


Check Point CloudGuard WAF and Fortinet FortiWeb Cloud WAF-as-a-Service compete in the web application firewall category. Check Point has the upper hand with its AI-driven threat prevention and scalable interface, while Fortinet stands out for its compliance features and integration with a broader security suite.
Features: Check Point CloudGuard WAF provides AI-driven threat prevention, DDoS protection, and multi-layer security. Its advanced threat intelligence offers a scalable and user-friendly interface. Fortinet FortiWeb Cloud WAF-as-a-Service excels in PCI DSS compliance, advanced threat detection, and seamless integration with Fortinet’s security suite.
Room for Improvement: Check Point could address latency challenges, improve pricing for smaller firms, and enhance technical support. Fortinet would benefit from improving its logging interfaces, enhancing AI integration, and offering more comprehensive authentication support like SAML.
Ease of Deployment and Customer Service: Check Point CloudGuard WAF is versatile in cloud environments, though response times in customer support could improve. Fortinet FortiWeb Cloud is commended for easy deployment and reliable technical support, providing effective and prompt solutions.
Pricing and ROI: Check Point CloudGuard WAF is perceived as costly but valuable, with a complex pricing model offering strong security benefits. Fortinet FortiWeb Cloud WAF-as-a-Service is more cost-effective, especially for larger enterprises, with satisfactory ROI achieved through its managed security capabilities.
My experience with the pricing or licensing of Cloudflare Web Application Firewall is that many features can be accessed for free, so the pricing is definitely reasonable.
When we are attacked, we can understand how important the solution is.
When you migrate to the cloud, it feels like saving 90% of your time.
Most of the operations happen in the background, so I do not spend much time on it.
I would rate the technical support with Cloudflare as excellent every time I've had to contact them.
The technical support of Cloudflare Web Application Firewall rates between five and seven at maximum.
They need to increase the number of people for 24/7 support.
They were responsive even before we committed to buying their solution.
I also received full technical support, especially during the implementation.
The company provides technical support, and they are mostly available 24/7.
The proximity of Fortinet with customers ensures quick issue resolution.
Sometimes it could be faster, but generally, their support is reliable.
The scalability of Cloudflare Web Application Firewall rates between 8 to 9, as it depends upon the use cases and what exactly the client needs.
If I need to scale, I open a Whatsapp group with the director and the team, and we quickly proceed to do so.
They have sufficient resources, and there are no challenges from a scalability perspective.
Check Point CloudGuard WAF's scalability is very good.
It auto checks everything, and you need to install the certificate.
In my experience, Fortinet FortiWeb Cloud WAF-as-a-Service's scalability is quite good, and I would rate it at eight point five out of ten.
We are purchasing Fortinet FortiWeb Cloud WAF-as-a-Service from the distributor side, who have provided support and a price discount.
The stability of Cloudflare Web Application Firewall deserves a perfect 10 out of 10.
It is very stable.
It is very stable, never crashing or giving me an error that I can see.
I did not have any issues in the last three years during which I had more than ten critical services running on CloudGuard.
The stability of the solution is excellent.
The product can improve by having more multitenancy capability, which is currently not available.
I think they're doing a good job with DNS and as support for any domains that I create or that my clients create, it's mandatory for me to ensure they have Cloudflare as their DNS provider.
And maybe something similar to Pushpin that Fastly has, which is an option where you can push messages that then can be scaled globally over the network.
The provider could improve by providing better guidance and support during the configuration process.
Future releases should include better bot mitigation, behavioral anomaly detection, compliance templates, advanced threat intel integration, and streamlined multi-cloud support to boost protection and usability.
A machine learning-based adaptive mode could help the WAF learn over time and auto-tune policies.
Fortinet FortiWeb Cloud WAF-as-a-Service could be improved with better logging capabilities, as many come with less spacing, necessitating a FortiSIM for enhanced functionality.
The utilization of AI in Fortinet FortiWeb Cloud WAF-as-a-Service still needs to be upgraded and improved.
I want them to provide SAML authentication.
It is more expensive than f5, where we purchased everything as bundles, and Check Point costs more, but it is worth the money.
It is less costly than Cloudflare, Fortinet, and other vendors.
I know that its price is relatively expensive compared to other products but it gives benefits that are worth it.
It is twice cheaper.
I just recommend Fortinet FortiWeb Cloud WAF-as-a-Service because it is very expensive.
The price is not the cheapest, but it offers great value for money.
The custom rules and the geo-redundant geographical rule feature, which allows me to implement geographical rules for customers, add significant value.
The best features of Cloudflare Web Application Firewall are multiple, including the WAF, rate limiter, and bot attack protection.
Cloudflare Web Application Firewall's advanced reporting and analytics tools add a layer that we're able to visualize and see before it actually hits the local firewall.
Upon implementation and evaluation with third-party penetration testing, it meets rigorous security standards required for dealing with financial institutions.
It can protect against zero-day attacks and hidden anomalies.
The solution preemptively blocks zero-day attacks and detects hidden anomalies effectively.
It is possible to easily find vulnerabilities with the WAF.
It effectively mitigates web attacks, provides virtual protections, and handles large traffic with minimal processing effort.
Its usability is a key aspect as it is very easy to use and deploy in front of new APIs.
| Product | Mindshare (%) |
|---|---|
| Check Point WAF (formerly CloudGuard WAF) | 2.1% |
| Cloudflare Web Application Firewall | 4.0% |
| Fortinet FortiWeb Cloud WAF-as-a-Service | 0.8% |
| Other | 93.1% |


| Company Size | Count |
|---|---|
| Small Business | 16 |
| Midsize Enterprise | 6 |
| Large Enterprise | 6 |
| Company Size | Count |
|---|---|
| Small Business | 38 |
| Midsize Enterprise | 21 |
| Large Enterprise | 24 |
| Company Size | Count |
|---|---|
| Small Business | 5 |
| Midsize Enterprise | 2 |
| Large Enterprise | 5 |
Cloudflare Web Application Firewall integrates DDoS protection, load balancing, and firewall capabilities. Its ease of use, configurability, and robust security measures make it a versatile choice for protecting web applications.
Cloudflare Web Application Firewall provides a comprehensive defense against threats with advanced reporting and robust security measures. It includes DNS integration, rate limiting, and extensive rule sets, all within a SaaS model that allows API configurability. Users value its caching, scalability, and pricing, although enhancements are needed in rate-limiting and third-party integration. Improvements in customer support, especially in India, real-time controls, and user documentation are also desired. Users seek a more intuitive dashboard, better log management, and improved alert systems, along with multitenancy capabilities and enhanced reporting.
What are the key features of Cloudflare Web Application Firewall?Cloudflare Web Application Firewall finds application in industries like banking and retail by acting as a comprehensive security gateway, managing authentication and authorization while protecting web applications from malicious Layer 7 traffic. It also implements load balancing, CDN, and zero-trust policies, supported by advanced reporting, analytics tools, and threat scoring to meet specific industry needs.
Check Point WAF uses AI-driven threat prevention with seamless API integration, offering advanced DDoS protection. It auto-learns attack patterns, updates protection, and minimizes false positives. Its interface simplifies policy management for secure web applications across cloud environments.
Check Point WAF combines AI-driven threat detection with streamlined policy management to provide effective security for web applications and APIs. It offers zero-day protection, threat intelligence, and advanced DDoS protection. Users enjoy robust logging and compliance management across multi-cloud environments. Integration is smooth, with reduced reliance on signatures, facilitating multi-layer security. Despite its strengths, users note areas for improvement, such as latency and pricing, and call for enhancements in API security, real-time monitoring, and reporting. Challenges include integration complexity and limited technical support accessibility. Effective application security across dynamic environments is a key offering.
What are Check Point WAF's key features?Check Point WAF finds particular relevance in industries requiring robust cybersecurity measures such as finance, healthcare, and e-commerce. These sectors benefit from its advanced threat detection and adaptive security policy management, crucial for securing sensitive data across multi-cloud infrastructures. By managing API usage efficiently, it helps maintain regulatory compliance while ensuring optimal operation. Enhanced traffic logging and malware threat management add to its appeal for organizations focusing on securing transactions and sensitive information.
Fortinet FortiWeb Cloud WAF-as-a-Service provides cloud-based web application protection, ensuring businesses secure their web apps against threats without hardware management, offering dynamic scalability and threat intelligence.
Fortinet FortiWeb Cloud WAF-as-a-Service offers an advanced security platform that effectively protects web applications from cyber threats by leveraging comprehensive threat intelligence and efficient traffic management. Its cloud-native architecture facilitates seamless integration, allowing for scalable security solutions that adapt to varying demand levels. Known for reducing complexity, it empowers organizations to focus on strategic initiatives without the need for dedicated on-premise resources. The service also provides robust analytics, enabling informed decision-making based on real-time threat landscapes.
What are the key features?In industries such as finance and e-commerce where sensitive data protection is paramount, Fortinet FortiWeb Cloud WAF-as-a-Service is extensively implemented to secure web applications against potential vulnerabilities. It ensures compliance with stringent regulatory standards and protects consumer information, thus maintaining trust and brand reputation. Healthcare providers leverage it to protect patient records, a sector that demands the utmost security and confidentiality.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.