We performed a comparison between F5 Advanced WAF and Fortinet FortiWeb based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: F5 Advanced WAF has an edge over Fortinet FortiWeb in this comparison. According to reviews, it has more advanced features than Fortinet FortiWeb. In addition, it received better marks in the ROI category.
"This solution inspects your traffic and based on that, automatically create distinct qualities for you, so you can add this to the policy already created. That's what I like most."
"It can scale."
"The most valuable feature of F5 Advanced WAF is its grand unity of the implementation, where you have the freedom to configure based on how it affects your use case or your organization. With the default setting of implicit deny, you can gradually start defining and deploying the tool to align with your environment, whether it is outdated, recent, or futuristic. This allows you to customize the solution to protect you from threat actors. You have the ability to define what the advanced threat act should do - whether it should alert, deny, or both - and it will deliver based on your configuration. Unlike other online solutions, F5 Advanced WAF provides flexibility to deliver to your unique environment the way you want."
"F5 Advanced WAF is a stable solution, we are satisfied. It is more stable than ForiWeb."
"With F5 Advanced WAF, it was protection for online publications and for our customers that caused us to choose the platform."
"The support experience is better than average."
"It also has antivirus and DDoS mitigation capabilities. We have enabled these features."
"One of the most valuable features is the Local Traffic Manager."
"It's easy to use and allows us to integrate solutions together."
"Also, if you serve files or you accept files with your server, Fortiweb has built-in antivirus. The Fortinet product family also provides good IP intelligence (botnet C&C, etc.)."
"The most valuable features are support and security."
"The most valuable feature is ease of use."
"The ease of configuration is valuable. We have Azure WAF, we have OCI WAF, and we also have Cloud Armor for GCP, but their configuration isn't very easy. It's pretty simple in FortiWeb, and we can enable or configure whatever we want."
"Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself."
"I have recently been looking at the SSL certificate features and the learning mode of the appliance. This appliance learns from the pattern of SSL attacks."
"The most valuable feature of this solution is Fail-Open."
"The reporting portion of F5 Advance WAF is not great. They need to work out something better, as it is very basic. You only see the top IPs, I think there is more they can offer."
"I think the deployment templates can be better."
"It's sometimes difficult to customize APIs with F5 Advanced WAF."
"The delay times on firmware patches and software updates could be better and improved."
"You have to buy another module with an extra license, to have the authentication feature."
"Nevertheless, F5 products are generally considered to be hard to deploy."
"The BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective."
"There is a gap in report management."
"Fortinet WAF came out recently, and there is not much feedback about customer experience. For each project, customers ask about the scenarios and references of the customers who have implemented this solution, which we don't have. They need to simplify the customer experience and provide more information so that we can propose Fortinet Fortiweb as a WAF solution to customers and convince them. They need to improve their service and training. We need good training to implement and use it properly and know more about it. We still don't know much about Fortinet WAF. We didn't get any proper training sessions. Other vendors like Cisco, Palo Alto, Check Point, and Barracuda provide such sessions. Whenever we receive a request from a customer for this solution, we just give the price. We don't propose this solution because we don't know much about it. We propose whatever we are familiar with and what is supported."
"It costs too much."
"The product's scalability could be better."
"Lacks functionalities that are available in other solutions."
"In terms of performance, it needs to be more robust."
"We want to see more detailed logging, such as audit logging, as this would significantly enhance the solution's reporting. We currently get some information from logs, but more would be better."
"The interface could have the interdependent elements arranged sequentially and wizards that go through most common deployment actions."
"Fortinet FortiWeb is not scalable. You'll need more budget to change the hardware."
F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. F5 Advanced WAF is rated 8.6, while Fortinet FortiWeb is rated 8.0. The top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". F5 Advanced WAF is most compared with Microsoft Azure Application Gateway, AWS WAF, Imperva Web Application Firewall, F5 BIG-IP Local Traffic Manager (LTM) and Prisma Cloud by Palo Alto Networks, whereas Fortinet FortiWeb is most compared with Fortinet FortiADC, AWS WAF, Azure Web Application Firewall, Imperva Web Application Firewall and Cloudflare Web Application Firewall. See our F5 Advanced WAF vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.