FortiGate: Next Generation Firewall (NGFW)

1) Fortigate es bastante seguro ya que protege en varias capas con firewall y VPN. 2) Fortigate maneja muy bien el tema del rendimiento ya que incluso con un trafico de datos alta se mantiene la red segura y sobre todo rápida. 3) Se integra muy bien con otros servicios de Fortinet así como FortineManager

We liked that it is highly regarded by the industry and that the SD-WAN/multi-link SLA and failover is highly customizable. Many features are highly customizable, but it can be hard to learn and determine where to go to make edits. It also frequently is updated and changed and varies heavily by model. Overall, it seems better suited to a larger organization that can afford to maintain a more expensive appliance that requires a high level of expertise to implement and customize.

- No limitation on number of users connecting to VPN (ssl/ipsec) makes it unique and highly worthy product. - User friendly GUI that provides clear cut options on where anything needs to be configured interms of interface, firewall policies, services, restricting users from accessing malicious sites. -IP based policy is one of the good thing happened in the Fortigate firewall. -Deep inspection where even the encrypted packets get decrypted and inspected and encrypted back in fortigate security profiles is highly reliable to block the unwanted domain usage in an organization. -detailed view of logs & reports of all the security, system events is highly appreciated.

1) La interfaz es usable pero necesita mejorías y aunque cumple con ser funcional e intuitiva se necesita mejorar en la apariencia. 2) A pesar de que es una muy buena herramienta, creo que el costo es algo elevado sin considerar a empresas relativamente pequeñas. 3) No es una plataforma tan difícil de utilizar una vez se capacita a las personas, pero la curva de aprendizaje al inicio es algo grande y hay que familiarizarse con muchas características de la plataforma.

The logs are very vague and don't link to helpful information or related policies and settings within the config. As mentioned in the comments above, we had tons of issues with the sales and post-sales experience for renewals. It also seems like Fortinet forces MFA to only use FortiToken and the hardware only comes with 3-5 FortiTokens. It was also unclear how to enable vendors to connect with this, so we ended up disabling this security measure.

-too tough to get in touch in the fortinet TAC team especially when needed the help of the fortinet team at the earliest/emergency situations. - bugs in 7.2.x firmware verison and 7.4.x no ssl vpn options found. -rma process involves too much of questions and too much of remote sessions until it gets approved despite the box is totally done. That can be fixed.