Bollocks (ish)
I've deployed quite a few Fortinets and other firewalls/routers/packet ticklers. You need to be able to define your policy wrt internets and then you need to be able to deploy and enforce that policy. Everything else is stamp collecting!
Define your policy: Errr keep the baddies out and my users safe or somethink. OK this needs some work but out of the box you do get a reasonable set of defaults - bugger all with no indication of what to turn on. NAT enabled on all allow rules and other travesties.
Deploy it: Let's take a simple operation - allow access from the outside to a box on the inside. Oh $DEITY. Define a NAT policy (it isn't called that) in one place and then reference that in firewall rules. There are other methods too from the GUI or CLI that barely hide the underlying OS primitives.
What about a site to site VPN? That'll be IPSEC only thank you. Curve 25519 support has recently been added which is nice but the GUI is awful to navigate, its dreadfully clunky. Yes there's a CLI but it is yet another language to learn and I can't be arsed. FFS I already have to speak so many IT wanky languages already - most of them with a rubbish accent.
Fortinets may have loads of clever shit in the box but the GUI is wank for many of the basics. That goes for pretty much everything "cool" in IT these days. Lots of clever stuff with a crappy interface and half thought out interactivity. Support via whispers and innuendo on Reddit and shitty "forums".
Despite my whining, I won't go back to IT in the (say) noughties. What we have now is (mostly) rather better by an order of magnitude.
I do recommend you use the colour coding, even if it is a bit inconsistent. It does help make rule sets readable.