No more typing reviews! Try our Samantha, our new voice AI agent.
FrtiWeb677 - PeerSpot reviewer
System Engineer at a tech services company with 11-50 employees
Real User
Jul 11, 2019
Good pricing, and provides for faster and more secure application deployment
Pros and Cons
  • "The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability."
  • "We did use another solution, but, compared with the competition, we got the best ratio of performance to price when we chose Fortinet."
  • "We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point."

What is our primary use case?

I primarily use this solution for the protection of our applications. We chose Fortinet because you can check an application and deploy it in real time. We use the WAF solution from Fortinet to protect against new exploits discovered. Within Fortinet, there is a way to secure such bugs and exploits in the application we're running.

What is most valuable?

The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability. This part of the intelligence and behavioral analysis makes it very easy to tell if the user just used a few wrong characters in the field or not. It also checks to see if different characters are being entered very quickly, and can tell whether the user is actually typing something.

Another feature is the possibility to balance the traffic and there's lots of integration with your sandbox.

What needs improvement?

We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point. But, from what I understand, we haven't looked at the market to see how this can be done yet.

For how long have I used the solution?

I've been using the solution for two years.
Buyer's Guide
Fortinet FortiWeb
July 2026
Learn what your peers think about Fortinet FortiWeb. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
903,147 professionals have used our research since 2012.

What do I think about the stability of the solution?

In terms of stability, we haven't had a crash or malfunction.

What do I think about the scalability of the solution?

We've used the solution for two years and it's been okay.

We are operating at approximately sixty percent capacity. The solution is used all the time, but you can measure this because there are different boxes that you can buy for different levels. In our case, we keep some at thirty to forty percent available. In order to be able to watch an application and protect a larger amount of traffic, we keep it at this level. So we're good on this scalability or performance side.

How are customer service and support?

We haven't had any technical issues, because it was designed as specified in the documentation. I know we have local support, so if there is an issue we can call and escalate the call to get the support if there is a problem. We are within the warranty service period, so from this side, we are comfortable with this solution.

Which solution did I use previously and why did I switch?

We did use another solution, but, compared with the competition, we got the best ratio of performance to price when we chose Fortinet. We could use F5, for example, but the price is not as good.

How was the initial setup?

The setup for one application is sort of complex but based on the automatic profiling, they're learning. You are provided with a set of policies that meet best practices and security recommendations, so you are good to go in a very short time.

What about the implementation team?

We did the implementation ourselves. It was not required to have some higher level of expertise order to implement. There were no functions that were not documented, so we didn't need any outside party involved with this process.

What's my experience with pricing, setup cost, and licensing?

The solution gives us the best price to performance ratio.

What other advice do I have?

The interface has been a pain in the past but now with the later version, 2.2, the user behavior analysis has improved. Before when you want to deploy an application, for example, you needed to have a login page and make sure to search for the user behavior and all the interactions. That way, you could generate flexible usage for that application. Now that's automated, so apart from that, there's no huge report or feature that we would like to improve.

I would rate this product a ten out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
SE at a comms service provider with 11-50 employees
Real User
Jul 5, 2019
The firewall/waf features, GUI for administration, and licensing support all need improvements
Pros and Cons
  • "What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options."
  • "Fortiweb improved way people work and access internal resources based on http/https communication."
  • "Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only."
  • "Fortinet has had some rough times. When they started expanding a bit, they completely screwed up their support system."

What is our primary use case?

Publishing Web application, Exchange, Lotus Domino. Some microservices. 

How has it helped my organization?

Fortiweb improved way people work and access internal resources based on http/https communication. 

What is most valuable?

It depends on the project and what the customer is looking for. 

What needs improvement?

First of all, upgrade path should be introduced for scaling up or down VM deployment. Second, they need to include better wizards for publishing common applications like MS Exchange. 

.

For how long have I used the solution?

I have been using Fortinet products for 15 years or more.

What do I think about the stability of the solution?

Fortinet FortiWeb has been extensively used by us previously, but we are going to decrease the usage now because of cost. 

What do I think about the scalability of the solution?

Fortinet FortiWeb is scalable but you have to do forklift upgrades. 

How are customer service and technical support?

Fortinet has had some rough times. When they started expanding a bit, they completely screwed up their support system. The support had no clue what they were doing except just asking dumb questions. Now is bit different since Fortinet consolidated their support but still you need to pass L1 support quickly. 

How was the initial setup?

Even from the early days, Fortigate/Fortiweb was easy to set up. It had an ugly interface but it has been improved every year. 


What about the implementation team?

I deliver different security solution to customers. 

What's my experience with pricing, setup cost, and licensing?

The license cost depends on the size of the box or the size of the solution. It can go from few K Euros to a few hundred thousand Euros a year depending on your size.

What other advice do I have?

If you are looking to be partner with Fortinet, you have to buy licenses. Not even VMs are free to partners.  

Fortiweb in essence, needs to become part of Fortigate. Fortinet is not suitable for SMB customers since you have to deploy several boxes in order to get thing right. Also, speed of deployment is important and that isn't fast with many boxes. 

On a scale from one to ten, I would rate this product a solid seven. It's a good product. 

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Fortinet FortiWeb
July 2026
Learn what your peers think about Fortinet FortiWeb. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
903,147 professionals have used our research since 2012.
Head of Security systems department at Zerde Business Solutions
Reseller
Apr 4, 2019
Good performance, easy setup and good UTM features like self-encryption
Pros and Cons
  • "All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features."
  • "All the features that FortiGate contains are very suitable for our business."
  • "New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems."

What is our primary use case?

All of our customers use it because they need a proxy solution. Fortinet provides us the best solution to do this. I don't believe that Check Point or Palo Alto can do what Fortinet does. 

How has it helped my organization?

There's a high school with many branches in our country. I configured it for them and they are very happy with Fortinet. Fortinet's performance is very good. 

What is most valuable?

All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet: FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features.

What needs improvement?

New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems. I don't have anything to say about what to do to improve this product. It's a great solution for us.

What do I think about the scalability of the solution?

Scalability is very good. Our customers that use Fortinet have two thousand local users.

How are customer service and technical support?

Any problems that our customers have, they first call me and I support them. If I can't solve a problem I create a ticket. This happens very rarely. Their technical support is very good because they always help me.

How was the initial setup?

The initial setup is very simple to configure. Our customers are very happy with that.

The time it takes to deploy depends on how deep our project is. Sometimes it can take a week and sometimes a month. Minimum a week though.

What about the implementation team?

All Fortinet products that we sell, I deploy by myself.

What's my experience with pricing, setup cost, and licensing?

The licensing policy is very good. Our customers are very happy with that.

Which other solutions did I evaluate?

When our customers ask about Palo Alto we can sell them a Palo Alto but we try to explain that Fortinet is a great solution. 

What other advice do I have?

I would rate it an eleven out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller.
PeerSpot user
Senior Network Security Planning at Ooredoo Kuwait
Reseller
Apr 4, 2019
Has a mechanism to detect all of your entries that aren't used and clean them up but they should have an antivirus option
Pros and Cons
  • "When we had Cisco we had around thirty thousand entries on our firewalls, now we are down to three thousand because Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up."
  • "I would like to have an antivirus option."

What is our primary use case?

Our primary use case is as a firewall. We use a lot of Fortinet products. We have email security and FortiGate IPS. 

How has it helped my organization?

When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up.

What is most valuable?

The most valuable features are the access policies and how Fortinet gets the compilation done is really good.

What needs improvement?

I would like to have an antivirus option. 

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

Stability is very good. 

What do I think about the scalability of the solution?

We haven't had any issues with scalability. You can scale up easily. 

How are customer service and technical support?

Their technical support is good. 

Which solution did I use previously and why did I switch?

We previously used Cisco. We switched because all they are is a brand name. It was a failure. We gave it a year to improve the product and it didn't so we switched. 

How was the initial setup?

The initial setup was straightforward. The deployment didn't take much time. The support guys were really good. The transition from Cisco to Fortinet was a bit challenging but they had tools to make it easier. 

We require three staff for the deployment and maintenance. 

What about the implementation team?

We are the resellers. 

What other advice do I have?

I would rate it a seven out of ten. A seven and not a ten because of the antivirus issue. 

Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller.
PeerSpot user
Network Security Engineer at Technicom Mali
Real User
Jun 4, 2018
Anti-defacement feature intelligently handles complete website backup
Pros and Cons
  • "Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.)."
  • "FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection."

What is our primary use case?

We are a system integrator so we propose FortiWeb to our clients who are looking to protect their public web applications like e-banking platforms, teleservice, and so on.

How has it helped my organization?

A customer said to us that before FortiWeb they regularly had to back up their whole website folder to prevent defacement and ransomware. Now, with the FortiWeb Anti-defacement feature, this process is handled more intelligently, as FortiWeb does it for them.

What is most valuable?

Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.).

What needs improvement?

FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection.

For how long have I used the solution?

One to three years.

What other advice do I have?

I rate FortiWeb at eight out of 10 because it is good at what it does but I think it could do more, like combining DDoS protection.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
CEO at a tech services company with 1-10 employees
MSP
Apr 29, 2018
Protects our customers' web infrastructure environment
Pros and Cons
  • "The most valuable feature is the web application firewall (WAF)."
  • "Fortinet FortiWeb has improved my organization by protecting our customer's web infrastructure environment."
  • "​Their support needs improvement."

How has it helped my organization?

Fortinet FortiWeb has improved my organization by protecting our customers' web infrastructure environment.

What is most valuable?

The most valuable feature is the web application firewall (WAF).

What needs improvement?

Their support needs improvement.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

No stability issues.

What do I think about the scalability of the solution?

No scalability issues.

How are customer service and technical support?

I would rate their technical support as a nine out of 10.

Which solution did I use previously and why did I switch?

We previously used NetScaler.

How was the initial setup?

The initial setup was straightforward.

What's my experience with pricing, setup cost, and licensing?

The pricing is reasonable.

Which other solutions did I evaluate?

Not applicable.

What other advice do I have?

Evaluate this product against other vendors out there.

We were previously a partner.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
NetworkS4e03 - PeerSpot reviewer
Network System Administrator at a computer software company with 201-500 employees
Real User
Mar 13, 2018
Protected our web servers from outside attacks. Certificates were deleted when firmware was upgraded.
Pros and Cons
  • "We were able to protect our web servers from outside attacks."
  • "I had some small problems when I was upgrading firmware. After the upgrade, some of my certificates were deleted.​"
  • "The false positives are also annoying."

How has it helped my organization?

We were able to protect our web servers from outside attacks. It has really helped us with publishing servers which were published on Microsoft Forefront TMG.

What is most valuable?

All of its feature are valuable to us. If you ask me which is the most valuable, it is the load balancing, then I would say the security features. Publishing OWA is also a good feature.

What needs improvement?

We started with FortiWeb400C, then we did an upgrade to FortiWeb 400D. I had some small problems when I was upgrading firmware. After the upgrade, some of my certificates were deleted.

The false positives are also annoying.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We did not encounter with any stability issues.

What do I think about the scalability of the solution?

We did not encounter with any scalability issues.

How are customer service and technical support?

Fortinet technical support is really good. I would give them a nine out of 10.

Which solution did I use previously and why did I switch?

We did not use a WAF before. We used Microsoft TMG, but it is not a WAF.

How was the initial setup?

Initial setup is straightforward, and it is not too complex.

What's my experience with pricing, setup cost, and licensing?

It really pays off to buy licences for multiple years.

Which other solutions did I evaluate?

No.

What other advice do I have?

It is a really good product. It is worth using in your network.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partners.
PeerSpot user
Technicae31f - PeerSpot reviewer
Technical Advisor at a tech services company with 51-200 employees
Real User
Mar 12, 2018
L-7 protection safeguards legacy servers/applications without changing application code
Pros and Cons
  • "Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself."
  • "SSL Offloading simplifies the public certificate handling and brings additional protection features."
  • "L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code."
  • "Centralized management of multiple devices, and GUI improvement, could reduce the learning curve."
  • "The interface could have the interdependent elements arranged sequentially and wizards that go through most common deployment actions."
  • "Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration."

How has it helped my organization?

Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself.

What is most valuable?

SSL Offloading, as it simplifies the public certificate handling and brings additional protection features. 

Also, L-7 protection, as it makes possible to protect legacy/not up-to-date servers/applications without changing the application code.

What needs improvement?

  • Centralized management of multiple devices, and GUI improvement, could reduce the learning curve. 
  • The interface could have the interdependent elements arranged sequentially and wizards that go through most common deployment actions. 
  • Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No issues with scalability. (Actually, our traffic usually does not reach 50% of unit capacity).

How are customer service and technical support?

Good. Usually takes one day to get over all the assessment procedures to start to handle the issue.

Which solution did I use previously and why did I switch?

The previous vendor discontinued its product.

How was the initial setup?

A little bit complex, as understanding the GUI arrangement and terms took more time and effort than we expected.

What's my experience with pricing, setup cost, and licensing?

Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes.

Which other solutions did I evaluate?

We acquired a Fortinet-based project, so we didn’t evaluate other ones.

What other advice do I have?

I rate it eight out of 10. I understand that a 10 is for products that not only execute smoothly but are also easy to use and manage, even when used on a multi-site corporation.

Take at least the Fortinet online course, or make sure that your reseller has experienced professionals.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner.
PeerSpot user
it_user821967 - PeerSpot reviewer
Viznet Bilişim Hizmetleri
Real User
Mar 11, 2018
Auto Learn makes policy additions or deletions for my customers very simple​
Pros and Cons
  • "Auto Learn feature: Makes policy additions or deletions for my customers very simple​"
  • "If your goal is security, FortiWeb is your best choice."
  • "HA Architecture needs improvement. I would improve it by working on AP HA."

How has it helped my organization?

Security.

What is most valuable?

  • Web application security features, because they are more effective
  • Stability 
  • Auto Learn feature: Makes policy additions or deletions for my customers very simple

What needs improvement?

HA Architecture. I would improve it by working on AP HA.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No issues with stability, with the true network topology.

How are customer service and technical support?

I am Fortinet expert, but L4 support is working very well.

Which solution did I use previously and why did I switch?

Previously used F5, NetScaler, Imperva. Other products feature LB WAFs, so a limited WAF feature. This product's primary feature is WAF. I chose this product because it prioritizes security.

How was the initial setup?

Very complex. More security features.

What's my experience with pricing, setup cost, and licensing?

Cheaper than others.

Which other solutions did I evaluate?

F5, NetScaler, Imperva and Squid.

What other advice do I have?

Here's how I would break down my rating of this product:

  • Session Management: 10 out of 10 
  • Security: 10 out of 10 
  • Stability: 10 out of 10
  • Health check feature: eight out of 10.

If your goal is security, FortiWeb is your best choice.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
PeerSpot user
Technology Consultant at a tech services company with 11-50 employees
Consultant
Mar 11, 2018
Detection engine provides a high rate of exposure of web attacks
Pros and Cons
  • "High-performance and detection engines, provide a high rate of exposure of web attacks."
  • "FortiWeb is easy to operate with a reasonably high level of protection. FortiWeb provides multiple deployment options with a physical or virtual (FortiWeb-VM) appliance, and acts either as a reverse/transparent proxy or out-of-band. It is also available on AWS and Azure."
  • "Integration and learning about attacks. I would improve these areas by making FortiWeb integrate with other network technologies and feedback from multiple platforms."

How has it helped my organization?

Mitigation of attacks and thefts in an online banking platform.

What is most valuable?

High-performance and detection engines, because of their high rate of exposure of web attacks.

What needs improvement?

Integration and learning about attacks. I would improve these areas by making FortiWeb integrate with other network technologies and feedback from multiple platforms.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

The equipment is dimensioned as a function of servers traffic. To scale on the platform it is necessary to acquire superior models.

How is customer service and technical support?

Excellent.

How was the initial setup?

It was simple and functional.

What's my experience with pricing, setup cost, and licensing?

FortiWeb can be purchased in VM mode for a lower price and the same features.

Which other solutions did I evaluate?

The WAF module of F5 was evaluated.

What other advice do I have?

FortiWeb is easy to operate with a reasonably high level of protection. FortiWeb provides multiple deployment options with a physical or virtual (FortiWeb-VM) appliance, and acts either as a reverse/transparent proxy or out-of-band. It is also available on AWS and Azure.

I would advise requesting a PoC test with a learning policy.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner.
PeerSpot user
Buyer's Guide
Download our free Fortinet FortiWeb Report and get advice and tips from experienced pros sharing their opinions.
Updated: July 2026
Buyer's Guide
Download our free Fortinet FortiWeb Report and get advice and tips from experienced pros sharing their opinions.