Anyone out there using fortinet products

Anyone out there using Fortinet products?  Looking to bring the products in and was wondering what typical config times look like for a small business on average.
securitylockAsked:
Who is Participating?
 
btanConnect With a Mentor Exec ConsultantCommented:
Fortinet belongs to the market of the Unified Threat Mgmt (UTM) which is a close "brother" to the Next Gen FW (NGFW). Not to confuse, the whole objective is to make sure traditional FW  approach using port based filter need more deeper content inspection and contextual intelligence hence the two technology becomes more popular.

Fortinet carries a "suite" namely in fortigate (UTM), fortiweb (web app FW), fortiGuard (database)  etc and key is the running of their FortiOS engine in those appliance...Gartner has a MQ 2014 evaluation weighting for Enterprise Network Firewalls features on the selected provider and include Fortinet, good to check out. http://www.bradreese.com/blog/5-29-2014.pdf

But do note that all-in-one or unified threat management (UTM) products are suitable for small or midsize businesses
 (SMBs), but not for the enterprise. Fortinet is most of time competitve in the management of multiple of FW and low pricing but largely customer is still feeling edgy on the aspect of cost effectiveness and value for money..Nonetheless, it is shared to be well-suited to deployments, such as in carriers, data centers, service providers and distributed enterprises (for example, retail and franchises).

Sidenote - Although there is need to further enable these FW in more visibility into the use of application awareness (a form of context awareness) provided as well as deep packet inspection techniques to permit valid (authorized) applications and deny everything else as default, performance should not waver due to scaling up capability and eventually becomes single point of failure...

Some key capabilities that you should seek vendor on how they can achieve below.
■ Real-time detection and application content awareness engine.
■ Signature-based and "Signatureless" techniques for deep inspection and filtering.
■ Careful tuning without depending too much on knowledgeable staff to avoid false positives.
■ Monitor traffic from off-network mobile endpoints.
0
 
SandyCommented:
What exactly your needs ? IPS/ IDS/ Network Antivirus/ DLP what ?

they are good in all these..

Ty/SA
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.