Fortinet FortiWeb Reviews

We use Fortinet FortiWeb to protect our exchange terminal for mail security.

The F5 solution has more features than Fortinet FortiWeb, such as multiple load balancing.

I have been using Fortinet FortiWeb for approximately four years.

The solution is stable.

I have approximately four clients using this solution.

The installation is easy and straightforward, and the timeframe depends on the application

We have one engineer that does the support of this solution.

I have evaluated F5 and Citrix.

I would recommend this solution. I hope they are able to make some changes to compete with other solutions, such as F5 and Citrix.

I rate Fortinet FortiWeb a seven out of ten.

I am more on the design side. The use case depends on what a customer requires in terms of web protection. We mostly use it for reverse proxy and load balancing.

The ability to configure multiple policies for different requirements is a strong feature of Fortinet FortiWeb.

They can introduce a scaled-down version for the SMB market. It would be very competitive in the environment.

I have been using Fortinet FortiWeb for two or three years.

It is stable. You obviously need to assign and write configurations correctly.

It is scalable.

Every response from Fortinet is quite good and according to their SLAs.

I don't get involved in implementation and installation.

It is not a cheap product. It is not like a Linux or a Genex that you can deploy. It is a hardware appliance, and it is built for a specific reason and reliability.

It is an enterprise-class solution. You wouldn't find an SMB investing in something like this.

I would recommend this solution to others if they can afford it. We plan to continue using this solution. It is a good solution, and the customers are quite happy using it. 

I would rate Fortinet FortiWeb a nine out of ten.

The primary use case of this solution is to protect web applications, and stop attacks.

The most valuable feature of this solution is Fail-Open.

Troubleshooting features could be incorporated with this solution.

The reporting could be optimized.

I have been using this solution for three years.

We are using the latest version.

The stability is okay, sometimes. It could be more stable.

In terms of scalability, I have faced some challenges.

We have 50 users in our organization.

Technical support is good.

Previously, I did not use another solution.

The initial setup was straightforward.

It takes less time to deploy compared with other competitors.

One person is enough to maintain this solution.

We did not use an integrator or reseller. I completed the deployment and implementation.

I would recommend this solution to others who are interested in using it.

I plan to continue with my usage of this solution in the future. It's a good product, but if they could better the stability, it would be great.

I would rate Fortinet FortiWeb an eight out of ten.

• Routing
• Web filtering
• Wi-Fi control

It’s an all-in-one solution that lowers the cost of having multiple solutions. It gave us more Wi-Fi control capability.

- Logging

We have been using this model for one year. We previously implemented earlier models for six years.

We have encountered very few stability problems. In six years, we had one device that need to be shipped back to Fortinet. We had HA set up at that location, so there was no down time.

We did not have a problem upgrading their firmware updates.

Yes and no; you have to size it right before buying. The hardware on some models is not expandable, but you can easily turn software add-ons on and off.

I’ll give them an 8/10 for technical support.

We had a Cisco router and a Barracuda. We switched from that to a FortiGatefirewall and the Cisco Router. Finally, when the Cisco router was going bad, we replaced it with a FortiGate 100 for firewall and routing capability.

Initial setup complexity depends on the network. The admin console is easy to use.

They have options for their licensing. Look at what you are going to use it for and purchase that way.

Before choosing this product, we did not evaluate other options. We had one of the smaller firewalls, and we upgraded to one of their bigger ones.

Look at sizing. And if you are a 24/7/365 shop, get two for HA.

We primarily used the solution as a POC to see how effective it is and so far we're happy with it. 

We used it for protecting our web servers and the use of some web applications within a financial institution.

They have a very good graphical user interface. 

The initial setup is pretty straightforward.

The solution is stable.

The scalability is pretty good.

We have found the pricing to be pretty reasonable. 

During the POC we did encounter problems. For example, the integration with the HSM for storing keys was not ideal.

The downside is on the security side and is the firewall. When you look at the firewall, it doesn't do decryption and you have to depend on other third-party tools to do that. Or you would have to use another FortiGate product which makes things a little complicated. Today, people look for simplicity in terms of design. That's one downside to Fortinet's Firewall. The downside to FortiWeb is it had issues integrating with HSM. They fixed the issue, however, it took a long time to fix and it wasn't pleasant. I had to work with deadlines and I could not make the deadlines due to the slow timeline on their side.

For the firewall, when you deploy IPS, the IPS doesn't have visibility into encrypted traffic and 70% of traffic these days is encrypted, and that's the conservative figure of the actual percentage. If your IPS doesn't have that visibility, then it is not really doing the job that it has to do. In comparison, Palo Alto is the best firewall in terms of performance and has the technical specifications that we need. 

The support side of things can be improved. They need to quickly tend to issues and resolve them as soon as possible. Those are the expectations.

We've only used FortiWeb for a POC. 

The stability of the product has been good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. When you look at the specs and if you do what they say in the specs, in terms of ensuring that you're not overlooking anything, it's a good product. 

The solution can scale. That's not a problem at all.

Technical support could be more responsive. They need to address issues faster. I'm not completely happy with the level of support we receive.

Generally, the solution is easy to set up. It's not overly complex. 

The pricing is pretty good if you look at other top options in this space. They are reasonable. 

I've also looked at Palo Alto, and it has the specifications that we need, however, the pricing is quite high.

Our company is a Fortinet partner.

I'd rate the solution at a seven out of ten.

In terms of functionality, it does a perfect job, however, when you have to integrate with third-party tools, that's where you might have issues. Going forward, maybe what Fortinet needs to do is to ensure that they don't have integration issues with the other big vendors that are common in terms of what's deployed out there. Someone might want FortiWeb, however, for example in my case where a bank needed to integrate that with Jamalt or HSM for description, they have to do their homework. 

When you're dealing with financial clients, they need to have seamless integration and not to have these challenges where it would take time to fix as an issue. That should be figured out pre-deployment. Companies in banking can't wait for clients to point out that this is an issue. They have to attend to it beforehand and resolve issues to meet expectations. 

Mitigation of attacks and thefts in an online banking platform.

High-performance and detection engines, because of their high rate of exposure of web attacks.

Integration and learning about attacks. I would improve these areas by making FortiWeb integrate with other network technologies and feedback from multiple platforms.

No issues with stability.

The equipment is dimensioned as a function of servers traffic. To scale on the platform it is necessary to acquire superior models.

Excellent.

It was simple and functional.

FortiWeb can be purchased in VM mode for a lower price and the same features.

The WAF module of F5 was evaluated.

FortiWeb is easy to operate with a reasonably high level of protection. FortiWeb provides multiple deployment options with a physical or virtual (FortiWeb-VM) appliance, and acts either as a reverse/transparent proxy or out-of-band. It is also available on AWS and Azure.

I would advise requesting a PoC test with a learning policy.

I primarily use this solution for the protection of our applications. We chose Fortinet because you can check an application and deploy it in real time. We use the WAF solution from Fortinet to protect against new exploits discovered. Within Fortinet, there is a way to secure such bugs and exploits in the application we're running.

The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability. This part of the intelligence and behavioral analysis makes it very easy to tell if the user just used a few wrong characters in the field or not. It also checks to see if different characters are being entered very quickly, and can tell whether the user is actually typing something.

Another feature is the possibility to balance the traffic and there's lots of integration with your sandbox.

We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point. But, from what I understand, we haven't looked at the market to see how this can be done yet.

In terms of stability, we haven't had a crash or malfunction.

We've used the solution for two years and it's been okay.

We are operating at approximately sixty percent capacity. The solution is used all the time, but you can measure this because there are different boxes that you can buy for different levels. In our case, we keep some at thirty to forty percent available. In order to be able to watch an application and protect a larger amount of traffic, we keep it at this level. So we're good on this scalability or performance side.

We haven't had any technical issues, because it was designed as specified in the documentation. I know we have local support, so if there is an issue we can call and escalate the call to get the support if there is a problem. We are within the warranty service period, so from this side, we are comfortable with this solution.

We did use another solution, but, compared with the competition, we got the best ratio of performance to price when we chose Fortinet. We could use F5, for example, but the price is not as good.

The setup for one application is sort of complex but based on the automatic profiling, they're learning. You are provided with a set of policies that meet best practices and security recommendations, so you are good to go in a very short time.

We did the implementation ourselves. It was not required to have some higher level of expertise order to implement. There were no functions that were not documented, so we didn't need any outside party involved with this process.

The solution gives us the best price to performance ratio.

The interface has been a pain in the past but now with the later version, 2.2, the user behavior analysis has improved. Before when you want to deploy an application, for example, you needed to have a login page and make sure to search for the user behavior and all the interactions. That way, you could generate flexible usage for that application. Now that's automated, so apart from that, there's no huge report or feature that we would like to improve.

I would rate this product a ten out of ten.

The most valuable features are support and security.

More templates should be made available for reporting.

I would like to see more improvements with respect to threat intelligence.

I have been using Fortinet FortiWeb for a few years.

This is a stable solution.

Scalability is good. We have more than 1,000 users.

The technical support is okay and I am satisfied with it.

The initial setup is straightforward and the deployment can be completed within a couple of hours.

I would rate this solution a seven out of ten.