Try our new research platform with insights from 80,000+ expert users

Fortinet FortiWeb vs Imperva Web Application Firewall comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 1, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiWeb
Ranking in Web Application Firewall (WAF)
4th
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
95
Ranking in other categories
No ranking in other categories
Imperva Web Application Fir...
Ranking in Web Application Firewall (WAF)
7th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
52
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Web Application Firewall (WAF) category, the mindshare of Fortinet FortiWeb is 8.2%, up from 7.5% compared to the previous year. The mindshare of Imperva Web Application Firewall is 5.6%, down from 6.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Web Application Firewall (WAF)
 

Featured Reviews

Kacem CHAMMALI - PeerSpot reviewer
Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb
The xFF, or X-Forwarded-For feature, IP reputation, and protected hostname. We can block access using the IP address, so no one can connect to our web server or website using the real IP. They need to use the FQDN instead. Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb and the option to protect the hostname. All traffic passes through FortiWeb. Machine learning capabilities in FortiWeb: I don't use machine learning all the time. In the initial phase of FortiWeb deployment, we use the learning process to detect the traffic passing through FortiGate to our website.
Mitesh D Patel - PeerSpot reviewer
Effectively defends against threats like cross-site scripting (XSS), SQL injection, and others
It does bring value. For example, consider a BFSI customer. Their application is critical and represents their brand. Without a WAF, an attack could take their application down, harming their reputation. It leads to hampering the customer's workflow. With an Imperva WAF, they protect against attacks like DDoS or SQL injection, ensuring their application remains available and customers are happy. That's the main benefit for both the customer and the organization. The impact depends on the customer's use case. If their business primarily operates online, a CDN is beneficial for traffic optimization. Moreover, the integration options depend on the specific use case of our customers. Generally, integration capabilities are good with SIEM (Security Information and Event Management) parts.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives."
"FortiGate is a stable product."
"This product is very user-friendly."
"When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up."
"Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself."
"The product has a very user-friendly dashboard."
"Fortinet is a great SD-WAN player when it comes to security capabilities."
"The solution's most valuable feature is its security profile."
"The solution is stable."
"The compliance is the most valuable aspect."
"The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself."
"The solution is scalable."
"There is a quick switch between any of the the nodes if something goes wrong, where there's a there's an attack against a specific area. The security setup is reasonably easy. It's not a problem to do setups and rules and integrations. And, yeah, just the the back end team is also very willing to insist if there's questions that that we cannot answer or with these questions that we do have"
"Data masking is the most valuable feature of this solution."
"Compared to other web application firewalls in the market, Imperva does things in the most accurate way."
"There are many features. There is ease of deployment. You can deploy the Imperva Web Application Firewall in two to three minutes. After that, you have to set the policies. For setting policies, you have toggle buttons. You can turn something on or off."
 

Cons

"They could integrate some kind of machine learning and AI facilities to automate workflows."
"It may be better if it were easier to create roles."
"It costs too much."
"The solution could improve by providing more integration with solutions other than the Fortinet family."
"Though the reporting is a nice aspect associated with the tool, I feel that it has certain shortcomings and can be made better."
"Most of the deployment is done by our development team because they have some parameters that match the configuration. However, when we initially did the deployment we used a consultant company."
"The memory use in each of the appliances is problematic."
"New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems."
"I am looking for more data enrichment. We should have the ability to add our own custom data to the system, to the live traffic."
"I loved the approach of the cloud. The cloud has a lot of new features, like advanced web protection and DDoS protection. If those could also be on-boarded onto the on-prem versions, that would be ideal. They need to pay attention to both deployment options and not just favor one."
"Their portal is very limited and needs improvement."
"The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year."
"I think that better bot protection is needed in this solution."
"Imperva Web Application Firewall could improve the console by making it easier to use."
"The solution works for particular zones but isn't always the best solution for all zones."
"There's always room for improvement. Occasionally, there might be false-positive alerts."
 

Pricing and Cost Advice

"Cheaper than others."
"FortiWeb is more expensive than some competing products."
"The costs are standard. We pay around $1,600 yearly."
"FortiWeb can be purchased in VM mode for a lower price and the same features."
"FortiWeb offers these services at a price that SME customers can afford, but it's also suitable for large enterprises. Still, they need to put in more work to gain a greater share of enterprise business because they face stiff competition in this segment from F5, Cloudflare, and some others."
"The cost isn't expensive."
"There are no costs in addition to the standard licensing fees."
"The license to use Fortinet FortiWeb is approximately $14,000."
"There are some licenses that you have to buy to use some features. Its price could be better. Price is always important because, at the end of the day, customers have a budget. If you can meet the budget, you can sell, and if you don't, you cannot sell."
"The price of this solution is a little bit high compared to competitors."
"Licensing can range from one to twenty thousand dollars annually. Additionally, some features, including software support, require an annual subscription as well."
"It is a very affordable solution."
"We sell three-year licenses for Imperva Web Application Firewall to our customers. The price is a little expensive."
"Everybody complains about the price of this solution."
"The pricing is somewhat expensive. It is actually a huge investment when compared to other countries."
"There is a license for this solution and we purchase the license annually with no additional fees."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
19%
Computer Software Company
11%
Financial Services Firm
10%
Government
6%
Financial Services Firm
16%
Computer Software Company
12%
Insurance Company
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiWeb?
The WAF profiles has been effective at mitigating web-based threats.
What is your experience regarding pricing and costs for Fortinet FortiWeb?
Fortinet FortiWeb is cost-effective compared to solutions like F5. It offers strong performance for the price, providing substantial value for our customers.
What needs improvement with Fortinet FortiWeb?
The cloud-based security service of Fortinet FortiWeb could be enhanced to match the level of providers like Cloudflare ( /products/cloudflare-reviews ). Right now, it is more focused on on-prem so...
Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you have to look for other ADC's like F5, Imperva, Radware, Fortinet, etc.
DDoS solutions: Any other solutions to consider aside from Radware DDoS Protection Service and F5 Silverline DDoS Protection?
You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot of DDoS attacks that were well managed (even not seen by the customer) by Imperv...
 

Overview

 

Sample Customers

Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Find out what your peers are saying about Fortinet FortiWeb vs. Imperva Web Application Firewall and other solutions. Updated: June 2025.
859,687 professionals have used our research since 2012.