Updated: 2026.5.1
| Contents |
Is It Worth Studying Fortigate?
 |
First of all, let's talk a little about whether it's actually worth studying Fortigate. |
 |
Is it worth it? |
|
Personally, I think absolutely yes. The reason is simple — mastering Fortigate can lead to a significant salary increase. |
|
Oh, that's very motivating! |
|
Right? And it's really true. I'm a manager at a networking company, so I'm involved in hiring — and people who can work with Fortigate are very rare. At the same time, there are a huge number of design and implementation projects involving Fortigate. So we need to offer high salaries to attract people who can handle it. Honestly, I think even a moderate level of skill is enough to exceed the average annual salary in Japan. So I really encourage anyone who wants to start studying Fortigate to keep at it. |
3 Ways to Obtain a Fortigate
|
A lot of people probably think, "I want to study Fortigate, but I don't know how to get started." So today I'd like to introduce some ways to study Fortigate. Personally though, I recommend getting your CCNP before diving into Fortigate. |
|
Why is that? |
|
Network design and implementation projects using Fortigate quickly involve complex topics like IPsec, NAT, and BGP. So I think it's easier to handle those if you already have CCNP-level knowledge. That said, if you're in an IT department and just need to do basic configuration through the GUI, you probably don't need to go that far. |
|
I see. So what's the best way to study after getting the CCNP? |
|
In my personal opinion, the best way is to actually get your hands on the device and learn through practice. |
|
That means you need to get a Fortigate first, right? |
|
Exactly. There are mainly three ways to obtain one. · Buy a used physical unit · Deploy a VM (Virtual Machine) on a cloud service (such as AWS or Azure) · Deploy a VM using emulator software (such as GNS3) |
|
The first one makes sense, but the second and third sound difficult. Which one is best? |
|
Each has its own pros and cons, so you need to choose based on your situation. Here's a rough summary in table form. |
| Buy a Used Physical Unit |
| ■ Pros · No running costs. · You can learn about hardware switching features. · You won't be intimidated by the real hardware. ■ Cons · Upfront cost required. Cheapest options start around ¥5,000. Units with remaining license validity cost more. Units with active UTM licenses (antivirus, etc.) are especially expensive. · It can be hard to find a good quality unit. · Usually no warranty, so if it breaks, there's nothing you can do. · Requires physical space and cabling. |
| Deploy a VM on a Cloud Service |
| ■ Pros · No upfront cost. · No need to worry about hardware failures. · Latest OS available. · UTM features can be tested. · No physical space or cabling required. ■ Cons · Running costs are high — around $2–3 per hour. · No hardware switching features. |
| Deploy a VM Using Emulator Software |
| ■ Pros · No upfront or running costs. · No need to worry about hardware failures. · No physical space or cabling required. · You can deploy as many instances as you like. ■ Cons · Initial setup can be difficult. · Requires a high-spec PC. · No hardware switching features. |
|
It all sounds pretty complex. Which method did you use when you first started, Sensei? |
|
I bought a used physical unit. It was the only method I knew back then. But these days I mainly use AWS and GNS3. Not having to deal with cables is just so much more convenient. |
|
I see. |
|
I'll cover each method in more detail on separate pages. |