Try our new research platform with insights from 80,000+ expert users

FortiWeb Web Application Firewall (WAF) vs Imperva Web Application Firewall comparison

Fortinet and Imperva are both solutions in the Web Application Firewall (WAF) category. Fortinet is ranked #16 with an average rating of 8.2, while Imperva is ranked #7 with an average rating of 8.8. Fortinet holds a 1.0% mindshare in WAF, compared to Imperva’s 5.8% mindshare. Additionally, 91% of Fortinet users are willing to recommend the solution, compared to 97% of Imperva users who would recommend it.
FortiWeb Web Application Fi...
Read 24 FortiWeb Web Application Firewall (WAF) reviews
  • 491 Views
  • 272 Comparison Views
91% willing to recommend
Imperva Web Application Fir...
Read 52 Imperva Web Application Firewall reviews
  • 4,789 Views
  • 2,294 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 1, 2025

Imperva Web Application Firewall and FortiWeb compete in the web application security category. Imperva typically has the upper hand due to its advanced security features and flexibility in deployment, making it suitable for enterprise-level requirements.

Features: Imperva offers advanced security features such as API protection, bot security, and dynamic profiling, ensuring robust defense across cloud and on-premises environments. Its integration capabilities with other tools and ease of configuration enhance its versatility. FortiWeb provides machine learning features and efficient integration tools, making it appealing to cost-conscious customers. It includes a built-in antivirus and excels in ease of monitoring across multiple platforms.

Room for Improvement: Imperva users suggest enhancements in GUI and management simplicity for varied environments, seeking improved visibility, reporting, and support responsiveness. FortiWeb requires better advanced configurations and comprehensive documentation, as well as improvements in support response and zero-day attack handling. Support improvements could benefit both, offering different strengths.

Ease of Deployment and Customer Service: Imperva supports diverse infrastructure needs with flexible hybrid and cloud deployment models. Despite delays in support responses, its customer service is well-regarded. FortiWeb simplifies the deployment process, especially for on-premises solutions, with noted license simplicity, though users report challenges with technical support responsiveness. Imperva's wide deployment options and proactive support, despite criticisms, offer an advantage.

Pricing and ROI: Imperva's higher cost is offset by substantial ROI for enterprises, particularly in critical sectors like finance, making the investment worthwhile for larger organizations. FortiWeb appeals to small to medium enterprises seeking cost-effective solutions with essential features. Its pricing contrasts with Imperva's extensive capabilities, catering to budget-conscious clients.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed FortiWeb Web Application Firewall (WAF) vs. Imperva Web Application Firewall Report (Updated: June 2025).
Buyer's Guide
FortiWeb Web Application Firewall (WAF) vs. Imperva Web Application Firewall
June 2025
Download the complete report
Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

FortiWeb Web Application Fi...
Ranking in Web Application Firewall (WAF)
16th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
24
Ranking in other categories
No ranking in other categories
Imperva Web Application Fir...
Ranking in Web Application Firewall (WAF)
7th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
52
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2025, in the Web Application Firewall (WAF) category, the mindshare of FortiWeb Web Application Firewall (WAF) is 1.0%, up from 0.3% compared to the previous year. The mindshare of Imperva Web Application Firewall is 5.8%, down from 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Web Application Firewall (WAF)
 

Featured Reviews

Martin Ellmann - PeerSpot reviewer
Provides users with ease of policy configuration and good integration capabilities
The solution helps protect our company's web applications against common threats up to 99 percent. We feel very safe with the tool. Speaking about how the tool has effectively mitigated web security threats for an application, I would say that it is an application behind the web portal, so there are about a hundred or thousand people who can access a website. If it is a sensitive application, and we have to watch every access to it to make it really safe, that is the reason why we need WAF on the application. My company doesn't use AI with the tool. I recommend the product to others. I would say that others need to have it if they have a shopping website or something similar. I know it is hard to sell because we find it quite hard whenever my company tries to do so. The solution offers 100 percent integration with other Fortinet security products. The ease of policy configuration in the tool is okay. I rate the tool a nine to ten out of ten.
Read full review
Mitesh D Patel - PeerSpot reviewer
Effectively defends against threats like cross-site scripting (XSS), SQL injection, and others
It does bring value. For example, consider a BFSI customer. Their application is critical and represents their brand. Without a WAF, an attack could take their application down, harming their reputation. It leads to hampering the customer's workflow. With an Imperva WAF, they protect against attacks like DDoS or SQL injection, ensuring their application remains available and customers are happy. That's the main benefit for both the customer and the organization. The impact depends on the customer's use case. If their business primarily operates online, a CDN is beneficial for traffic optimization. Moreover, the integration options depend on the specific use case of our customers. Generally, integration capabilities are good with SIEM (Security Information and Event Management) parts.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The fact that I can log into the platform and see everybody, see logs, authentication failure, and see everything on one platform, is the most valuable feature."
"FortiWeb has a very extensive library of known attack signatures, which makes the product fit for any environment, regardless if the customer uses Windows-specific or non-Windows-specific applications."
"The product is easy to configure."
"FortiWeb Web Application Firewall helps us to block certain categories of browsing, such as weapons, and other inappropriate content on the client side. We have also blocked social media sites like TikTok and Facebook to enhance user productivity and maintain application security."
"The platform's stability is good."
"The features of FortiWeb Web Application Firewall (WAF) that have proven most effective in protecting web applications include web filtering, DDoS protection, geo-location blocking, and blocking SQL injection attacks."
"The initial setup was easy since it was possible to get remote support for the product."
"The product's initial setup phase was easy."
More FortiWeb Web Application Firewall (WAF) pros
"The solution is scalable."
"The solution is very scalable. It is one of the most important features. You can also expand resources and features as well."
"There are some features that are configured by default, so even without doing much, it can still provide a level of protection."
"The dynamic profiling of websites is the solution's most valuable feature. The security is also good."
"It mitigates all of the availabilities of risks around web applications."
"There is a quick switch between any of the the nodes if something goes wrong, where there's a there's an attack against a specific area. The security setup is reasonably easy. It's not a problem to do setups and rules and integrations. And, yeah, just the the back end team is also very willing to insist if there's questions that that we cannot answer or with these questions that we do have"
"There are many features. There is ease of deployment. You can deploy the Imperva Web Application Firewall in two to three minutes. After that, you have to set the policies. For setting policies, you have toggle buttons. You can turn something on or off."
"The solution can scale."
More Imperva Web Application Firewall pros
 

Cons

"If some of my customers want to migrate from F5 to Fortinet Firewall, or the Fortinet WAF solution, there are some migration issues since I cannot migrate all the elements quickly using Fortinet Firewall."
"The product is complicated to set up."
"There is room for improvement in the support. The response time could be faster. Plus, they ask for a lot of information. It is not easy to get support."
"For users not familiar with Fortinet, it could be beneficial to provide more user-friendly analytics and reporting."
"It would be good if the solution integrated with other solutions, like SAP."
"We also need configuration settings that indicate the advantages or disadvantages of enabled features."
"FortiWeb Web Application Firewall needs to improve its performance."
"WAF needs more signatures on FortiWeb and updates the database continuously to protect against new attacks."
More FortiWeb Web Application Firewall (WAF) cons
"I don't really use it and therefore can't speak to areas of improvement."
"Sometimes, support tickets don't get addressed quickly."
"It would be nice to have more security control over mobile applications so I would suggest adding more mobile security features. It would also be beneficial to see improvements in regards to interface bandwidth performance, CPU time, and RAM size. Learning capability of the device is quite weak."
"Imperva Web Application Firewall is very expensive."
"Imperva Web Application Firewall is a good system, but we found that the visibility of the diverse-path server, e.g. where the traffic is coming from, the different IPs, etc., needs improvement."
"The support for the on-premises version needs improvement."
"The user interface could be better."
"They can provide an option to create reports, automatically import the entire report, and create rules again. In a real-life crisis, it would be helpful to be able to import a report and generate security rules from that report. I should be able to create a simple query and import the reports automatically. It can maybe also tell us the format of the report."
More Imperva Web Application Firewall cons
 

Pricing and Cost Advice

"FortiWeb Web Application Firewall's pricing is suited for small or medium organizations."
"I rate the tool's pricing an eight out of ten."
"It is a cost-effective product. If you need an extra module in the product, there will be an extra cost in addition to the licensing fee."
"I rate the product price a four on a scale of one to ten, where one is a high price, and ten is a low price."
"The tool is really expensive."
"FortiWeb has a good presence because of its price."
"FortiWeb WAF is priced well for customers compared to other vendors' solutions."
"The licensing cost of the product is pretty high compared to other OEMs in the market."
More FortiWeb Web Application Firewall (WAF) pricing and cost advice
"The tool is expensive."
"Licensing can range from one to twenty thousand dollars annually. Additionally, some features, including software support, require an annual subscription as well."
"The solution's pricing is an issue."
"Imperva Web Application Firewall's pricing is expensive."
"Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately."
"The price of Imperva Web Application Firewalls is expensive compared to others."
"Imperva Web Application Firewall is expensive."
"The price of this solution is a little bit high compared to competitors."
More Imperva Web Application Firewall pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
See recommendations
856,873 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
11%
Manufacturing Company
9%
Comms Service Provider
8%
Financial Services Firm
16%
Computer Software Company
12%
Insurance Company
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about FortiWeb Web Application Firewall (WAF)?
The most valuable features of the solution are SD-WAN, filtration, web filter, application filter, and IPS.
See all answers
What is your experience regarding pricing and costs for FortiWeb Web Application Firewall (WAF)?
The pricing for FortiWeb Web Application Firewall (WAF) is reasonable. That said, it depends on how many websites we need to protect. The licensing is based on the number of websites or individuall...
See all answers
What needs improvement with FortiWeb Web Application Firewall (WAF)?
Their AI technology is good. Overall, Fortinet is only good. The improvement needed is in their response time. In the past three to four years, whenever we called for support, they responded quickl...
See all answers
Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
My recommendation is Imperva.
See all answers
Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you have to look for other ADC's like F5, Imperva, Radware, Fortinet, etc.
See all answers
DDoS solutions: Any other solutions to consider aside from Radware DDoS Protection Service and F5 Silverline DDoS Protection?
You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot of DDoS attacks that were well managed (even not seen by the customer) by Imperv...
See all answers
 

Comparisons

F5 Advanced WAF vs FortiWeb Web Application Firewall (WAF) Logo
F5 Advanced WAF vs FortiWeb Web Application Firewall (WAF)
Compared 35% of the time
AWS WAF vs FortiWeb Web Application Firewall (WAF) Logo
AWS WAF vs FortiWeb Web Application Firewall (WAF)
Compared 16% of the time
Azure Front Door vs FortiWeb Web Application Firewall (WAF) Logo
Azure Front Door vs FortiWeb Web Application Firewall (WAF)
Compared 10% of the time
NGINX App Protect vs FortiWeb Web Application Firewall (WAF) Logo
NGINX App Protect vs FortiWeb Web Application Firewall (WAF)
Compared 10% of the time
Akamai App and API Protector vs FortiWeb Web Application Firewall (WAF) Logo
Akamai App and API Protector vs FortiWeb Web Application Firewall (WAF)
Compared 7% of the time
More FortiWeb Web Application Firewall (WAF) Competitors
Microsoft Azure Application Gateway vs Imperva Web Application Firewall Logo
Microsoft Azure Application Gateway vs Imperva Web Application Firewall
Compared 15% of the time
F5 Advanced WAF vs Imperva Web Application Firewall Logo
F5 Advanced WAF vs Imperva Web Application Firewall
Compared 12% of the time
Azure Front Door vs Imperva Web Application Firewall Logo
Azure Front Door vs Imperva Web Application Firewall
Compared 10% of the time
AWS WAF vs Imperva Web Application Firewall Logo
AWS WAF vs Imperva Web Application Firewall
Compared 8% of the time
More Imperva Web Application Firewall Competitors
 

Product Reports

Buyer's Guide
FortiWeb Web Application Firewall (WAF)
June 2025
FortiWeb Web Application Firewall (WAF) reportDownload FortiWeb Web Application Firewall (WAF) product report
Buyer's Guide
Imperva Web Application Firewall
June 2025
Imperva Web Application Firewall reportDownload Imperva Web Application Firewall product report
 

Overview

FortiWeb Web Application Firewall uses machine learning to reduce false positives, detects zero-day threats, and blocks DDoS attacks. It integrates with existing security infrastructure and provides SD-WAN capabilities, offering protection for websites and mobile applications.

FortiWeb WAF secures web applications with features like machine learning-based threat detection, DDoS attack mitigation, and robust integration capabilities. Additionally, it manages HTTP traffic and offers SD-WAN functionalities. Built for GDPR compliance, it supports API protection and bot mitigation while enabling secure mobile and cloud application access. Users implement it across multi-cloud environments and in data centers offering advanced security and compliance, including PCI DSS. Despite feature-rich abilities, users seek enhanced database updates, better enterprise integration, and more accessible analytics. Improvements in support response, documentation, and scalability are desired to strengthen its robust security offering.

What are the key features of FortiWeb WAF?
  • Machine Learning: Reduces false positives and detects zero-day attacks.
  • DDoS Protection: Blocks distributed denial of service attacks.
  • Integration: Seamlessly fits with existing infrastructure.
  • GDPR Compliance: Ensures data privacy and protection standards.
  • SD-WAN Capabilities: Manages network distribution effectively.
  • Mobile and API Security: Protects applications and APIs efficiently.
What benefits and ROI can users expect?
  • Cost-Effectiveness: Offers a balance between features and pricing.
  • User-Friendly: Easy to navigate and manage deployments.
  • Global Deployment: Supports multi-cloud and cross-data center usage.
  • Security Compliance: Meets standards like PCI DSS for secure operations.
  • Enhanced Application Security: Provides comprehensive protection for apps.

FortiWeb WAF is widely implemented in data centers and financial industries, ensuring robust protection for web applications and sites. It supports multi-cloud environments on platforms like AWS and Azure, providing secure access while meeting compliance standards. Users benefit from enhanced application security and load balancing capabilities, making it a preferred choice in financial sectors that require VPN and SD-WAN consistency.

Fortinet

Imperva Web Application Firewall is a versatile solution that protects web applications and databases from various attacks, including DDoS, cross-site scripting, and SQL injection attacks. It offers data security, availability, and access control and can be deployed on-premises or on the cloud. 

The solution has good security against web attacks and offers advanced bot protection, API security, and mitigation features. Imperva WAF is easy to configure and deploy; it has good customer service and an excellent user interface.

Imperva
 

Sample Customers

Information Not Available
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Buyer's Guide
FortiWeb Web Application Firewall (WAF) vs. Imperva Web Application Firewall
June 2025
Free Report: FortiWeb Web Application Firewall (WAF) vs. Imperva Web Application Firewall
Find out what your peers are saying about FortiWeb Web Application Firewall (WAF) vs. Imperva Web Application Firewall and other solutions. Updated: June 2025.
DOWNLOAD NOW
856,873 professionals have used our research since 2012.
See our FortiWeb Web Application Firewall (WAF) vs. Imperva Web Application Firewall report.
See our list of best Web Application Firewall (WAF) vendors.

We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.