"The most valuable feature is ease of use."
"The most valuable feature is that this product represents a whole solution, including a WAF, and even anti-defacements."
"The GUI is user-friendly."
"It is a stable product."
"It is a good product. We have just blocked everything coming from some geographical locations or certain countries, and it has been working very efficiently when I look at logs, events, and incidents generated from the system. It is generating very good analytic reports about it. This is the most valuable thing about this solution. It has load balancing and almost everything that a web application firewall needs. It is very flexible and easy to learn and configure. It can be easily learned and configured by using the information available on different channels such as YouTube."
"You have the ability to control everything from one single dashboard."
"The customers are very happy with this solution because of two things. First, the IPS integration with a web application is very tightly done on Fortinet. Second, the ease of use is there. The management interface or the GUI interface is very easy to use, configure, and manage. These are the two main valuable features. It supports integration with other Fortinet products. It also integrates very well with the firewall and sandboxing technology. They already have enough integration with different technologies. They have got a complete tech intelligence view of the whole product."
"It's stable and works efficiently against OWASP Top 10 attacks."
"The most valuable feature for us is the support for testing Linux-based web server components."
"The reporting on the solution is good."
"Rapid7 Metasploit is a useful product."
"All of the features are great."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"The solution could offer more integration opportunities."
"It is not entirely user-friendly."
"The F5 solution has more features than Fortinet FortiWeb, such as multiple load balancing."
"The solution could improve by being able to handle different use cases."
"It may be better if it were easier to create roles."
"The dashboard evaluating the performance of each application connected to the web app's firewall is quite helpful, but the tool is only available in application performance management. So I think if Fortinet could better integrate that particular feature, it would add a lot of value to the product."
"No solution is 100% secure and the security could always be worked on."
"They could improve their support a little bit for faster response time."
"At the time I was using it, the graphical user interface needed some improvements."
"The solution is not very scalable, it does not provide any automation to be able to scale it."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
"Better automation capabilities would be an improvement."
"The solution should improve the responsiveness of its live technical support."
Fortinet FortiWeb is ranked 1st in Web Application Firewall (WAF) with 27 reviews while Rapid7 Metasploit is ranked 10th in Vulnerability Management with 5 reviews. Fortinet FortiWeb is rated 8.2, while Rapid7 Metasploit is rated 7.6. The top reviewer of Fortinet FortiWeb writes "Reasonably priced and offers a good graphical user interface but need better integration capabilities". On the other hand, the top reviewer of Rapid7 Metasploit writes "Straightforward to set up, and helpful for moving from development to production". Fortinet FortiWeb is most compared with Fortinet FortiADC, Fortinet FortiOS, F5 Advanced WAF, F5 BIG-IP Local Traffic Manager (LTM) and Microsoft Azure Application Gateway, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Rapid7 InsightVM, Wireshark, Darktrace and Cisco Stealthwatch.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
