We performed a comparison between Cisco Sourcefire SNORT and Fortinet FortiWeb based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Cisco Sourcefire SNORT is easy to configure and the reporting is great. It's also very user-friendly."
"It is quite an intelligent product."
"The GUI makes it easy to scale in terms of learning and utilization."
"It is a good product. We have just blocked everything coming from some geographical locations or certain countries, and it has been working very efficiently when I look at logs, events, and incidents generated from the system. It is generating very good analytic reports about it. This is the most valuable thing about this solution. It has load balancing and almost everything that a web application firewall needs. It is very flexible and easy to learn and configure. It can be easily learned and configured by using the information available on different channels such as YouTube."
"FortiWeb offers a good price for the marketplace. In the Sri Lankan market, it's hard to find high-end products that can match FortiWeb's pricing. For high-end solutions, the price is always extremely high."
"The most valuable feature is that this product represents a whole solution, including a WAF, and even anti-defacements."
"The most important feature of this solution is protection from attack."
"The deployment was very easy."
"Provides good vulnerability scanning, IPS, and geolocalization."
"Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."
"The implementation could be a bit easier."
"I did not experience any pain points that required improvement. Maybe a couple of false-positives, but that's about it."
"The F5 solution has more features than Fortinet FortiWeb, such as multiple load balancing."
"It costs too much."
"We have had problems with deployments where we've had to contact technical support to resolve them."
"It may be better if it were easier to create roles."
"The GUI could be better. It's limited."
"When we look at the incident reports in the dashboard, they are available for a maximum duration of 24 hours. They should provide more time for the analysis and increase the duration of the availability of these reports. Currently, it gives the options for 5 minutes, 1 hour, and 24 hours. It would be excellent if there are more options for a longer time period. It may be configurable, but I don't know how to do it."
"The solution is not very scalable, to scale up would require another deployment with a new appliance and a change to the network."
"The initial setup in our data center was somewhat complex."
Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.
Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.
Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.
Fortinet FortiWeb Features and Benefits
APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:
Reviews from Real Users
Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.
Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."
A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."
Cisco Sourcefire SNORT is ranked 15th in Intrusion Detection and Prevention Software (IDPS) with 2 reviews while Fortinet FortiWeb is ranked 2nd in Web Application Firewall (WAF) with 29 reviews. Cisco Sourcefire SNORT is rated 7.6, while Fortinet FortiWeb is rated 8.2. The top reviewer of Cisco Sourcefire SNORT writes "Intelligent with good threat detection capabilities but could be easier to implement". On the other hand, the top reviewer of Fortinet FortiWeb writes "Good for compliance, load balancing, and high availability". Cisco Sourcefire SNORT is most compared with Check Point IPS, Palo Alto Networks Threat Prevention, Fortinet FortiGate IPS, Cisco NGIPS and KerioControl, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, Fortinet FortiOS, AWS WAF and Microsoft Azure Application Gateway.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.