Fortigate is Hard to Beat for the Money

Posted on June 2, 2013


Fortigate is Hard to Beet for the Money


Fortinet has been a darling of the stock market ever since its IPO in 2009 as its stock price has accelerated over recent years.  Its stock performance has mirrored the adoration that its line of security devices consistently receive.  Fortinet is the current UTM market leader, boasting a 20% market share.  Fortinet is now expanding out of its core SMB strength and into the large enterprise market where the increasing performance of its solutions are making it attractively priced.

In Gartner’s latest Unified Threat Management Magic Quadrant (UTM) Fortinet is listed at the top of the leader quadrant.  Says Gartner, “We believe attributes that contributed to the leadership position include Fortinet’s high awareness in the industry, in Gartner client’s short-lists and in competitive situations; Fortinet’s aggressive price/performance.”

A UTM or Unified Threat Management device is a firewall that includes other features as well.  The Fortinet UTM package includes gateway firewall, anti-virus, web filter, intrusion protection, application control, VPN, email filtering and WAN optimization.  Think of it as the “Everything Box.”

There line of UTM security appliances is called the Fortigate series.  It offers an appliance to meet every type of network, from the home office to large enterprise networks, as well as Managed Security Service providers.  Its smallest unit, the Fortigate-20C, also serves as a wireless router and offers four internal switch port in addition to a WAN port.  At the top of the food chain is its new 5000 Series chassis based network appliance.  It supports two, six, or fourteen FortiGate-5000 series network security blades, and allow you to scale security and customize your unique environment.  These large units are ideal for virtual infrastructures as they can control up to 3,000 virtual domains. 

The admin console for the Fortigate is browser based.  Sometimes, browser based can have a cheesy rudimentary look but not with the Fortigate.  Navigating the Fortigate is simple with its expandable menu.  The admin console opens up to a Dashboard which displays a series of widgets that the administrator can populate according to their needs.  It also comes with a command line interface which can be accessed through the admin console itself or through Putty. 

Like all UTM appliances, the Fortigate units do some things better than others.  Its web filtering is certainly more than suitable for most environments but if you are looking for super high granularity with a complicated array of user based filtering and exceptions, you probably would be better suited with a dedicated filtering appliance.  The same probably holds true for its email filtering as well.

With this in mind though, what IT professionals are looking for first and foremost in a UTM device is security, and this is what Fortinet does best.  Configuring the firewall of the Fortigate is a breeze.  Simply create your firewall objects, consolidate them into groups if possible, and then create your policy rules.  You can right click on any of your policies to view a separate context menu that will allow you to do things such as delete, move or edit the policies.

Integrating the other core components with your firewall policies is a snap.  Simply apply the various UTM services you desire to the designated policies.  For example, you would enable email filtering only to the rule configured for email traffic.  You would then configure web filtering for the rule regarding your HTTP and HTTPS traffic while you would apply anti-virus to both rules. 

Backing up and restoring your Fortigate configurations is as simple as clicking a single link and can be completed in less than a minute.  Fortinet is continually releasing new builds and updates for all of its models.  Simply download these firmware upgrades to any local device and click the update link and browse to the downloaded updates.  You can revert back to an older firmware release at any time.  Some of the more robust Fortigate models can be clustered into active-active or active-passive configuration. 

Fortinet recently released version 5 which among other things includes Mobility Management.  This feature does not include an additional license and is ideal for those organizations who allow BYOD devices. 

If you browse some of the UTM discussion boards out there, you will find the phrase, “can’t beat it for the price” when discussing the Fortigate.  The combination of its strong UTM features with a very affordable price point should certainly put Fortinet on the short list for any organization shopping for a new UTM appliance.