FortiNet FortiGate is a firewall option with high integrability. It offers a variety of deployment options and next-gen firewall capabilities, including integration with IaaS cloud platforms and public cloud environments.
N/A
HAProxy Community Edition
Score 9.3 out of 10
N/A
HAProxy Community Edition is a free, open source reverse-proxy offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is presented as suited for very high traffic web sites.
$0
Pricing
Fortinet FortiGate
HAProxy Community Edition
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
FortiGate
HAProxy Community Edition
Free Trial
Yes
No
Free/Freemium Version
No
Yes
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
FortiGate pricing starts at $250 for home office use, up to $300,000 for large enterprise appliances.
Must contact sales team for pricing.
For FortiGate Firewall, the basic functionality and requirement is met easily as Fortigate is among market leaders in NGFW. There are some extra points that inclined us to use Fortigate as our main Firewall. [Fortinet]Fortigate has a very well refined and functional SD-WAN solution when it comes to load balancing for normal Internet Traffic. SD-WAN - Load balancing of Internet traffic is a USP of Fortigate and makes it stand tall in the competition. Be it 3 or more Internet Links, multiple Subnets/segments of users to distribute and bandwidth load balancing for links and users. SLA based monitoring of Internet Links / MPLS links, makes it even better to choose the links on the basis of performance (Latency, packet loss, Jitter etc). SSL VPN configuration - The deep CLI-level debugging is also very helpful in troubleshooting. Type of tunnel can be easily configured - Full Tunnel or Split Tunnel for SSL. Though, I think Fortigate is one of the best options for small and mid-sized organizations, there are some areas for improvement. First, the CLI interface is very hard to adapt as the commands and directory hierarchy is very different for common syntax and standards.
It prevents a single server failure from being a downtime event by adding redundancy to every layer of your architecture. A load balancer facilitates redundancy for the backend layer (web/app servers), but for a true high availability setup, you need to have redundant load balancers as well. So it is well suited for all production related servers and less suited for individual servers that do not require redundancy.
When we switched to Fortinet Fortigate, it took some time getting used to and become familiar with the new interface. Being used to strictly command-line interfaces, a full GUI-based firewall was something brand new. Careful planning had to be done when creating rules to ensure we didn't miss anything. However, once we got used to the new GUI interface, going from one Fortinet product to another was simple, as Fortinet used the same interface for all of its devices.
A few, rare times each year, HAProxy CPU utilization spikes to 100% and server has to be rebooted - this may be related to HAProxy OR it could be an external factor causing this.
Fortinet's products have kept improving with new software releases and they continue to deliver great value. Their support is also very good. I believe that as a small enterprise, their products have given us competitive advantage delivering features and functionality that enable us to innovate and do things better. They also continue to be a leader in the markets they serve.
The user interface shared among many simultaneous users is very easy to get around. With shared favorites among users, most tasks are easily bookmarked and can quickly be found and edited. Their strategy for web filter integration is easy to understand and manage as well. With some general direction, setup and maintenance were easy to do and easy to teach others in the organization to do as well.
It is very easy to use. I was able to find a lot of documents for it on the internet. Very good community support. There are lots of examples available to try. We mostly use a command-line user interface to interact with it. The CLI is also super easy to use and very easy to interact with
We live in Turkey. Fortinet's Turkey office [dealt] constantly with us in our every problem or our experience. In addition, global support teams also supported every ticket we opened in every problem we encountered. They support innovative approaches and evaluate and offer solutions. In this context, they were very supportive of the problems we encountered in previous versions.
We haven't used customer support. We mostly used the community version. We build a multi-node HAProxy cluster with HA to the proxy itself using opensource plugins available. With the support available on the internet and the documents available we don't need to use much customer support.
[Fortinet] FortiGate is not only cost effective but it gives the comprehensive security against the APT attacks and gives the complete traffic visibility and granular control. You can easily create the VDOMs (Virtual firewall) within a Fortigate firewall and customize the dashboard as per your requirement if you have multiple VDOMs within a single firewall.
We chose HA Proxy because it is cheaper than a hardware balancer, it is an open-source solution with a large community behind it and with constant updates. It also allows custom scripts according to needs.HA Proxy is a solution used in many internet sites like GitHub, Reddit, Twitter, and Tuenti.
Fortigates have an interesting bundle model for support and subscription services that make it an attractive option to deploy Firewall, IDS, Ant-virus, anti-SPAM in a single device. The cost of the bundle is pretty much what you pay for the device, not requiring huge expenditures on it's time to renew the hardware.
Significantly lower investment vs competitors. In the case of F5s we have Virtual Editions so we're paying for the hardware to run it on top of the several thousand dollar licenses that are required for each pair and we currently have a pair of F5s per client so there's a huge potential for cost savings there.
Requires our network engineers to learn a new skill or our Systems engineers to take on the responsibility of managing the load balancers. It's not a huge difference either way, but it does impact the way we have done business in the past.