4 out of 5.0, Reviewed Oct 6, 2016
Firewalls are in place and functioning properly. However, less granular data is available to Netflow monitoring than with previous solution (Cisco ASA's). Also, logs had to be normalized in order to work with our SIEM.
Look at the other offerings from Fortinet and decide if there are gains to be had from leveraging several of their solutions in tandem. In our case, we had a need for WAP upgrades, VPN upgrades, URL filtering, and AV upgrades. Fortinet offered reasonable cost solutions for each of these and we were able to take advantage of this by replacing several non-integrated solutions with their platform.
The integration between Fortigate, Forticlient, and their other solutions. Cost was also a plus.
Not quite a well known as the Cisco ASA's, we found less consultants who were familiar with this product or that had a deep enough knowledge to deliver what we needed.
Provide more detail via NetFlow to our monitor system. We have lost some details and have had to work to get more information from the system.
I think we would have more familiarity with the management of the product before we implemented. We have a 3rd party managing the firewalls on our behalf, but there are still areas we need to understand more fully in order to maximize our investment and ensure that the 3rd party is effectively managing these for us.
We are using a 3rd party to manage the devices for us, so we do not deal directly with Fortinet for support
5 out of 5.0, Reviewed Sep 28, 2016
The FortiNet technology platform continues to exceed expectations, particularly with the FortiGate Next Generation Firewalls. They are an incredibly stable platform which allows for the implementation of several key security controls in a single appliance. Add FortiAnalyzer for central log management along with FortiManager for central device management and you can manage nearly 100 devices with a very small team. Their US Sales team is one of the best and their Sales Engineers are exceptional. The ROI on their Security technology is most impressive.
If you want to quickly mature your Security Program, this is the best place to start. It's really the foundation of being able to identify, protect, and mitigate current Cyber Security threats.
Easy to manage, effective, and low-cost
Newer firmware versions can be a bit buggy upon initial release. FortiNet is significantly better than Cisco at vetting this, but could still use some improvement.
Improve first level support
Ensure devices are sized right for the organization. It's sometimes easy to oversize or undersize when selecting an appliance.
Excellent platform which handles mutliple security and network controls
Excellent RMA and online services. First level technical support needs some improvement.
Could not have met our deployment deadlines if we were deploying any other security technology
5 out of 5.0, Reviewed Sep 22, 2016
Very strong product. The account team included their engineer is very helpful during our switch over from Cisco/Checkpoint shop to Fortinet product.
It is little difficult to deal with RMA in some country, mostly in middle east.
Very solid product. UTM feature is outstanding. Could improve in the management interface
Support request always deal with in timely matter. RMA some time could be slow depends on which country the device is located.
5 out of 5.0, Reviewed Sep 19, 2016
A very good product, the balance of Price, Performance and Capability and those are the keys to our decision to choose this product. Surely, the product is on our candidate short list for security improvement
Try , do the trial or PoC and learn how the product works and compare in technical terms with other competitors, then you will see how good this product is
Offers capability and features that others dont offer or have within its segments with a good price
The support is good
5 out of 5.0, Reviewed Sep 19, 2016
The sales and support organizations were always working with us through deployments and break/fix situations to ensure smooth operation of the products.
Foster a strong partnership with you Sales team and support organization.
It is easy to use and deploy, and it delivers on the capacity and speeds we need to operate at without sacrificing security.
I would like a common management platform between the FortiGates and the Fortiweb products
I can't really think of a thing. My support and sales team have been the best.
Adopt the technology more widely. The original project was a small Intrusion Prevention deployment. Due to its reliability, our use of the FortiGate firewalls has increased dramatically in size and capability.
The product's ability to provide a high level of security in our transport network without impacting the performance of our critical data flows alows us to be sure of data integrity while meeting the demanding needs of our users and clients.
The ammount of support we have received from Fortinet during the course of our relationship has been far greater than one would expect from the ammount of money we pay for this service. They really do go the extra mile for us.
The implimentation of the original and subsequent deployments were seamless.
5 out of 5.0, Reviewed Sep 16, 2016
Fortinet FortiGate firewalls provide a powerful and affordable enterprise solution that covers a wide range of security needs including web filtering, IPS and threat protection, application control (such as BitTorrent blocking) and antivirus gateways. The company vision is seen in the evolving code capabilities of the platform such as Sandbox integration and signature subscriptions that continually update to meet the threats that we face. None of the competitors can match their price and performance and effectiveness when all of the features and functions we use are taken into account. Today we get more capability for less across our global enterprise. We expect as we virtualize our perimeter into a number of cloud platforms that we will be able to manage a hybrid environment of on-premise infrastructure, virtualized appliances that embed into our software defined network and public cloud platforms.
Look at the business needs first and recognize the fast moving requirements for the company to achieve their goals. The old methods of doing things like IP address and port pairs is inadequate to deal with current and future needs. We see the need for application awareness together with identity awareness to allow the right users to reach the right services as easily as possible.
The FortiGates are built around purpose-built ASICs that deliver very high-performance security features at a very affordable price and integrate perfectly with their FortiGuard subscription based services to offer always up to date protection. This degree of true security architecture vision with performance and economics is unbeatable.
The pricing model has too much dependency on hardware and should focus on the services such that hardware turns are not artificial but based on performance. As an example, after purchasing a three-year hardware/subscription bundle, it should be just as economical to buy extensions as it to upgrade the hardware to a new multiyear bundle. I do believe that Fortinet understands this but that customer are not used to a new services model yet that is not focused on hardware.
Fortinet positions the FortiGate firewall at the center of their vision for tying the whole ecosystem together such as the addition of a Web Application Firewall system (WAF) and Application Delivery Controller (ADC) however the need for SAML support is critical and just being addressed now. As such, they have an important need to partner more closely with their most forward customers to bring those critical features out sooner.
We would adopt FortiGate virtual appliances more quickly for internal network segmentation. Our ability to be comfortable with new capabilities is a function of the time and experience we have with the products.
What doesn't it do? They seem to throw in everything but the kitchen sink. We do not use all of the features but we are slowly adopting more of the features such as experimenting with native IPv6 support in hardware. Some of the features like DLP are rudimentary and if we wanted a full blown DLP solution we would get a dedicated product.
Support is always fast and effective. The only trouble we had was an RMA in China that required us to handle customs documentation.
System integration and deployment have usually gone smoothly. although we usualy have a third party MSSP involved. We have used their professional services consulting when needed for particularly complex migrations.
4 out of 5.0, Reviewed Sep 16, 2016
FortiGates are reliable and reasonably easy to support, provide decent security/detection value in the UTM role. Advice: Start using the FortiManager exclusively when deploying because it's very hard to retrofit it on if you have been managing any devices individually. The FortiAnalyzer is a half decent mini-SIEM specific to Fortigates, but if you have a well configured SIEM with enough capacity to manage the FortiGate logs, you could probably skip having it.
Make sure you are prepared to automate your management of any significant number of these things. If not via the FortiManager, then write good SSH scripts in their CLI for your common operations (e.g. blocking new malicious/phishing websites our intel detects).
The Application Control feature is a fascinating view into the real uses of the network traffic passing through, a view you do not get merely trying to look at Layer 4 indicators.
They don't write the best/most exhaustive documentation. Trying to learn how their CLI language works from their documentation is pretty difficult. What they have is ok, but it needs to go further.
Deploy using the devices integrated into the FortiManager and only making changes through it right out of the gate.
4 out of 5.0, Reviewed Jun 15, 2016
We have had great feedback from the design and implementation teams. We have better insight into the environment with enhanced data feeds allowing better decision making and availability.
Proof of concept is very strategy to ensure interoperability.
More advance features than found in competitive products.
We desire higher level of integrated services for managing incidents.
I can't think of anything that I wish we could have done differently.
We started with the edge of the network and plan to integrate at the datacenter level.
1 of 1 peer(s) found this review helpful.
5 out of 5.0, Reviewed Jun 13, 2016
Fortinet was extremely helpful in the design of internal gateway and enclave implementation of the FortiGate product. Everything has been working superbly.
Don't write off Fortinet just because they don't advertise their products very well.
Excellent updating process and superior gateway functionality.
Add new WAPS at the same time.
FortiGate is a superior internal platform even though it wasn't designed to be one.
Everything updates per schedule. No missed updates. FortiOS updates are usually without any deployment issues.
What can I say? It took about a week to properly configure in the two primary roles and the additional services were excellent.
3 out of 5.0, Reviewed Jun 13, 2016
We didn't have good experience with FortiClient for VPN, it seems the product is not mature and has too many issues, their support system too slow to answer the question. Overtime, this product might be a good choice but currently, i would consider with caution.
make sure to get your requirement up front and ask specific question about your requirement and make sure POC.
easy to use.
buggy and lots of implementation issue.
Provide better understanding of their product capability and short fall, not telling us "we never use the product this way"
if I do it again, I would better compare between different product within space.