We performed a comparison between Fortinet FortiWeb and Microsoft Azure Application Gateway based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has a good sandbox feature."
"Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.)."
"Also, if you serve files or you accept files with your server, Fortiweb has built-in antivirus. The Fortinet product family also provides good IP intelligence (botnet C&C, etc.)."
"Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."
"FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives."
"L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code."
"SSL Offloading simplifies the public certificate handling and brings additional protection features."
"It can scale well."
"The solution's integration is very good."
"It is a scalable solution...The installation phase of Microsoft Azure Application Gateway is very easy."
"The solution is easy to set up."
"The tool helps manage microservices by providing developers with a platform to conduct tests and assessments on the web application. The custom domain option is one of the most valuable features I've found. This feature is incredibly helpful for the end-users of the web application. With the custom domain feature, you can change the lengthy link to a shorter, more memorable one. For example, instead of using a lengthy default link, you can customize it to something like imail.com, which is much easier to remember and share."
"The product's initial setup phase was easy."
"Microsoft Azure Application Gateway gives us a lot of benefits, including domain mapping."
"Using policies to link and manage these URL-based routing configurations is also valuable."
"Load balancing and web application firewall features are the most valuable."
"The product’s stability could be improved."
"They could improve their support a little bit for faster response time."
"We use Kubernetes, so I would like to have a plugin to configure FortiWeb Cloud automatically using Kubernetes Ingress. That would reduce the complexity of setting up an Ingress object in Kubernetes. Some competing solutions help you configure Ingress and Kubernetes automatically."
"The integration with other products should be improved."
"HA Architecture needs improvement. I would improve it by working on AP HA."
"The dashboards are not that configurable. Application-specific dashboards can be improved. If we have 50 applications, there should be something to see what's happening with these 50 applications. There could be a graph or a consolidated alert page where all alerts are inbuilt. They have other products that I can use, but this feature should be built into FortiWeb."
"The initial setup is complex."
"Lacks a VM demo to enable testing prior to purchase."
"The solution doesn’t support wildcard-based and regular expression-based rules."
"There is room for improvement in the pricing model."
"Application Gateway’s limitation is that the private and the public endpoint cannot use the same port."
"The solution could improve by increasing the performance when doing updates. For example, if I change the certificate it can take 30 minutes. Other vendors do not have this type of problem."
"Microsoft needs to work on their documentation."
"Application Gateway’s limitation is that the private and the public endpoint cannot use the same port."
"The solution has many limitations. You cannot upgrade the VPN to the application gateway. So I started with version one, which has limited capabilities, and they provided version two. And unfortunately, I cannot upgrade from v one to v two like other services. So I have to decommission the version one and create a new one with version two. Also the version one was complex with the certificates uploading the SQL certificates."
"It could be more stable, and support could be better. It would also be better if they offered more features. For example, it lacks security features. Before we used another English solution, and we realized that some of the rules were not set up correctly and passed through the Application Gateway's English controllers. But the problem, in this case, is if you send ten rules, for example, six rules hit some issues. IP address blocking could be better. The rules, for example, don't work properly. If you have one issue, one rule or another rule will not work. This sounds like total madness to me."
More Microsoft Azure Application Gateway Pricing and Cost Advice →
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Microsoft Azure Application Gateway is ranked 3rd in Web Application Firewall (WAF) with 41 reviews. Fortinet FortiWeb is rated 8.0, while Microsoft Azure Application Gateway is rated 7.2. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Microsoft Azure Application Gateway writes "High stability with built-in rules that reduce alerts and are easy to configure". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Fortinet FortiOS, whereas Microsoft Azure Application Gateway is most compared with AWS WAF, F5 Advanced WAF, Citrix NetScaler, Azure Front Door and NGINX App Protect. See our Fortinet FortiWeb vs. Microsoft Azure Application Gateway report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.