Fortinet FortiWeb Reviews

Name: Fortinet FortiWeb
Brand: Fortinet
Rating: 4.0 (95 reviews)

Vendor: Fortinet

4.0 out of 5

95 reviews
89% willing to recommend

904 followers

Start review

What is Fortinet FortiWeb?

Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

Get the Fortinet FortiWeb Buyer's Guide and find out what your peers are saying about Fortinet FortiWeb, Prisma Cloud by Palo Alto Networks, Microsoft Azure Application Gateway and more!

Fortinet FortiWeb is the #4 ranked solution in top Web Application Firewalls. PeerSpot users give Fortinet FortiWeb an average rating of 8.0 out of 10. Fortinet FortiWeb is most commonly compared to Prisma Cloud by Palo Alto Networks: Fortinet FortiWeb vs Prisma Cloud by Palo Alto Networks. Fortinet FortiWeb is popular among the midsize enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a educational organization, accounting for 42% of all views.

Helped 849,686 peers since 2012

Featured Fortinet FortiWeb reviews

Kacem CHAMMALI

IT Infrastructures Administrator at Esprit

The xFF, or X-Forwarded-For feature, IP reputation, and protected hostname. We can block access using the IP address, so no one can connect to our web server or website using the real IP. They need to use the FQDN instead. Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb and the option to protect the hostname. All traffic passes through FortiWeb. Machine learning capabilities in FortiWeb: I don't use machine learning all the time. In the initial phase of FortiWeb deployment, we use the learning process to detect the traffic passing through FortiGate to our website.

Read full review

Blair Griffith-Barwell

Principal Network Architect at a financial services firm with 201-500 employees

FortiWeb's ease of deployment is what we liked the most about it. Implementing FortiWeb was extremely fast and easy, which was a significant advantage. It comes with several preconfigured rule sets and templates. FortiWeb effectively addressed unknown threats. We get regular reports that we check. So far, we've had no issues at all. Around 99 percent of our public-facing infrastructure is restricted by source IP to our partners' networks, so our attack surface is restricted. WAF picked up and blocked any attacks before they can impact us. FortiWeb is effortless to use and manage. The documentation is excellent, which is another huge advantage. The layout is logical and intuitive. You can create templates and reapply them to new applications, so we don't need to do a fresh configuration for each application. We have a template that represents our security benchmark. There are a few exceptions that we need to add for each application, but we can redeploy the security benchmark template for each new application that we create.

Read full review

OcheEluma

Vice President of Infrustructure at Core Technologies Limited

The features that I value most in FortiWeb include its inspection of traffic for Intrusion Prevention, Anti-Malware, and whitelisting capabilities. It allows specific IP whitelisting or even regional whitelisting, ensuring only whitelisted traffic from certain geographical regions can access the environment. These security features provide a comprehensive defense against malicious activities.

Read full review

Fortinet FortiWeb mindshare

As of May 2025, the mindshare of Fortinet FortiWeb in the Web Application Firewall (WAF) category stands at 8.2%, up from 7.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Web Application Firewall (WAF)

PeerResearch reports based on Fortinet FortiWeb reviews

Type	Title	Date
Category	Web Application Firewall (WAF)	May 1, 2025	Download
Product	Reviews, tips, and advice from real users	May 1, 2025	Download
Comparison	Fortinet FortiWeb vs AWS WAF	May 1, 2025	Download
Comparison	Fortinet FortiWeb vs F5 Advanced WAF	May 1, 2025	Download
Comparison	Fortinet FortiWeb vs Microsoft Azure Application Gateway	May 1, 2025	Download

Title	Rating	Mindshare	Recommending
Prisma Cloud by Palo Alto Networks	4.2	2.1%	98%	110 interviews Add to research
Microsoft Azure Application Gateway	3.6	8.6%	78%	47 interviews Add to research

Valuable Features

Fortinet FortiWeb offers valuable features: application control, web filtering, antivirus, and VPN support. It excels in integrating with Fortinet products, providing unified threat management, load balancing, and machine learning for enhanced security. The intuitive interface simplifies policy management. Its AI-driven detection, anti-malware capability, threat intelligence, and application layer protection are notable. Users appreciate its scalability, ease of deployment, high throughput, and stability. FortiWeb efficiently addresses zero-day attacks and supports OWASP standards.

"The AI-driven threat detection enhances protection capabilities, and the product is equipped with hardware acceleration, improving performance considerably."
"The most valuable features of FortiWeb include its dashboard and out-of-the-box integrations with other Fortinet products, which enhance its effectiveness."
"It is cost-effective compared to other solutions."

Room for Improvement

Fortinet FortiWeb users indicate a need for improved throughput, user interface, and integration with other technologies. Many experience issues with version upgrades, which can be buggy and disruptive. Enhancing load balancing, support services, and documentation are also priorities. There is a call for more user-friendly setup processes and reporting capabilities, along with addressing false positives in threat detection. Emphasis on better support for newer technologies and enhanced machine learning features is highlighted.

"Fortinet's customer support needs improvement. The expertise of engineers varies across different time zones, affecting the effectiveness of the support provided, especially during our daytime."
"There is room for improvement in the portability on multi-cloud environments."
"They could integrate some kind of machine learning and AI facilities to automate workflows."

ROI

Many users have observed substantial cost savings with Fortinet FortiWeb, noting reduced infrastructure and staffing expenses. It provides significant value by enabling quick deployment and easing management tasks, contributing to peace of mind and reducing time spent on security setups. Some customers report a satisfaction with the protection it offers against cyber threats, rating its return on a scale of one to ten as an eight, while others highlight decreased operational costs and a favorable total cost of ownership.

Pricing

Fortinet FortiWeb's pricing is considered reasonable and competitive, often cheaper than solutions like F5 and Barracuda. Licensing varies based on deployment, ranging from hardware to virtual machines, and offers flexibility with monthly or yearly options. Users appreciate cost-effectiveness and transparency, despite some perceiving costs as high. Discounts are available through partner models. While competitive, it requires careful consideration for larger deployments due to potential additional costs for extended features and high availability configurations.

"If one is cheap and ten is expensive, I rate the tool an eight."
"Fortinet FortiWeb's pricing is reasonable. Its licensing costs are yearly."
"If one is very cheap and ten is very expensive, I rate the product price as three or four."

Popular Use Cases

Fortinet FortiWeb is primarily utilized for application security, protecting web applications, websites, and services against vulnerabilities and attacks. Organizations deploy it to secure e-banking platforms, email systems, and internet-facing applications. It serves as a web application firewall, handling proxy needs, load balancing, and URL mappings. Fortinet FortiWeb is integrated into various network setups, including cloud and on-premise environments, enhancing security protocols and compliance with industry standards.

Service and Support

Fortinet FortiWeb's customer service is generally good, with technical support often rated between 7 and 9 out of 10. Users appreciate responsive and knowledgeable assistance, though response times can be slow, especially for complex issues. Support experience varies with time zones and expertise, and extended contracts may encounter issues. Some praise the helpfulness of local support and 24x7 availability, while others find the multilingual support and immediate attention during emergencies lacking.

Deployment

The initial setup of Fortinet FortiWeb is generally straightforward and easy to manage. Companies find the configuration simple for basic needs, but it can be more complex when involving specific network integrations or advanced features. Most users appreciate the user-friendly GUI, while some mention the need for CLI for certain configurations. Deployment time varies based on the environment's complexity, but many agree that minimal staff is required for successful implementation and maintenance.

Scalability

Fortinet FortiWeb is generally seen as scalable but requires careful initial sizing. Users highlighted its capability to upgrade models or add software features, though some mention limited scalability for certain hardware. Many found it supports large user bases effectively, particularly when hosted in the cloud. There were mixed feelings about hardware expansion flexibility, some mentioning challenges in specific circumstances yet praising its performance in virtual environments. The importance of proper initial scaling is emphasized.

Stability

Fortinet FortiWeb is largely stable, with many noting its reliability and minimal issues. Some highlighted minor firmware and configuration challenges, but these were generally resolved with support. It was praised for its consistent performance and recovery from power outages. Users mentioned occasional problems when new updates are released, necessitating caution during upgrades. A few memory and hardware concerns were noted, although support positively addressed them. Its stability rating often lies between six and ten.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Fortinet FortiWeb Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Educational Organization

42%

Computer Software Company

Financial Services Firm

Government

Retailer

Comms Service Provider

Manufacturing Company

University

Construction Company

Hospitality Company

Insurance Company

Healthcare Company

Non Profit

Real Estate/Law Firm

Media Company

Energy/Utilities Company

Wholesaler/Distributor

Outsourcing Company

Transportation Company

Consumer Goods Company

Legal Firm

Performing Arts

Recreational Facilities/Services Company

Compare Fortinet FortiWeb with alternative products

Learn more about Fortinet FortiWeb

Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

Fortinet FortiWeb Features and Benefits

APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.
Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.
Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.
Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.
ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.
False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

Reviews from Real Users

Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."