Fortinet FortiWeb Reviews

FortiWeb is an application firewall. We deployed it as a web application firewall for our 16-plus web applications. We integrate this with Fortigate and the FortiSandbox, and all the applications we are hosting in the data center.

With the feat of cyber attack, the most important thing we can do is protect the web application. We can protect it from attacks like DDoS. It's helping to maintain our cyber security posture.

The most valuable product feature is the web application firewall. It still includes the inline. Its mode of operation is great. It comes with four modes of operation, reverse proxy, two transplant nodes, and WCCP. One node is there for transplant, just to have one more. Any customer, based on their network of topology and deployment type, can choose it and have an easy deployment. 

The solution has a good sandbox feature.

It is stable.

It can be better with web application firewalls. 

It is already close to the best in class. This product is up to the mark right now. 

I've used the solution for around three years. 

This is a stable, reliable solution. There are no bugs or glitches. It doesn't crash or freeze. 

Capacity-wise, since there is hardware involved, it cannot scale too much. There are some technical limitations.

We have around 2,000 users right now. 

We do not have plans to increase usage in the future.

We did not previously use a different solution. 

How easy or difficult the implementation is depends on the deployment type. It is very easy if you employ reverse proxy. However, it can be a little complex depending on what you need to do. 

There was a team that helped deploy the solution, however, for maintenance, you only need one network security engineer.

We used a third party to assist us with the setup.

We have witnessed an ROI. I'd rate the level of ROI we've seen a four out of five as it helps mitigate cyber attacks.

I'd rate the pricing at a four out of five in terms of affordability.

I'm exploring two or three products right now. We did not evaluate anything before choosing this product.

I highly recommend that any web application firewall be deployed in the IT infrastructure where companies host web applications. It should be there. Whatever you choose should integrate with a third-party load balancer.

I'd rate the solution a ten out of ten.

Our company uses the solution to provide firewall and web security services to our customers around the globe.

Our use cases are on the back end for banks and the financial sector where we automate monitoring and deployment. 

We do not have a portal, so are limited to a maximum of 3,000 users. We currently have 2,000 users and three maintenance technicians. 

In the future, we will add front-end service. 

Depending on our client's needs, we pair the solution with other business applications.

The solution is easy to configure and deploy.

There is a richness in the rules and out-of-the-box tools that is not available with native firewall solutions.

A user interface or dashboard for troubleshooting is needed so technicians without knowledge of the network or common hardware can visualize the environment. 

Accounts should be set up in the user's name, not the company's name. 

I have been using the solution for two years. 

The solution is stable and I rate it an eight out of ten. 

The solution is scalable and I rate it a ten out of ten. 

The initial setup was a bit complex for us because we were new to the solution. 

Technical support helped and trained us so we now handle setups with ease. 

We worked with the solution's technical support for our initial implementation but our internal team now handles setup and implementation for customers. 

The solution is a bit expensive when compared to other products. 

There are many security constraints that cannot be fulfilled by native cloud firewalls such as Azure and AWS. 

For example, AWS has a limitation of 8GB with regard to request values. 

We recommend the solution and its next-generation capabilities including ease of configuration, code being contained within the IIC engine, how templates and terraforms are handled, and superior wave and firewall security.

We are continually conducting research on next-generation firewalls because the solution can be a bit expensive.  

I use solution a lot and recommend it with a rating of seven out of ten.

We primarily view the VPN net and use the WAF as our web protection.

The interface is very straightforward and easy to use.

It's stable. 

The support is quite good.

We found the initial setup pretty simple. 

Sometimes, even if you follow the documentation, it doesn't work as expected. 

The solution can be a bit pricey.

I've used the solution for about one year, or maybe a bit more than that.

Sometimes it is not as stable as it could be. We've had some issues. Sometimes the loading will be disrupted for no apparent reason. It might be due to the WAF.

We have not tested the scalability of the product.

We have two people working on the solution right now. 

It's possible that we will scale the solution in the future. There is the potential that we will use it on another project.

We have contacted support for reliability issues, and they have been able to resolve everything within a matter of hours. They are very quick. 

Positive

We previously used F5. F5 needs a bit of a higher skill set. It takes some experience to operate.

The implementation took about two months. It's not so hard to set everything up. It's easier than, for example, F5, to set up.

In terms of maintenance, for WAF, I need about three people to handle various tasks. 

We hired a consultant to assist us during the setup. The consultant helped my people learn the process so we could become self-sufficient. 

We have not seen any ROI at this time. 

The solution is a little expensive. I'd rate it a three out of five in terms of affordability.

I cannot speak to the exact price we pay for the product.

We didn't really look into other options as my boss is pretty well versed in other options. However, we are always looking into comparisons. 

We are using the latest version of the solution.

I'd rate the solution an eight out of ten.

Mostly we use FortiWeb for replacing reverse proxy from our systems and add some security features to it to protect the web portal we are providing to our customers.  We use it to rewrite URLs and redirect FQDNs, et cetera, et cetera. That's the normal part.

The main feature I like is the ability to redirect web traffic from a readable URL to a real URL. All the security features are good.

One main feature we are very happy about is file security and upload functionality. It will restrict the number of file types that can be uploaded to our portal and prevents any malware. It helps with security.

We had some trouble using some features. Maybe we understood it the wrong way when reading the manual. We had to implement some workarounds to help this problem.

The GUI could be better. It's limited. 

I've been using the solution for one year. 

There are no complaints on our side. The performance and stability are fine. We used to have a cluster of two appliances. Everything seems to be fine when we update the firmware. We haven't had any issues.

The scalability may be slightly limited. We use hardware appliances. We need to buy appliances which have enough performance. You need to think about the sizing before you buy it. Scalability is not really possible with hardware. 

We use it more and more. We are going to migrate all the connections which are directed to a proxy to the classification firewall.

Normally, technical support is very good. All the tickets I opened have been solved in an average time.

Positive

It was the very first time that we used a web application firewall. We never used anything before.

We had some difficulties at the beginning in terms of setting it up. It was a very new product for us. We never had web protection firewalls before. We had some support from our supplier, so we referred to the initial implementation to get it done with external support.

I'd rate the ease of implementation at a three out of five. 

From a technical perspective, the deployment does not take a long time. Our problem internally was the organization and the planning as well as the communication with the other teams. That's what took so long. We started maybe one and a half years ago with the implementation and productive status was reached at the end of 2021. That's a long time. That said, one would say the management is at fault, not the actual technical staff.

At a cluster, so single point of failure, all this stuff, it kind of took around 24 hours to get it up. The offline time was very difficult, however.

We have two good people on staff that can handle deployment and maintenance. We are looking for another employee in the market, however, it's been very difficult to find someone.

The implementation was done in-house with some help from our supplier.

We have not noted an ROI yet.

We actually expanded our subscription for the next three years. I don't remember the exact price. It should be somewhere about 36,000 Euros. That's the cost for three years. It's moderately priced. I'd rate the general cost at a three out of five. 

We thought about other options, however, since we had a very good experience with the FortiGate Firewall, I decided to buy FortiWeb. They operate well together. 

We are just customers and end-users.

Potential new users should compare different products from different vendors to make a decision on a web application firewall. It doesn't matter if it is FortiWeb, or F5, or something else, just take some time to compare. 

I'd rate the solution six out of ten.

The primary use case of this solution is to protect web applications, web servers, and our customers' mobile applications. We are a Fortinet partner and integrator, installing both appliances and VMs. I'm a network security consultant. 

There are many valuable features in this solution including vulnerability scanning, IPS, and geolocalization. The product is user-friendly and simple.

The solution currently lacks a VM demo to enable testing prior to purchasing. It would make things easier for our clients to choose this product if they had that ability. We are based in Tunisia and the lack of multilingual technical support is problematic at times. 

I've been using this solution for five years. 

The solution is stable. 

The solution is scalable. 

We generally use the chat or phone for technical support with the occasional remote session with the technical team. The customer service is good but lacks a multilingual element that would benefit us. 

Positive

I previously used the Cisco IOS CLI for the web interface. It's more complicated than Fortinet. Fortinet offers simple, easy-to-use solutions. We are also a vendor for F5 which offers similar features and functionality to Fortinet but is more expensive. 

The initial setup is straightforward, it's a matter of choosing the architecture, the deployment mode, and configuring. Deployment time depends on the client's application. If it's a matter of one or two applications, deployment can take between two or three days. If there are many more applications that require protection, it can take over a month.

This solution works best for medium and enterprise-size companies. One of our clients is a bank, another is an educational institute with over 20,000 users. 

I rate this solution eight out of 10. 

We use Fortinet FortiWeb for industrial companies. We are making doing network segmentation inside the industrial park, which is quite difficult and we have to design, develop and maintain all of the different kinds of solutions. We brought Fortinet FortiWeb to protect against forbidden access and for special access for providers in the industry.

We do not use this solution for our organization but for clients' organizations. For example, one customer uses the solution for the protection of all their different applications. Additionally, the solution has protected the servers that are in the DMC, such as services for people in other countries that have to have access.

You have the ability to control everything from one single dashboard.

The solution could improve by being able to handle different use cases.

I have used Fortinet FortiWeb within the past 12 months.

The stability is good.

The scalability is quite good. The scalability has been good for each industry. You can integrate Fortinet FortiWeb with all kinds of products of the same vendor. This allows the ability for a lot of different functions that you don't have to have really competent staff because you do not have different vendors. You don't have to call another vendor for solving one ticket or problem. This made everything simple, it was very good.

We have approximately 2,000 people using this solution.

When our customers have acquired more industrial plants we will propose this solution for all those industrial plant customers.

The technical support is good.

I would rate the technical support of Fortinet FortiWeb an eight out of ten.

We previously used F5.

The installation was straightforward and it took us approximately one month. There are a lot of services, approximately 15, and other parts to configure.

We used consultants, technicians and, an integrator for the implementation.

We do not need more than three people to do the maintenance and support of Fortinet FortiWeb.

We have seen a return on investment. It has been decent but not the best. We choose to work with one large customer and it has been similar to an investment.

We are on an annual license for this solution and the price is approximately €100.

We have evaluated a number of solutions, such as Citrix NetScaler.

I would recommend those wanting to implement this solution to use good integrators, there are not too many people who know about this solution. I lived in Spain and there are not too many installations made, it's quite difficult to find people that know a lot about it. It's not a difficult installation and the vendor helped us a lot and is very helpful. You have professional services you can use from the vendor if you choose, but they are quite expensive for customers.

One of the biggest lessons I have learned from using Fortinet FortiWeb is Fortinet helps you a lot. They can develop something specifically for a customers' use case without any costs for them.

I rate Fortinet FortiWeb a nine out of ten.

The solution's most valuable feature is its security profile. 

The solution could improve its ease of use and add more advanced WAF features in future releases.

I have been working with the product for more than five years. 

I've worked with both F5 and Fortinet and find F5 to be much better. F5 is easier to implement, more compatible with applications, and more robust and stable. Regarding securing applications behind the WAF, F5 generally provides better security.

The solution's implementation is not complex and depends on the number and complexity of customers' applications. 

Fortinet FortiWeb's pricing is reasonable. Its licensing costs are yearly. 

The product has been in the WAF business for a long time. Its maturity cannot be compared to other alternatives. Based on my experience with Fortinet FortiWeb, I'd recommend it in specific cases, especially if you have a limited budget. It can meet basic requirements. However, other vendors have better features and support. I rate the overall product a six out of ten. 

We use the solution for branch optimization. Initially, it was all in MPLS, but they converted to the broadband network. Implementing it reduced the cost, and its redundancy was also better.

It improves latency by optimizing traffic routing. When a better link is available, it reroutes traffic through it. Additionally, MPLS helps reduce costs. Critical data can be prioritized on MPLS, while other data uses broadband connectivity, leading to better resource utilization. This setup supports load sharing, allowing multiple links to work simultaneously for improved performance.

From the web application perspective, it offers comprehensive features, including URL filtering and DNS protection. Additionally, FortiWeb provides SD-WAN capabilities, such as load sharing based on latency or packet drops. Its extensive feature set allows customers to choose and customize according to their needs and preferences.

FortiWeb could have an inbound load balancing pack. Currently, they don't have it, but they have the print product for that. It'll be better if they have it on the same product.

I have been using FortiWeb Web Application Firewall (WAF) for three years.

It is primarily for the enterprise environment segment. Even if one of the three links goes down, another link will appear to resolve the issue. FortiWeb primarily relies on its high availability features.

We had a quick response from support since we have partnered with them. 

Positive

The initial setup was easy because we had training. Also, the FortiGate team provides good support. It took around around five to six days to complete. It is only a plug-and-play environment.

The price is cheap compared to other products in the market. It costs 15-20% less than CheckPoint.

It is more than a basic firewall. It includes various features for enhanced security, such as protection against threats and vulnerabilities specific to web applications. Depending on their roles and responsibilities, some people who work on EDS may also interact with FortiWeb WAF.

FortiWeb offers a comprehensive product suite for SOC integration, including automation and SIEM capabilities. It also offers a complete integration package, including physical components that ensure a consistent experience for internal and external teams.

It includes an analyzer that provides comprehensive visibility. It is designed to optimize costs while sending detailed analytics and other relevant data.

I recommend the solution for security.

I rate the solution a nine out of ten.