooking Fortinet, which is a relatively new player in the game.
Fortinet's next-generation firewall is more affordable anduser-friendly. They also have an extensive knowledge base online. Good luck finding that community support on a Palo Alto, Cisco, orJuniper website without paying.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
Flag as inappropriate