No more typing reviews! Try our Samantha, our new voice AI agent.

Azure Web Application Firewall vs Fortinet FortiAppSec Cloud comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare Web Application ...
Sponsored
Ranking in Web Application Firewall (WAF)
7th
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
26
Ranking in other categories
No ranking in other categories
Azure Web Application Firewall
Ranking in Web Application Firewall (WAF)
13th
Average Rating
8.4
Reviews Sentiment
6.6
Number of Reviews
16
Ranking in other categories
Microsoft Security Suite (20th)
Fortinet FortiAppSec Cloud
Ranking in Web Application Firewall (WAF)
26th
Average Rating
9.0
Reviews Sentiment
6.6
Number of Reviews
2
Ranking in other categories
CDN (11th), Distributed Denial-of-Service (DDoS) Protection (19th), API Security (16th), Dynamic Application Security Testing (DAST) (9th)
 

Featured Reviews

DB
CTO at PlayNirvana
Advanced security reporting has protected high-traffic betting platforms from constant attacks
I don't see room for improvement to Cloudflare Web Application Firewall. One thing I don't know much about because we have a dedicated IT team for that, and I'm not involved with Cloudflare much anymore. But if I were to compare them to F5, I would like to see more features that F5 offers. F5 has an option to bring the whole infrastructure, the whole WAF and all their packages, Bot Management, and everything else on your infrastructure. You need to install certain services from their side, and then you can choose if you would like requests to hit your servers immediately or if requests need to be proxied through F5 backbone. That would be a nice addition because we have 90% of the traffic as legit traffic coming from whitelisted servers. If it comes from whitelisted servers, I don't need to go every request through the backbone; I could easily just IP whitelist everything. Then I could maybe have Bot Management on my infrastructure that drastically reduces the price of Cloudflare. I would like to see Push CDN more improved in the next release of Cloudflare Web Application Firewall. And maybe something similar to Pushpin that Fastly has, which is an option where you can push messages that then can be scaled globally over the network. From our perspective, if we have a listener that listens for stock updates, I would just need to have one processor that pushes those updates to the Cloudflare API, and then Cloudflare would broadcast that message to all listeners. Cloudflare will check the order of the message, and if you, as a customer, are not connected or have some kind of network issue, when you reconnect, you will receive the latest state and missing updates.
RJ
Global IT Solutions Specialist at RELIEF INTERNATIONAL INC
Offers robust analytics and seamless cloud integration with minor room for user interface improvement
The Microsoft support and the analytics are what I appreciate about Azure Web Application Firewall. It integrates effectively with things such as Sentinel and Defender for Cloud, so mostly it's the analytics and now the AI capabilities that have been introduced with Co-pilot. It helps when looking for threats. It reduces issues significantly because the filtering capabilities are high. Given that it's a cloud solution, we have very minimal downtime, especially because we have Microsoft support. On a scale of one to 10, I would give it an eight.
reviewer2812593 - PeerSpot reviewer
CIO at a financial services firm with 51-200 employees
Advanced threat protection has reduced financial risk and improves application security visibility
The issue I have with Fortinet FortiAppSec Cloud is that the real-time analysis is not robust; I am unable to see all the logs of everything that happened, including what is passive. It only logs when there are suspicious activities, which means if something is not considered suspicious by Fortinet, I will not see the full picture. That is a disadvantage because it will not log unless it identifies an IOC or attacks, meaning I cannot see traffic information in a way that helps build more intelligence. The biggest issue I have with Fortinet FortiAppSec Cloud is that the logging is not as extensive as I would prefer. For instance, if there was an issue two days ago and Fortinet FortiAppSec Cloud did not mark it as a concern, I will not see any information about that, making it challenging to explain to customers if their request did not reach us. It hampers visibility from an API perspective. They need to enhance monitoring and logging to be more extensive and capture even passive activities. The AI integration in Fortinet FortiAppSec Cloud is still new. The generative models are good, but there is much work left to improve. It is not as intelligent as it could be; thus, enhancements around the AI co-assistant would be beneficial. Additionally, logging and monitoring need improvement as I can capture traffic and investigate offline on my Fortinet firewall, including full traffic view, but Fortinet FortiAppSec Cloud currently focuses only on security concerns, which does not give the complete picture.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The Cloudflare Web Application Firewall's most valuable feature is its ease of configuration."
"We like that there's load balancing, firewall capabilities, DDoS protection, et cetera, all covered by Cloudflare."
"Cloudflare has positively impacted my organization by making it easier for me to handle and set up DNS for multiple clients; I can easily go in and access their accounts, make changes they need, and it's a one-stop shop."
"The initial setup process is simple."
"Someone with a basic understanding of networking and security will be able to implement the firewall's basic features within 15 minutes."
"I have not had any issues with this solution, and I would recommend it to others who are interested in using it."
"Cloudflare is cheaper compared to Azure WAF, which I have considered before."
"The integration of Cloudflare with Cloud Suite is its most valuable feature."
"The solution has good dashboards."
"The return on investment is good."
"I can only strongly recommend using the Azure Web Application Firewall."
"The integration it has with GitHub is great."
"Azure WAF is extremely stable."
"The most valuable feature of Azure Web Application Firewall is its ability to filter requests and block false positives by using custom rules and the OWASP rule set."
"The initial setup is easy and straightforward...Azure Web Application Firewall is a scalable product."
"We already have some of our workloads published outside of Azure, and this allows them to connect to the database."
"We have seen a reduction in incidents and a good return on investment from Fortinet FortiAppSec Cloud, with our return on investment around 60%."
"My favorite Fortinet device is the FortiGate next-gen firewall itself; it is a complete suite with intrusion prevention, intrusion detection, anti-malware, anti-DDoS, and SD-WAN functionalities."
 

Cons

"Cloudflare Web Application Firewall should improve visibility for a customer."
"Cloudflare should update the version of the ModSecurity core rule set that they run on."
"The rate limiting functionality could be enhanced, as we find it somewhat limited."
"The reporting could be improved if it were more granular."
"Their documentation could be better. They don't have documentation that explains everything well."
"The platform's control features related to real-time authentication and response time need improvement."
"Its stability could be better."
"WAF doesn't directly affect bandwidth costs. It saves costs on protection. However, with the correct setup, it's difficult to determine if it saves costs overall due to the fixed enterprise plan fee."
"Microsoft technical support for Azure Web Application Firewall has presented challenges. When working on Azure Firewall, understanding requirements was difficult because support teams often passed issues from one to another without addressing requirements accurately."
"Upgrading the platform regularly is necessary for security, however, frequent updates every six months or year from Azure can be a maintenance overhead."
"Some Azure applications, like the web application firewall, require a certain level of SKU for hosting setup. The basic setup does not allow me to use the web application firewall and other additional services."
"There is a need to be able to configure the solution more."
"From my point of view, there is no need for improvement."
"We would like to see additional site services using AI to provide information about blocking requests and offer analytics on the origin of calls."
"The management can be improved."
"From a reporting perspective, they could do more there."
"Real-time traffic analysis has posed an issue for us because we did not see logs for legitimate traffic."
"The issue I have with Fortinet FortiAppSec Cloud is that the real-time analysis is not robust; I am unable to see all the logs of everything that happened, including what is passive."
 

Pricing and Cost Advice

"We pay $210 per month for CloudFlare WAF."
"The pricing model is very straightforward compared to the competition. You just pay per month for the product and usage."
"The solution's pricing option needs to be more transparent for enterprise clients."
"The annual licensing fee is $10,000 USD."
"It is not too pricey."
"Cloudflare Web Application Firewall is more affordable than other solutions."
"The solution is expensive."
"It starts at $20 and can easily go up to $200 monthly"
"I give the pricing a nine out of ten."
"We have an enterprise agreement with Microsoft and the pricing is good."
"Azure WAF has price advantages over other WAF solutions. The pricing model is flexible because you pay on a scale based on the level of protection you need."
"The price of the solution depends on your architecture and how you manage it. You can control the cost in Azure quite well. The costs do not directly correlate to expenses in the features we are using."
"The price is reasonable. It is approximately $2,000 US per month."
"The price is for this solution is fair and there is a license needed."
Information not available
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
17%
Financial Services Firm
9%
Comms Service Provider
9%
Manufacturing Company
7%
Financial Services Firm
12%
Manufacturing Company
11%
Comms Service Provider
6%
Computer Software Company
6%
Construction Company
26%
Healthcare Company
10%
Manufacturing Company
9%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise6
Large Enterprise6
By reviewers
Company SizeCount
Small Business6
Large Enterprise12
No data available
 

Questions from the Community

What needs improvement with Cloudflare Web Application Firewall?
I don't see room for improvement to Cloudflare Web Application Firewall. One thing I don't know much about because we...
What is your primary use case for Cloudflare Web Application Firewall?
We are using Cloudflare Web Application Firewall's advanced reporting and analytics tools with their Zero Trust, so e...
What is your experience regarding pricing and costs for Azure Web Application Firewall?
I would place Azure Web Application Firewall at an eight on a scale from one to 10, with one being cheap and 10 being...
What needs improvement with Azure Web Application Firewall?
The pricing needs improvement, and I think for beginners it will be a little bit complicated, so the ease of use coul...
What is your primary use case for Azure Web Application Firewall?
Because we mostly operate in the cloud and because we're a Microsoft environment, it was the best option in the scena...
What needs improvement with Fortinet FortiAppSec Cloud?
Real-time traffic analysis has posed an issue for us because we did not see logs for legitimate traffic. A separate l...
What is your primary use case for Fortinet FortiAppSec Cloud?
Fortinet FortiAppSec Cloud is used as a WAF solution.
What advice do you have for others considering Fortinet FortiAppSec Cloud?
We are a customer running Fortinet FortiAppSec Cloud for both our organization and one for our customer. Three users ...
 

Also Known As

Cloudflare WAF
No data available
No data available
 

Overview

 

Sample Customers

crunchbase, udacity, marketo, okcupid, zendesk
Information Not Available
Information Not Available
Find out what your peers are saying about Azure Web Application Firewall vs. Fortinet FortiAppSec Cloud and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.