We performed a comparison between Fortinet FortiGate and Zscaler Internet Access based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Some of the key features of the solution is that it has good reporting, you can receive many details from the connection, for example, clients and website information."
"The web tutor and automatic rules by schedule are good features."
"FortiGate has a strong security topic which allows all of the Fortinet devices to communicate and share information which makes their security more powerful."
"Fortinet FortiGate is easy to use. Anyone can easily maintain it."
"It's an easy solution to set up."
"The solution is easy to configure and maintain remotely."
"I like Fortinet's cloud management. It allows me to manage all my devices in different branches for three cloud accounts. Even though I use on-prem devices, I can manage everything on the cloud."
"I appreciate FortiGate's flexibility, which allows for centralized management through FortiManager."
"The security is excellent."
"We don't have to buy equipment to use it. And when our engineers set it up on our side, we just configured a few settings and we were in."
"The initial setup was straightforward. The biggest thing for us was to build our own policies. The deployment itself was only a few hours."
"The URL filtering has been the most valuable feature."
"I like the granularity of the control of all the traffic, including SSL inspection. I also like the fact that the user interface is intuitive. The latencies with Zscaler are minimal compared to those of any other competitor. Other competitors do not really have the global scale that Zscaler has and cannot promise low latencies."
"The VPN is valuable, as the whole technology is very different from a traditional VPN."
"After a proper implementation, the maintenance is very low."
"The solution offers a distributed organization to master and to control all of the endpoints."
"The biggest "gotcha" is that if the client purchases what they call the UTM shared bundle, which has unified threat management on both, it's not as easy to manage if you have more than one firewall."
"Lacks training for new features."
"The solution lacks multi-language support."
"Fortinet should focus on enhancing the capabilities of FortiGate by consolidating its various products, such as FortiGate Cloud, FortiManager, and FortiAnalyzer."
"Fortinet FortiGate is a firewall solution and once it's deployed, you can rest assured that your system is secure."
"Monitoring and reporting could be better."
"The solution is very expensive."
"They should improve high CPU and memory usage that occurs."
"In every cloud service in the world, you have multiple upstream internet providers to create diversity so that if one of your providers fails, your network just continues. In South Africa, there is only one upstream provider, and that's not right. That that's a problem."
"Zscaler Internet Access needs to integrate more ISPs. It is good to have more than three ISPs."
"It also needs better integration with other applications as well. There are some restrictions."
"The solution can be improved by advancing some of the newer technologies such as the DLP feature, and adding email security."
"The performance needs improvement. Some areas create performance issues and, depending on the use cases, require reconfiguration to perform again."
"In terms of user experience, it could be better."
"They block Zscaler IPs when the traffic origin is from Zscaler IPs. They've been blocked by certain government organizations so the end users are not able to visit those websites unless we ask them to unblock those IP. This is a bit problematic."
"Zscaler should continue to make the user interface better. They should also improve the backup network and continue to expand it so that it can handle larger numbers of customers."
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 46 reviews. Fortinet FortiGate is rated 8.4, while Zscaler Internet Access is rated 8.2. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Zscaler Internet Access writes "Provides integrated CASB and file sandboxing but could be less expensive ". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and WatchGuard Firebox, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Microsoft Defender for Cloud Apps, Netskope , Prisma Access by Palo Alto Networks and Appgate SDP. See our Fortinet FortiGate vs. Zscaler Internet Access report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Bluecoat and Forcepoint offer credible solutions. Think through where your users are and what they connect to. A mobile workforce may need an agent and a cloud gateway (unless you force them back to base over VPN) but may give problems if connecting to sites that whitelist you by IP. And not all providers have good global breakout points. Be particularly careful if you work in China.
My recommendation is Cisco Meraki MX84 with advanced security license (its have two kind of license Advanced security and Enterprise licenses).
I recommend Fortigate
All FortiGate appliances are powered by the FortiOS™ operating system with the following features and benefits:
Features. Firewall, Virtual Private Networking (VPN), AntiVirus, Intrusion Prevention, Web Filtering, DLP, and anti-spam; AntiVirus /Antispyware
Answer is , it depends... If you do any web based business with Banks or Governments then get a hardware solution like Bluecoat or Fortinet because web based providers can not provide you with a static source IP and you will fail security checks. I've been involved in corporate moves to the "cloud" using Zscaler and both went very wrong, very fast, a year later and they still have monthly outages because of the "cloud" providing random source IP's. If this is for a public internet access outside of your corporate network then you should be fine otherwise I suggest hardware you control.
This is a "how long is a piece of string?" type question. As the other vendors have said it is hard to recommend something fully without knowing all the background. Your background did stipulate that you had multiple sites and you were growing. Having a traditional deployment scenario will mean that you need to have a "box" at each site and add more boxes as you add more sites. Going with a more modern solution like Zscaler will allow more rapid growth opportunities - just add users, no matter where they are - also this allows you to restrict with a single policy in the cloud rather than on each device.
AS others have said, be mindful of the proximity of the Zscaler because of latency, but they do have >100 POPS which you will probably find pretty local.
Overall, there is a lot more research you can do, but I'm leaning towards a cloud offering from the branches. You might consider an SD-WAN device at each branch that also has FW built in. This would give you connectivity resilience at a much lower price, but perhaps this is a debate for another day :-)
Cisco Meraki is an excellent solution in the cloud, has AMP included and can be integrated with Umbrella and Thread Grid.
We use Fortigates for web filtering and security. We are a global company with > 10,000 users.
This protects all users on our internal network. Remote users can use the Fortinet FortiClient for remote AV and web filtering protection.
We used Zscaler several years ago but we were unhappy with latency for complex websites and managing PAC files was difficult.
Since you are going for a web security. Zscalar web security solution will be my recommendation considering its robust features and vast threat intelligence base. It is best you go for the cloud solution since you are working across sites.