Try our new research platform with insights from 80,000+ expert users

Fortinet FortiWeb vs Imperva Web Application Firewall comparison

Fortinet and Imperva are both solutions in the Web Application Firewall (WAF) category. Fortinet is ranked #4 with an average rating of 7.4, while Imperva is ranked #7 with an average rating of 8.8. Fortinet holds a 8.4% mindshare in WAF, compared to Imperva’s 5.8% mindshare. Additionally, 89% of Fortinet users are willing to recommend the solution, compared to 97% of Imperva users who would recommend it.
Fortinet FortiWeb
Read 95 Fortinet FortiWeb reviews
  • 6,587 Views
  • 3,845 Comparison Views
89% willing to recommend
Imperva Web Application Fir...
Read 52 Imperva Web Application Firewall reviews
  • 4,789 Views
  • 2,294 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 1, 2025

Fortinet FortiWeb and Imperva Web Application Firewall compete in web application security. Fortinet FortiWeb appears to have an edge in integration and cost-efficiency, whereas Imperva stands out for its performance and cloud capabilities.

Features: Fortinet FortiWeb is recognized for its diverse security profiles, including application control and web filtering. It offers advanced features such as SSL offloading, virtual patching, and layer 7 server load balancing, which are enhanced by integration with Fortinet's Security Fabric. Imperva Web Application Firewall is known for its advanced threat intelligence and inline traffic profiling, delivering strong security against web attacks. It also offers ease of setup and usage.

Room for Improvement: Fortinet FortiWeb users suggest enhancements in upgrading procedures, reducing false positives, and exploring more cloud-native deployment options. They also call for improved technical support response times and broader security platform integration. Imperva users, meanwhile, desire better support for modern application technologies and wish for expanded real-time traffic visibility features. Pricing transparency and integrative capabilities with other security tools are also noted areas for development.

Ease of Deployment and Customer Service: Fortinet FortiWeb allows flexible deployment across public, private, and hybrid environments, but experiences with technical support vary, with some noting slow response times. Imperva offers strong deployment flexibility with consistent and responsive customer service, benefiting users with its structured support and prompt problem-solving.

Pricing and ROI: Fortinet FortiWeb is viewed as cost-effective, particularly in virtual machine modes, where upfront costs are lower. Users benefit from competitive pricing, especially when bundled with other Fortinet products, contributing to clear ROI through reduced operational costs. Imperva Web Application Firewall is often seen as more expensive, which some users find a drawback relative to its value. Despite the higher cost, users acknowledge that Imperva provides significant security benefits that justify the investment.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Fortinet FortiWeb vs. Imperva Web Application Firewall Report (Updated: June 2025).
Buyer's Guide
Fortinet FortiWeb vs. Imperva Web Application Firewall
June 2025
Download the complete report
Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiWeb
Ranking in Web Application Firewall (WAF)
4th
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
95
Ranking in other categories
No ranking in other categories
Imperva Web Application Fir...
Ranking in Web Application Firewall (WAF)
7th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
52
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2025, in the Web Application Firewall (WAF) category, the mindshare of Fortinet FortiWeb is 8.4%, up from 7.3% compared to the previous year. The mindshare of Imperva Web Application Firewall is 5.8%, down from 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Web Application Firewall (WAF)
 

Featured Reviews

Kacem CHAMMALI - PeerSpot reviewer
Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb
The xFF, or X-Forwarded-For feature, IP reputation, and protected hostname. We can block access using the IP address, so no one can connect to our web server or website using the real IP. They need to use the FQDN instead. Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb and the option to protect the hostname. All traffic passes through FortiWeb. Machine learning capabilities in FortiWeb: I don't use machine learning all the time. In the initial phase of FortiWeb deployment, we use the learning process to detect the traffic passing through FortiGate to our website.
Read full review
Mitesh D Patel - PeerSpot reviewer
Effectively defends against threats like cross-site scripting (XSS), SQL injection, and others
It does bring value. For example, consider a BFSI customer. Their application is critical and represents their brand. Without a WAF, an attack could take their application down, harming their reputation. It leads to hampering the customer's workflow. With an Imperva WAF, they protect against attacks like DDoS or SQL injection, ensuring their application remains available and customers are happy. That's the main benefit for both the customer and the organization. The impact depends on the customer's use case. If their business primarily operates online, a CDN is beneficial for traffic optimization. Moreover, the integration options depend on the specific use case of our customers. Generally, integration capabilities are good with SIEM (Security Information and Event Management) parts.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the web application firewall (WAF)."
"The customers are very happy with this solution because of two things. First, the IPS integration with a web application is very tightly done on Fortinet. Second, the ease of use is there. The management interface or the GUI interface is very easy to use, configure, and manage. These are the two main valuable features. It supports integration with other Fortinet products. It also integrates very well with the firewall and sandboxing technology. They already have enough integration with different technologies. They have got a complete tech intelligence view of the whole product."
"We find that it is quite stable and reliable."
"The ease of configuration is valuable. We have Azure WAF, we have OCI WAF, and we also have Cloud Armor for GCP, but their configuration isn't very easy. It's pretty simple in FortiWeb, and we can enable or configure whatever we want."
"The most valuable feature is the attack signature and machine learning."
"It can scale well."
"Deployment can be straightforward"
"You have the ability to control everything from one single dashboard."
More Fortinet FortiWeb pros
"The most valuable features of the Imperva Web Application Firewall are DDoS, malware, and the other malicious threat prevention it provides. Additionally, third-party integration is available. You can forward the log for further analysis."
"Data masking is the most valuable feature of this solution."
"The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand."
"Protection is the best solution since it has profile functionality."
"Learning mode and custom policies are helpful features."
"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
"The dynamic profiling of websites is the solution's most valuable feature. The security is also good."
"The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network."
More Imperva Web Application Firewall pros
 

Cons

"The support side of things can be improved."
"The integration with other products should be improved."
"No solution is 100% secure and the security could always be worked on."
"They could improve their support a little bit for faster response time."
"FortiWeb needs to have support for the newest technology being used in web applications."
"The automation piece can be improved. Although they say it can be automated very well, there is still manual work. Its usability should be improved in terms of automation because we want to build an infrastructure with code, but you can't do that easily with this solution. If they can give us APIs in the firewalls that we can tap into, it would be perfect."
"They could integrate some kind of machine learning and AI facilities to automate workflows."
"Sometimes, even if you follow the documentation, it doesn't work as expected."
More Fortinet FortiWeb cons
"Imperva Web Application Firewall is a good system, but we found that the visibility of the diverse-path server, e.g. where the traffic is coming from, the different IPs, etc., needs improvement."
"I'd like the option to pick your bot protection."
"There could be some limitations that from the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go. Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering."
"Support is one thing I wish Imperva could improve."
"The tool needs to improve CPU and storage memory."
"Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself."
"If they can bring in generative AI features, that would be useful."
"The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year."
More Imperva Web Application Firewall cons
 

Pricing and Cost Advice

"The solution is very inexpensive when compared to F5 Advanced WAF and Avi Networks but offers the same benefits."
"There are no costs in addition to the standard licensing fees."
"So far, I have been pretty pleased with the way it's priced and licensed. The way it's done makes it easy, especially for an organization like us, so I've been pleased with the way it's priced and licensed right now."
"It's an expensive solution, although there are no additional costs."
"Fortinet FortiWeb's pricing is reasonable. Its licensing costs are yearly."
"All our Fortinet pricing is bundled together for different products, like FortiGate, FortiAnalyzer, and FortiWeb. FortiWeb, by itself, is probably around $2,500 to $3,500."
"​It really pays off to buy licences for multiple years​."
"When I use any other firewall, I have to take a license. It could be a perpetual license or subscription-based. In both cases, we have to pay some amount in advance, whereas in the case of FortiWeb, when using it as a service, I am paying half a dollar only for the domain name, and then I am paying based on the traffic or the number of requests."
More Fortinet FortiWeb pricing and cost advice
"Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately."
"Everybody complains about the price of this solution."
"Licensing can range from one to twenty thousand dollars annually. Additionally, some features, including software support, require an annual subscription as well."
"Imperva’s pricing is a bit higher in the market since it offers a full-blown WAF."
"Imperva Web Application Firewall's pricing is expensive."
"The solution's pricing is an issue."
"Imperva Web Application Firewall is expensive."
"The price is high compared to other solutions like FortiWeb."
More Imperva Web Application Firewall pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
See recommendations
856,873 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
33%
Computer Software Company
10%
Financial Services Firm
8%
Government
5%
Financial Services Firm
16%
Computer Software Company
12%
Insurance Company
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiWeb?
The WAF profiles has been effective at mitigating web-based threats.
See all answers
What is your experience regarding pricing and costs for Fortinet FortiWeb?
Fortinet FortiWeb is cost-effective compared to solutions like F5. It offers strong performance for the price, providing substantial value for our customers.
See all answers
What needs improvement with Fortinet FortiWeb?
The cloud-based security service of Fortinet FortiWeb could be enhanced to match the level of providers like Cloudflare ( /products/cloudflare-reviews ). Right now, it is more focused on on-prem so...
See all answers
Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
My recommendation is Imperva.
See all answers
Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you have to look for other ADC's like F5, Imperva, Radware, Fortinet, etc.
See all answers
DDoS solutions: Any other solutions to consider aside from Radware DDoS Protection Service and F5 Silverline DDoS Protection?
You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot of DDoS attacks that were well managed (even not seen by the customer) by Imperv...
See all answers
 

Comparisons

F5 Advanced WAF vs Fortinet FortiWeb Logo
F5 Advanced WAF vs Fortinet FortiWeb
Compared 22% of the time
Fortinet FortiADC vs Fortinet FortiWeb Logo
Fortinet FortiADC vs Fortinet FortiWeb
Compared 14% of the time
Cloudflare Web Application Firewall vs Fortinet FortiWeb Logo
Cloudflare Web Application Firewall vs Fortinet FortiWeb
Compared 10% of the time
Azure Web Application Firewall vs Fortinet FortiWeb Logo
Azure Web Application Firewall vs Fortinet FortiWeb
Compared 5% of the time
Fortinet FortiWeb Cloud WAF-as-a-Service vs Fortinet FortiWeb Logo
Fortinet FortiWeb Cloud WAF-as-a-Service vs Fortinet FortiWeb
Compared 3% of the time
More Fortinet FortiWeb Competitors
Microsoft Azure Application Gateway vs Imperva Web Application Firewall Logo
Microsoft Azure Application Gateway vs Imperva Web Application Firewall
Compared 15% of the time
F5 Advanced WAF vs Imperva Web Application Firewall Logo
F5 Advanced WAF vs Imperva Web Application Firewall
Compared 12% of the time
Azure Front Door vs Imperva Web Application Firewall Logo
Azure Front Door vs Imperva Web Application Firewall
Compared 10% of the time
AWS WAF vs Imperva Web Application Firewall Logo
AWS WAF vs Imperva Web Application Firewall
Compared 8% of the time
Cloudflare Web Application Firewall vs Imperva Web Application Firewall Logo
Cloudflare Web Application Firewall vs Imperva Web Application Firewall
Compared 6% of the time
More Imperva Web Application Firewall Competitors
 

Product Reports

Buyer's Guide
Fortinet FortiWeb
June 2025
Fortinet FortiWeb reportDownload Fortinet FortiWeb product report
Buyer's Guide
Imperva Web Application Firewall
June 2025
Imperva Web Application Firewall reportDownload Imperva Web Application Firewall product report
 

Overview

Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

Fortinet FortiWeb Features and Benefits

APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

  • Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.

  • Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.

  • Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.

  • Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.

  • ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.

  • False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

Reviews from Real Users

Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

Fortinet

Imperva Web Application Firewall is a versatile solution that protects web applications and databases from various attacks, including DDoS, cross-site scripting, and SQL injection attacks. It offers data security, availability, and access control and can be deployed on-premises or on the cloud. 

The solution has good security against web attacks and offers advanced bot protection, API security, and mitigation features. Imperva WAF is easy to configure and deploy; it has good customer service and an excellent user interface.

Imperva
 

Sample Customers

Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Buyer's Guide
Fortinet FortiWeb vs. Imperva Web Application Firewall
June 2025
Free Report: Fortinet FortiWeb vs. Imperva Web Application Firewall
Find out what your peers are saying about Fortinet FortiWeb vs. Imperva Web Application Firewall and other solutions. Updated: June 2025.
DOWNLOAD NOW
856,873 professionals have used our research since 2012.
See our Fortinet FortiWeb vs. Imperva Web Application Firewall report.
See our list of best Web Application Firewall (WAF) vendors.

We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.