We just raised a $30M Series A: Read our story

Fortinet FortiOS Room for Improvement

System Administrator at RBDigital

Many things are missing from the interface that necessitates using the CLI, so it needs to be improved. When I migrated to FortiGate, there many things that I wanted to do, but couldn't.

With FortiOS, you can use the router in two modes. The first mode is the profile mode, which is the starter mode that most use, but you have another mode that is a policy mode and is required before creating your firewall rule. The problem is that when you switch from one mode to the other, all of your firewall rules will be gone. This means that you have to decide if you want to use the policy mode firewall or a profile mode firewall.

With policy mode, you can have granular control on the application on the firewall rule because the firewall rule works with the source destination protocol. With the application, you have multiple rules, one by one. As an example, you can have one for Skype or one for OneDrive, etc. On the source, you can add a group, and add people to the group, and they can have access to Skype and OneDrive along with others added.

You can granularly control applications on the firewall rule with the policy mode, but you don't have access to the proxy mode rules. There are also issues with the antivirus, IPS, and you are forced to switch back to the profile mode where you have less granular control on the application.

I have problems with the IPS stability and the antivirus in Policy Based Mode. If the file is bigger, then the antivirus doesn't check it.

In policy Based Mode, There are many issues. (Firmware =< 6.4)

View full review »
Systems Engineer at a tech services company with 11-50 employees

Right now, it's very trendy to integrate everything into the cloud. This solution would be more effective if they did more integration in that regard.

View full review »
Technical Head at a tech services company with 51-200 employees

The product really has everything that we need as far as features for this type of solution and our use case. It works fine for us. One thing that can be improved is the pricing model. It is currently subscription-based and I think they should probably try to change that.  

View full review »
Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
555,139 professionals have used our research since 2012.
Pre-sales Engineer at a wholesaler/distributor with 51-200 employees

The solution's switches are lacking. They need more features added to them to build them out a bit. The switches are very simple if you compare them with other companies like Cisco or Aruba. Those organizations offer their clients much more.

Technical support could be better. Some competitors have much more responsive support teams.

I know the last version had NAC, network access control, added inside the firewall. It's a process, however. There's still work to do. The next version will be better. Right now, you can't authenticate other devices. You only can authenticate Forti devices and not devices from other companies. This could be the next addition to the solution that will make its performance even better. 

View full review »
Executive - Data & IP at a comms service provider with 1,001-5,000 employees

Fortinet needs to make this solution even more robust. Sometimes when we get a DDoS attack, the cannot withstand it. We can run out of sessions very easily. That said, I suppose if you want more a robust system, then you could purchase higher-end solutions, which are more expensive. Still, I would like to see more protection from even in the low-end version.

The pricing needs to be improved. It's quite pricey.

In terms of the CLI, if they could make it more intuitive, and more user friendly, it would make the solution better. I like to work on CLI instead of through the GUI. If you are used to it then you wouldn't mind the way it works right now. However, for those that don't, there's just a sizeable learning curve.

View full review »
Chief Technology Officer at Future Point Technologies

We have had some performance issues, but that seems to be improving. I'd like to see better integrations and more flexibility for different scenario configurations. In comparison to Cisco, the CLI is quite difficult to use. Finally, I believe that the reporting could be enhanced to provide better visibility into the traffic. 

As an additional feature, Fortinet could have XDR embedded into it which would mean more visibility from the reporting side because right now we have to separately install FortiManager and FortiAnalyzer for driver analysis.

View full review »
President at a manufacturing company with self employed

FortiOS doesn't work well with all browsers. I think they need to do a better job of making it compatible with the various browsers that are out there. I see weird stuff happen sometimes.

It doesn't crash the router bin itself, but it typically takes some time. Sometimes I'll have to reboot the router to get it working with a browser again. This is maybe just a problem with older versions. I can't say anything about the recent versions of the FortiOS, but over the years, I've seen weird stuff.  This is mainly just a problem with the browser interface. I've never had a problem with the command line.

View full review »
Senior Manager (Engineering Department) at a comms service provider with 10,001+ employees

They're using a lot of application-specific IC, so that may be causing some performance issues. And whenever a Fortinet adds new features, it can affect performance. I don't handle implementation, so I have to ask my frontline engineers to implement new features, like software-defined WAN service. But I'm not sure these are stable and acceptable because this project is still in progress. FortiOS and all the other firewall products are adding SD-WAN service, and this kind of service needs a lot of resources from the fabrics, the hardware, and the software. Still, I think we have more confidence deploying this service with FortiOS than using the other brands, like Juniper.

View full review »
Senior Manager IT at Tata International Limited

It would be great if they can push the Microsoft updates through Fortinet OS and provide a centralized patch management system.

They should also include the data loss prevention (DLP) and data leakage prevention features. They could also add network monitoring more effectively.

View full review »
Senior Network & Security Engineer at a tech services company with 51-200 employees

The solution could improve the log retention and reports.

View full review »
System Engineer at a tech services company with 51-200 employees

There are some issues with the performance. We also had some issues while updating the firmware.  

The download options can be better. While downloading VPN clients, it is a little bit difficult to get different versions. You need to log on and search.

Their support can be better. 

View full review »
Software Development Specialist at Unicomp Information Co. Ltd.

The solution could improve by making the dashboard easier to use.

View full review »
Manager IT at wintac

The reporting and monitoring could improve, they have a lot of limitations. The monitoring is not easy compared to the other firewall.

View full review »
Learn what your peers think about Fortinet FortiOS. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
555,139 professionals have used our research since 2012.