We recently switched to an HA pair of 600E Fortigates, and it's been a good experience. We have an aging WIFI infrastructure and I'm looking at the potential savings of FortiAPs and I'm tempted, but I'm also a little skeptical.
We would need a new WLAN controller in the next few years, and all of our current APs are EOL.
How has your experience been with FortiAPs? We are looking at about 400 altogether, and I think it would mostly be 231Fs, although I'm noticing the 23JF is significantly less expensive and might also work for us in a lot of applications.
Since you already have the FGT deployed in your network adding FortiAP will be very easy to integrate. Tunneling the traffic directly to the firewall and apply the policies directly removes all the complexity of the wired network and offer a better security. Regarding the WiFi coverage it will heavily depend on your environment. Generally the 231F radios will offer a better uniform coverage and gain compared to 23JF, you can reference to the DS (Antenna Radiation Patterns) for each model: https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortiap-series.pdf You can also consider a mix of the two AP models and deploy them in different part of the network.
The FGT model you already have can handle the number of APs: Maximum Number of FortiAPs (Total / Tunnel) 1024 / 512.
- Emirjon If you have found a solution, please like and accept it to make it easily accessible for others.
Using FortiAPs can indeed be beneficial, especially if you're already using Fortinet's ecosystem, like the HA pair of FortiGate 600Es. It provides a good integration as FortiAPs can be directly managed by FortiGate devices, which will simplify your network management and give you a unified view of both wired and network traffic.
Here's what you might want to consider when deciding on whether to go with FortiAPs:
1. **Ease of Management**: One of the biggest benefits of FortiAPs is the ease of management when used in conjunction with FortiGate. The FortiGate device can act as a WLAN controller, eliminating the need for a standalone WLAN controller. This can simplify your network setup and management.
2. **Security Integration**: Another benefit is the integration of security features. If you're already using FortiGate, your FortiAPs will integrate seamlessly with your current security policies. This is a significant advantage because you get to have a unified security approach across both wired and wireless networks.
3. **Scalability**: The FortiAPs are also designed to be scalable. If your network expands, you can easily add additional FortiAPs and manage them through the existing FortiGate devices.
4. **Cost**: You mentioned the cost difference between the 231Fs and 23JFs. When comparing models, you'll want to make sure the less expensive option will meet your needs in terms of range, capacity, throughput, and any other specific requirements you may have. If the 23JFs do meet your requirements, they could indeed provide cost savings.
5. **Community Feedback**: From the community standpoint, many users report positive experiences with FortiAPs, citing their easy setup, reliability, and good performance. However, like any product, there may be occasional issues or quirks that need troubleshooting, but it seems most users find Fortinet's support helpful in these instances.
6. **Support**: Speaking of support, Fortinet generally offers good support options. They have extensive documentation available, and their support staff is usually quite helpful.
Before making a final decision, it's always a good idea to reach out to a Fortinet representative or a trusted vendor to discuss your specific needs and requirements. They may be able to provide additional insight or offer a trial period so you can see if FortiAPs are a good fit for your network.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.