Fortinet FortiWeb Reviews

The solution offers good configurations and works well with other Fortinet products.

The solution is scalable. 

We found the implementation process to be simple. 

If you want to block domains, you can do so. You do have the power to control access.

The product needs to be more stable. 

We have issues between primary and secondary IP. Secondary IP addresses cannot be on the same subnet as any primary or secondary subnet. You need to follow up between the primary and secondary. If you don't, there will be a problem. When your public applications are not working properly, the single point of communication from the public domain is an issue. If I want to resolve the situation, a quick solution is I need to fail over the primary to the secondary, and it will just start working. However, that is not a permanent solution. I don't know what the problem is exactly, and how we can permanently address the issue. 

If the price was lower, it would be a bit more attractive, as an option, to the customers. 

You do need to ensure you do the configurations carefully. Otherwise, you may have issues. 

I've been using the solution for two years. 

We can scale the solution. We typically work with enterprises, so, larger-scale companies. In our customer's company, they have about 6,000 to 10,000 people on the solution. 

Technical support is very good. they are quite helpful and responsive. 

I also use F5. It's got better pricing and is quite stable as well. However, if you don't know how to configure it, it can be a disaster. 

The initial setup is easy. It's not overly complex or difficult. 

It can be deployed in about half an hour. It doesn't take long to have it up and running. 

I handle a lot of implementations and can handle the process. 

The pricing could be better. They charge a bit more. That's why F5 is everywhere right now. The customer can see that F5 is stable and everything is working well, and then they see the price, and it's very attractive to them. 

I'm just a customer and end-user. 

I'm a consultant. Our customers are working with Fortiweb in their companies.

I'd rate the solution eight out of ten. 

We use it for all our hosted web applications, so they are routed via FortiWave and Fortinet. We use both the network firewall and the application firewall. The whole infrastructure and everything else are protected. Fortinet protects the web infrastructure.

There are very few specific things that are not present in cloud-native firewalls, like Azure Firewall or AWS Firewall. They lack many features, such as the ability to handle paths in requests larger than eight KB. For example, if you upload a document or the page size exceeds eight KB, you might face issues with AWS and other cloud-native firewalls. FortiWeb can handle requests of up to 10MB, providing this capability. It also has a very user-friendly UI. Even someone new to FortiWeb or any firewall system, with the right contextual knowledge, can configure it effectively. The support and documentation provided by Fortinet are generally sufficient for any team to manage infrastructure using Fortinet and FortiWeb.

Native cloud firewalls, like AWS WAF or Azure Firewall, have limitations compared to next-generation firewalls like Fortinet FortiWeb or other solutions. While AWS and Azure have security features, they are often tailored to their specific technologies and may lack some advanced capabilities in next-generation firewalls. This is why we sometimes opt for solutions like Fortinet, even in a cloud environment.

Fortinet FortiWeb has strengths, but there is room for improvement. For example, its threat intelligence capabilities may not be as advanced as some competitors. While Fortinet excels in many areas, it could enhance its advanced intelligence features. However, in terms of configuration, maintenance, and securing infrastructure, Fortinet remains a strong option.

I have been using Fortinet FortiWeb as a partner for five to five years.

I rate the solution’s stability a seven out of ten.

It is suitable for enterprises.

I rate the solution’s scalability as seven or eight out of ten.

We have a procurement team and a support engagement team that is helping us with issues. They are maintaining the SLA and all those things.

Deployment can be straightforward, like spinning up EC2 instances or Azure VMs with Fortinet, which can be a one-click process. The complexity arises from configuring Fortinet within your specific ecosystem. The configuration depends on the size and nature of your infrastructure, including the number of machines and appliances and the types of systems you are protecting, such as APIs, normal instances, or mobile applications. While deploying Fortinet itself might be quick, configuring it to fit your environment and security needs takes additional time and effort.

Many other companies offer similar capabilities. We also use other solutions, but Fortinet FortiWeb has strong bot capabilities for threat protection and excellent geo-restriction features. It also handles malicious IP prevention and is easy to use. Our experience has been positive. We’ve only enabled the algorithms provided by FortiWeb and haven’t customized the configuration beyond what FortiWeb offers. The existing rules and features for FortiWeb are good.

If you need a next-generation firewall to meet industry and security demands, relying solely on native cloud firewalls like Azure Firewall, AWS Firewall, or Google Cloud Firewall may not be sufficient. These native firewalls often lack the advanced features to protect against various threats. It is advisable to consider solutions like Fortinet FortiWeb or Cloudflare to ensure robust protection.

It's a trade-off between price and the service you receive. If you're paying less for a solution that provides good services compared to a competitor where you might pay more for similar support and features, then Fortinet could be a viable option. It might be better if another solution, like Cloudflare, offers better value across multiple aspects such as service, cost, and support.

Overall, I rate the solution a seven out of ten.

We use the solution for web filtering purposes. We use it to allow or block any application.

The most valuable features of the solution are SD-WAN, filtration, web filter, application filter, and IPS. The solution's console is very user-friendly and very easy to manage. The solution has good stability and a user-friendly interface.

It would be good if the solution integrated with other solutions, like SAP.

I have been using FortiWeb Web Application Firewall (WAF) for nine to ten years.

FortiWeb Web Application Firewall is a very stable solution.

I rate the solution’s stability ten out of ten.

Every location with 200 to 300 people has installed the FortiWeb Web Application Firewall.

I rate the solution a nine out of ten for scalability.

Our experience with the solution's technical support has been good. We promptly get support from the technical support team.

Positive

The solution’s initial setup is easy and can be done in a few hours.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a nine or ten out of ten.

I would recommend FortiWeb Web Application Firewall to other users because it is a good product.

Overall, I rate the solution a nine out of ten.

We use the solution for securing the Internet-facing servers where you can do the  load balancing with the web appliance.

FortiWeb WAF lacks several security features compared to F5. F5 can incept the traffic to layer seven; FortiWeb can do it, too, but it is a tough process. We have to get support from Fortinet.

I have been using FortiWeb as a partner for two years. We are using V7.2 of the solution.

Fortinet has many issues, like the zero-day attacks. Certain critical work vulnerabilities need to be immediately upgraded as an enterprise. You cannot initiate the upgrade anytime because it affects production. Usually, we schedule the upgrade. We do the configuration and scheduling of the updates. Fortinet is a 24/7 company that can release updates any time, regardless of the day of the week. FortiWeb WAF is a security solution that can be updated at any time, irrespective of the day of the week.

The solution is scalable.

On two recent occasions, I experienced delays in resolving technical issues with Fortiweb WAF, particularly when configuring explicit proxies on FortiGate firewalls. As a Fortinet partner, I was disappointed that our dedicated support channel was unavailable and that I could not obtain licenses or hardware assistance despite escalating to the country manager. Additionally, the technical support response times in the Middle East region have been inconsistent, with some areas providing excellent support while others have been unresponsive. This inconsistency has been particularly frustrating when dealing with urgent issues at remote sites. Overall, the support experience for Fortiweb WAF has been inconsistent and frustrating, particularly for Fortinet partners.

Neutral

I have used Kemp before, but I also dislike the FortiWeb. I'm trying to move to F5 because F5 is very good.

FortiWeb comes with an IP address. You need to log into the web console, and you can do it with the CLI using the console cable. You have to go in; it will initially give you a setup wizard and configure the hostname, interfaces, etc. The setup is relatively easy, but when it comes to advanced deployments. Kemp is a relatively affordable and capable solution. Fortiweb WAF offered all the features, making Kemp less appealing for enterprise-level applications. Kemp is suitable for smaller or regional websites, but it may not be as robust for global deployments.

Additionally, I could not locate the virtual domain feature in Fortiweb WAF. This feature would allow me to assign different domain names to a single website based on the user's location. Fortiweb WAF presented EDS as a workaround, but the process was overly complex and inconvenient.

Firstly, expect load balancing and a web application firewall for the same product Fortinet is offering. Start by booting up the device and use FortiWeb to connect the file by application firewall. There's a default IP address without any password. You log in, and then it shows your initial setup wizard. The wizard helps you set up the host names, Fortinet account, FortiCloud account, etc. After that, you start setting up your physical servers; then you give a virtual server, which will be a point. In a network with a firewall and port forwarding, the FortiWeb WAF device can act as a load balancer and a security gateway. It can receive traffic from the firewall, decrypt SSL/TLS traffic, inspect traffic for layer seven vulnerabilities, and then forward traffic to the appropriate internal server based on load-balancing algorithms and application-specific information provided by the servers. The FortiWeb WAF can monitor server health and performance and automatically switch traffic away from unhealthy servers.

Deployment depends on how much complexity you want to add to the product. If the customer requirement is easy, you may deploy it in one day. For example, I was working on a project with around 16 servers. Each server has a different data source; one server gives the back end, whereas the other provides the front end. That was a complex deployment. It will take around four to five days to deploy if you want to go deeper into it.

We have achieved 70% ROI.

FortiWeb is expensive. F5 is also very expensive, but it is value for money.

The solution’s maintenance and UI are easy, but some features are hidden. Their quality assurance needs to work. We used to have the upgrades and patches every month or 15 days, but now they are coming every week too. We have vulnerability.

The product needs to get more mature.

Overall, I rate the solution a six out of ten.

We use the solution for the office in Oracle.

Fortinet FortiWeb is priced well.

The product’s stability could be improved.

I have been using Fortinet FortiWeb for one year. We are using the latest version of the solution.

The product’s stability is normal. I rate it six out of ten.

The solution is scalable.

The initial setup depends on technical knowledge.

The solution is cheaper compared with other solutions. It has a yearly license.

Overall, I rate the solution a seven out of ten.

In my company, we use FortiWeb Web Application Firewall (WAF) for security.

FortiWeb is a small tool that can be used by those of our customers who use Fortinet FortiGate as their firewall. I will use Barracuda Email Protection for any customer who uses a firewall from a solution provider other than Fortinet FortiGate.

The product lacks features offered by enterprise-level firewall tools. The solution needs to offer more enterprise features like other brands.

It would be great if FortiWeb Web Application Firewall (WAF) had something like a wizard to allow for more integrations with other popular firewall products like Fortinet, Palo Alto, and so on.

I have been using FortiWeb Web Application Firewall (WAF) for three years. I use the solution's latest version.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution an eight out of ten.

There are 2,000 users of the solution in my company.

The solution's technical support was helpful and responsive. I rate the technical support an eight out of ten.

Positive

I have previously used SonicWall.

The initial setup was easy since it was possible to get remote support for the product.

The solution is deployed on-premises.

It is a cost-effective product. If you need an extra module in the product, there will be an extra cost in addition to the licensing fee.

There are five engineers needed for the maintenance of the solution.

If there is a requirement and one is already using a firewall from Fortinet, then it is easier to deploy FortiWeb Web Application Firewall (WAF). Overall, I rate the solution an eight out of ten.

We're using the Fortinet FortiWeb firewall to front-end the production and test applications we run on Azure. We're an Azure environment, and it front-ends those applications.

We currently aren't using any of the advanced features.

Fortinet FortiWeb has given us a more cost-effective security solution. Because it's a software-as-a-service or infrastructure type of platform, we've been able to replace our dedicated hardware platforms. It has given us more flexibility to be able to utilize it as a service.

It has minimized the number of technical resources and the amount of time that we've had to dedicate to setting up and managing the front-end firewall capability. From that standpoint, it has saved us time. I don't know exactly how machine learning is attached to that, but if that had anything to do with the simplification and the ability to give us the information we need reporting-wise, then it has helped us with that.

It has allowed us to not spend as many resources on trying to manage the setups that we used to have to do in the past on the security side. It has taken care of that, so at a higher level, we can manage and configure that. It has reduced some of the time that the staff spent on that, but it's hard to measure the time saved.

Some of the threat detection analytics and the filtering capabilities they give us for filtering a certain type of information that we don't want coming into the site are its valuable features. The analytics are pretty good in terms of being able to see what threats have been detected and mitigated, where they're coming from, and things like that. That has allowed us to do some additional filtering because by looking at threats, we can apply additional filters and try to minimize some of them.

Fortinet FortiWeb works well for what we do and what we use it for. It's fairly easy to use, easy to set up, and easy to monitor. It's easy to configure, monitor, and manage.

Their documentation is fairly complete, but it's sometimes a little bit difficult to search for exactly what you're looking for to resolve an issue. There have been times when we've gone to try to search for areas that we needed to get information on, and it has not always been extremely clear exactly how a particular thing needs to be set up. It sometimes takes a little bit of research to dig into figuring out exactly what it is. More examples would be helpful on what they have. The information sometimes doesn't relate directly to the state of the product at the time, so examples would be helpful.

We've been using this solution for a little over a year.

It has been very good. In the time we've had it, we've had only one issue when they had some sort of outage for themselves that affected us. That was the only one that I've encountered so far.

We haven't done a lot on scaling, but just from configuring the product and looking at it, it appears to be fairly good at scaling. It appears to be fairly or moderately simple to set up for scaling, but we haven't done a lot of scaling with it yet.

It's an in-house hosted web application environment that we utilize. We probably have around 500 to 1,000 people using it. We use it within our company environment. We've anywhere from 500 to 1,000 people depending on the customers that we have linked into it. 

I've contacted their tech support. For the times that I contacted them, they were very helpful. I'd rate them seven out of ten.

Neutral

We did have some specific hardware firewall solutions that were in place at data centers. When we went to the cloud for our applications, we wanted to move to a cloud-based front-end firewall infrastructure. We didn't want to be managing the hardware at locations. 

It was fairly straightforward. It was fairly easy to implement, but the documentation with some examples might have made it simpler. Overall, it was fairly easy to get the initial implementation in place and get things worked out.

We did it all in-house. We had probably three people for its implementation.

It requires minimal maintenance. We probably have two people involved in the maintenance.

We have seen an ROI. The previous hardware solutions we had were fairly expensive. They had a higher cost of maintenance and actual manual support because we had to support the infrastructure and we had to support the product itself. By FortiWeb providing us with a service solution that does that, we're not managing hardware. We're not investing in the hardware upfront, and we're not providing the labor to maintain and install that particular part of it. The only thing we focus on now is the setup and then the constant monitoring of what goes on and any actions we need to take as we move forward. It has helped us in that sense because we don't have the ongoing hardware licensing and hardware infrastructure that we have to mess with. So, it has definitely been a more cost-effective solution.

So far, I have been pretty pleased with the way it's priced and licensed. The way it's done makes it easy, especially for an organization like us, so I've been pleased with the way it's priced and licensed right now.

We didn't evaluate any cloud-based products. We've used Cisco products and Meraki products in the past, but they all were hardware products. When we were looking for a software solution, I had gotten a recommendation for the product from another person I worked with in the past. That person was using it and mentioned to me that I should give it a try. That's how I got into it. It was through a referral. Once I got it and tested it, it seemed like a pretty good product for what we needed, so that's how we went with it.

Fortinet FortiWeb seems to have worked well for blocking unknown threats and attacks. It hasn't necessarily helped us streamline anything, but it has simplified how we provide the front-end firewall capability.

It has reduced false positives to some degree. It tries to identify those to tell us what are the different threats, but it's hard to provide metrics without measuring what false positives might have been there. However, I do know that the reporting that it gives can identify that.

Similarly, I don't know if it has reduced the number of alerts. However, I do know that it has allowed us to categorize and understand what types of threats we get. From the threat alerts, we get to know whether they're alerts we should be concerned about or whether they're just alerts notifying us that those are things that have come in that it has taken care of. So, I don't know if it has really reduced them as much as it has helped us to understand what they are and be able to focus more on if there are alerts that we need to take action on and investigate, or whether they're alerts for things that have been taken care of and we don't necessarily have to spend any time on.

Overall, I'd rate Fortinet FortiWeb an eight out of ten for what it does.

The features I found valuable were web filtering, reporting, and the dashboards. We use these features for controlling the traffic in our network, mainly for our security. This means that we can have policies there that allow or don't allow certain connections.

I know that we have run into some issues with an SSL certificate and how it functions. Sometimes this breaks connectivity or just limits certain websites that are whitelisted. 

I have been using Fortinet FortiWeb for more than ten years.

The only instance where we have had issues with stability was a recent one where the solution was blocking some websites that we did not intend to block and which were even whitelisted in some instances.

Our partners explained that this happened because of an issue with the SSL setup. I'm not sure if they then sorted it out or if they just switched off that functionality.

But for the past 10 years that we've used it, that was the first error or problem that we ran into. Maybe it was just teething problems since we only deployed it end of last year.

My impression is that it's quite scalable because I know they have different sizes. In one of our organizations, we had fewer users, so we're using a smaller one, which was a 60-day or something like that. And then when you are using it for a bigger organization, they also have that type of device for many users.

They'll ask you how many users are going to be governed by this firewall. So when we had fewer users, we got a smaller firewall. And then when we expanded and had many more users, we got a bigger one. It's quite scalable I think.

Their technical support is good. They'll jump onto the occasion. When you submit a log report or you request some support, they quickly respond. I would rate them a ten. Very good.

Positive

Prior to Fortinet, we used Netgear, but this was a long time ago. I think this was 15 years ago.

The initial setup was not straightforward. You need an expert to set it up with you and to configure it for you. I think the more you work with it, the better accustomed you are to it. The initial setup did not take longer than a week.

The deployment was done in a team of three people.

We implemented it with a third party, and they're the ones who always then deploy and implement it for us. The deployment didn't take more than a week.

I would say that the ROI is visible because we are happy with the security it provides.

The pricing is a bit high. It is not a cheap product.

The reason I recommend this product is because it guarantees that your network will be safe if it is set up properly and you fully utilize most of the functions.

Overall, I would rate FortiWeb solution a nine out of 10.