Fortinet forti gate_vs._pfsense_report_from_it_central_station_2016-09-05

User Reviews of Fortinet
FortiGate and pfSense
A PEEK INTO WHAT REAL USERS THINK
2016
IT Central Station helps tech professionals by providing...
A comprehensive list of
enterprise level Firewalls
vendors.
A sample of real user
reviews from tech
professionals.
Specific information to help
you choose the best vendor
for your needs.
© 2016 IT Central Station Reproduction Prohibited
To read more reviews about Firewalls, please visit:
http://www.itcentralstation.com/products/comparisons/fortinet-fortigate_vs_pfsense

Disclaimer
IT Central Station Ltd. does not endorse or recommend any products or services. The views and opinions of reviewers
quoted in this document, IT Central Station websites, and IT Central Station materials (i.e. Content) do not reflect the
opinions of IT Central Station. We make no guarantees about the accuracy, currency, suitability, or quality of the content, and
we assume no responsibility for unintended, objectionable, inaccurate, misleading, or unlawful content made available by
Content authors or other third parties.

ABOUT IT CENTRAL STATION
User reviews, candid discussions, and more for enterprise technology
professionals.
The Internet has completely changed the way we make
buying decisions. We now use ratings and review sites
to see what other real users think before we buy
electronics, book a hotel, visit a doctor or choose a
restaurant. But in the world of enterprise technology,
most of the information online and in your inbox comes
from vendors but what you really want is objective
information from other users.
We created IT Central Station to provide
technology professionals like you with a
community platform to share information about
enterprise software, applications, hardware and
services.
We commit to offering user-contributed information that
is valuable, objective and relevant. We protect your
privacy by providing an environment where you can
post anonymously and freely express your views. As a
result, the community becomes a valuable resource,
ensuring you get access to the right information and
connect to the right people, whenever you need it.
Use IT Central Station to:
• Read and post reviews of vendors
and products
• Request or share information about
functionality, quality, and pricing
• Contact real users with relevant
product experience
• Get immediate answers to questions
• Validate vendor claims
• Exchange tips for getting the best
deals with vendors
244 5th Avenue, Suite R-230
New York, NY 10001
www.ITCentralStation.com
reports@ITCentralStation.com
+1 (646) 328-1944

ABOUT THIS REPORT
This report is comprised of a comprehensive list of enterprise level Firewalls vendors. We have also
included several real user reviews posted on ITCentralStation.com. The reviewers of these products
have been validated as real users based on their LinkedIn profiles to ensure that they provide reliable
opinions and not those of product vendors.
IMPORTANT NOTICE
Did you find this whitepaper helpful? At IT Central Station, our philosophy is “Give to Get”. Our active
community and unbiased reviews are made possible by your participation and as such, we ask that you
share your expertise with us as well. Please email reviews@itcentralstation.com and one of our
community managers will be in touch with you shortly. You can choose to review anonymously or not
and your company name will not be included in the review.
If you found this report and/or the reviews on IT Central Station useful, we would greatly appreciate your
participation in giving back to our community.

Firewalls
What is a firewall? Technically, a firewall definition could be that it’s the part of a system or network that
blocks unauthorized access but permits outbound communications. Most importantly, firewalls are
intended to protect key IT assets from security threats such as denial of service attacks or data theft.
Firewalls come in many varieties. What makes one better than other will depend on numerous
organization-specific factors.
When IT Central Station users were asked about what makes the best firewall, they described a number
of factors that will help anyone make the right choice. Some security professionals want to know what is
the best free firewall? IT Central Station reviews suggest that this is a question that should asked only
after one has assessed many basic requirements about usability and features first.
Visibility is offered as one of the most critical aspects of an effective firewall. Users want global reports
and traffic visibility as well as application visibility . IT Central Station members also want the firewall to
provide visibility into specific users’ behaviors. Visibility as a key point of value cuts across different
types of solutions, including Windows firewalls, firewall software and network firewalls.
Ease of use and simplicity of administration also rated as high priorities for firewall buyers. A firewall
should be easy to manage and configure . Easy installation is essential, as is integration. According to
IT Central Station reviewers, firewalls typically function in complex, heterogeneous security
environments. In parallel, solid vendor support is important. Reviewers noted that the first line of
response to an issue with a firewall is almost always an in-house technical resource. That resource
needs to be trained easily. If training is too cumbersome or if the firewall admin is a hard-to-find hire, the
department will suffer.
Firewall users list many specific functions as “must haves.” These include intrusion protection (IPS),
VPN, high throughput, data loss prevention, SSL, IPSEC, application control and web content filtering.
Some users want a firewall to easily integrate with an LDAP Server or Radius Server . Anti-spam is
desirable, as is anti-virus and anti-spyware protection. Users emphasize the importance of IPv6 native
support as well as traffic shaping and bandwidth control.

Fortinet FortiGate pfSense
Vendor: Fortinet pfSense
Overview: Fortinet Firewalls fall under the Fortigate product
line and platform, which is a leading network
security solution. Fortinet Firewalls cater for all
types and sizes of networks, and there is a range
of different physical and virtual product lines to
meet these diverse network security
requirements. If you are looking for a High
Performance Data Center Firewall, or an
Enterprise Next Generation Firewall, Fortigate is
the solution for you. If you have distributed
enterprise or small business offices, there is a
smaller UTM appliance that will be right for your
business.
Providing comprehensive network security
solutions for the enterprise, large business and
SOHO, pfSense solutions bring together the most
advanced technology available to make
protecting your network easier than ever before.
Our products are built on the most reliable
platforms and are engineered to provide the
highest levels of performance, stability and
confidence.
Sample
Customers:
Fortinet Firewalls provide network security to
many companies of all sizes, including Black Gold
Regional Schools, Amadeus Hospitality,
Jefferson County, Chunghwa Telecom, City of
Boroondara, and Dimension Data.
Nerds On Site Inc., RKC Development Inc.,
Expertech, Fisher's Technology, Ncisive,
Consulting, CPURX, Vaughn's Computer House
Calls, Imeretech LLC, Digital Crisis, Carolina
Digital Phone, Technigogo Technology Services,
The Simple Solution, SwiftecITInc, Rocky
Mountain Tech Team, Free Range Geeks, Alaska
Computer Geeks, Lark Information Technology,
Renaissance Systems Inc., Cutting Edge
Computers, Caretech LLC, GoVanguard,
Network Touch Ltd, P.C. Solutions.Net, Vision
Voice and Data Systems LLC, Montgomery
Technologies, Techforce, Concero Networks,
ASONInc, CPS Electronics and Consulting,
Darkwire.net LLC, IT Specialists, MBS-Net Inc.,
VOICE1 LLC, Advantage Networking Inc.,
Powerhouse Systems, Doxa Multimedia Inc., Pro
Computer Service, Virtual IT Services, A&J
Computers Inc., Envision IT LLC,
CommunicaONE Inc., Bone Computer Inc., Amax
Engineering Corporation, QPG Ltd. Co., IT 101
Inc., Perfect Cloud Solutions, Applied Technology
Group Inc., The Digital Sun Group LLC,
Firespring
Top
Comparisons:*
Cisco ASA vs. Fortinet FortiGate:
Compared 21% of the time.
Sophos Cyberoam UTM vs. Fortinet FortiGate:
Sophos UTM vs. pfSense:
Fortinet FortiGate vs. pfSense:

Top
Comparisons:*
Palo Alto Networks WildFire vs. Fortinet
FortiGate:
Cisco ASA vs. pfSense:
Top Industries:* Financial Services Firm
Comms Service Provider
Government
Manufacturing Company
18%
10%
10%
6%
Comms Service Provider
Non Tech Company
Manufacturing Company
Financial Services Firm
14%
7%
7%
7%
Company Size:* 1-100 Employees
100-1000 Employees
1000+ Employees
26%
40%
34%
1-100 Employees
100-1000 Employees
1000+ Employees
36%
38%
26%
* Data is based on the aggregate profiles of IT Central Station Users researching this solution.

Deep Dive: Valuable Features
ProjMan8210, Project Manager at a tech vendor with
1000+ employees:
Performances VDOM UTM Consolidated
Management FortiGuard
Marcin Wojcik, Senior NetOps Engineer at a tech services
company with 1-100 employees:
GUI Flexibility Easy to configure UTM
Renato Pereira, Owner at a tech consulting company with
1-100 employees:
Active Directory integration QOS
Balance/Fail-over Web filtering and
protection with AV engine WiFi network for
visitors isolated from our corporate WiFi
network using only one unit
Mohammed Al-Hanash, IT NETWORK ENGINEER at a
energy/utilities company with 100-1000 employees:
The most valuable features for us are VPN
WebFilter Firewall
Muhammad Ikram, Network and Transmission Engineer
at a tech services company:
Firewall State Table Network Address
Translation (NAT) High Availability Multi-
WAN Server Load Balancing Virtual Private
Network (VPN) PPPoE Server Reporting
and Monitoring Applications Dynamic DNS
Captive Portal DHCP Server and Relay
Anis Megdiche, Senior Technology Consultant
Cosmocall/Microsoft at a tech services company:
Port routing policies Load balancing Clustering
Myles Blackwood, Corporate Trainer / Systems
Administrator at a software R&D company with 1-100
employees:
Reliable Easily configurable Awesome plug-ins
Very low maintenance
John Crabtree, Head of Operations at a tech services
Flexibility is the most valuable feature for us.

Manan Patel, Network Engineer at a tech services
Policy control Web filtering Application filter
works smoothly. Controlling and tracing with
web console works nicely for windows systems.
Better QoS than Checkpoint, I believe.
Achilleas Grigoriadis, IP Senior Engineer at a comms
service provider with 100-1000 employees:
High Availability clustering SNAT/DNAT
Policies section view Virtual Domains Logging
and Reporting IPS
Saif Alayash, IP Core & Security Supervisor at a comms
service provider:
IPS Web filtering
Adithyo Dewangga Wijaya, Network Security
Infrastructure - Tech Specialist at a tech services company
with 1000+ employees:
It's version of throughput is good It has a strong
active cluster, as you can have between three
and 32 units to a cluster
Shiv Shankar, Technical Consultant at a health, wellness
and fitness company with 100-1000 employees:
SSL VPN, Site to Site VPN, UTM features and
web override are nice features.
Analyst347, Network Support Analyst at a non-tech
The two most valuable features are VPN and
firewalling.
Dania Seun, Help desk Support Analyst at a
Fail-over of between multiple ISPs Firewall
Graphs Real time interface monitoring The
web UI gives you an overview of everything you
want to see For an open-source solution it has
performed fantastically OSPF It contains loads
of optional packages e.g Snort (IDS), asterix
(PBX), network monitors etc.
pyephyoe aung, Network Engineer at a tech services
company:
The features I've found most valuable are--
Proxy server (to filter traffic, act as
intermediary between our server and our client,
and analyze and load-balance traffic)
Load balancer (support multiple servers, load
balances two gateways on the same tier)
Hot spot (with captive portal, forces
authentication or click-through for network
access)
Patryk Kozłowski, IT Specialist at a tech services
- Firewall/router - OpenVPN server - DHCP
server - High availability cluster - It's for FREE!
Adam Churchman, System Administrator at a media
company with 1000+ employees:
Snort CARP Load balancing VPN
Ehsan Ul Haq Siddiqui, Network Engineer at a tech
services company with 1-100 employees:
This product supports multiple ISP's, so it's
good for implementation.

Roberto Garcia Hernandez, Security Analyst at a tech
services company with 1000+ employees:
The UTM (application control) features have
been very important, because they have solved
many issues that other firewall providers have
not developed as Fortinet has. A clear example
of this feature advantages is blocking and
allowing the Google suite. For example, without
UTM, we would not have been able to execute
some customer requirements like this one: A
customer asked us that some host on their LAN
is going to be assigned to be a POS workstation.
They needed that workstation to have
permissions to some applications and some
URLs, and they needed to block users from
opening sites like YouTube, Google+, and
Google Drive, but they needed to get in to some
POS URLs hosted in the Google cloud.
We were working with rules allowing some
specified URLs, but it didn’t work because the
subnetting IP address the customer needed to
be allowed, sometimes matched the YouTube
service. Google support engineers told us they
rotate their IP addressing subnets to be more
secure and they do not always attach an IP
address to a domain name. So, sometimes the
customer’s workstations were able to open
YouTube sites too. The way we could block
YouTube and allow the customer POS URLs
sites, was by configuring an application control
sensor, where we were able to block some
categories like this: Another requirement was
to allow some specified applications, so we
configured the next sensor structure:
Another customer reported to us they had issues
working with Gmail attachment files; they could
not do it.
SnrSysAdmin880, Senior System Administrator at a
government with 100-1000 employees:
Battery backup True processor power at low
energy cost Expansion possibilities Low noise
emission
SysEng433, Professional Internship - System Engineer at
a tech services company with 1-100 employees:
It's easy to access and configure in general. As
for features, the firewall and security options
were valuable. These are valuable because I
like simple things that are easy to work with, as
too much difficulty or too much constraint is not
good, and boring.
Sait Fırat Nemiş, IT Chief at a construction company with
1000+ employees:
Load balancer Multi-WAN
Waqas Ali, CEO & Founder at a tech services company
with 1-100 employees:
Captive Portal DHCP
ITExecutive414, IT Executive cum ICT Consultant at a
healthcare company with 1-100 employees:
Firewall DHCP VPN
Samir Ramazanov, System Administrator at a tech
pfSense is very valuable as previously I had to
use Microsoft's TMG solution. After some
research, when I got stuck configuring a
physical machine with many VMs, I noticed that
pfSense, as a firewall, uses less resources. I
started to test it on a simple PC, and I have now
seen how I can benefit from open source
software. So therefore, the most valuable feature
is that it uses less resources than a physical
machine.

Executing some packet captures and with the
Fortinet TAC help, we found they were using the
latest Chrome versions that use the QUIC
Google protocol, which is not supported by
Fortinet because it is not a valid protocol. We
proceeded to block the QUIC protocol using an
application control sensor. After this blocking
action, the customer was able to work without
any issue.
ITmanager567, IT Manager at a tech vendor with 100-
1000 employees:
With the application and web filters, we were
able to block social network websites and any
other websites that could lead staff being less
productive. We were able to stop use of VPN
applications on the school’s network. We were
able to prevent the use of torrent applications.
NetworkEng896, Network Engineer at a tech services
Flexibility Flow tracking B2B VPN
Adriana Ymeri, IT Infrastructure Engineer at a tech
FortiGate/FortiWifi: IPS Application control
IPsec & SSL VPN Web filtering E-mail security
Data leak prevention Wireless security and
wireless controller Central antivirus (FortiClient)
HW & SW token controller (FortiToken) etc.
FortiManager: Central management
Administrative domains (can group devices
according to geographical are, functionality,
admins, etc.) FortiGuard management Logging
and reporting Configuration version control and
tracking Firmware management Scripting
FortiAnalyser: Centralized security log analysis
and forensics Centralized graphical reports
Customized reports Scheduled reports Queries
Content archiving/data mining
Sid Ahmed Toubal, Responsable IT & RMQ at a comms
Load balancing multi-WAN (High latency)
Queues with CBQ algorithm Traffic shaper
(limiter) Aliases for grouping anything VPN
(OpenVPN) DHCP server (with ARP
reservation) DNS forwarder Firewall Graphs for
monitoring NAT
Paolo Daniele, Network Engineer at TLCWEB S.R.L.:
First of all scalability of this solution. It's an all-in-
one solution useful for every kind of company.
It's also very easy to set up rules and NAT, and
it has several modules like transparent proxy,
VPN, and traffic shaping which are the daily
modules for me.
Chohan290, IT Administrator at Sharif Medical City:
The Captive Portal (pass through MAC) feature.
ITAdmin023, IT Administrator at a tech services company
Firewall rules Modules, e.g. Squid
Daniel Legall, Systems Engineer II at a tech services
Two particular features stand out to me: The
WAN load balancing feature The product offers
many additional functions such as router, WLC,
and traffic analysis etc.
Patrick Rachels, IT Support Specialist at Tech Solutions:
Open source Proximity security Content filtering

Ivanildo Teixeira Galvão, Consultant Information
Technology at a tech company with 1-100 employees:
The web content filtering and application control
allow us to control which websites and online
applications our users can access and those
they cannot, thus preventing access to
pornographic sites, online gaming sites, social
media and many others during office hours. The
application control reinforces the blocks,
preventing, for example, users from using
specific applications to bypass the web content
filter blocks. An example is a user running the
UltraSurf proxy, attempting to access banned
sites. With the application control function,
FortiGate is able to prevent the operation of this
application. IPS - Intrusion Prevention System:
It is the main component that detects and blocks
hackers and malware attacks. Other valuable
features are SSL VPN and WAN link balancing.
Carson Rutherford, Project Consultant at a tech
consulting company:
I enjoy the combination of an intuitive graphical
interface and also a traditional shell command
line environment for more advanced
administration. The option to configure policies
in a graphical environment is very easy to
understand and also simple to teach someone
else unfamiliar with the product.
ITDirector226, IT Director at a university with 100-1000
employees:
It offers a proxy and a firewall.
Vishvatosh Pandey, Customer Support engineer at a
The key features of this product are: Network
security UTM Features Configuration and ease
of deployment. IP/User/Device Mac ID/Device
Type based policy configuration Traffic shaping
Load balancing Ease of VPN configurations
Explicit proxy Link segregation Application
signatures Network object based HTTPS/SSL
inspection etc.
ProgramMgr801, Technical Program Manager at a
Free Open source Robust Strong community
support Strong author support
Itonmytips, Manager IT at a energy/utilities company with
100-1000 employees:
MAC Filtered DHCP and DNS Captive Portal
VPN Proxy Server Proxy Filter

SoftwareTestEng746, Software Test Engineer at a tech
Anti-virus NAT VPN
NwkAdmin294, Network Administrator at a real estate/law
firm with 1-100 employees:
The unlimited VPN licensing. All of our remote
locations (1000+) used IPSec VPN and SSL to
connect to the cluster.
Zain Ur Rehman, Senior Information Security Engineer at
I am using different features of this product but
the most valuable are - SSL VPN Web filter
Explicit proxy IPS Application control Routing
Dudi (David) Hefer, CEO at a tech services company with
1-100 employees:
Load Sharing VDOM Security Profiles
Vulnerability Assessment

Deep Dive: Room for Improvement
1000+ employees:
Fix all pending bugs present in 5.0.x branch
Improve the testing process of newly published
firmware like using real and representative
configurations submitted to consequent traffic
load during a while Support SNMPv3 INFORM
requests Uniform the scheduled backup
between FortiGate, FortiManager and
FortiAnalyzer Integrate graphical troubleshoot
tools for policies based on devices or user
identities
I'm happy with the product, however the
licensing fees could be lower.
1-100 employees:
Everything needs to be improved, but they have
improvements with each new version.
Load balancing of multiple networks
employees:
Some of the available plug-ins that work very
well on older versions, and actually break the
newer versions. If using a newer version of the
software, then the list of available plug-ins
should only list those capable/known to work
with the version that you are running. Outside of
that- it is a rock-solid firewall, now with support.
Whenever a new version rolls out, there are
hidden bugs. That's why we normally run a
version behind for a little while before rolling into
the current build.

I'd like to see an improvement in the Bandwidth
Management and Traffic limit control. Also, the
licenses are expensive, turning off some users.
Maybe Linux system monitoring can be
improved by the developers of the product.
Although it has policy control and web filtering,
these could be better. Application filter needs
more control options. IP tracing works only so-
so. Controlling and tracing with web console for
Linux only obtains IP addresses.
Its web interface needs to be more stable, and
more functional, through the variety of browsers.
Additionally a nice add-on would be a
“diagnostic sniffer” capability in the web
interface.
service provider:
This product can't show the NAT status or NAT
logs.
Security LAN WAN
The load balancing can be improved as it uses
tier levels to balance. For it to function most
effectively, you often need to have the same
bandwidth on the ISPs.
company:
The firewall feature could be improved.
So far, from my point of view everything is
working perfect!
I'm no expert on this subject, and the OS
performs all that is required.
FTP was not allowed, and it didn't
indicate during set up whether FTP was to be
allowed or disabled.
Kernel support for laptop features, USB/Firewire
ethernet cards, and specially built in WLAN
cards. If the WLAN functions work properly,
pfSense makes a perfect "repeater" or controlled
and robust accessed point with built in QoS and
firewall. Wider support for 3G and 4G USB
cards as backup networks would be nice too. It
was impossible to get some USB stuff to work.

Shiv Shankar, Technical Consultant at a health, wellness
and fitness company with 100-1000 employees:
They need to improve a bit the SSL VPN to
integrate with Sharepoint single sign on, with
form base, Windows claim base and SALM
base authentication.
They could improve performance with all the
UTM features working. Sometimes, we have
seen that when you enable the antivirus sensor,
customers report slow web browsing. We know
this is normal, but we would like to know if it is
possible to make feel the customer their web
browsing is fast with not as much delay. The
antivirus sensor analyzes all the protocols and
packets we specified, and this is an important
performance affectation. In my personal point of
view, I don’t think it is a serious issue, but we
receive many reports from users who browse the
web with antivirus sensors applied to their
firewall policies.
1000 employees:
I feel they need to work on the alert and event
logs. We were not able to get anything much out
of it when we were facing issues. Not sure if it
was a configuration issue; we were, in fact, not
able to see any system-related logs.
Better documentation about usage of the CLI. I
learned most of what I know in diagnostic
functionality through saving SSH sessions with
the customer support staff while in WebEx
sessions. I have tried looking up the manuals.
They are OK in some respects, but I feel
exhaustive documentation about the CLI "with
examples" should be there, and I feel it's not.
RadiusServer needs some work done.
I was satisfied with the overall features of the
product, considering the limited capacity of our
hardware at the time. It's probable that an
improvement can be made to the user
friendliness of the interface.
I think that areas for improvement are not closely
related with the work of pfSense but with its
components, meaning the packages. I am faced
with little problems when I install none-
recommended (beta) versions. But, I also
understand that these versions are mostly for
developers, who are trying to contribute their
best efforts for open source.
I always need to open different graphs on
different windows of the web browser to have an
overview, Therefore, it would be good, if it is
possible, to have a customizable, large
dashboard. At the moment though, the others
options are good because I am a beginner with
the pfSense.
Compatibility with virtualization system (like
VMWare, Proxmox and so on and so forth); in
some cases, it can create conflicts with
virtualized hardware, and configuration export
(sometimes the XML file creates a conflict with
the hardware network MAC address).

They could improve vulnerability scanning.
The reports provided by the equipment could be
more detailed, and not so dependent on the
FortiAnalyzer. The FortiGate internal reports are
good, but could have more details and options
for viewing certain network data. For the client to
get the richest reports, they need to buy the
FortiAnalyzer appliance or hire FortiCloud
service. These two aim to catch all of the
FortiGate logs and turn them into friendly
reports, many of which are not present in
FortiGate itself.
consulting company:
I think the graphical interface always has room
for improvement. I would like to see more
attention put towards the logging functions as
well.
employees:
It's not intuitive, as the rules will be in the last
place you look. You can look for a report for an
hour, eventually getting a blank page. User
experience for the administrator is basically not
good as it needs to be more proficient.
The FortiGate series does not have that much
troubleshooting & network testing features in its
GUI, hence we’ll definitely be looking for some
add-on features in near future.
VPN ability needs to be improved.
I think the product has improved greatly, so I
actually don't know.
I think the dashboard/interface could be
improved and the ability to manage it from a
mobile platform.
Testing prior to deployment Packages need
better support
100-1000 employees:
Proxy filters are not supported for the blocking of
HTTPS sites.

The web interface could be made better.
A real-time log viewer in the GUI with the
capability to filter traffic displayed. Cisco ASA's
have this and it's fantastic.
WAN link load balancing Reports Anti-virus.

Deep Dive: Improvements to My Organization
1000+ employees:
Endpoint control of mobile devices with Security
Profiles compliancy checking, captive portal
redirection, Antivirus, IPS and Web Filtering
enabled on outgoing traffic (coupled to
FortiClient solution) Identity-based policies used
to authenticated and profile users and guests
whatever the media used to access the network
(ie. Wired and WiFi) Dynamic BGP routes
injections to divert traffic requiring UTM
inspection or DDOS mitigation Two-Factor
Authentication VPN SSL for itinerant users
(coupled to FortiToken solution) Active/Active
cluster load-balancing http/https traffic GTP
tunnels inspections over GPRS backbones for
pure-player telco operators Distributed WiFi
infrastructure with UTM enabled and managed
from the central console like signatures and
firmware updates Classical IP/IPv6 Firewall with
consolidated-management
The reporting and monitoring applications
improve our organization.
Anis Megdiche, Senior Technology Consultant
Cosmocall/Microsoft at a tech services company:
We've been able to get call center traffic
optimisation over multiple WAN and Point2Point
Connections with a failover policy. The call
center has different types of traffic (VoIP,
Internet, Stream etc.) and every kind of traffic
has its own policy. For example VoIP needs to
be have high availability & a priority to maintain
a non-stop custom service, while that of internet
traffic can be lowered in priority and even cut
when some WANs are unavailable to prioritize
VoIP. I think that having this kind of complex
configuration & tunning with a robust open
solution, is a good value.

Option to control application = increased
productivity Data leak prevention = increased
security Anti-virus & IPS = increased security
1-100 employees:
After the implementation we stopped internet
disruptions and abuse by users.
It's features are highly customizable. This means
that when our different business groups have
different needs, the implementations can be
customized to meet the demands of those
groups and needs.
Previously, my organization had the Checkpoint
firewall solution, which has been replaced by the
Fortinet Fortigate solution, which is cost
effective and more manageable from a
beginner's perspective. Fine QoS and Web
based filtering solution is a plus.
It has made our daily operations easier, as well
as adding security, and stability to them. Adding
or removing security policies is simplified
through its web interface, or CLI. Additionally,
troubleshooting is fast and effective, as
everything is organized in a very understandable
way.
employees:
This product has allowed my current employer
the ability to do what other firewalls seem to fail
at, providing a reliable and secure point for
allowing SIP traffic to pass. Training other
admins how to use the features, and also
creating custom user levels for various parts of
access within the system has never been easier.
There's no expensive licensing costs, which
helps us save money. Also, its capacity and
functionalities are great for our needs.
We have pfSense across three sites where it
manages the VPN and firewalls between them.
Also, it has reduced costs drastically and has
outperformed its expectations.
company:
It's provided us with a fair internet speed for all
users. We're also able to control web contents of
our users.
Before I started working for my present
company, they used to use a small (for home
use :) ) Linksys router. The main problem of
Linksys was the limitation of firewall rules of up
to 50 entries. I suggested using a main
firewall/router because it has professional
functions, has no limitation, and it's for free.

service provider:
We are making use of the VDOM feature to
segregate the traffic, and apply policy to control
that traffic.
Finally there is a UTM Fortinet. It has given me
complete oversight of my network in a
centralized fashion, so I know what is going on
at all times. It provides me with a solution that
can automatically take control of situations when
they arise, with the most intuitive interface. It
stops you needing to be on the phone to tech
support, or a local vendor, for days on end.
Analyst347, Network Support Analyst at a non-tech
Fortigate 300c is a very robust product, unlike
Cisco ASA Firewall, you have already the web
gui interface inside the device. Although they the
same concept. Fortigate 300c has one of the
easiest gui configuration compared to ASA
Firewall, where you can lose your way.
It can block applications in level 7. Even though
other companies have latest-generation
firewalls, FortiGate’s database is bigger.
1000 employees:
It was used in a school network, so it kind of
helped in preventing staff and students from
getting carried away with their browsing.
Reduced the cost of our firewall solution
Enhanced throughput compared with similar
priced devices Stability Reliability
It's made us more productive.
We like it mostly for being able to use BSD
compiled software inside it. It is flexible, fast,
powerful and full of features, such as an easy
proxy filter, and clustering along with an easy
and well developed web based interface.
SysEng433, Professional Internship - System Engineer at
It provided us with better security.
Sait Fırat Nemiş, IT Chief at a construction company with
1000+ employees:
Network security and speed have both
improved.
pfSense made my life easier for controlling users
and their bandwidth. My internet is not misused
anymore.

It's good for what it is. I could achieve the same
results with a pfSense firewall. This one just
comes in a nice hardware package.
Routing and security policies, central
management and all of the other features help
us to improve network performance and
implement organization policies.
It provides real security for business customers.
consulting company:
It’s much easier to share administration tasks
with more people. Due to the flexibility and
ease of certain features, I can delegate more
simple and routine tasks to other administrators
and I don’t have to be the “Firewall” guy all the
time.
employees:
It has a better processor than CheckPoint.
In many organizations it helps to come up with
the requirements of proxy servers, defining
network traffic and the amount of bandwidth for
any network object or specified user(s). It has
also provided us with security compatibility with
other network devices such as IP cameras, the
video conferencing system, VOIP phones. It
also logs & reports on individual users network
activities.
The organization relies on pfSense for DHCP,
and remote users may access it on a local
network via VPN.
It is free of charge. I am living in country where
this is not so important yet, as no one controls
the licenses of software. However, our company
tries to look forward and prevent issues that may
happen in the future. So it being free, and easy
to configure, are the benefits for us.
Before using pfSense: I always had problems
with internet connection for users I had no idea
what users were downloading and, therefore,
what was killing the internet connection I did not
have not statistics on the quality and stability of
the internet To get a VPN I had use a pay
software that offered lower performance than I
have now
pfSense software was designed to be a
customizable platform that can be hardware
agnostic. This allows the engineer to meet the
needs of a project with a device that's got the
right I/O and specifications, and then customize
the pfSense settings to their needs. So power
consumption and less hardware requirement
can save our money!

It's the only security product in place that is
responsible for guarding the network
infrastructure deployed within the premises. The
product has lived up to its expectation with no
issues whatsoever.
We went from being terrified about our firewalls
screwing up to completely forgetting we had
firewalls. I slept better and so did my manager.
I replaced my core router with a Fortigate
appliance and it is performing inter-VLAN
routing. I removed manual proxies and used
transparent proxy using Fortigate security
profiles, and implemented traffic shaping, web
filter, application control, IPS and anti-virus. All
the servers are protected by Fortigate security
profiles.
We have been able to gain control of our
bandwidth and improve our web security.
It was very useful for our DHCP network
(guests) and web browsing filtering.
It has enhanced our organization because of its
versatility. It doesn't need expensive hardware
to build a robust firewall, therefore, providing a
saving on cost. Also, its reliability is quite
remarkable which allows IT to focus on other
tasks, and how efficiently it manages our WAN
traffic.
It has provided us with a low cost security
solution using a quality router at a fraction of the
cost of our previous solution.
ProgramMgr801, Technical Program Manager at a
Critical network infrastructure has improved.
100-1000 employees:
It has provided us with secure internet browsing
and a strong monitoring ability.

WHAT REAL USERS
ARE SAYING...
"The FortiGate security
appliances. UTM security
in a single device, good
administrative interface
and performances."
"For price criteria, Fortinet
wins over competitors.
That being said, certain
areas of the product need
improvement"
"Security has been
increased but the licensing
fees could be lower."
"The projects' initial costs
were high but right now we
can do most things, and
the only costs now are the
annual license fees."
"The most valuable
features for us are VPN,
WebFilter, and Firewall."
"Controlling and tracing
with web console works
nicely for windows
systems, but for Linux, only
IP can be obtained."
FORTINET FORTIGATE REVIEW BY A REAL USER
Fabrizio Volpe Verified by IT Central Station
IT Administrator at a financial services firm with 100-1000
employees
First things
first
Talking about FortiGate from Fortinet we are talking
about a family of UTM (Unified
Threat Management) appliances.
This means: FortiGate is a term that includes a wide range of products,
starting from small ones dedicated to small offices, and growing up to devices
that are able to grant security and networking for really big companies. The
family includes
physical devices and
virtual machines
, which grant network security on different layers using a
single point of control. FortiGate is
optimized
to avoid bottlenecks or delays while the various controls are performed.
High availability
is also part of the available
features, with different solutions to avoid single points of failure.
In the short list that follows, I will try to list
some interesting points about the FortiGate solution.
1. Administrative

Interface
If you are experienced with network security
management, you know that usually this kind of activity requires to interact
with many different software and hardware coming from disparate vendors. In the
aforementioned scenario, it is normal to have frequent updates to apply on the
various products
and to watch more than one monitoring
tool to keep track of security events. The FortiGate solution includes all the
controls you could expect using a patchwork of security products in a single
device with a
single
administrative interface
. It is your
switch, your router, your
firewall
, your VPN hub, your antivirus, your
antispam, your proxy and your end-point security solution all in one.
If you define a network object or group for
firewalling purposes, it will be available also to define antivirus rules or
Internet browsing policies. There are two administrative interfaces:
·
Web-based manager
(a graphical interface usable
through an web browser)
·

CLI
(a command line interface)
A strong point of a FortiGate is the fact that the
graphical interface is complete and easy to use (especially if we think to the
list of operations that we are able to perform inside).
Again, if you have used appliances or firewalls coming
from other vendors, you know that often you have to use a not-so-friendly
command lines to obtain the exact result that you need. Talking about FortiGate,
you will use the CLI seldom and only for the most “exotic” features.
2. UTM the
Fortinet way
Unified Threat Management may be complex to manage,
because you work on different protocols, at different layers and with disparate
threats to consider. In a FortiGate you can think to have three great layers:
·
Networking
services
(switching and routing, both static and dynamic)
·
Network
security services
(firewalling, secure VPN connection, intrusion
detection and endpoint security)
·
Application

security services
(spam and virus controls, web filtering, application
control and data leak prevention)
As long as you pay (and renew as it expires) the
“bundle” license, you have all the aforementioned features available including
the updates for signatures and definitions, coming to your appliance directly
from Fortinet. I am not saying that you have to use all the available controls,
but you are able to turn them on and off “on-demand” so you could start with a
simple configuration and add control layers when you feel more comfortable.
3. Virtual
Domains
One of the available features include the capability
of a FortiGate to support many
Virtual
Domains
(
VDOMs
). VDOMs enable
you to grant access to different companies with different administrators on the
same physical unit. Each one of them will be able to keep his/her specific
configuration with no impact on the others. What you are doing here is creating
“virtual units”, keeping on a “root domain” that is used to manage the virtual
domains. VDOMs add a lot of flexibility to the solutions you are able to plan
using FortiGate
4

. High
Availability and Resiliency
There
are four different ways to make a FortiGate unit high available. You could use
a traditional “cluster” design with two or more units
FortiGate Cluster Protocol (FGCP)
, a solutions with an external
load balancer
FortiGate Session Life
Support Protocol (FGSP)
, a layer 3 resiliency solution like
Virtual Router Redundancy Protocol (VRRP)
or a layer 2 solution like
Fortinet
Redundant UTM Protocol (FRUP)
. Here we have (again) a great deal of
flexibility to design the best solution for our company’s needs.
5
. The Dark
Side of the Moon
It would be not fair to review a product omitting the
negative points. Talking about FortiGate, the main complain I have heard is
about the technical support. My personal experience is the same of many people
that are not happy with this aspect of the service offered from Fortinet. Often
your problem is diverted to local partners and I have to say that I had mixed results

with them. While some partners are professional, many are not skilled enough
and have costs that are not equivalent to their quality. I know that there is
the same issue with other vendors too but that is not an excuse. As long as
Fortinet support sends me to a local reseller or partner, from my point of
view, they are taking responsibility for their capability too.

ProjMan8210 Verified by IT Central Station
Project Manager at a tech vendor with 1000+ employees
Valuable Features:
Performances
VDOM
UTM
Consolidated Management
FortiGuard
Improvements to My Organization:
Endpoint control of mobile devices with Security Profiles compliancy checking,
captive portal redirection, Antivirus, IPS and Web Filtering enabled on outgoing
traffic (coupled to FortiClient solution)
Identity-based policies used to authenticated and profile users and guests whatever
the media used to access the network (ie. Wired and WiFi)
Dynamic BGP routes injections to divert traffic requiring UTM inspection or DDOS
mitigation
Two-Factor Authentication VPN SSL for itinerant users (coupled to FortiToken
solution)
Active/Active cluster load-balancing http/https traffic
GTP tunnels inspections over GPRS backbones for pure-player telco operators
Distributed WiFi infrastructure with UTM enabled and managed from the central
console like signatures and firmware updates
Classical IP/IPv6 Firewall with consolidated-management
Room for Improvement:
Fix all pending bugs present in 5.0.x branch
Improve the testing process of newly published firmware like using real and
representative configurations submitted to consequent traffic load during a while
Support SNMPv3 INFORM requests

Uniform the scheduled backup between FortiGate, FortiManager and FortiAnalyzer
Integrate graphical troubleshoot tools for policies based on devices or user
identities
Use of Solution:
4.5 years
Deployment Issues:
Some few non-blocking bugs present in the latest release and which are now
solved.
In the past I encountered serious bug regarding SCTP and GTP supports. Fortinet
helped me to qualify the bug, implement a temporary workaround and then
published appropriate patches rapidly.
Stability Issues:
No. I always used the latest qualified-stable firmware recommended by Fortinet and
check by own testing methods the stability of HW and SW before deploying
anything into customer premises.
Scalability Issues:
With design and dimensioning parts well achieved I never encountered scalability
issue. However it happened I had to troubleshoot some slowness and latency
issues on existing projects already running live. Most of the time they were due to
some design issues and non-optimized configurations like for instance “in” and
“out” ports not handled by the same NP, policy rules non-optimized and non-used
features enabled.
Customer Service:
Very good.
Technical Support:
Very good.
Previous Solutions:
CISCO ASA: Too expensive, performances issues, non-consolidated management
between traditional ASA and inspection ASA CX, not the best security engines
Checkpoint: Very expensive but good solutions, not the leader in UTM segment
Juniper: Expensive but good solutions, not the leader in UTM segment

Cyrberoam: Attractive prices but not yet tested, looks like promising
Arkoon/Netasq: Obsoletes (Stormshield not yet tested)
Initial Setup:
It was quite simple if you have at least a minimum of experiment with Firewalls
integration. It is now even simpler thanks to the FortiExplorer application.
Implementation Team:
In-house.
Other Solutions Considered:
Taking into account the price criteria, nowadays Fortinet always wins offers in front
of competitors like CISCO and Checkpoint. Mixing this key-point with other
success keys like UTM features and performances.
Other Advice:
Contact Fortinet or Fortinet’s partner and ask for a POC.

Marcin Wojcik Verified by IT Central Station
Senior NetOps Engineer at a tech services company with
1-100 employees
Valuable Features:
GUI
Flexibility
Easy to configure
UTM
Option to control application = increased productivity
Data leak prevention = increased security
Anti-virus & IPS = increased security
I'm happy with the product, however the licensing fees could be lower.
Use of Solution:
I've used it for six years.
Stability Issues:
No issues encountered.
Scalability Issues:
There is a specific way of deploying a Fortigate product, and the scalability is
related to the new unit deployment so there are no problems here. If you need more
power/space, you just have to add a new box.
Customer Service:
It's very good, I've never had any problems with customer service.

Technical Support:
It's very good, I've never had any problems with technical support.
Previous Solutions:
I was using Cisco ASA, and I switched due to a lack of features (e.g. poor SSL
VPN support).
Initial Setup:
It's a very simple setup as everything is well documented online and via the
Fortigate channel on YouTube. Also, I posses a large amount of knowledge gained
during the years that has helped me to deploy all my solutions. Even from the the
beginning, it was easy as Fortigate has a great GUI and good online help,
We did an in-house implementation, with no third party involvement.
ROI:
The product is deployed as part of, and an add-on to, the MPLS solution for the
majority of my customers. There is no ROI as this is not the major expectation, as
the ROI is coming from the whole solution, not just this product.
Cost and Licensing Advice:
All the costs are for the annual licenses. The cost of the original deployment fell
below £5,000, and licenses are priced at around £3,000.
We considered Cisco, however we decided to go with Fortigate as it provides a
good set of the features for the price paid,
Other Advice:
Enjoy it. The product is easy to implement, easy to manage, and easy to develop
and grow.

Renato Pereira Verified by IT Central Station
Owner at a tech consulting company with 1-100 employees
Valuable Features:
Active Directory integration
QOS
Balance/Fail-over
Web filtering and protection with AV engine
WiFi network for visitors isolated from our corporate WiFi network using only one
unit
After the implementation we stopped internet disruptions and abuse by users.
Everything needs to be improved, but they have improvements with each new
version.
Use of Solution:
We've been using Fortinet products since 2009. Alongside FortiGate. we also use
FortiAnalyzer 10C and FortiWiFi 40C & 50B.
Deployment Issues:
Yes, a misunderstanding of the environment and misconfiguration of the unit. After
reviewing it all, everything has been working fine for years.
Stability Issues:
It works as defined and expected.
Scalability Issues:
We have the ability to expand our units and there have been no issues so far.
Customer Service:
It's the best I have experienced.

Technical Support:
It's the best I have experienced.
Previous Solutions:
Previously, we used Linux distributions, and we changed due to its limitations and
our company expansion.
Initial Setup:
It's straightforward. You just need to understand the concept, and how to apply it.
We used an external company and they had a good amount of knowledge.
ROI:
We have never stopped to calculate it, but we cannot describe how good we feel
since we no longer face issues with the internet.
The projects' initial costs were high but right now we can do most things, and the
only costs now are the annual license fees.
We also looked at BlueCoat.
Other Advice:
Feel free to ask me questions about Fortinet.

WHAT REAL USERS
ARE SAYING...
"We've found multiple
features, such as multi-
WAN capability and
dynamic DNS, valuable,
but the load balancing of
multiple networks could be
improved."
"There aren't any
deployment issues unless
there are some complex
configurations."
"It has the ability to do
what other firewalls seem
to fail at however, some of
the available plug-ins that
work very well on older
pfSense versions, actually
break the newer ones."
"There's no expensive
licensing costs, which
helps us save money."
"The web UI gives you an
overview of everything you
want to see."
"The load-balancer
function support multiple
servers, load balancing
two gateways on the same
tier. However, the firewall
could be improved."
PFSENSE REVIEW BY A REAL USER
Muhammad Ikram Verified by IT Central Station
Network and Transmission Engineer at a tech services
company
Valuable Features:
Firewall
State Table
Network Address Translation (NAT)
High Availability
Multi-WAN
Server Load Balancing
Virtual Private Network (VPN)
PPPoE Server
Reporting and Monitoring Applications
Dynamic DNS
Captive Portal
DHCP Server and Relay
The reporting and monitoring applications improve our organization.
Load balancing of multiple networks
Use of Solution:
3 Year

Deployment Issues:
Compatibility Issues
Stability Issues:
None
Scalability Issues:
None
Customer Service:
None
Technical Support:
Excellent
Previous Solutions:
Yes
Initial Setup:
Simplest
Extraordinary
pfSense software has the flexibility to integrate into wide area on a worldwide range
of hardware. Among all monitoring and firewalls application. I haven't see powerful
tools like PfSense.

Anis Megdiche Verified by IT Central Station
Senior Technology Consultant Cosmocall/Microsoft at a
tech services company
Valuable Features:
Port routing policies
Load balancing
Clustering
We've been able to get call center traffic optimisation over multiple WAN and
Point2Point Connections with a failover policy. The call center has different types
of traffic (VoIP, Internet, Stream etc.) and every kind of traffic has its own policy.
For example VoIP needs to be have high availability & a priority to maintain a non-
stop custom service, while that of internet traffic can be lowered in priority and even
cut when some WANs are unavailable to prioritize VoIP. I think that having this kind
of complex configuration & tunning with a robust open solution, is a good value.
Use of Solution:
v0.x for three years
v1.x for two years
v2.x for three years
Deployment Issues:
There have been no deployment issues since v0.x.
Stability Issues:
Yes, sometimes there are issues if there are some complex configurations. When
working with load balancing ADSL modems, I've noticed that pfSense "fools" the
modem and it becomes unresponsive until it is restarted. This issue doesn't affect
pfSense, but it is the root cause of a hung ADSL modem.
Scalability Issues:
No issues encountered.

Customer Service:
I've never used them.
Technical Support:
I've never used them.
Previous Solutions:
No previous solution was used.
Initial Setup:
The initial setup is easy. This is because the pfSense setup is like a Windows
installation (wizards, choose option, click next etc.) unlike some others.
We implemented it in-house.

Myles Blackwood Verified by IT Central Station
Corporate Trainer / Systems Administrator at a software
R&D company with 1-100 employees
Valuable Features:
Reliable
Easily configurable
Awesome plug-ins
Very low maintenance
This product has allowed my current employer the ability to do what other
firewalls
seem to fail at, providing a reliable and secure point for allowing SIP traffic to pass.
Training other admins how to use the features, and also creating custom user levels
for various parts of access within the system has never been easier.
Some of the available plug-ins that work very well on older versions, and actually
break the newer versions. If using a newer version of the software, then the list of
available plug-ins should only list those capable/known to work with the version that
you are running. Outside of that- it is a rock-solid firewall, now with support.
Use of Solution:
I have used this product for a very long time, over 10 years.
Deployment Issues:
I have had very very few minor glitches in upgrading the product over the years.
Most recently, I had the WAN side DNS change to default values. This is not a
huge deal, but it took a little while to figure out why the external services were
suddenly failing.
Stability Issues:
Stability is not a concern. I've enabled the HA features, and spread them across
multiple ESXi hosts. The only thing that could take down my network, would be a
lack of power to the hosts, or all of my ISP tanks at the same time.

Scalability Issues:
I've had no issues. I am using this on multiple sites, with reliable VPN tunnels and
the traffic seems to remain a constant.
Customer Service:
I have generally only used the forums. In fact, I don't recall *ever* using customer
service, but that's only because this product rocks.
Technical Support:
I have generally only used the forums. In fact, I don't recall *ever* using Technical
Support, but that's only because this product rocks.
Previous Solutions:
I have merged pfSense with other products, but I have never chosen another
product over pfSense unless I was unable to convince my client that free doesn't
mean shoddy.
Initial Setup:
The initial setup has gotten to be much more streamlined. I think that for the
average home user experimenting with networks, this *might* be a *little* hard to
figure out at first, but the overall setup is generally a breeze. There shouldn't be any
reason that someone can't figure it out in more than 15 minutes a BASE installation
and network configuration.
I implemented it myself.
ROI:
It's very high. I have replaced high-end Cisco, Juniper and Sonicwall systems with
pfSense on very low-scale machines, and VMs. I have also created networks that
are far more complex than any of those are capable of handling without some sort
of annual license costing thousands of dollars.
My original setup cost was US$40 for a used x86 Pentium 2 machine, purchased
through Boeing Surplus, and additional US$20 ($10 x 2) for two additional NICs to
run LAN and OPT1 networks. So, $60 total for self-installation of pfSense v1.1.

I looked at low-end Cisco/Linksys devices for physical hardware, and I played
around with a variety of free *nix based installations including customized IPTables,
IPCop, SmoothWall, and Enodian.
Other Advice:
If you want reliable, highly-customizable, and rock solid firewall, do not hesitate for
one second to install/purchase this product.

John Crabtree Verified by IT Central Station
Head of Operations at a tech services company with 1-100
employees
Valuable Features:
Flexibility is the most valuable feature for us.
There's no expensive licensing costs, which helps us save money.
Also, its capacity and functionalities are great for our needs.
Whenever a new version rolls out, there are hidden bugs. That's why we normally
run a version behind for a little while before rolling into the current build.
Deployment Issues:
We've had no issues with deployment.
Stability Issues:
We've had no issues with stability.

Fortinet FortiGate and pfSense Alternatives
VENDOR (BY RANKING) SOLUTION
Cisco Cisco ASA
Rating: 8.14
(34 reviews)
Fortinet Fortinet FortiGate
Rating: 8.0
(25 reviews)
pfSense pfSense
Rating: 8.64
(24 reviews)
WatchGuard WatchGuard XTM
Rating: 7.88
(19 reviews)
Sophos Sophos UTM
Rating: 8.22
(14 reviews)
Sophos Sophos Cyberoam UTM
Rating: 7.62
(9 reviews)
Check Point Check Point UTM-1
Rating: 8.8
(7 reviews)
Dell Dell SonicWALL TZ
Rating: 7.84
(6 reviews)
Palo Alto Networks Palo Alto Networks WildFire
Rating: 8.0
(6 reviews)
Barracuda Networks Barracuda Networks NG Firewall
Rating: 8.26
(5 reviews)
Intel Security Intel Security Firewall Enterprise MFE
Rating: 8.0
(4 reviews)
Juniper Juniper SRX
Rating: 8.0
(4 reviews)
Cisco Meraki MX Firewalls
Rating: 9.66
(4 reviews)
Check Point Check Point VSX
Rating: 9.0
(2 reviews)
Cisco Cisco Sourcefire Firewalls
Rating: 8.0
(3 reviews)
Intel Security Intel Security StoneGate
Rating: 7.0
(3 reviews)
NETASQ NETASQ Firewalls
Rating: 7.34
(3 reviews)
Check Point Check Point Power-1
Dell Dell SonicWALL NSA
Rating: 8.0
(1 review)
Kerio Kerio Control
Rating: 9.0
(1 review)

Sophos Sophos XG
Rating: 9.0
(1 review)
Zscaler Zscaler Web Security
Rating: 8.0
(1 review)
Hewlett Packard Enterprise 3Com H3C Firewall
Check Point Check Point VPN-1
Trustwave Trustwave Firewalls

Top Firewalls Vendors
Over 163,431 professionals have used IT Central Station research on enterprise tech. Here are the top
Firewalls vendors based on product reviews, ratings, and comparisons. All reviews and ratings are from
real users, validated by our triple authentication process.
1. Fortinet FortiGate
101061 Views
71328 Comparisons
21 Reviews
4616 Followers
Average Rating: 8.3
2. Cisco ASA
66986 Views
48097 Comparisons
31 Reviews
4634 Followers
Average Rating: 8.1
3. pfSense
36022 Views
26295 Comparisons
24 Reviews
3788 Followers
Average Rating: 8.6
4. Sophos UTM
45179 Views
30608 Comparisons
13 Reviews
2952 Followers
Average Rating: 8.2
5. Palo Alto Networks
WildFire
38011 Views
29887 Comparisons
5 Reviews
4201 Followers
Average Rating: 7.8
6. Sophos Cyberoam UTM
32857 Views
26326 Comparisons
9 Reviews
3896 Followers
Average Rating: 7.6

7. WatchGuard XTM
19539 Views
14250 Comparisons
19 Reviews
2665 Followers
Average Rating: 7.9
8. Dell SonicWALL TZ
15007 Views
12280 Comparisons
6 Reviews
2935 Followers
Average Rating: 7.8
9. Check Point UTM-1
5866 Views
4498 Comparisons
7 Reviews
2624 Followers
Average Rating: 8.8
10. Cisco Sourcefire
Firewalls
9891 Views
6337 Comparisons
3 Reviews
3100 Followers
Average Rating: 8.0
11. Meraki MX Firewalls
8651 Views
6926 Comparisons
4 Reviews
1520 Followers
Average Rating: 9.7
12. Juniper SRX
9935 Views
8539 Comparisons
4 Reviews
2640 Followers
Average Rating: 8.0
13. Barracuda Networks
NG Firewall
7630 Views
4842 Comparisons
5 Reviews
2599 Followers
Average Rating: 8.3

14. Check Point VSX
7276 Views
6280 Comparisons
1 Reviews
2602 Followers
Average Rating: 8.0
15. Intel Security Firewall
Enterprise MFE
1127 Views
416 Comparisons
4 Reviews
2583 Followers
Average Rating: 8.0
16. NETASQ Firewalls
2764 Views
1920 Comparisons
3 Reviews
2581 Followers
Average Rating: 7.3
17. Zscaler Web Security
6145 Views
4737 Comparisons
1 Reviews
1940 Followers
Average Rating: 8.0
18. Intel Security
StoneGate
2211 Views
1668 Comparisons
3 Reviews
2580 Followers
Average Rating: 7.0
19. Kerio Control
1123 Views
825 Comparisons
1 Reviews
288 Followers
Average Rating: 9.0
20. Sophos XG
937 Views
424 Comparisons
1 Reviews
225 Followers
Average Rating: 9.0

21. Dell SonicWALL NSA
980 Views
832 Comparisons
1 Reviews
299 Followers
Average Rating: 8.0
22. Check Point Power-1
1111 Views
834 Comparisons
0 Reviews
2588 Followers
Average Rating: 0.0
23. Check Point VPN-1
722 Views
598 Comparisons
0 Reviews
2597 Followers
Average Rating: 0.0
24. Trustwave Firewalls
718 Views
554 Comparisons
0 Reviews
2582 Followers
Average Rating: 0.0
25. 3Com H3C Firewall
578 Views
344 Comparisons
0 Reviews
2581 Followers
Average Rating: 0.0
Chart Key
Views: Number of total page views
Comparisons: Number of times compared to another product
Reviews: Total number of reviews on IT Central Station
Followers: Number of followers on IT Central Station
Average Rating: Average rating based on reviews
The total ranking of a product (i.e. bar length) is based on a weighted aggregate ranking of that product's Views (weighting
factor = 17.5%), Comparisons (17.5%), Reviews (17.5%), Followers (17.5%), and Average Rating (30%). Reviews and
ratings that are more than 24 months old, as well as those by resellers, are excluded from the rankings. For each ranking
factor, the score (i.e. bar segment length) is calculated as a product of the weighting factor and its position for that ranking
factor. For example, if a product has 80% of the number of reviews compared to the product with the most reviews in its
category, then the product's bar length for reviews would be 17.5% (weighting factor) * 80%.© 2016 IT Central Station Reproduction Prohibited

TOP 5
Based on Views
101061 Fortinet FortiGate
66986 Cisco ASA
45179 Sophos UTM
38011 Palo Alto Networks WildFire
36022 pfSense
TOP 5
Based on Views of Comparisons
48097 Cisco ASA
30608 Sophos UTM
26326 Sophos Cyberoam UTM
TOP 5
Based on Followers
4634 Cisco ASA
3896 Sophos Cyberoam UTM
3788 pfSense
TOP 5
Based on Rating
8.8 Check Point UTM-1
8.6 pfSense
8.3 Fortinet FortiGate
8.3 Barracuda Networks NG Firewall
8.2 Sophos UTM

Join the IT Central Station Community
This report features just a few of the Firewalls reviews on IT Central Station. If you would like to read
more about what real users are saying about the many Firewalls solutions on the market, visit the
Firewalls page at IT Central Station:
http://www.itcentralstation.com/category/firewalls
There are a number of ways you can participate in the IT Central Station community. Write a review,
read a comment, or just follow a product. Either way, we’ll be sure to let you know when people are
talking about the solutions you care about!
Give to Get
Did you find this whitepaper helpful? At IT Central Station, our philosophy is “Give to Get”. Our active
community and unbiased reviews are made possible by your participation and as such, we ask that you
share your expertise with us as well. Please expect to be contacted shortly by an IT Central Station
Community Manager. We will ask you for 10 minutes of your time to review a product that you use either
via a 10 minute phone interview or questionnaire. You can choose to review anonymously or not and
your company name will not be included in the review.
If you found this report and/or the reviews on IT Central Station useful, we would greatly appreciate your
participation in giving back to our community.

Fortinet forti gate_vs._pfsense_report_from_it_central_station_2016-09-05

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (16)

Similar to Fortinet forti gate_vs._pfsense_report_from_it_central_station_2016-09-05

Similar to Fortinet forti gate_vs._pfsense_report_from_it_central_station_2016-09-05 (20)

More from Ivan Carmona

More from Ivan Carmona (7)

Recently uploaded

Recently uploaded (20)

Fortinet forti gate_vs._pfsense_report_from_it_central_station_2016-09-05