Fortinet Managed Rules for AWS WAF should have AI-driven threat detection to reduce false positives, and the UI should be improved. Additionally, improvements should be made to the logging methods and web application protection. It should also be more effective for modern environments, and as the world evolves along with AI, it should evolve with an AI-driven architecture as well. We are emerging in the AI space, and Fortinet Managed Rules for AWS WAF should be AI compatible as well. I am not certain whether it is AI compatible, as I have not used that particular service. I suggest enhancing it for more AI-driven applications.
Project Manager at Pentagon System and Services Pvt. Ltd.
Real User
Top 5
May 16, 2026
Improvements for Fortinet Managed Rules for AWS WAF could enhance its capabilities as a cloud-based software application by directly identifying application model-wise for monthly usage which resembles billing concerning AWS billing, deployment, and infrastructure management. I find Fortinet Managed Rules for AWS WAF acceptable with no specific recommendations for improvements. There are no additional improvements needed for Fortinet Managed Rules for AWS WAF that I have not mentioned.
I do not have anything else to add about the needed improvements. I chose eight out of ten for my rating because there are some competitor software or applications that offer more advanced rules and policies.
Fortinet Managed Rules for AWS WAF are very effective, but areas for improvement include better visibility into rule logic, deeper API schema validation, and advanced bot management features. For example, legitimate API payloads can be blocked due to generic pattern matching without clear logs indicating the trigger, and there is a need for more advanced capabilities in bot detection, such as device fingerprinting.
Fortinet Managed Rules for AWS WAF could be improved by providing more granular visibility and tuning capabilities while still keeping the managed nature of the service. Simplifying rule customization and offering clearer insights into why certain rules trigger would help reduce the effort required to fine‑tune policies for complex applications. Additional enhancements around analytics and reporting — such as faster access to traffic insights and clearer threat context — would further improve operational efficiency and help teams respond more quickly to security events.
Fortinet Managed Rules for AWS WAF has a very complex configuration. It has a dependency on its license for IPS signatures and web filtering, and it is resource-intensive with large requirements in very large network environments. Managing multiple firewalls, log storage, and analytics can be challenging. There are also upgrade issues and very limited third-party integrations. The price is very high. The investment is an issue because a small company cannot afford it, but organizations with the capability are adopting it. Regarding installation, there are some challenges, such as setting the internal network IP and configuring it. You can deploy it on a VM, but it can be difficult to manage during the initial period.
Learn what your peers think about Fortinet Managed Rules for AWS WAF. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
The basic functionality of protecting against OWASP Top 10 vulnerabilities is standard for any WAF solution; however, I am concerned about Fortinet's effectiveness with modern web applications since it protects not only monolithic applications but also Kubernetes applications. My core concern regarding the product lies in the reporting functions, where I face limitations, particularly tenant-wise. I cannot generate individual reports for multiple tenants.
Fortinet Managed Rules for AWS WAF enhances security by offering pre-configured firewall rules designed to protect AWS applications from common exploits and vulnerabilities.Fortinet Managed Rules for AWS WAF offers advanced threat protection specifically tailored for the AWS environment. It seamlessly integrates with AWS WAF, providing security teams with a comprehensive solution to defend against sophisticated attacks without extensive configurations. The rules continually update to tackle...
Fortinet Managed Rules for AWS WAF should have AI-driven threat detection to reduce false positives, and the UI should be improved. Additionally, improvements should be made to the logging methods and web application protection. It should also be more effective for modern environments, and as the world evolves along with AI, it should evolve with an AI-driven architecture as well. We are emerging in the AI space, and Fortinet Managed Rules for AWS WAF should be AI compatible as well. I am not certain whether it is AI compatible, as I have not used that particular service. I suggest enhancing it for more AI-driven applications.
Improvements for Fortinet Managed Rules for AWS WAF could enhance its capabilities as a cloud-based software application by directly identifying application model-wise for monthly usage which resembles billing concerning AWS billing, deployment, and infrastructure management. I find Fortinet Managed Rules for AWS WAF acceptable with no specific recommendations for improvements. There are no additional improvements needed for Fortinet Managed Rules for AWS WAF that I have not mentioned.
I do not have anything else to add about the needed improvements. I chose eight out of ten for my rating because there are some competitor software or applications that offer more advanced rules and policies.
Fortinet Managed Rules for AWS WAF are very effective, but areas for improvement include better visibility into rule logic, deeper API schema validation, and advanced bot management features. For example, legitimate API payloads can be blocked due to generic pattern matching without clear logs indicating the trigger, and there is a need for more advanced capabilities in bot detection, such as device fingerprinting.
Fortinet Managed Rules for AWS WAF could be improved by providing more granular visibility and tuning capabilities while still keeping the managed nature of the service. Simplifying rule customization and offering clearer insights into why certain rules trigger would help reduce the effort required to fine‑tune policies for complex applications. Additional enhancements around analytics and reporting — such as faster access to traffic insights and clearer threat context — would further improve operational efficiency and help teams respond more quickly to security events.
Fortinet Managed Rules for AWS WAF has a very complex configuration. It has a dependency on its license for IPS signatures and web filtering, and it is resource-intensive with large requirements in very large network environments. Managing multiple firewalls, log storage, and analytics can be challenging. There are also upgrade issues and very limited third-party integrations. The price is very high. The investment is an issue because a small company cannot afford it, but organizations with the capability are adopting it. Regarding installation, there are some challenges, such as setting the internal network IP and configuring it. You can deploy it on a VM, but it can be difficult to manage during the initial period.
The basic functionality of protecting against OWASP Top 10 vulnerabilities is standard for any WAF solution; however, I am concerned about Fortinet's effectiveness with modern web applications since it protects not only monolithic applications but also Kubernetes applications. My core concern regarding the product lies in the reporting functions, where I face limitations, particularly tenant-wise. I cannot generate individual reports for multiple tenants.