I have clients that do millions of revenue annually and only have 10-50 users. Until 'full-cloud' becomes a tad more mainstream (AAD and Intune machine management) and granular, we're still forced to deploy a full Microsoft domain on-site for file sharing if nothing else. In a small company that typically means ONE DC, backed up three times/places, and no additional servers.
I'm don't want to put this on a DC. Just wouldn't be smart. So it requires an additional server. And that server is likely gonna need to be in a DMZ, which although fairly straightforward, adds a level of network complexity that is simply not necessary for a small company.
So, to where MS RRAS offers fairly secure L2TP capability, fully manageable pre-login VPN etc, the competing Fortinet solution involves thousands of dollars of equipment, software and configuration. that's fine...for my client with 250 users. But for the 10-50 user company with 1 server and 8-15 VPN users...the target company for a device like the 60E or 60F....you basically have to step up to this multi-thousand dollar solution. that makes no sense. It costs more than the damn 60F and three years of security services JUST to have pre-login VPN. I realize that corporate markets are where the money is for Fortinet, but that's just crazy. There's gotta be a better way. They either want to cater to the Small SMB market or they don't. Their myriad offerings of 60-100 level devices would indicate that they do....but the cost of implementing something so simple would indicate otherwise. Ticks me off to be honest, especially after putting 50 or more of these devices in the field. I don't even think it's a money-grab. It's just a bone-headed oversight which indicates Small SMB is third tier.
"Hey client, yes i know it was a stretch to spend $2500 on a firewall and three years of services, and I know it was a stretch to install that $500 a month Datto device...but now, in order for your full time remote users to USE the fancy firewall get any group policies applied, you need to plunk down $5000 additional of server software, network config and VPN management software that we did not require previously and set up in 5 minutes free (SSL VPN and Forticlient 5) and was working perfectly."
sorry. rant over. already trapped in the ecosystem. nothing can be done now.