IT Central Station is now PeerSpot: Here's why

AWS WAF vs Fortinet FortiWeb comparison

Cancel
You must select at least 2 products to compare!
Amazon Logo
16,668 views|14,004 comparisons
Fortinet Logo
16,567 views|13,253 comparisons
Featured Review
Buyer's Guide
AWS WAF vs. Fortinet FortiWeb
May 2022
Find out what your peers are saying about AWS WAF vs. Fortinet FortiWeb and other solutions. Updated: May 2022.
608,713 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution is stable.""The most valuable features are the geo-restriction denials and the web ACL.""Stable and scalable web application firewall. Setting it up is straightforward.""AWS has flexibility in terms of WAF rules.""Its best feature is that it is on the cloud and does not require local hardware resources.""This product supplies options for web security for applications accessing sensitive information.""The access instruction feature is the most valuable. This is what we use the most.""AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers."

More AWS WAF Pros →

"If I need something from tech support, I can get it answered within the hour.""Provides good vulnerability scanning, IPS, and geolocalization.""It is a stable product.""The support services, performance, and pricing are all valuable features. The performance is excellent.""Both the internal firewall management and the cloud can be managed by a single console.""It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs.""The most valuable feature is ease of use.""The most valuable feature of this solution is Fail-Open."

More Fortinet FortiWeb Pros →

Cons
"When users choose the free service, there isn't great support available to them.""The serverless product from AWS WAF could be improved. For example, they have only one serverless series, Lambda, but they should extend and improve it. Additionally, the firewall rules are not very easy to configure.""The pricing model is complicated.""We don't have much control over blocking, because the WAF is managed by AWS.""We haven't faced any problems with the solution.""I would like to see it more tightly integrated with other AWS services.""The technical support does not respond to bugs in the coding of the product.""It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."

More AWS WAF Cons →

"They could improve their support a little bit for faster response time.""In my experience, Fortinet FortiWeb could improve the intelligent features to acknowledge whether any threat or incident that's running happened. Then give us the ability to escalate it to layer 2 or layer 3 in the network operations.""They can introduce a scaled-down version for the SMB market. It would be very competitive in the environment.""I would like to see the Application Delivery Control (ADC) and Web Application Firewall (WAF) combined in one device.""The documentation for the machine learning could be better.""No solution is 100% secure and the security could always be worked on.""The memory use in each of the appliances is problematic.""When we look at the incident reports in the dashboard, they are available for a maximum duration of 24 hours. They should provide more time for the analysis and increase the duration of the availability of these reports. Currently, it gives the options for 5 minutes, 1 hour, and 24 hours. It would be excellent if there are more options for a longer time period. It may be configurable, but I don't know how to do it."

More Fortinet FortiWeb Cons →

Pricing and Cost Advice
  • "AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
  • "It has a variable pricing scheme."
  • "We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
  • "It's quite affordable. It's in the middle."
  • "The pricing should be more affordable, especially as it pertains to small clients."
  • "It's cheap."
  • "AWS WAF is pay-as-you-go, I only pay for what I'm using. There is no subscription or any payment upfront, I can terminate use at any time. Which is an advantage."
  • "You need an additional AWS subscription for this product if you are buying a managed tool."
  • More AWS WAF Pricing and Cost Advice →

  • "Due to the situation in Iran with the sanctions, the price of this solution is very expensive."
  • "It's an expensive solution, although there are no additional costs."
  • "It is fine now. We had to earlier negotiate the price."
  • "It is an expensive suite and it is an expensive solution, but it is a manageable one for an enterprise."
  • "Its subscription prices are cheaper, and it is not very expensive. From a price perspective, Fortinet is a very well-known security vendor. Subscriptions are very simple. They have a couple of licenses on an appliance, and that's it. The cost is not that big. One license is 40K, which they give with all the products. Another one includes the subscriptions for threat prevention, IPS, sandboxing, etc, which is more than enough."
  • "There are no licensing costs."
  • "It is not a cheap product. It is not like a Linux or a Genex that you can deploy. It is a hardware appliance, and it is built for a specific reason and reliability. It is an enterprise-class solution. You wouldn't find an SMB investing in something like this."
  • "There are no costs in addition to the standard licensing fees."
  • More Fortinet FortiWeb Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    608,713 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Hi Varun, I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud… more »
    Top Answer:Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for… more »
    Top Answer:Stable and scalable web application firewall. Setting it up is straightforward.
    Top Answer:The support services, performance, and pricing are all valuable features. The performance is excellent.
    Top Answer:There's only one payment for the duration of the license. On a scale from one to five, I would rate pricing at four. I have not encountered any additional costs on my projects involving Fortinet… more »
    Top Answer:The initial setup process could be improved.
    Ranking
    Views
    16,668
    Comparisons
    14,004
    Reviews
    12
    Average Words per Review
    551
    Rating
    7.6
    Views
    16,567
    Comparisons
    13,253
    Reviews
    23
    Average Words per Review
    436
    Rating
    8.2
    Comparisons
    Also Known As
    AWS Web Application Firewall
    Learn More
    Overview

    AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.

    Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

    Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

    Fortinet FortiWeb Features and Benefits

    APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

    • Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.

    • Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.

    • Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.

    • Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.

    • ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.

    • False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

    Reviews from Real Users

    Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

    Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

    A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

    Offer
    Learn more about AWS WAF
    Learn more about Fortinet FortiWeb
    Sample Customers
    eVitamins, 9Splay, Senao International
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    Top Industries
    REVIEWERS
    Energy/Utilities Company22%
    Media Company22%
    Transportation Company11%
    Manufacturing Company11%
    VISITORS READING REVIEWS
    Computer Software Company25%
    Comms Service Provider17%
    Media Company9%
    Financial Services Firm9%
    REVIEWERS
    Financial Services Firm23%
    Comms Service Provider23%
    Computer Software Company15%
    Government12%
    VISITORS READING REVIEWS
    Comms Service Provider29%
    Computer Software Company25%
    Government6%
    Financial Services Firm4%
    Company Size
    REVIEWERS
    Small Business26%
    Midsize Enterprise26%
    Large Enterprise48%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise16%
    Large Enterprise66%
    REVIEWERS
    Small Business48%
    Midsize Enterprise25%
    Large Enterprise28%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise25%
    Large Enterprise48%
    Buyer's Guide
    AWS WAF vs. Fortinet FortiWeb
    May 2022
    Find out what your peers are saying about AWS WAF vs. Fortinet FortiWeb and other solutions. Updated: May 2022.
    608,713 professionals have used our research since 2012.

    AWS WAF is ranked 4th in Web Application Firewall (WAF) with 12 reviews while Fortinet FortiWeb is ranked 2nd in Web Application Firewall (WAF) with 30 reviews. AWS WAF is rated 7.6, while Fortinet FortiWeb is rated 8.0. The top reviewer of AWS WAF writes "Use this product to make it possible to deploy web applications securely". On the other hand, the top reviewer of Fortinet FortiWeb writes "Good for compliance, load balancing, and high availability". AWS WAF is most compared with Microsoft Azure Application Gateway, Imperva Web Application Firewall, Azure Web Application Firewall, Cloudflare Web Application Firewall and NGINX App Protect, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, Fortinet FortiOS, Microsoft Azure Application Gateway and Azure Web Application Firewall. See our AWS WAF vs. Fortinet FortiWeb report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.