5 out of 5.0, Reviewed Sep 22, 2016
Very strong product. The account team included their engineer is very helpful during our switch over from Cisco/Checkpoint shop to Fortinet product.
It is little difficult to deal with RMA in some country, mostly in middle east.
Very solid product. UTM feature is outstanding. Could improve in the management interface
Support request always deal with in timely matter. RMA some time could be slow depends on which country the device is located.
5 out of 5.0, Reviewed Sep 16, 2016
Fortinet FortiGate firewalls provide a powerful and affordable enterprise solution that covers a wide range of security needs including web filtering, IPS and threat protection, application control (such as BitTorrent blocking) and antivirus gateways. The company vision is seen in the evolving code capabilities of the platform such as Sandbox integration and signature subscriptions that continually update to meet the threats that we face. None of the competitors can match their price and performance and effectiveness when all of the features and functions we use are taken into account. Today we get more capability for less across our global enterprise. We expect as we virtualize our perimeter into a number of cloud platforms that we will be able to manage a hybrid environment of on-premise infrastructure, virtualized appliances that embed into our software defined network and public cloud platforms.
Look at the business needs first and recognize the fast moving requirements for the company to achieve their goals. The old methods of doing things like IP address and port pairs is inadequate to deal with current and future needs. We see the need for application awareness together with identity awareness to allow the right users to reach the right services as easily as possible.
The FortiGates are built around purpose-built ASICs that deliver very high-performance security features at a very affordable price and integrate perfectly with their FortiGuard subscription based services to offer always up to date protection. This degree of true security architecture vision with performance and economics is unbeatable.
The pricing model has too much dependency on hardware and should focus on the services such that hardware turns are not artificial but based on performance. As an example, after purchasing a three-year hardware/subscription bundle, it should be just as economical to buy extensions as it to upgrade the hardware to a new multiyear bundle. I do believe that Fortinet understands this but that customer are not used to a new services model yet that is not focused on hardware.
Fortinet positions the FortiGate firewall at the center of their vision for tying the whole ecosystem together such as the addition of a Web Application Firewall system (WAF) and Application Delivery Controller (ADC) however the need for SAML support is critical and just being addressed now. As such, they have an important need to partner more closely with their most forward customers to bring those critical features out sooner.
We would adopt FortiGate virtual appliances more quickly for internal network segmentation. Our ability to be comfortable with new capabilities is a function of the time and experience we have with the products.
What doesn't it do? They seem to throw in everything but the kitchen sink. We do not use all of the features but we are slowly adopting more of the features such as experimenting with native IPv6 support in hardware. Some of the features like DLP are rudimentary and if we wanted a full blown DLP solution we would get a dedicated product.
Support is always fast and effective. The only trouble we had was an RMA in China that required us to handle customs documentation.
System integration and deployment have usually gone smoothly. although we usualy have a third party MSSP involved. We have used their professional services consulting when needed for particularly complex migrations.
4 out of 5.0, Reviewed Jun 15, 2016
We have had great feedback from the design and implementation teams. We have better insight into the environment with enhanced data feeds allowing better decision making and availability.
Proof of concept is very strategy to ensure interoperability.
More advance features than found in competitive products.
We desire higher level of integrated services for managing incidents.
I can't think of anything that I wish we could have done differently.
We started with the edge of the network and plan to integrate at the datacenter level.
1 of 1 peer(s) found this review helpful.
5 out of 5.0, Reviewed Jun 13, 2016
Fortinet was extremely helpful in the design of internal gateway and enclave implementation of the FortiGate product. Everything has been working superbly.
Don't write off Fortinet just because they don't advertise their products very well.
Excellent updating process and superior gateway functionality.
Add new WAPS at the same time.
FortiGate is a superior internal platform even though it wasn't designed to be one.
Everything updates per schedule. No missed updates. FortiOS updates are usually without any deployment issues.
What can I say? It took about a week to properly configure in the two primary roles and the additional services were excellent.
3 out of 5.0, Reviewed Jun 13, 2016
We didn't have good experience with FortiClient for VPN, it seems the product is not mature and has too many issues, their support system too slow to answer the question. Overtime, this product might be a good choice but currently, i would consider with caution.
make sure to get your requirement up front and ask specific question about your requirement and make sure POC.
easy to use.
buggy and lots of implementation issue.
Provide better understanding of their product capability and short fall, not telling us "we never use the product this way"
if I do it again, I would better compare between different product within space.
4 out of 5.0, Reviewed Feb 1, 2016
Fortinet surprised us with the degree of functionality in the new centrally managed Fortclient. We debated using it over the years but the lack of management made it a no go. The new client has the normal A/V engine you would expect, but adds a dynamic feedback loop between the client, their firewalls and the FortiSandbox that moves it into some interesting territory. Add to this the VPN capacity and it is now poised to become a central part of our defense in depth.
Give Fortinet's quiet, consistent moves a close look. Forticlient works well for us do to having their enterprise firewalls in place. We went into a hardware refresh convinced the outcome would be Palo Alto, but Fortinet won us over during the proof of concept testing.
Fortinet has shown us that they have some very informed, smart operators some where in the back office. The new, centrally managed Forticlient works in concert with their sandbox and the firewalls to create a continuous feedback loop. Once an email based attack via malicious attachments is detected the clients are quickly updated to prevent it from executing. While this isn't as cool as Cylance, in the long run it is more useful. Having their Sandbox in a local environment also means we're not totally dependent on vendor cloud connections.
I wish we could input file hashes. If they do that then much of the need for Carbon Black goes away.
More clearly communicate your roadmap and reach out to existing customers.
Our company is cost conscious and though we were willing to spend more for Palo Alto if necessary, we didn't have to. Fortinet matched Palo Alto, Checkpoint and Cisco in every facet of our evaluation. Fortinet was so aggressive in wanting our business that in the end we were able to license more feature such as FortSandbox, and virtual licenses needed to create a QA lab to test new code versions.
I'd give it a 5 but Fortinet does require having skilled people on the back-end. In fact they all do, but there is flexibility in Fortinet that makes it essential.
5 out of 5.0, Reviewed Dec 8, 2015
FortiNet products are priced right with great performance.
Implementation requires highly skilled people.
Stable and reliable product.
Fragile nature to upgrade (sometimes it is better to wipe the device and install newest version instead of upgrading in place).
The analytics product is a great concept, but difficult to generate customer reports easily.
Upgrading between major releases takes great care and some of the functions may work differently. The differences or areas to focus are not well documented.
The features serves our purpose well.
I always had a good experience on support issues. All first level/initial contacts are entry level but when you get to the highly technical folks, they are great.
The initial integration was nearly seamless.
4 out of 5.0, Reviewed Dec 7, 2015
I am very satisfied with the product till date.
Conduct a POC where ever possible to see how the product performs within your environment.
The device performs extremely well. The various services (IPS/Appliction Control/Antivirus etc) that you can enable, do not impact the overall performance of the device due to the hardware architecture. (multiple ASICS)
Some advanced features can only be enabled via the command line interface. However, many organizations may not use these features, so it may be a non-issue.
We currently do not have any challenges with the vendor.