How does the fourth-largest network security company by revenue hold up against the first cybersecurity firm certified by the U.S. Department of Homeland Security? Fortinet's appliances and next generation firewalls (NGFW) have made it a category leader in unified threat management (UTM); let's see how they stack up against FireEye's comprehensive suite of enterprise security solutions.
FireEye is perhaps the more recognizable of the two firms, as the company has been the go-to security firm in many high-profile data breaches in the past few years. As mentioned previously, it was the first cyber security company awarded SAFETY Act certifications by the Department of Homeland Security. Earlier this year, it acquired iSight Partners to expand its threat intelligence capabilities, as well as Mandiant back in 2014 for its endpoint security platform and additional security intelligence resources. Sunnyvale-based Fortinet is another prominent player in the security space: it founded the Cyber Threat Alliance with Palo Alto Networks, McAfee, and Symantec in 2014 to share security threat data across vendors, and runs its FortiGuard Labs internal security research team and Network Security Academy and certification/training program with eight levels of NSE certification.
Milpitas, CA-based FireEye builds security solutions that focus on network, email, endpoint, mobile, and content security. The company is primarily known for its NX network security devices and HX series endpoint security solutions—widely considered best-in-class, despite the recent discovery of several critical product vulnerabilities. It also provides analytics and forensics via Mandiant, its security consulting firm (acquired in 2014).
The FireEye UI. Source: fireeye.com.
Founded in 2000, Fortinet is known for its FortiGate family of solutions: UTM physical and virtual appliances offering firewall, intrusion prevention, web-filtering and malware/spam protection services, among others. Its products include the flagship FortiGate (UTM) line, FortiClient (endpoint security), FortiDB (database security and compliance), and FortiWeb WAF (web application firewall), among others.
The Fortinet interface. Source: Fortinet Video Library / YouTube.com.
Side-by-Side Scoring: FireEye vs. Fortinet
1. Capability Set
Fortinet's products are highly capable yet cost-effective even for SMBs. Additionally, its NGFWs utilize advanced application-specific integrated circuit (ASIC) chips for high performance hardware acceleration, low latency, and increased throughput. FireEye has made several key acquisitions as of late in efforts to expand its capability set: Mandiant, nPulse Technologies, iSIGHT Partners, and Invotas. These give FireEye considerable coverage when it comes to end-to-end threat detection and incident response.
2. Ease of Use
For operators, sysadmins, and network administrators, FireEye's NX-series devices are trivial to configure and deploy. Fortinent's products, however, can be somewhat difficult to use, especially when compared to competing products (e.g., setting up FortiGate web policies and filtering).
3. Community Support
Both Fortinet and FireEye have sizable customer bases across the globe and significant followings. Subsequently, community support and resources for the two vendors are abundant: FireEye maintains its own community portal, while Fortinent's Technical Discussion Forums, Fuse Community, and Developer Network offer a plethora of public support resources.
4. Release Rate
Both vendors' solutions are continually updated and patched—Fortinet keeps a public history of its releases on its corporate website (FortiGate/FortiOS is currently at 5.4), while information regarding FireEye's releases can be had through accessing its documentation portal.
5. Pricing and Support
Though FireEye’s entry-level NX 900 appliance has a list price of $9,600, a typical total cost of ownership for its layered protection can exceeds $100,000, making it cost prohibitive for price-conscious firms. In contrast, Fortinet is targeted directly at the SMB: most of its low-end FortiGate NGFWs can be had for well-under $5,000. On the high-end, however, FortiGate firewalls can run between $15,000-30,000.
In terms of support, both vendors offer competent enterprise and paid support options.
6. API and Extensibility
FireEye provides APIs across most of its offerings, as well as integrations via API to third-party threat intelligence sources. Fortinet provides an expansive set of well-documented RESTful APIs for most of its products, from FortiWeb Manager to FortiGate/FortiOS.
7. 3rd Party Integrations
Both Fortinet and FireEye products are commonly integrated with 3rd party solutions to scaffold an organization's layered, continuous security framework. Fortinet calls this layered security its Security Fabric and offers an array of fabric-ready integrations out-of-the-box: Carbon Black, Brocade, Centrify, Nozomi Networks, Palerra, Pulse Secure, Qualys, VeriSign, WhiteHat Security, and more. FireEye integration partners include MobileIron, ThreatSync, and Blue Coat, to name a few.
8. Companies that Use It
Fortinet boasts most of the Fortune 500 as its customer base: ASU, Barnabas Health, NASDAQ OMX, and NEC Group, to name a few. Similarly, FireEye products are in use by Fortune 500s across the world. Customers include Finansbank, Japan Advanced Institute of Science and Technology, Investis, and D-Wave Systems, among others.
9. Learning Curve
Learning how to deploy a rudimentary FireEye installation is trivial but can be difficult when dealing with more expansive infrastructures. Fortinet products do not present users with an especially steep learning curve, except when it comes to configuring policy rules and filters in its FortiGate NGFWs.
FireEye scores a solid 807 CSTAR score—similarly, Fortinet's 777 CSTAR score means that its website perimeter security is free from major flaws. However, both lack HttpOnly/secure cookies; additionally, Fortinet's 66% CEO approval rating make the firm's IT assets more susceptible to insider attacks.
Scoreboard and Summary
|Ease of Use|
|Pricing and Support|
|API and Extensibility|
|3rd Party Integrations|
|Companies that Use It|
|Total||4.1 out of 5||4.3 out of 5|
Despite the increasing inability to fend off threats on their own, traditional cybersecurity solutions like endpoint protection and firewalls are nonetheless crucial to enterprise security, comprising one layer of an enterprise's layered continuous security framework. UpGuard's resilience platform provides the critical layer of integrity validation for ensuring that all IT assets in your environment—including Fortinet and FireEye appliances, security devices, switches, IoT devices, web apps, and more—are regularly scanned and monitored for misconfigurations and vulnerabilities.
Monitoring tools have come a long way since the early days of Big Brother. Today's solutions have evolved into powerful software troubleshooting and performance analytics platforms capable of deconstructing and analyzing the entire application stack—infrastructure up—for bugs and issues.
As perimeter-based cyber protection falls to the wayside, a new breed of continuous security solutions are emerging that combine traditional endpoint protection with newer technologies like security information and event management (SIEM) and crowdsourced threat intelligence.