We changed our name from IT Central Station: Here's why

Fortinet FortiWeb vs Rapid7 Metasploit comparison

You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Fortinet, Microsoft, Imperva and others in Web Application Firewall (WAF). Updated: January 2022.
565,689 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"The most valuable feature is ease of use.""The most valuable feature is that this product represents a whole solution, including a WAF, and even anti-defacements.""The GUI is user-friendly.""It is a stable product.""It is a good product. We have just blocked everything coming from some geographical locations or certain countries, and it has been working very efficiently when I look at logs, events, and incidents generated from the system. It is generating very good analytic reports about it. This is the most valuable thing about this solution. It has load balancing and almost everything that a web application firewall needs. It is very flexible and easy to learn and configure. It can be easily learned and configured by using the information available on different channels such as YouTube.""You have the ability to control everything from one single dashboard.""The customers are very happy with this solution because of two things. First, the IPS integration with a web application is very tightly done on Fortinet. Second, the ease of use is there. The management interface or the GUI interface is very easy to use, configure, and manage. These are the two main valuable features. It supports integration with other Fortinet products. It also integrates very well with the firewall and sandboxing technology. They already have enough integration with different technologies. They have got a complete tech intelligence view of the whole product.""It's stable and works efficiently against OWASP Top 10 attacks."

More Fortinet FortiWeb Pros →

"The most valuable feature for us is the support for testing Linux-based web server components.""The reporting on the solution is good.""Rapid7 Metasploit is a useful product.""All of the features are great.""The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."

More Rapid7 Metasploit Pros →

"The solution could offer more integration opportunities.""It is not entirely user-friendly.""The F5 solution has more features than Fortinet FortiWeb, such as multiple load balancing.""The solution could improve by being able to handle different use cases.""It may be better if it were easier to create roles.""The dashboard evaluating the performance of each application connected to the web app's firewall is quite helpful, but the tool is only available in application performance management. So I think if Fortinet could better integrate that particular feature, it would add a lot of value to the product.""No solution is 100% secure and the security could always be worked on.""They could improve their support a little bit for faster response time."

More Fortinet FortiWeb Cons →

"At the time I was using it, the graphical user interface needed some improvements.""The solution is not very scalable, it does not provide any automation to be able to scale it.""Rapid7 Metasploit can add a GUI feature because it is only available online.""Better automation capabilities would be an improvement.""The solution should improve the responsiveness of its live technical support."

More Rapid7 Metasploit Cons →

Pricing and Cost Advice
  • "The costs are standard. We pay around $1,600 yearly."
  • "All our Fortinet pricing is bundled together for different products, like FortiGate, FortiAnalyzer, and FortiWeb. FortiWeb, by itself, is probably around $2,500 to $3,500."
  • "FortiWeb is more expensive than some competing products."
  • "Due to the situation in Iran with the sanctions, the price of this solution is very expensive."
  • "It's an expensive solution, although there are no additional costs."
  • "It is fine now. We had to earlier negotiate the price."
  • "It is an expensive suite and it is an expensive solution, but it is a manageable one for an enterprise."
  • "Its subscription prices are cheaper, and it is not very expensive. From a price perspective, Fortinet is a very well-known security vendor. Subscriptions are very simple. They have a couple of licenses on an appliance, and that's it. The cost is not that big. One license is 40K, which they give with all the products. Another one includes the subscriptions for threat prevention, IPS, sandboxing, etc, which is more than enough."
  • More Fortinet FortiWeb Pricing and Cost Advice →

  • "The great advantage with Rapid7 Metasploit, of course, is that it's free."
  • "There are two versions available, one of which is the Pro version, and the other is the free version."
  • More Rapid7 Metasploit Pricing and Cost Advice →

    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    565,689 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    The most valuable feature is the attack signature and machine learning.
    Top Answer: 
    There is a subscription to use this solution. There are some additional features that can be added for an extra fee. The use of the features depends on the client's needs, such as full machine… more »
    Top Answer: 
    The machine learning feature of the solution could be improved. No solution is 100% secure and the security could always be worked on.
    Top Answer: 
    Rapid7 Metasploit is a useful product.
    Top Answer: 
    There are two versions available, one of which is the Pro version, and the other is the free version. In the four years that we've been using this solution, we've only used the free version. We… more »
    Top Answer: 
    Rapid7 Metasploit can add a GUI feature because it is only available online. While it is simple to use, including a GUI would make things easier. It would be very helpful.
    Average Words per Review
    Average Words per Review
    Also Known As
    Learn More

    FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.

    Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.

    Learn more about Fortinet FortiWeb
    Learn more about Rapid7 Metasploit
    Sample Customers
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon University
    Top Industries
    Financial Services Firm25%
    Comms Service Provider25%
    Computer Software Company13%
    Comms Service Provider32%
    Computer Software Company26%
    Financial Services Firm4%
    Comms Service Provider31%
    Computer Software Company21%
    Manufacturing Company5%
    Company Size
    Small Business47%
    Midsize Enterprise24%
    Large Enterprise29%
    Small Business44%
    Midsize Enterprise36%
    Large Enterprise20%
    Small Business22%
    Midsize Enterprise33%
    Large Enterprise44%
    Find out what your peers are saying about Fortinet, Microsoft, Imperva and others in Web Application Firewall (WAF). Updated: January 2022.
    565,689 professionals have used our research since 2012.

    Fortinet FortiWeb is ranked 1st in Web Application Firewall (WAF) with 27 reviews while Rapid7 Metasploit is ranked 10th in Vulnerability Management with 5 reviews. Fortinet FortiWeb is rated 8.2, while Rapid7 Metasploit is rated 7.6. The top reviewer of Fortinet FortiWeb writes "Reasonably priced and offers a good graphical user interface but need better integration capabilities". On the other hand, the top reviewer of Rapid7 Metasploit writes "Straightforward to set up, and helpful for moving from development to production". Fortinet FortiWeb is most compared with Fortinet FortiADC, Fortinet FortiOS, F5 Advanced WAF, F5 BIG-IP Local Traffic Manager (LTM) and Microsoft Azure Application Gateway, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Rapid7 InsightVM, Wireshark, Darktrace and Cisco Stealthwatch.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.