Fortinet FortiWeb Reviews

Name: Fortinet FortiWeb
Brand: Fortinet
Rating: 4.0 (121 reviews)

Vendor: Fortinet

4.0 out of 5

121 reviews
89% willing to recommend

Leave a review

What is Fortinet FortiWeb?

Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

Get the Fortinet FortiWeb Buyer's Guide and find out what your peers are saying about Fortinet FortiWeb, Prisma Cloud by Palo Alto Networks, Imperva Application Security Platform and more!

Fortinet FortiWeb is the #1 ranked solution in top Web Application Firewalls. PeerSpot users give Fortinet FortiWeb an average rating of 8.0 out of 10. Fortinet FortiWeb is most commonly compared to Prisma Cloud by Palo Alto Networks: Fortinet FortiWeb vs Prisma Cloud by Palo Alto Networks. Fortinet FortiWeb is popular among the large enterprise segment, accounting for 45% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a manufacturing company, accounting for 9% of all views.

Helped 886,664 peers since 2012

Featured Fortinet FortiWeb reviews

HameedAhmed

Joint Director at PAA

I have used Fortinet FortiWeb's integration features. We have easily integrated all of the applications with the product. Most of the applications we are using are in-house built. My technical team is looking after the best features. I have not used it extensively for maybe two and a half years. I have been involved in the installation, but I am not actually using the product. I work with it from time to time but not extensively. I would assess Fortinet FortiWeb's adaptive machine learning and artificial intelligence as having new patches installed regarding artificial intelligence, but when we bought it, I think the learning feature was there. Now they have installed artificial intelligence features through patches. We have a complete portfolio of Fortinet in our organization, including FortiMail, Fortinet FortiWeb, and FortiGate, along with multi-factor authentication. All of the products are from Fortinet. Fortinet tools integrate with each other and work in conjunction. I think Fortinet FortiWeb has helped us meet regulatory compliance because we are not a regulatory organization, but our sister organization is regulatory. We have regulatory compliance with the International Civil Aviation Authority, whose audit teams have checked our data center and these security products, and they are satisfied with us. The question about leveraging Fortinet FortiWeb's automated policy management does not pertain to my domain because I am not so technical, but I am in a management role now. My engineer is more technical than me. I would rate this product an eight point five out of ten.

Read full review

Jovan Jovanovic

Security Team Lead at a outsourcing company with 1,001-5,000 employees

Fortinet does not have the best Web Application Firewall in the world, but they do have interoperable systems. From the customer side, especially if they are already buying FortiGates, firewalls, mail, proxy, and other solutions, it becomes much easier for them to purchase Fortinet FortiWeb. This is because there is one technical support team and a single point of contact from the vendor side when they need technical expertise. The main benefits provided to users who already have other Fortinet solutions include better economics and easier maintenance due to unified technical support and a convenient single point of contact. Updates are much easier because Fortinet has one operating system for all their products. If the customer buys a manager as the central console of the whole system, they can operate all systems from one console and deploy all updates, renewals, or other changes.

Read full review

ManjunathA

Technical Support Engineer at Intimesolutions

Their AI technology is good. Overall, Fortinet is only good. The improvement needed is in their response time. In the past three to four years, whenever we called for support, they responded quickly, often within five to ten minutes, and addressed our issues immediately. Now it takes longer, and they talk about SLA and 48-hour response times. Even with critical issues, they say, 'Okay, that ticket is assigned; we need to wait for their update in four hours or two hours,' which is taking too long now. If there are issues, we need to contact the development team since we don't have configurations we can do ourselves; most features or configurations are managed by the development team. The graphical user interface looks difficult to understand, as other products allow us to see all features in one place. The AI in FortiWeb Web Application Firewall (WAF) is just a checkmark option. To use machine learning features, we only need to enable or disable it. However, we must check how useful it is in real-time environments to determine how it protects or identifies threats. There are features like web filtering, DDoS protection, geo-location blocking, SQL injection blocking, anomaly input validation, XML protection, and API protection already present, however, we also need configuration settings that indicate the advantages or disadvantages of enabled features. If the GUI includes notifications and improved logging capabilities that allow us to see traffic and store logs for six months, that would be very helpful. Currently, we cannot see any logs for allow traffic or monitor daily traffic effectively, which requires external syslog servers or cloud subscriptions. If inbuilt larger logging capability is added, it would enhance usability, and features like clickable options to unblock or create exceptions would greatly assist customers in managing their websites.

Read full review

Fortinet FortiWeb mindshare

As of April 2026, the mindshare of Fortinet FortiWeb in the Web Application Firewall (WAF) category stands at 6.5%, down from 8.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Web Application Firewall (WAF) Mindshare Distribution
Product	Mindshare (%)
Fortinet FortiWeb	6.5%
Imperva Application Security Platform	7.6%
F5 Advanced WAF	6.0%
Other	79.9%

Web Application Firewall (WAF)

PeerResearch reports based on Fortinet FortiWeb reviews

Type	Title	Date
Category	Web Application Firewall (WAF)	Apr 15, 2026	Download
Product	Reviews, tips, and advice from real users	Apr 15, 2026	Download
Comparison	Fortinet FortiWeb vs F5 Advanced WAF	Apr 15, 2026	Download
Comparison	Fortinet FortiWeb vs Imperva Application Security Platform	Apr 15, 2026	Download
Comparison	Fortinet FortiWeb vs Radware Cloud WAF Service	Apr 15, 2026	Download

Valuable Features

Fortinet FortiWeb excels in application control, web filtering, and QoS settings. It offers strong security with web application firewall capabilities, integration with other Fortinet products, and a user-friendly interface. Users highlight its machine learning, load balancing, zero-day protection, and bandwidth limitation features. Integration with FortiAnalyzer for security event collection and FortiSandbox for threat analysis is notable. The appliance provides seamless deployment, ease of configuration, high-performance threat detection, and effective traffic management.

"The support services, performance, and pricing are all valuable features, and the performance is excellent."
"Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports."
"Fortinet FortiWeb has helped our organization by protecting the web application from any attack, known and unknown."

Room for Improvement

Fortinet FortiWeb users suggest improving large-scale throughput support, buggy patch updates, and user interface simplification. They desire enhanced features like DDoS protection, integration with other technologies, customization, machine learning, and reporting capabilities. Hardware stability, technical support efficiency, pricing competitiveness, and the ease of software upgrades and deployments could also benefit from enhancements. Scalability for diverse applications and improved threat intelligence detection are additional areas for improvement.

"The initial setup process could be improved."
"The automation piece can be improved. Although they say it can be automated very well, there is still manual work."
"The machine learning feature of the solution could be improved."

ROI

Fortinet FortiWeb provides a satisfactory ROI and is considered a smart investment by users. It enhances security by mitigating cyber attacks and saves on time and resources. Users avoid expenses associated with hardware, reducing operational costs by 20% to 30%. They appreciate the quick deployment and cost-effectiveness, noting a significant ROI in Total Cost of Ownership over three to five years. The solution's cost savings potential is substantial along with increased peace of mind.

Pricing

Fortinet FortiWeb's pricing varies by model and is competitive in the market. Users find it reasonably priced, especially compared to brands like F5 and Barracuda. Licensing costs depend on configuration needs, such as hardware versus VM options. Some customers mention attractive discounts through partnerships. Pricing strategies include yearly or multi-year licenses, with transparent costs linked to specific traffic needs. While some consider it high, many value the cost-effectiveness and clear licensing.

"The product provides very good prices to customers. The price is set well and offers great value for money."
"The tool is really expensive."
"If one is cheap and ten is expensive, I rate the tool an eight."

Popular Use Cases

Fortinet FortiWeb is primarily used for web application security and firewall functions. Users deploy it to protect public web applications, e-banking platforms, and web services from various threats like SQL injections and exploits. It acts as a WAF, load balancer, and reverse proxy. Many organizations integrate it with other Fortinet products to enhance security for email, online transactions, and mobile applications in environments like Azure, AWS, and on-premises data centers.

Service and Support

Customers rate Fortinet FortiWeb's customer service and support between 7 and 9 out of 10, noting it as generally helpful and responsive. Some express satisfaction with prompt resolution, while others mention slow response times and the need for improved expertise. Users highlight the structured support system, yet emphasize the variation in effectiveness based on time zones. Few had issues with service stability. Support is highly regarded during emergencies but occasionally requires follow-up for escalation.

Deployment

Initial setup experiences with Fortinet FortiWeb varied. Many found it straightforward, especially for minimal configurations, but some noted complexities in complex environments or when integrating with other systems. CLI was required for certain features, though the GUI was often sufficient. Deployment was generally quick, ranging from hours to weeks, depending on requirements. Some users required external support for challenging scenarios. Familiarity with Fortinet products often facilitated smoother installations.

Scalability

Fortinet FortiWeb's scalability is often seen as positive. Many users report no issues, while others suggest that proper sizing is essential. Some note that hardware limitations require specific planning. Users appreciate its ability to manage varying traffic and resource needs effectively across various industries. However, some feel it lacks automation compared to other products. Cost considerations and the need for model upgrades are mentioned as factors in scalability.

Stability

Fortinet FortiWeb demonstrates strong reliability with infrequent issues. Users report minor glitches during upgrades, occasional memory consumption, and rare hardware or configuration problems. The stability is rated between five and ten by different users, with many highlighting minimal downtime and quick technical support responses. Regular updates and patches contribute to its steady performance, ensuring continuous operation, especially when correctly configured.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Fortinet FortiWeb Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	52
Midsize Enterprise	24
Large Enterprise	29

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	392
Midsize Enterprise	226
Large Enterprise	513

By visitors reading reviews

Top industries

By visitors reading reviews

Manufacturing Company

Financial Services Firm

Computer Software Company

Comms Service Provider

Government

University

Healthcare Company

Outsourcing Company

Retailer

Construction Company

Educational Organization

Marketing Services Firm

Media Company

Real Estate/Law Firm

Energy/Utilities Company

Performing Arts

Hospitality Company

Insurance Company

Non Profit

Transportation Company

Wholesaler/Distributor

Legal Firm

Logistics Company

Consumer Goods Company

Recreational Facilities/Services Company

Compare Fortinet FortiWeb with alternative products

Learn more about Fortinet FortiWeb

Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

Fortinet FortiWeb Features and Benefits

APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.
Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.
Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.
Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.
ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.
False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

Reviews from Real Users

Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

Fortinet FortiWeb was previously known as FortiWeb Web Application Firewall (WAF).

Fortinet FortiWeb customers

Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG

Product Categories

Web Application Firewall (WAF)

Fortinet Cloud Security

Popular Comparisons

Prisma Cloud by Palo Alto Networks vs Fortinet FortiWeb

Imperva Application Security Platform vs Fortinet FortiWeb

Cloudflare Web Application Firewall vs Fortinet FortiWeb

NetScaler vs Fortinet FortiWeb

Azure Front Door vs Fortinet FortiWeb

F5 Advanced WAF vs Fortinet FortiWeb

Microsoft Azure Application Gateway vs Fortinet FortiWeb

AWS WAF vs Fortinet FortiWeb

Akamai App and API Protector vs Fortinet FortiWeb

Azure Web Application Firewall vs Fortinet FortiWeb

Radware Alteon vs Fortinet FortiWeb

Fastly vs Fortinet FortiWeb

Check Point CloudGuard WAF vs Fortinet FortiWeb

Uplynk vs Fortinet FortiWeb

NGINX App Protect vs Fortinet FortiWeb

See all alternatives

Fortinet FortiWeb Reviews Summary
Author info	Rating	Review Summary
Joint Director at PAA	4.5	I've used Fortinet FortiWeb for three years to secure external applications, finding it impactful for reducing threats. Reporting is good, but fine-tuning is challenging. Overall, it's a reasonably priced solution with good support, rated 8.5/10.
Security Team Lead at a outsourcing company with 1,001-5,000 employees	5.0	I find FortiWeb excellent for managing large data and protecting applications. Its interoperability with other Fortinet solutions, competitive pricing, and scalability are great, though I believe technical support response times need significant improvement.
Technical Support Engineer at Intimesolutions	4.0	I find FortiWeb WAF effective for website protection, offering strong features like DDoS and SQL injection blocking. However, technical support response times have significantly worsened, and the GUI and logging capabilities need substantial improvement for better usability.
Senior Security Engineer at a financial services firm with 1,001-5,000 employees	2.5	I use FortiWeb for protecting and load balancing average websites against standard threats. It's easy to use and integrate, but lacks customization, advanced features, and scalability for specialized applications, making it best as a first line of defense.
Presales Engineer at SAUDI PARAMOUNT COMPUTER SYSTEMS	3.0	I find Fortinet FortiWeb effective for web security, securing traffic and hiding IPs. However, frequent, buggy firmware updates cause significant policy issues. Its scalability is also a concern, especially for larger environments.
IT Infrastructures Administrator at Esprit	4.0	I find FortiWeb excellent for protecting web and mobile applications, effectively blocking attacks with good stability and scalability. While its load balancing could be enhanced, it offers easy deployment and solid integration, making it a valuable, cost-effective solution.
Chief Technology Officer at Future Point Technologies	4.0	I use Fortinet FortiWeb for customer web app security, valuing its AI-driven threat detection and strong performance. It's stable, cost-effective, and easy to set up. However, its cloud service needs improvement, and customer support varies significantly, which I believe is its main drawback.
Global Channel Alliances Lead at a tech vendor with 10,001+ employees	4.0	I find Fortinet firewalls excellent for infrastructure protection, offering great enablement, competitive pricing, and exceptional support. My experience over nearly two years has been positive, despite some challenges with migration from F5. I rate it 8/10.

Title	Rating	Mindshare	Recommending
Prisma Cloud by Palo Alto Networks	4.2	2.0%	98%	114 interviews Add to research
Imperva Application Security Platform	4.3	7.6%	95%	135 interviews Add to research

Fortinet FortiWeb Reviews

What is Fortinet FortiWeb?

Featured Fortinet FortiWeb reviews

Fortinet FortiWeb mindshare

PeerResearch reports based on Fortinet FortiWeb reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Fortinet FortiWeb with alternative products

Learn more about Fortinet FortiWeb

Fortinet FortiWeb customers

Related questions

Product Categories

Popular Comparisons