Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
twatson85
New Contributor

School setup suggestions.

Hi all, I was recently hired at a school district and the infrastructure is and the infrastructure is all 10 years old. The course. The core switch is an old 2nd hand 2nd hand H p's switch that had been in service that had been in service for 5 years and we got that 8 years and we got that 8 years ago. All of it all of the access switches are the 1st generation unified switches with no redundancy anywhere there. Here are my concerns and/or wants. I'm looking for a solution that has everything I need under one pane of glass. That leaves me with unifi, meraki and Fortinet.. I love unified problems I love unified products and have used them for a while now but I know they're fine but I know their firewall is not up to par. We have a split system Mac Mac air books and Google Chromebooks Around 800 devices total Does Fortinet Have the ability to monitor switches if they go down the monitor switches if they go down? I plan on having a device in my office ATV with a dashboard up so I can actively monitor the network I would rather know at work I would rather know about the problem before users start coming to me with problems. After using unified for so long I'm really impressed with there I'm really impressed with their Wi-Fi stability and capabilities. Ladies. Does Fortnite compete at all in this realm. I also need a CIPA Compliant Web filter. What I was thinking for the network layout is redundant core switches play out as redundant core switches redundant firewalls balls even though we only have one eye pea currently I've won ISP currently out to edge switches suggestions here would also be great. Our ISP is a duplex 500MB

9 REPLIES 9
GusTech
Contributor II

If it's budget use Fortinet as firewall and Unifi in switches and aps.

 

If you can x5 on budget.. Fortinet can give you all in one pack + expencive subscriptions.

 

I deliver many systems this way. Unfortunately, it's been many years since I quit fortinet all over. Customers do not have the money for it and it is overpriced based on what you are left with and deliver.

Fortigate <3

Fortigate <3
twatson85

Due to turmoil in it Rea almost none of the covid funds were used so we do have the funds. But just because we have them doesn't mean we should needlessly waste them. What do would you suggest? Even outside of the 2 brands
lobstercreed

I like Aruba wireless + switching (L2 only) with FortiGate being the core so you get east/west segmentation as well as traditional edge NGFW.  No personal experience with Unifi or Fortinet switches or wireless though to compare.  Just know Aruba is top of the line wifi (much better than Cisco, which I came from).

lobstercreed

I like Aruba wireless + switching (L2 only) with FortiGate being the core so you get east/west segmentation as well as traditional edge NGFW.  No personal experience with Unifi or Fortinet switches or wireless though to compare.  Just know Aruba is top of the line wifi (much better than Cisco, which I came from).

M_M_SW

There is indeed a unified solution for schools using Fortinet, using Fortigate, FortiSwitch, FortiAP. The name of this scheme should be security access belonging to the security fabric.

 

After deploying this integrated solution, the following effects do have:

1. A solution that has everything you need under one glass.

2. Use BYOD to manage more than 1,000 MacBook Air and Chromebooks and cell phones.

3. All VLANs and Devices are managed on the switch, and the port to which the device is connected can usually be found within 30 seconds.

4. Security checks can be done between all VLANs and the Internet, including IPS, AV, etc.

5. After importing the floor plan and placing the AP position, you can see the wireless network in detail.

6. SD-WAN can be distributed and managed by applications or cloud services, and does not need to use complex routing, such as policy routing, etc.

 

Basically, it can indeed save a lot of time for network management and inspection and repair.

But you need to be familiar with the operation and application of each function, cause I feel that Fortinet's customer technical services do not always satisfy customers.

 

twatson85

I have heard that. Yo add to the fray super would like traffic monitoring between schools so we can tighten restrictions for elementary. I have a call with them coming up but so far after putting in the request there has been crickets so far.
Cajuntank
Contributor II

We are a 1:1 school district using Apple devices, although I still have a fair amount of Windows computers too. We utilize FortiGates at all of my campuses for the layer 3 connection point for all of my WAN and failover Internet connectivity (SD-WAN).  Main Internet for the district it at my datacenter where my edge firewall resides, of course; however, most of my traffic inspection happens at the campus firewalls (ISFW) so when it actually makes it to my edge, it's just flow and go (so no security profiles applied since the traffic was already security inspected upstream). I have all of those in Security Fabric reporting to a FortiAnalyzer which is fabulous for getting the big picture of what's happening from a security standpoint. 

 

My wireless and switches are Aruba and cannot recommend enough. Definitely top level technology and support.

 

I will admit what while I do some level of web filtering with the FortiGates, I do prefer to utilize a much more granular dedicated web filter solution. I've been using a product from Content Keeper now for the past couple of years and have been very happy with it. 

 

To monitor the network infrastructure itself, I love PRTG from Paessler. It's very agnostic and has a lot of features I love.

 

Lastly, I know you said you had COVID grant money you could utilize, but since you also said you are new to the school, you also might want to familiarize yourself with e-rate. E-rate would also help pay for a lot of these infrastructure technologies so they don't get so "long in the tooth" before upgrades and/or replacements.

jacksparrow412
New Contributor

As a user in a similar situation, I understand your concerns about the outdated infrastructure and the need for a comprehensive Solutions . Considering your requirements, I would suggest exploring the options of Unifi, Meraki, and Fortinet. While you have experience with Unifi and appreciate their products, you're concerned about their firewall capabilities. It would be worth investigating if Fortinet can fulfill your network monitoring needs and offer a robust firewall solution. Additionally, ensure that the chosen solution is capable of handling the network traffic from around 800 devices and provides CIPA-compliant web filtering. Redundancy in core switches and firewalls is essential, even with a single ISP connection. It would be beneficial to seek suggestions for edge switches that align with your network layout.

Falinao
New Contributor

I've recently joined a school district with outdated infrastructure, including a second-hand HP core switch in service for 5 years and acquired 8 years ago. All access switches are first-generation unified switches with no redundancy. Here are my concerns and requirements:

I'm seeking a solution that provides all necessary features through one pane of glass, considering options like UniFi, Meraki, and Fortinet. I have experience with UniFi products but have reservations about their firewall. We have a mix of Macbooks and Chromebooks, totaling around 800 devices. Does Fortinet offer switch monitoring capabilities?

My plan includes having a dashboard on an ATV device on the glass shelf in my office for proactive network monitoring. I'd like to identify issues before users report them. While I've had a positive experience with UniFi's Wi-Fi stability and capabilities, I'm curious if Fortinet can compete in this area. Additionally, I require a CIPA Compliant Web filter.

Top Kudoed Authors