Fortinet FortiWeb vs NGINX App Protect comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Fortinet FortiWeb and NGINX App Protect based on real PeerSpot user reviews.

Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Fortinet FortiWeb vs. NGINX App Protect Report (Updated: November 2022).
653,757 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them.""The solution has a good sandbox feature.""The most important feature of this solution is protection from attack.""The most valuable feature is the attack signature and machine learning.""The initial setup is pretty straightforward.""It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs.""The anti-defacement feature is very useful because it looks for web changes over time to protect pages.""Provides good vulnerability scanning, IPS, and geolocalization."

More Fortinet FortiWeb Pros →

"The most valuable feature of NGINX App Protect is the reverse proxy.""The policies are flexible based on the technologies you use.""NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks.""NGINX App Protect is stable.""The initial setup was simple and took three to four days.""The most valuable feature of NGINX App Protect is its flexibility.""The most valuable feature of NGINX App Protect is its open source.""NGINX App Protect has complete control over the HTTP session."

More NGINX App Protect Pros →

Cons
"The initial setup process could be improved.""FortiGate could be improved on the security end because we've had some incidents with the customer. Otherwise, there is no problem.""The solution is not very scalable, to scale up would require another deployment with a new appliance and a change to the network.""The initial setup in our data center was somewhat complex.""The support side of things can be improved.""The upgrade process could be a bit smoother.""Fortinet FortiWeb could improve in reference architecture for different deployment scenarios.""The automation piece can be improved. Although they say it can be automated very well, there is still manual work. Its usability should be improved in terms of automation because we want to build an infrastructure with code, but you can't do that easily with this solution. If they can give us APIs in the firewalls that we can tap into, it would be perfect."

More Fortinet FortiWeb Cons →

"The dashboard could provide a more comprehensive view of the status of the connections.""Currently, the policies have to be handled manually, and you have to create from scratch, which can be a bit time-consuming, in a large environment.""NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution.""Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks.""The integration of NGINX App Protect could improve.""NGINX App Protect could improve security.""As far as scalability, it takes a long time for deployment.""The price of NGINX App Protect could improve."

More NGINX App Protect Cons →

Pricing and Cost Advice
  • "There are no costs in addition to the standard licensing fees."
  • "The price is competitive."
  • "We are on an annual license for this solution and the price is approximately €100."
  • "It keeps changing, but it's based on the size of the VM you buy and also the traffic throughput you want from it, whereas what we have on Azure is just the traffic throughput. You can also pay on a monthly basis from Azure. During each part of the project, it's okay to get Azure-based licensing or AWS-based licensing for FortiWeb, but over time, you would want to go with the perpetual license. You should go to Fortinet and buy the license from them. So, there is a two-step process there."
  • "The price of Fortinet FortiWeb is reasonable. This is one of the key factors of why we use this solution."
  • "There's only one payment for the duration of the license. On a scale from one to five, I would rate pricing at four. I have not encountered any additional costs on my projects involving Fortinet FortiWeb."
  • "The maintenance fee for this product could be improved."
  • "It should be somewhere about 36,000 Euros. That's the cost for three years. It's moderately priced."
  • More Fortinet FortiWeb Pricing and Cost Advice →

  • "Really understand the licensing model, because we underestimated that."
  • "There are no additional fees."
  • "NGINX is not expensive."
  • "The pricing is reasonable because NGINX operates on an instance basis."
  • "There is a license needed to use NGINX App Protect."
  • "There are not any additional costs we had to pay to use NGINX App Protect."
  • "There is a monthly or annual subscription to use NGINX App Protect. There are not any additional costs to the subscription."
  • "The price of NGINX App Protect is approximately $3,000 annually. All of our licenses are observed by a managed service partner."
  • More NGINX App Protect Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    653,757 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The solution has a good sandbox feature.
    Top Answer:I'd rate the pricing at a four out of five in terms of affordability.
    Top Answer:It can be better with web application firewalls. It is already close to the best in class. This product is up to the mark right now.
    Top Answer:WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall.
    Top Answer:Our licensing costs are about $40,000 a year. We pay on an annual basis. We just have our operating costs on top of that.
    Top Answer:The solution does well when there's low throughput but when we go for any high throughput, it's always a challenge. I'm expecting the next version to have a better high throughput. I also find that… more »
    Ranking
    Views
    17,038
    Comparisons
    13,293
    Reviews
    27
    Average Words per Review
    429
    Rating
    8.1
    Views
    5,188
    Comparisons
    4,189
    Reviews
    9
    Average Words per Review
    388
    Rating
    8.0
    Comparisons
    Also Known As
    NGINX WAF, NGINX Web Application Firewall
    Learn More
    Overview

    Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

    Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

    Fortinet FortiWeb Features and Benefits

    APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

    • Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.

    • Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.

    • Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.

    • Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.

    • ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.

    • False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

    Reviews from Real Users

    Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

    Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

    A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

    NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:

    • Integrating security controls directly into the development automation pipeline
    • Applying and managing security for modern and distributed application environments such as containers and microservices
    • Providing the right level of security controls without impacting release and go-to-market velocity
    • Complying with security and regulatory requirements

    NGINX App Protect offers:

    • Expanded security beyond basic signatures to ensure adequate controls
    • F5 app‑security technology for efficacy superior to ModSecurity and other WAFs
    • Confidently run in “blocking” mode in production with proven F5 expertise
    • High‑confidence signatures for extremely low false positives
    • Increases visibility, integrating with third‑party analytics solutions
    • Integrates security and WAF natively into the CI/CD pipeline
    • Deploys as a lightweight software package that is agnostic of underlying infrastructure
    • Facilitates declarative policies for “security as code” and integration with DevOps tools
    • Decreases developer burden and provides feedback loop for quick security remediation
    • Accelerates time to market and reduces costs with DevSecOps‑automated security
    Offer
    Learn more about Fortinet FortiWeb
    Learn more about NGINX App Protect
    Sample Customers
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    Information Not Available
    Top Industries
    REVIEWERS
    Financial Services Firm25%
    Comms Service Provider25%
    Computer Software Company16%
    Government9%
    VISITORS READING REVIEWS
    Computer Software Company23%
    Comms Service Provider22%
    Government7%
    Financial Services Firm5%
    REVIEWERS
    Financial Services Firm38%
    Comms Service Provider38%
    Insurance Company13%
    Computer Software Company13%
    VISITORS READING REVIEWS
    Computer Software Company23%
    Comms Service Provider16%
    Financial Services Firm9%
    Government7%
    Company Size
    REVIEWERS
    Small Business49%
    Midsize Enterprise23%
    Large Enterprise28%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise23%
    Large Enterprise51%
    REVIEWERS
    Small Business31%
    Midsize Enterprise15%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise14%
    Large Enterprise62%
    Buyer's Guide
    Fortinet FortiWeb vs. NGINX App Protect
    November 2022
    Find out what your peers are saying about Fortinet FortiWeb vs. NGINX App Protect and other solutions. Updated: November 2022.
    653,757 professionals have used our research since 2012.

    Fortinet FortiWeb is ranked 2nd in Web Application Firewall (WAF) with 30 reviews while NGINX App Protect is ranked 11th in Web Application Firewall (WAF) with 9 reviews. Fortinet FortiWeb is rated 8.2, while NGINX App Protect is rated 8.0. The top reviewer of Fortinet FortiWeb writes "Good for compliance, load balancing, and high availability". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, Fortinet FortiOS, AWS WAF and Darktrace, whereas NGINX App Protect is most compared with F5 Advanced WAF, AWS WAF, Mirantis Container Cloud, Microsoft Azure Application Gateway and 42Crunch API Security Platform. See our Fortinet FortiWeb vs. NGINX App Protect report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.