We just raised a $30M Series A: Read our story
ZM
Solutions Architect at a computer software company with 5,001-10,000 employees
Real User
Top 5
Integrates well, provides centralized reporting, good support and has a firewall for security

Pros and Cons

  • "The most valuable features of this solution are the integration within the environment, with centralized reporting."
  • "Compatibility and integration with other products or vendors such as Cisco SD-WAN products need improvement."

What is our primary use case?

We are service providers, and we provide managed services to external customers.

The primary use case of this solution is for firewalling, web applications, and proxying.

We use all of the UTM (Unified Threat Management) features that come with this product.

What is most valuable?

The most valuable features of this solution are the integration within the environment, with centralized reporting. 

One analyzer and the different devices feeding into that environment. 

The firmware is always up-to-date.

What needs improvement?

Compatibility and integration with other products or vendors such as Cisco SD-WAN products need improvement.

The multi-tenancy environment for multiple customers, to make it more secure, needs some improvement.

When you buy a bigger box, you should have the ability to slice and dice data. It should also have the ability to give customers either read and write or more privileged access to that environment. Specifically, to the environment that doesn't overflow into the other parts that have been sliced up.

I would like to see a type of portal for on-site deployment, where they can report into a cloud portal and have a high-level view of utilization. Basic indicators on the performance of the environment, including health status, should be displayed.

For how long have I used the solution?

I have been using this solution for approximately six years.

What do I think about the stability of the solution?

We are completely satisfied with the stability of this solution.

What do I think about the scalability of the solution?

Because we're sitting on a multi-tenant type of setup the scalability will depend on the customer's ability to upgrade.

Externally we have several customers that range from government to enterprise clients that use the product and we manage the backend. 

The number of users can range from a site that has 100 users to a site that has 2,000 to 3,000 users.

With the multi-tenant environment, we are able to use resources from multiple accounts. 

We run a 24/7 operation with various requirements, and have a team of 15 to 20 to maintain this solution.

We have plans to increase the usage as the requirement increases for more secure environments with more advanced features or other features within the security space. We would go from a standard firewall to maybe a web application firewall, or to authentication with the two-factor type of services.

How are customer service and technical support?

Technical support is good. We work through a distributor and it's just a matter of a phone call to explain what needs to be done or a feature that we need to enable, and within an hour or two they come back to explain what has to be done.

They also give advice going forward with what to deploy.

How was the initial setup?

The initial setup is fairly straightforward.

The implementation varies from being complex to being straightforward. It can take two to three weeks to implement with some tweaking afterward.

What about the implementation team?

Part of the implementations comes with professional services from Fortinet themselves. In most cases, if it's a new version or a new deployment, we typically get the implementation services from a service provider rather than the vendor.

What's my experience with pricing, setup cost, and licensing?

We have clients with three-year licensing and others with five. 

It's not a cheap solution but it comes with its benefits.

It's all bundled. When we purchase this product, it is bundled with a support license for that period.

What other advice do I have?

With our clients, there is a range of Fortinet FortiGate versions, anything from FortiGate 60E to FortiGate 3700D. 

Management connects to a FortiAnalyzer, and we have application firewalls as well.

We have a centralized data center where we have a combination of customers with on-premises equipment. This includes small devices to secure the customer's environment, and larger devices at the data center, specifically for our customers.

We try to build our services around Fortinet products.

We prefer to work with Fortinet products based on what we have learned from the Gartner Magic Quadrant, and I recommend them.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
EB
Engineering Manager at Primatel Communication Snd Bhd
Real User
Top 20
More scalable than the hardware version

Pros and Cons

  • "Fortinet-VM is more scalable than the hardware version. If you're using an appliance, there are limitations in terms of hardware specs. So if you want a more scalable firewall, you can get a VM and install it on a high-end server."
  • "To improve FortiGate-VM, Fortinet needs to harden it more. For example, if you are using Hyper-V, then you need guidelines for hardening FortiGate-VM that are specific to the Hyper-V environment. If it's VMware, there should be at least a guideline on how to harden the firewall."

What is our primary use case?

We're using FortiGate-VM on-prem for our firewalls. The Fortinet component in the cloud is FortiGuard. We get our virus definitions regularly updated from the cloud, but the FortiGate firewalls are all on-prem. While the virtual firewalls are created inside the physical firewall, there is an option for a virtual machine firewall where we'll give you the VHD file, and you can install it to a server.

Virtual machines aren't widely used in Brunei because the Brunei government isn't ready for these things yet. They're more confident in hardware, but everything is slowly starting to head in this direction. Others are watching what will happen when people use the apps before they try them.

How has it helped my organization?

Some customers prefer VM, especially those customers already leveraging the virtual machine environment. Typically, they don't want to spend on the hardware because they already have all these VMs, so they choose the VM option. But in most deployments, they still prefer the hardware for their firewall because it's already hard-coded.

What needs improvement?

To improve FortiGate-VM, Fortinet needs to harden it more. For example, if you are using Hyper-V, then you need guidelines for hardening FortiGate-VM that are specific to the Hyper-V environment. If it's VMware, there should be at least a guideline on how to harden the firewall.

For how long have I used the solution?

We've been working with FortiGate-VM since 2010.

What do I think about the scalability of the solution?

Fortinet-VM is more scalable than the hardware version. If you're using an appliance, there are limitations in terms of hardware specs. So if you want a more scalable firewall, you can get a VM and install it on a high-end server. From there, you have more leverage on how many virtual firewalls you want to create based on that VM. In other words, it's already fixed hardware in the appliance — it's already hard-coded in the appliance. So if you are using a VM and installing it on a high-specs server, then your machine has much higher performance in packaging all these policies and all these hardware security features. 

How are customer service and support?

We proved the frontline support for our client organizations or customers. So far we are satisfied with Fortinet support. We have currently have Fortinet-certified engineers in our company, so we don't have to contact support unless it's a complex issue. We have an NSE7-certified engineer, so we are quite confident with our deployment now.

How was the initial setup?

FortiGate-VM setup is pretty straightforward. It depends on the implementation size, but it takes a week for an organization of around 100 users. Normally Fortinet helps their customers with deployment and post-deployment adjustments, so you don't have any problems. If anything goes wrong, Fortinet is there to support you. 

What's my experience with pricing, setup cost, and licensing?

Like most similar products in the market, Fortinet's enterprise customers need to pay for annual support. They call it FortiCare, and it's direct support from Fortinet. FortiCare is renewed annually and covers support for new releases, purchases, and updates. 

What other advice do I have?

I rate Fortinet FortiGate-VM eight out of 10. However, based on experience, we usually don't recommend using VM firewalls. We still prefer using a hardware-based firewall when that's appropriate. It depends on your needs and the size of your user base. With FortiGate-VM, you can control the size of your firewall if you're using VMs. But on the other hand, if you are using Microsoft Hyper-V, you need to address all these vulnerabilities of Microsoft. And if you're using VMware, then you need to deal with VMware's vulnerabilities. The hardware version of FortiGate has already been hardened based on FortiGate standards. That's the main difference between the FortiGate appliance and FortiGate-VM.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Fortinet FortiGate-VM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,305 professionals have used our research since 2012.
SegunIyanda
Software Developer/ IT Analyst at AIICO Capital Limited
Real User
Top 5
Good encryption detection, good administration capabilities, and one of the best on the market overall

Pros and Cons

  • "In terms of administration, it's perfect."
  • "The interface needs to be updated and simplified."

What is our primary use case?

We primarily use the solution for LAN connections.

What is most valuable?

The solution has similar attributes to other competitors. 

The encryption detection is good.

In terms of administration, it's perfect.

What needs improvement?

The encryption detection could be improved. In my opinion, I think Sophos has better encryption detection than this solution.

The security of the solution could be better.

The interface needs to be updated and simplified.

The management could be more in-depth or clear. 

For how long have I used the solution?

I've been using the solution for close to a year now. I've also been working with Fortigate's firewall solution for about two and a half years.

What do I think about the stability of the solution?

We haven't faced any issues with stability since I've been with the company. I haven't witnessed any bugs or glitches. Our organization is satisfied with the level of stability it has provided.

What do I think about the scalability of the solution?

About 50% of our network users are currently on the solution. For the two companies that we have on the solution currently, there's probably 100 users in each company that use the solution.

How are customer service and technical support?

I personally have never been in touch with technical support for Fortigate. I can't speak to any kind of experience. I have heard good reviews from other people, however.

Which solution did I use previously and why did I switch?

I've used Sophos in the past.

There are some technical issues with Sophos, at least on the older version, but with XG they kind-of did an upgrade. The interface of Sophos is great. It makes it easy to manage. In terms of functionality, both Fortigate and Sophos are very good and have almost the same functionality. It does depend on the license you apply for, however.

If you subscribe to Sandstorm in Sophos, you should expect that you get the functionality of Sandstorm. 

They are both quite equal on the market for the most part.

How was the initial setup?

In terms of the initial setup, a vendor did that for us. We just manage it. The solution was already in place before I started at the company. I don't have details in relation to its initial complexity or how long it took.

What about the implementation team?

Our vendor set up the solution for us.

What's my experience with pricing, setup cost, and licensing?

At this time, I'm unsure of what the costs related to the solution are. It's my understanding that support is part of the OEM fee and you do have to pay that yearly. However, it does depend on the arrangements with the OEM.

Which other solutions did I evaluate?

We did look at Barracuda, but we decided against them because it gets a bit too technical. Also, unlike Sophos, for example, you can't pick the license you want and instead have to buy a package that may include things you don't need. Barracuda's interface looks like something designed in the 90s as well, which was a turn-off.

What other advice do I have?

We used to be on the cloud, but we phased it out more than a year ago.

I'd recommend the solution. It's one of the best on the market. It's great for financial services institutions. Security is important because of the type of companies that are typically dealing with it.

I'd advise that users use it within a firewall, to create a double layer of protection or something similar.

I'd rate the solution eight out of ten, especially when comparing it to other solutions.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
MM
IT Engineering Manager at Mission Critical Partners
Real User
Top 5
Rock solid, has most of the features, and provides greater security and flexibility

Pros and Cons

  • "Primarily, the VPN solution is most valuable. It allows you to have more flexibility in terms of what is there on the end-user device, and what is not there. You can check and make sure that they're current. It has more flexibility than just a straight VPN solution. It works really well. It has the features that 99% of people need."
  • "They should keep us up to date about the latest version. That's the biggest thing. Currently, we have to go looking for the latest version. We should get notified about what's going on with the versions. I would like to see easier dual-factor authentication."

What is our primary use case?

It is primarily for VPN access and restricting access into the network. One of our clients has a shared system between multiple counties, and it is used to keep the right traffic flowing between counties and blocking the rest.

Each client has a specific version. We're trying to get them all current. Our number one client has the current version.

How has it helped my organization?

It provides greater security and flexibility. Instead of just opening it all up, it allows access to only those people who should have access. The network itself is pretty open, and with FortiGate, we can lock down exactly what they have access to.

What is most valuable?

Primarily, the VPN solution is most valuable. It allows you to have more flexibility in terms of what is there on the end-user device, and what is not there. You can check and make sure that they're current. It has more flexibility than just a straight VPN solution.

It works really well. It has the features that 99% of people need. 

What needs improvement?

They should keep us up to date about the latest version. That's the biggest thing. Currently, we have to go looking for the latest version. We should get notified about what's going on with the versions.

I would like to see easier dual-factor authentication.

For how long have I used the solution?

Our clients have been using it for several years, and we've been helping them with that.

What do I think about the stability of the solution?

It is rock solid.

What do I think about the scalability of the solution?

It is reasonably scalable. It is not as flexible in scalability as Cisco Firepower with their FMC.

Usually, the clients who use it are cost-conscious. They don't want to spend money on a Cisco device, so they go for Fortigate. A large organization usually goes with Cisco. A smaller organization tends to go for Fortigate or some other solution because of the price.

Our clients use it all over the place. It is not just for their internet. It is used for their internal networks and the rest of it.

How are customer service and technical support?

It was average. I wasn't overly impressed. I was also not disappointed.

How was the initial setup?

There is a little complexity to it but not more than other solutions. I haven't noticed greater complexity.

The deployment duration depends on how detailed you are and what you don't want to get. You can deploy one of these firewalls in half an hour, but if you're going to add a bunch of complexities and things to it, it can take at least a couple of hours to get it all set up the way you want. It ranges from half an hour to four hours.

What about the implementation team?

We help our clients in implementing it. We also manage it. We just have one network support person to take care of things. It is not a job that requires more than one person.

What's my experience with pricing, setup cost, and licensing?

There is no additional cost. Once you get the licensing fee, you're good.

What other advice do I have?

Realize that it is not Cisco, and it doesn't work the same way. You got to pay attention to what you're doing. Those who are super familiar with Cisco got to pay attention to what you're doing because it works differently.

I would rate this solution a nine out of ten. It works well. Except for the dual-factor authentication feature, it has all the next-generation features that you need for a standard user.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
YO
Managing Director at a tech vendor with 11-50 employees
Real User
Top 20
Has a good support-base but needs better customization abilities

Pros and Cons

  • "The product is quite user-friendly so we didn't have a lot of issues that needed to be addressed."
  • "Customization needs improvement."

What is most valuable?

Their support is very good. Fortinet has a good support base here who has been working closely with us. Whenever there is an issue that needs to be addressed to our end clients, we have received very good support. 

The product is quite user-friendly so we didn't have a lot of issues that needed to be addressed. 

The pricing structure is also flexible. 

What needs improvement?

Customization needs improvement. A lot of people have very unique requirements that they ask for at times. Everybody wants to get more out of the solutions so that they have more with less. I would like a little more customization, especially now that everything is becoming a lot more flexible with cloud-based deployments. A little more flexibility in terms of the offering that we can do or the bundling of products would help acquire markets much faster or much better.

For how long have I used the solution?

I have been using FortiGate-VM for just under a year. 

What do I think about the stability of the solution?

It is definitely stable. We have not had a lot of support calls so, so far it is good. We have been pushing our clients to see whether they need additional support.

We want to organize more training and have a lot more awareness-building seminars and workshops. That is something that I think we can or we would be wanting to look at moving ahead. We haven't been able to organize a lot of that yet, but that is something that I think can help in many aspects is awareness, to be able to draw in and attract local talent who would be able to help with support.

What do I think about the scalability of the solution?

Our clients are mostly enterprise businesses. 

How are customer service and technical support?

We are a value-added reseller. The technical support primarily is coming from Fortinet because we are in the process of building up to provide the right service. Once we are comfortable then we will be again discussing with Fortinet that we are able to assume a greater role in providing the services locally or on-site from here.

How was the initial setup?

We are still getting help from Fortinet for the deployment. We have been able to push this to two clients after we onboarded this. In the next couple of months, we believe that we will be able to take over the implementation and they can take a little more of a backseat. We want to be more independent, locally, with the local support and local team to be able to deploy it. We want to ensure that the service is seamless.

What other advice do I have?

POCs are definitely the way to go because cyber-security is still in many cases new for many clients. Cybersecurity is a very wide arena in today's day and age. There is no one single solution, every day someone else is innovating some specialization in some form or another. Clients would like to see a proof of concept before they go on a large full-scale deployment. 

In the next release, I would like to have the possibility of being able to offer cyber-insurance with this because this is something that I think is completely unavailable at the moment here. This would add a whole new dimension. 

I would rate it a seven out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
ITCS user
Chief Information Officer at LCC Group Inc
Real User
Top 5
Good security and functionality but not as robust as Palo Alto

Pros and Cons

  • "The functionality provided is very good."
  • "The product may not be as robust as Palo Alto. However, unless you are a big bank, you probably won't need it to be."

What is our primary use case?

We primarily use the solution for the security so that our systems will not be penetrated externally.

What is most valuable?

The security the solution provides is its most valuable feature. All the basic security we need is found within this product.

The functionality provided is very good.

It integrates well with FortiMail and the two combined add a nice layer of security for our on-prem emails.

What needs improvement?

As we just began implementing the solution, I'm not sure if there are any features missing. We haven't come across any shortcomings in the product yet.

We purchased the product through a reseller, and we don't have any issues with them and therefore, so far, don't have any issues with the solution itself.

The product may not be as robust as Palo Alto. However, unless you are a big bank, you probably won't need it to be.

For how long have I used the solution?

This is the first time we've acquired a firewall. It's pretty much a new experience on our end. We haven't been using it long at all. 

What do I think about the stability of the solution?

We haven't had any issues when it comes to stability. It's been very good.

What do I think about the scalability of the solution?

The scalability of the solution is good. We haven't faced any issues with expansion.

How are customer service and technical support?

We have yet to contact technical support, as we've just started to use the product and haven't had any issues to speak of so far.

Which solution did I use previously and why did I switch?

This is our first firewall. We didn't previously have a different solution.

How was the initial setup?

The solution's setup was pretty straightforward. It took the team about two to three weeks to deploy it.

What about the implementation team?

We had a reseller assist us with the implementation.

What's my experience with pricing, setup cost, and licensing?

Fortigate is cheaper if you compare it to Palo Alto, a main competitor.

Which other solutions did I evaluate?

Our team evaluated Palo Alto as well, although I did not evaluate it directly. I'm not sure what the main difference was between Palo Alto and Fortigate.

However, we have evaluated Fortinet for the last four or five months and now we're officially acquiring the licenses for it. 

I believe the pricing was a big part of the decision to choose Fortigate.

What other advice do I have?

We've also recently acquired FortiMail as well.

This solution has the basic functionalities required for a firewall. In fact, in terms of our evaluation, it's basic functionalities are enough for us. If I were to compare it to Palo Alto, it does not necessarily have the full capability of that particular solution. We're not a bank. We don't belong to the banking industry so we don't really need such high caliber firewalls that provide multiple levels of security. It's not required with our industry, so a mid-range firewall like Fortigate is perfect.

If your business is small or even enterprise-level, if it doesn't necessarily need multiple or heavy firewalls, Fortigate will actually work just fine for you.

I'd rate the solution seven out of ten. It perfectly meets our requirements.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
JV
Founder & Managing Director at a tech services company with 1-10 employees
Reseller
The EPM bundle is of value to many of our clients; unfortunately deployment is quite difficult

Pros and Cons

  • "The EPM bundle is a good feature."
  • "Deployment can be difficult and they could dispense with reliance on FortiManager and FortiAnalyzer."

What is our primary use case?

In the years that we've been using this product, we've deployed it five or six times. Most of our customers have dedicated firewalls, either physical or virtual format and a few are on a shared platform. We're authorized sellers of the product and I'm the founder and managing director of our company. 

What is most valuable?

The best feature of the solution is the EPM bundle, a lot of our clients are interested in that. Truth be told, it's quite difficult to roll that out because we have very little trust in the FortiManager and the FortiAnalyzer integration and technology.

What needs improvement?

The solution could be improved by making deployment easier and dispensing with the reliance on FortiManager, as well as FortiAnalyzer to get any meaningful reporting out of it. If they could exclude both of those from the whole equation so that it bundles direct to the firewall, that would be a big improvement. It should be decoupled from the whole ecosystem, the security fabric side of it, and that would improve things. I get the feeling we have limited functionality if we just look at the data itself, and that's not cool when you're spending thousands of dollars on a product.

The technology is just not there yet in terms of UX and true integration. We have had endless woes with our Analyzer services and the Manager seems rather rudimentary on its own. We believe that the actual Fortigate should have all this disparate functionality baked-in.

For how long have I used the solution?

I've been using this solution for close to six years. 

What do I think about the stability of the solution?

The stability is absolutely awful. Every time Fortinet releases a new version, there's always some bugs that you absolutely can't avoid, so stability from our perspective, in between maintaining the service on the FortiGate, is really tricky. It's difficult to trust the quality. 

What do I think about the scalability of the solution?

The solution is scalable if you have the budget. If you don't have the budget, it's not tied into customer budgets very nicely. There are too many moving parts and it is too expensive.

How are customer service and technical support?

Technical support is horrific, absolutely terrible. I'd give them a negative rating. 

How was the initial setup?

To install a FortiGate is a complex task. The installation engineer need to be strong technically and familiar with FortiGate. The end user also needs to be well versed in their network and have a firm technical grasp on their business requirements and how those translate to what the firewall is capable of doing/ enhancing. This can drive a prolonged pre-install and installation process.

What other advice do I have?

I would recommend this solution. As a piece of tech, as a firewall, it's really good. Local channel support in South Africa is very strong. The functionality of the gate is good. I think it probably surpasses many of its competitors. So I would recommend it. I'm very familiar with the realities of looking at it so I'll be very open with my customers in recommending FortiGate and at the same time explaining the pitfalls to them. 

I would rate this product a seven out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
AM
Head of IT at a mining and metals company with 10,001+ employees
Real User
Easy to maintain, simple to set up, and offers good stability

Pros and Cons

  • "The solution can scale well."
  • "Price-wise, it could be slightly better, however, if you compared it to other makes and models of equal category, it is generally cheaper."

What is our primary use case?

We primarily use the solution for our internal worldwide corporate network.

How has it helped my organization?

It's allowed us to have fewer personnel requirements in relation to maintenance. 

What is most valuable?

The maintenance part is definitely quite easy. We do not require any additional manpower to maintain this. It's quite simple and it has the least required manpower over it based on an individual unit.

The initial setup is pretty simple. 

The solution can scale well.

The stability is quite good.

What needs improvement?

Right now, we are totally satisfied with this solution. There are several units worldwide. We have only one unit at our Kolkata location, and we are satisfied as of now in terms of its capabilities.

Price-wise, it could be slightly better, however, if you compared it to other makes and models of equal category, it is generally cheaper.

For how long have I used the solution?

I've used the solution over the last seven months. 

What do I think about the stability of the solution?

The stability has been good. Its performance is reliable. There are no bugs or glitches. it doesn't crash or freeze. 

What do I think about the scalability of the solution?

The scalability is there. When taking into consideration our business environment right now, I find that this is capable of handling all the requirements until the end of 2022.

Right now in the Kolkata office, we are around a hundred people - and that is in the Kolkata office only. If you talk about India, then we have around 250.

We do not plan to increase usage at this time. However, in the future, scaling may be required. 

How are customer service and support?

I've never directly dealt with technical support and therefore cannot speak to how helpful or responsive they are.

Which solution did I use previously and why did I switch?

We did previously use a different solution, however, the main office makes the decisions around product changes. They may have chosen this product as it is less expensive. 

We had been using a British Telecom hybrid VPN solution. In April, we stopped that and migrated to this new SD-WAN connectivity solution based on the Fortinet firewall. 

How was the initial setup?

The implementation process was not complex or difficult. It was straightforward. 

The deployment takes around two to three hours.

Maintenance aspects are handled by the vendor. 

What about the implementation team?

The implementation was done by our vendor as well as our internal team.

What was our ROI?

We won't have a sense of an ROI until we've used the solution for another year and a half. 

What's my experience with pricing, setup cost, and licensing?

The pricing is pretty reasonable when compared to other solutions of the same caliber.

We pay a yearly licensing fee. I do not know the exact costs, however, as that is handled by the team in Luxembourg.

Which other solutions did I evaluate?

We don't make product decisions. Decisions of that scale come from Luxembourg. 

What other advice do I have?

We are a customer and an end-user.

I'm not sure which version of the solution we're using.

I'd rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Product Categories
Firewalls
Buyer's Guide
Download our free Fortinet FortiGate-VM Report and get advice and tips from experienced pros sharing their opinions.