Fortinet FortiWeb Reviews

We have our webmail, a private drop off solution, a video clip for our users to upload, and share company videos, all with FortiWeb.

It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet.

The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures. If you want a good security solution, you have to get in kicking high for things that are getting blocked and you have to whitelist some signatures to make things work. It's a time-consuming thing to do. It would be nice to whitelist private IP ranges and see which signatures are hit and whitelist them automatically - which I think is possible to do. 

It would also be nice to have some extra security in the solution. I just upgraded to 6.0 and there were some security additions, but it would be nice to have some more and be able to configure them in the right way. Specifically, an updated security policy would be nice.

It's really stable. There was only one issue in the past two and a half years and with the help of the technical support from Fortinet, it was quickly fixed.

We do have a small team but I think it's scalable. You can upgrade to a higher level, you can take it to a higher visibility mode. I think it's a very scalable solution. We have around 1,000 users using this solution.

The technical support is very good.

The initial setup was rather straightforward because we had some help setting up the unit in the first place. The initial setup, if you're using a VM, is really easy to roll out, if you know the Fortinet command line. It's not easy to configure an IP address and get it started. Then there was a rather steep learning curve in what you exactly have to do to have a really secure solution. It's rather easy to make it a reverse proxy and do nothing, but to get it monitoring in the right way, it takes some time. You have to think about it.

Deployment was a one-time setup. I think it took us about two days including one solution for configuring. For now, there is a new solution we need behind FortiWeb, and I think it takes about four to eight hours to set up. We require just one staff member for maintenance.

You can set up licensing on a monthly or yearly basis. I'm not sure about pricing.

Every external solution acceptable for work will use FortiWeb. We do have three or four FortiWeb solutions now and if there is anything we need to share through the internet, it's going to be through FortiWeb.

In terms of advice, I'd say take a good look at the support side of the help documents. There a very good document cycle on the Fortinet website. There's a lot of information. Get to know the solution.

I would rate this solution eight out of 10.

We use this product for load balancing and for their firewall. We are partners with Fortinet. 

I like that the GUI makes it easy to scale in terms of learning and utilization.
We chose this solution based on the online training and materials they offered. It's easily available on the web. 

There are specific functionalities that I'd like to see improve and that would basically bring it into line with what is being offered by solutions such as F5 and Imperva.

I've been using this solution for five years. 

This is a stable solution. 

The initial setup is straightforward, the deployment took us about two hours. We currently have 16 users. 

I rate this solution seven out of 10. 

We are using this product to protect something similar to an online banking network.

We have had a lot of web application attacks and this product has protected us. Once it was implemented, most of our problems were solved. For example, we had a DDoS attack against the seventh layer and it protected us.

The most valuable feature is that this product represents a whole solution, including a WAF, and even anti-defacements. It is not just a single feature.

Anti-defacement has an amazing feature whereby if something bypasses the WAF then they can rollback the website.

The user experience is very good and it is simple to use.

They have AI and machine learning capabilities, so if you are using the WAF then you don't need extra features.

The initial setup in our data center was somewhat complex.

We have been using Fortinet FortiWeb since 2008.

FortiWeb is a stable product.

We have been working with this solution for more than 12 years and it has scaled with our requirements. We upgraded a lot of hardware and applications, and things change from time to time. There is not just a single point where we changed something that tested the scalability.

Technical support is amazing. We have 24x7 support and every time we have contacted them, it takes less than two hours before everything is solved. We are confident that if we have any issue then we can communicate with the vendor and they will help us to solve the problem.

In our data center and with the complexity of it, it takes one or two days to implement and fine-tune.

We deployed this product in-house. We started with the training and then we implemented the solution. In case we have any problem then we can communicate with the vendor.

We have three security specialists who work as a team for maintenance.

We renew our contract and license every three years. There are no costs in addition to the standard licensing fees. There is just one cost.

Prior to implementing FortiWeb, we tested Barracuda, F5, Citrix, and Sophos.

FortiWeb is a security product that I can recommend. My advice for anybody who is implementing this type of solution is not to simply believe the words of the vendors. Test the product in your environment and then you can select the best one for your needs. A lot of vendors nowadays will tell you that they are the best, but the best thing to do is test each of the products inside your network.

The roadmap that the vendor has for this product is good. They have a lot of extra features that they are developing for future releases. They have an amazing R&D team, they know the competition, and they know the market. In my department, we find that it is amazing and are not searching for additional functionality.

I would rate this solution a ten out of ten.

• FortiAnalyzer (SIEM) integration is useful for us because we collect in this device almost all the security events from the network. We are using exact URL (no default page, no home page) for our e-banking services for enterprises. Then we give a simple way to access the service to our customers using URL rewrite and redirect.
• Rewrite
• Redirect
• Proxy reverse mode

It helped us initially publish e-banking services, but after a few months, we discovered it was an easy way to deploy other internal websites, published in an intranet style.

I think Fortinet must make an effort in terms of upgrade procedures. There were some troubles upgrading from 5.2.x to 5.3.x, and the problem appeared again upgrading from 5.3.x to 5.5.x:

• Upgrading from 5.2.x to 5.3.x. Fortinet provides a script, but it doesn't work (they do not say anything about it). In some cases:
  • If you are using the subnet 192.168.1.x in any interface, it assigns this network for management, which means it can't apply the configuration.
  • If you use LDAP authentication, the new field "realm" appears empty, the configuration doesn't work, and you have to manually change it.
• Upgrading from 5.3.x to 5.5.x:
  • Some changes are introduced, then it requires fully formatting the device and configuring it manually (copy/paste pieces of configuration).
  • Once again, if you are using the subnet 192.168.1.x in any interface, it assigns this network for management, which means it can't apply the configuration.

I have used it for three years.

It really is a powerful WAF; more than one year running with no stability issues.

We did not have to scale our web servers; we just added new servers without any issue.

The support is good, but they need more experts, because sometimes they take too much time to provide solutions.

Fortinet was the first brand we thought about, because we had been using FortiGate for a few years, and we thought they had some common architecture.

The initial setup was very easy. We use the proxy reverse schema; I think it is the best for almost all situations. The last firmware 5.5.x permits customers to deploy in different configurations in the same box.

I think FortiWeb is the best WAF in terms of cost/benefit. Licensing is similar to other Fortinet products; 100% clear with no surprises.

For new projects this year, we evaluated Imperva and Barracuda. The latter can be a good option for entry-level deployments, but is hard to surpass Fortinet products.

I advise being careful with the upgrade procedures. Also, it is a good idea to use Fortinet for a 60-day trial. That way, you can do a lot of testing on your own before deploying it. Using the VM (virtual machine) you can save a lot of time, can do proofs of concept and avoid opening tickets asking basics questions.

Publishing Web application, Exchange, Lotus Domino. Some microservices. 

Fortiweb improved way people work and access internal resources based on http/https communication. 

It depends on the project and what the customer is looking for. 

First of all, upgrade path should be introduced for scaling up or down VM deployment. Second, they need to include better wizards for publishing common applications like MS Exchange. 

.

Fortinet FortiWeb has been extensively used by us previously, but we are going to decrease the usage now because of cost. 

Fortinet FortiWeb is scalable but you have to do forklift upgrades. 

Fortinet has had some rough times. When they started expanding a bit, they completely screwed up their support system. The support had no clue what they were doing except just asking dumb questions. Now is bit different since Fortinet consolidated their support but still you need to pass L1 support quickly. 

Even from the early days, Fortigate/Fortiweb was easy to set up. It had an ugly interface but it has been improved every year. 

I deliver different security solution to customers. 

The license cost depends on the size of the box or the size of the solution. It can go from few K Euros to a few hundred thousand Euros a year depending on your size.

If you are looking to be partner with Fortinet, you have to buy licenses. Not even VMs are free to partners.  

Fortiweb in essence, needs to become part of Fortigate. Fortinet is not suitable for SMB customers since you have to deploy several boxes in order to get thing right. Also, speed of deployment is important and that isn't fast with many boxes. 

On a scale from one to ten, I would rate this product a solid seven. It's a good product. 

All of our customers use it because they need a proxy solution. Fortinet provides us the best solution to do this. I don't believe that Check Point or Palo Alto can do what Fortinet does. 

There's a high school with many branches in our country. I configured it for them and they are very happy with Fortinet. Fortinet's performance is very good. 

All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet: FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features.

New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems. I don't have anything to say about what to do to improve this product. It's a great solution for us.

Scalability is very good. Our customers that use Fortinet have two thousand local users.

Any problems that our customers have, they first call me and I support them. If I can't solve a problem I create a ticket. This happens very rarely. Their technical support is very good because they always help me.

The initial setup is very simple to configure. Our customers are very happy with that.

The time it takes to deploy depends on how deep our project is. Sometimes it can take a week and sometimes a month. Minimum a week though.

All Fortinet products that we sell, I deploy by myself.

The licensing policy is very good. Our customers are very happy with that.

When our customers ask about Palo Alto we can sell them a Palo Alto but we try to explain that Fortinet is a great solution. 

I would rate it an eleven out of ten. 

• SSL offloading
• Unlimited number of protected servers
• Load balancing

If a customer has a web portal that frequently experiences attacks, FortiWeb blocks all negative traffic.

It would be great if FortiWeb could provide web forms like Microsoft TMG. (For example, OWA Exchange portal or SharePoint portal.) Many of our customers are looking forward to this functionality.

I don’t use it, but as a partner of Fortinet, I implement it at customers’ sites. Our customers have been using it for about two years.

One of our customers recently experienced a stability problem. The customer has two FortiWeb appliances in an HA cluster (A-P). Something happened and both FortiWeb units became MASTER. Only a reboot of one of the units helped them. We opened a ticket.

I have not encountered any scalability issues.

Sometimes technical support is very slow, but sometimes they work very fast. So I will rate it 5/10.

I did not previously use a different solution.

Initial setup is not very complex. But if we have problems with configuration, we ask support.

We always recommend the full bundle, but sometimes we offer a budget-conscious solution for the customer.

Before choosing this product, I did not evaluate other options.

Look at the PRICE and the PERFORMANCE.

I use Fortinet FortiWeb to protect my web application. It works to protect my applications from attack signatures. It allows me to create a URL profile and HTTP content routing when I have many web servers working on the same virtual server.

Fortinet FortiWeb has helped our organization by protecting the web application from any attack, known and unknown. The unknown protection is done by effective machine learning that is working on many unknown attacks. It operates on the probability of attacks.

The most valuable feature is the attack signature and machine learning.

The machine learning feature of the solution could be improved.

No solution is 100% secure and the security could always be worked on.

I have been using Fortinet FortiWeb for a year and a half.

Fortinet FortiWeb is stable. It is able to detect the latest vulnerability from Log4j that happened on The Verge.

The solution's attack signature receives its update from Fortinet Developer Network, and many of the updates are immediate. The attack signatures are updated regularly due to the connection to Fortinet Developer Network.

The solution is highly scalable.

The technical support was good, they were very fast. They were able to resolve my issues.

I have used the support in many solutions, such as FortiClient, FortiWeb, for Sandbox integration with FortiMail, and other products in Fortinet.

The installation is easy. It takes one day for the implementation, and after 14 days one day for tuning.

Some customer needs to go to production fast, it can take me one day for the installation, and after seven days I can do the tuning quickly.

I do the implementation and support the solution.

There is a subscription to use this solution. There are some additional features that can be added for an extra fee. The use of the features depends on the client's needs, such as full machine learning and signatures.

I would recommend this solution to others. Additionally, I would recommend F5.

I rate Fortinet FortiWeb a nine out of ten.