Hi @eneny ,

Switching from F5 to FortiADC is a major decision, and understanding both positive and negative experiences ccan help you make an informed choice. Here are some key considerations:

Pros:

• Integrated Features: FortiADC offers integrated GSLB and WAF features without additional module costs, which can be a major financial advantage.
• Simplified Management: Users often find FortiADC's management interface to be more intuitive compared to F5, making it easier to configure and maintain.
• Cost-Effective: FortiADC is generally more cost-effective, not only in terms of initial acquisition but also in maintenance and support costs.
• Performance and Reliability: Many users report that FortiADC performs well in high-traffic environments, providing reliable load balancing and security features.

Cons:

• Learning Curve: Transitioning from F5 to FortiADC can involve a steep learning curve for teams accustomed to F5’s ecosystem and terminology.
• Feature Gaps: Although FortiADC aims to match F5's functionality, there might be specific advanced features or nuances in F5 that are not fully replicated in FortiADC.
• Integration Issues: Existing integrations with other systems and workflows tailored to F5 might require significant adjustments to work with FortiADC.
• Support and Community: F5 has a large community and extensive support resources, which can be beneficial for troubleshooting and getting help. FortiADC’s community and support, while good, might not be as extensive.

Comparison with Dedicated WAF Solutions

FortiADC includes built-in WAF capabilities, but whether it has "all" the capabilities of a dedicated WAF, such as Fortinet's own FortiWeb or other specialized WAF solutions like F5 ASM, depends on specific needs and use cases. FortiWeb and F5 ASM offer more advanced detection mechanisms, including behavioral analysis, machine learning-based anomaly detection, and more comprehensive signature databases.

FortiADC’s WAF capabilities are robust for many use cases, especially for organizations looking for an integrated solution without additional module costs. However, for highly complex environments or those with stringent security requirements, a dedicated WAF like FortiWeb or F5 ASM might be necessary to provide the depth and breadth of protection required.

Comparison with F5 GTM on DNS Level Load Balancing

While FortiADC provides robust GSLB functionality suitable for many organizations, F5 GTM offers more advanced features, greater flexibility, and deeper integration capabilities, which might be necessary for highly complex or large-scale environments.

Recommendations

In line with the detailed information above, you can plan your migration process by considering the following suggestions:

• Assess Your Requirements: Assess your specific needs for GSLB, considering factors like the number of sites, complexity of traffic management policies, and integration with other systems. Assess your specific needs for WAF, evaluate your specific security needs and compliance requirements. If they are basic to moderate, FortiADC might suffice. For advanced protection, consider a dedicated WAF as a part of WAF side.
• Proof of Concept: Conduct a PoC to test FortiADC’s all you need capabilities in your environment and see if it meets your requirements.
• Consult with Vendors: Engage with both Fortinet and F5 to get a detailed understanding of the capabilities and limitations of their respective solutions.
• Support and Community: Consider the availability of support and community resources for troubleshooting and assistance.
• Long-Term Strategy: Think about your long-term strategy for traffic management and how each solution fits into your overall IT and security architecture.

BR.

If my answer provided a solution for you, please mark the reply as solved it so that others can get it easily while searching for similar scenarios.

Feel free to request for a demo of FortiADC here before making the decision to switch : https://www.fortinet.com/demo-center/fortiadc-demo 

You can get in touch with Fortinet Sales Team as well for more detail: https://www.fortinet.com/corporate/about-us/global-offices 

Yeah im not a fan of their new NEXT product line already. Its not finished and there are things we should be able to do that are basic and you cant do them. Also it looks like the old method of partition use is gone and user accounts will be tied to the VIPs/Apps which looks to force you to use APM aka NEXT ACCESS when we didnt use that before. Its running on a K3s cluster and we were told not to look under the hood. Well its as sinle node cluster which from what i read is a bad idea for a prod environment. So we are looking and expanding our horizons i guess. Thanks!

Kindly refer here for documentation regarding FortiADC if you decide to have a read before starting a demo on it: https://docs.fortinet.com/product/fortiadc/7.4