We changed our name from IT Central Station: Here's why
Get our free report covering OpenVPN, Fortinet, Cisco, and other competitors of Fortinet FortiClient. Updated: January 2022.
563,327 professionals have used our research since 2012.

Read reviews of Fortinet FortiClient alternatives and competitors

Mike Parsons
Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
Real User
Top 10
Reliable, scalable and very simple to set up
Pros and Cons
  • "The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this."
  • "The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""

What is our primary use case?

The primary use case is basically having a synchronized perspective on what's going on between endpoints, firewalls, and whatever other types of preventative measures the customer has. 

How has it helped my organization?

The fewer panes of glass you've got to go to to try to investigate an event, the better off you are. If there's some automation that goes on within the fabric, or whatever you want to call it, this coordinated effort, then you're going to come out ahead as a small organization. Sophos has one pane of glass, so it gives good visibility. There's less time spent in front of the screen because I have confidence in the automation that's going on.

What is most valuable?

It's been pretty reliable. There's been a few times when it hasn't just taken care of problems. The automation is very convenient.

There's Sophos Central where the customer has a single pane of glass. You can manage everything. 

The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this.

It has a Linux version that's available. 

What I look for in dealing with small businesses, is for something that is not going to add to their staffing requirements significantly in terms of management. That's true with both Sophos as with Fortinet. 

There's great situational awareness within all the other components. If I have a workstation, usually they're just taking care of everything without me even knowing about it unless I go into the logs and see what's been cleaned up. I don't care if something gets cleaned up, I do care if something doesn't get cleaned up. My reporting is set to an on exception basis to ensure I don't have a firehose of information pointed at me to overwhelm me. Customers don't generally want to know every little thing that's happening on their network. What they want to know is if something has happened that puts their environment or their infrastructure in jeopardy. Sophos does this exceptionally well.

The pricing of the solution is quite good.

What needs improvement?

The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?" I see that all the time. That's a question I always have in the reports I give my customers. "Okay. So this happened last month. And as you can see, there were all these attacks knocking at the door, but none were allowed through." If someone got through, then I'm going to be concerned.

For how long have I used the solution?

I've been working with this solution alongside a customer for two years now.

What do I think about the stability of the solution?

The stability is great. We've never had issues with its reliability. It doesn't crash or freeze. There aren't bugs or glitches. It protects us well.

What do I think about the scalability of the solution?

The solution scales really well. They have great resources on hand for managing it within the cloud. I haven't found any issues with capacity. I've never heard of anyone ever having issues in that regard.

Typically we deal with small businesses. When I say "small business" I am referring to a company of around 250 people.

How are customer service and technical support?

Technical support has been very, very good. They're reliable and knowledgable. We've been satisfied with the level of service provided. 

Which solution did I use previously and why did I switch?

We also have experience with Fortinet. Fortinet has what they call their security fabric, which does about the same thing. Basically you have a number of different products, different solutions, and it's all under a single pane of glass and everything's coordinated so that any member or any component of that fabric or synchronized security is aware, has situational awareness of what other components are experiencing. If there's an attack that breaks out in one place, then there's going to be the opportunity for basically isolating that particular component so that it doesn't allow lateral movement.

I've used other solutions. The reason that I like Sophos is mostly due to the synchronized security and cloud management. Other solutions that I've dealt with have been point solutions. I've needed to figure out how to get that situational awareness between the different points. You have to do that. The name of the game these days is to evade the parameter. I have to not only protect the endpoint as if there was no firewall, but I also have to make sure that I've got as much intelligence going on about the state of my internal network so that everybody knows what's happening next door to them.

How was the initial setup?

The initial setup was a piece of cake. It wasn't complex at all. It's very straightforward.

What's my experience with pricing, setup cost, and licensing?

I can justify the pricing for customers and I can explain what they're doing from a pricing standpoint in terms of the different risks that they're handling. I'm all about risk management. Unfortunately, we lose awareness of that, the calculus that goes into that when nothing's going wrong. 

You have to ask: what are you trying to protect? What are you willing to spend to protect that, and what's your expected loss if something happens? You have to look at all things and then decide if the number is fair. I'd argue that it is.

What other advice do I have?

We're partners with Sophos. We're a consulting company and we provide some managed services. Sophos products are some that I deploy and manage for my customers.

I don't have the EDR or any of the really sophisticated stuff. The client doesn't think that they have a need to go to another level. 

I don't have EDR or MTR deployed for the customer. I work primarily with small businesses. So sometimes it's kind of hard to get them to invest more than what they feel comfortable doing.

Other organizations should give it serious consideration if they are looking for a solution. The price point is not unreasonable and the management and the continued evolution that I see within the product means that they're not sitting on their haunches waiting for the next big thing. They're constantly moving forward, trying to keep abreast of what's going on. 

We're in an arms race when it comes to cybersecurity. When you look at SophosLabs out of the UK and the work that they're doing in their blogs like Naked Security and whatnot, they're constantly in the forefront, constantly trying to find different threats. It's impressive, to say the least. All of that percolates down into their product because that's what drives their product.

I'd rate the solution at eight out of ten. The solution is consistently showing me that it has a very effective rubric that it follows through on in terms of identifying and remediating, particularly in the area of ransomware. They can handle everything without having to have somebody get down in the weeds and recover things. I like the automation that it brings into the work that's done. That was the wow factor that drew me to them, to begin with.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Suresh Kotian
Enterprise Architect at a tech services company with 201-500 employees
Real User
Top 10
Easy to set up and use, offers multi-factor authentication, and technical support is good
Pros and Cons
  • "There is support for multi-factor authentication."
  • "The security needs to be improved because it was a complaint that our customers had."

What is our primary use case?

We are a solution provider and the OpenVPN Access Server was one of the products that we used for our customers. It is used to create remote desktop connections into the cloud network, where people who are working from home can share resources with people in the office. When people are working in an office then they have a local network, and OpenVPN expands the network for use externally.

We are no longer using this solution because of complaints raised by our customers about security vulnerabilities. The server is now shut down.

How has it helped my organization?

This server allows you to connect to a network that does not have any public IP addresses. You first dial-up the OpenVPN to get onto the network, then directly use the private IP for the local device. Once the connection is made, we can do development work, maintenance, or whatever is required.

What is most valuable?

The most valuable feature is the remote connection capability.

It is easy to use.

There is support for multi-factor authentication.

What needs improvement?

We would like to be able to access the parts of the network that belong to other virtual LANs, which is not currently possible. For example, if an organization has different VLANs for sales, developers, and production, then we can only connect and view one of these segments. If you can access sales then you will have visibility of that particular subnet and not be able to see the developer VLAN resources.

The security needs to be improved because it was a complaint that our customers had. I'm not sure exactly what the specific issue is, other than they told us that it was not compliant with their organizational policies.

It is not possible to scale this solution horizontally, which is something that should be improved. They could allow multiple instances to run in different zones, synchronizing with each using a round-robin scheduler.

It would be great if they added intrusion prevention and detection (IPS/IDS) features. If they had these then there would be less need to use other products, such as firewalls. It would allow everything to run under one umbrella with centralized control.

For how long have I used the solution?

We were using OpenVPN for about one year and we migrated away from it about three months ago.

What do I think about the scalability of the solution?

Horizontally, this solution is definitely not scalable. Vertically, it is possible but there will be some downtime. Scaling requires that we stop the server, upscale it, select a different instance, and then restart it. The downtime is approximately five minutes.

How are customer service and technical support?

I have been in contact with technical support and the experience was good. They have knowledgeable people.

Which solution did I use previously and why did I switch?

We have migrated to Fortinet because of security vulnerabilities.

How was the initial setup?

The initial setup is easy. Once we go to the marketplace for the license, we can install and start using it. This involves selecting an image, then selecting a VM, and deploying on that. You then install the certificate and create the users. Creating users is also easy to do.

 One person is enough for this task and it will take between 15 and 30 minutes to deploy.

What about the implementation team?

Our in-house team deploys OpenVPN for our customers. After the deployment is complete, users will log in, download their profile, and then they can connect.

Which other solutions did I evaluate?

Before migrating to Fortinet, we looked at other vendors including Cisco. We found that based on the sizing we needed, the pricing of Cisco AnyConnect was not as competitive.

Personally, I have not found any differences between these products that affect what I need to do.

What other advice do I have?

Personally, I like this product and our decision to shut down the server is in response to decisions made by our customers. I have not found any issues with it, myself.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at a computer software company with 1-10 employees
Reseller
Top 20
Eradicates ransomware using non-signature-based detection, but the reporting could be enhanced
Pros and Cons
  • "The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods."
  • "If the client is working remotely and doesn't have a VPN then the deployment is difficult to do."

What is our primary use case?

We are a software reseller and managed service company, and Deep Instinct is one of the EDR solutions that we implement for our customers. It is one of two EDR solutions that we offer to our client base as a managed service and a 24/7 basis.

The primary use case is ransomware control.

How has it helped my organization?

We think of this product as a fishing net that fits into the computer and has all of the capabilities and understanding of what ransomware and malware look like. It reacts to the look of ransomware, as opposed to trying to detect it by using a signature.

In our experience, it is a whole different concept that is extremely effective.

What is most valuable?

The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods. It is not a traditional EDR.

What needs improvement?

My primary concern is that there are elements of the MSSP model that need updating. Specifically, there are some technical controls that need to be updated and it means that rolling it out is a little bit more complicated than it has to be. If the client is working remotely and doesn't have a VPN then the deployment is difficult to do.

In the future, I would like to see additional reporting made available.

Adding a firewall would negate the need for some products by other vendors. More generally, adding traditional endpoint security features over time would mean that we would not have to support multiple platforms.

For how long have I used the solution?

We have been using Deep Instinct for eight months.

What do I think about the stability of the solution?

The stability seems to be fine. Occasionally, we have to consider the brain of the solution, which is the component agent that goes to the endpoint. It remains stable because you're only pushing it out three or four times a year. Because it is not signature or EDR-based, you don't have updates.

What do I think about the scalability of the solution?

Scalability with this product is superb. We currently have about 2,000 clients who are using Deep Instinct.

Which solution did I use previously and why did I switch?

We also work with FortiEDR.

How was the initial setup?

The initial setup is very straightforward.

The length of time required for deployment depends on the number of users that the client has. We have some clients with 500 to 1,000 users, whereas one of our clients only has eight. I would say that you can finish deploying this product in less than half a day, regardless of size.

What's my experience with pricing, setup cost, and licensing?

We are satisfied with the pricing. 

What other advice do I have?

The most complicated part about endpoint security these days has to do with COVID because you have so many people who are working remotely, and they made the transition without a lot of forethought. The cloud-based deployment helps because if you are in an on-premises environment, it's extremely complicated unless they have VPNs.

Overall, this is a good product and it is extremely effective. That said, changes to the deployment process and making the reports a little prettier would be a good way to improve it. Functionally, it meets our requirements, but it doesn't have all of the bells and whistles that other products have.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of IT Operations at Puerta de Hierro Hospitals
User
Great for remote workers with excellent endpoint agents and easy communication with the console
Pros and Cons
  • "The communication with the console is very dynamic and remote, without the need to return to the computer locally."
  • "There needs to be compatibility with the most recent versions of the various operating systems."

What is our primary use case?

The main option for which this solution is used is to have all the peripheral equipment protected - avoiding risks due to malware and viruses. The solution can be managed by device, with filtering and analysis of the information of all collaborators available there. 

It's used to analyze emails from key users and for content filtering rules. It does not allow dangerous downloads, which protects the work of the organization outside the main network. It gives tools to the collaborators to make the work outside the installations (home office) easy.

How has it helped my organization?

With COVID affecting the world, a solution was needed that could be able to provide security at workstations outside of the organization itself. With the sandblast tool, coverage is made on the equipment that we provide (laptops) and employees can carry out their activities from home. The tool has provided us with security to ensure that the computers are protected while also providing information analysis. It offers easy control and implementation of content filtering rules. Thus, you have control of all the organization's teams outside and within the operational network.

What is most valuable?

The endpoint agents, which can be installed in one go, are great. The communication with the console is very dynamic and remote, without the need to return to the computer locally. 

From the administration console, we can generate content filtering rules and labels, as well as run an analysis of emails and downloads that the collaborator does to fulfill their functions. Informing the administrator of threats by mail gives us the facility to detect real-time vulnerabilities in order to continue fulfilling the objective of safeguarding the information of the organization.

What needs improvement?

There needs to be compatibility with the most recent versions of the various operating systems. They need to be up-to-date with the signatures of new viruses and the latest ramsonware. With the encompassing of all its solutions in one platform, there should be artificial intelligence for specific analysis to thus be able to anticipate and detect unique risks to the organization. 

To be able to count on the administration console on any device and online cloud would be ideal. We would like there to be no need to install clients as executables.

For how long have I used the solution?

I've been using the solution for one year.

What do I think about the scalability of the solution?

We like the idea of ​​continuing to implement more solutions offered by Harmony.

How are customer service and technical support?

Technical support is good. They comply when we need support or have product questions.

Which solution did I use previously and why did I switch?

No, Sandblast was chosen as the first option.

What's my experience with pricing, setup cost, and licensing?

The solution meets our business needs. 

Which other solutions did I evaluate?

We did look at Fortinet solutions.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
System Administrator at RBDigital
Real User
Top 5
Works without any issues and provides good control over routing
Pros and Cons
  • "NetExtender works very well. I never had an issue with it, and it has been working well for me. In terms of management, you have good control over the destination. You can use NetExtender to set the policy and the static route for a client. You can modify it based on what your client needs or can access. You have good control over routing."
  • "SonicWall can be difficult for some people, but I don't find it difficult. Some companies provide a VPN client for free, but you have to pay for NetExtender."

What is our primary use case?

NetExtender is for client VPN. Users can use it to connect through a VPN and remotely access the internet services. 

What is most valuable?

NetExtender works very well. I never had an issue with it, and it has been working well for me.

In terms of management, you have good control over the destination. You can use NetExtender to set the policy and the static route for a client. You can modify it based on what your client needs or can access. You have good control over routing.

What needs improvement?

SonicWall can be difficult for some people, but I don't find it difficult. Some companies provide a VPN client for free, but you have to pay for NetExtender.

For how long have I used the solution?

I have been using this solution for around five years.

What do I think about the stability of the solution?

I can't say much about stability. I have multiple firewalls from the same company. If one firewall is down, I can connect to another firewall. 

How are customer service and technical support?

I never had to call their technical support for NetExtender. In general, like every firewall company, it depends on who you're talking to. Sometimes, you get good support, and sometimes, you don't get good support, and you have to force them to do something more because they just keep on saying that it is not just this. It is also this and that. You have to force them to go in one direction. I have had the same experience with Fortinet.

How was the initial setup?

NetExtender is easy to install. You go to the SonicWall website and download NetExtender. If you are not sure about the setup options, you just keep on clicking on yes. All the configuration is automatically done.

Its setup is done inside the SonicWall router. Some people don't like SonicWall because they find it too complicated, but I like it. You get more granular control on everything and have to do more things, which makes it complicated, but I prefer it being complicated. I don't like not having enough options. If there are 100 options, I will study them one by one and use them, but for some people, it can be too complicated when there are too many options.

What's my experience with pricing, setup cost, and licensing?

You have to pay for its license. There are some other companies that provide a VPN client for free. When you buy NetExtender, its license is available for one, three, or five years.

What other advice do I have?

I would rate SonicWall NetExtender an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Get our free report covering OpenVPN, Fortinet, Cisco, and other competitors of Fortinet FortiClient. Updated: January 2022.
563,327 professionals have used our research since 2012.