Educause Security Discussion mailing list archives

Re: Fortigate Appliance

From: Jim Kieley <Jim.Kieley () LLS EDU>
Date: Thu, 27 Nov 2008 10:04:58 -0800

We've used Fortigate (FG), various Cisco security products, and now are
semi-committed to migrating to Tipping Point.  The Fortigate is somewhat
different in that it tries to be an all-in-one box that can be used as a
firewall, VPN gateway, anti-virus filter, IPS, web filter, anti-spam
system, etc.  Some of these features require extra licensing.  One
device is not going to be best of breed for all of these various
functions, so we've only used a Fortigate as a firewall and IPS.  The
Fortigate GUI interface is well laid out, but configuration methods are
a little quirky for someone coming from a Cisco background.  To be noted
is that usable reporting is not part of the FG base appliance.

My biggest complaint w/ Fortigate has been their support program.  In
particular, they  have a policy where they will not ship out a
replacement unit until they receive the unit having problems.  Not only
does this result in replacement delays, but it also means that a unit
which is "acting up but still functional" can't be used until a
replacement is received.  A workaround may be to have redundancy, but
for us the maintenance contract costs precluded this.

If you are seriously interested in FG as an Enterprise solution, my
recommendation is to purchase one of their low-end units for field
testing.  The functionality is pretty much the same (although less
granular).

Jim Kieley
LLS

Allan Nelson wrote:

Hello:

We at the University of Trinidad and Tobago are in the process of
evaluating Fortinet's Fortigate security appliance. I would like to know
if other Universities are using this particular appliance and what are
your comments from experience on this effectiveness.  We have looked at
Gartner who has it highly rated and the Fortinet website cites a number
of Universities (http://www.fortinet.com/solutions/education.html) who
have deployed this solution.  Any and all comments would be greatly
appreciated. Thanks in advance.

Allan Nelson
UTT
allan.nelson () utt edu tt

Current thread:

Fortigate Appliance Allan Nelson (Nov 27)
- <Possible follow-ups>
- Re: Fortigate Appliance David Boyer (Nov 27)
- Re: Fortigate Appliance Jim Kieley (Nov 27)
- Re: Fortigate Appliance Mark Rogowski (Nov 27)