Try our new research platform with insights from 80,000+ expert users

F5 Advanced WAF vs Fortinet FortiWeb comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024
 

Categories and Ranking

F5 Advanced WAF
Ranking in Web Application Firewall (WAF)
3rd
Average Rating
8.6
Number of Reviews
58
Ranking in other categories
No ranking in other categories
Fortinet FortiWeb
Ranking in Web Application Firewall (WAF)
4th
Average Rating
7.8
Number of Reviews
90
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of October 2024, in the Web Application Firewall (WAF) category, the mindshare of F5 Advanced WAF is 11.8%, up from 10.2% compared to the previous year. The mindshare of Fortinet FortiWeb is 8.2%, up from 7.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Web Application Firewall (WAF)
 

Featured Reviews

YUSUF  TAIWO - PeerSpot reviewer
Oct 26, 2023
Ensures a robust and unified security approach for our clients
My clients often seek a comprehensive security solution for their hybrid environments, with both cloud and on-premise web applications. To address this, I recommend combining F5 Advanced WAF for web application security with Fortinet solutions, including FortiGate, FortiSign, and FortiAnalyzer, for…
Kacem CHAMMALI - PeerSpot reviewer
Apr 1, 2024
Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb
The xFF, or X-Forwarded-For feature, IP reputation, and protected hostname. We can block access using the IP address, so no one can connect to our web server or website using the real IP. They need to use the FQDN instead. Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb and the option to protect the hostname. All traffic passes through FortiWeb. Machine learning capabilities in FortiWeb: I don't use machine learning all the time. In the initial phase of FortiWeb deployment, we use the learning process to detect the traffic passing through FortiGate to our website.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"There are a lot of good features."
"The anti-bot protection is the solution's most valuable feature. Safe-guard or credential staffing are also useful features."
"The product has valuable features for load balancing, monitoring tools, and HPXpress services."
"The most valuable features of F5 Advanced WAF are the security features and the protection."
"It's scalable and very easy to manage."
"The most valuable features of F5 Advanced WAF are the easy identification of events and customization. We can pinpoint our settings."
"It's flexible and powerful, and the users can input their own rules to the system."
"The solution's most valuable features include application DDoS protection, bot blocking, and HTTP header verifications."
"Some of the threat detection analytics and the filtering capabilities they give us for filtering a certain type of information that we don't want coming into the site are its valuable features. The analytics are pretty good in terms of being able to see what threats have been detected and mitigated, where they're coming from, and things like that."
"The most valuable features in Fortinet FortiWeb are sandboxing and threat prevention."
"It is a stable product."
"The solution has a very simple deployment."
"FortiWeb provides the level of security we need at an excellent price point. It's easy to deploy and operationally efficient."
"Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself."
"Before a platform faces the internet, Fortinet FortiWeb inspects the traffic."
"The policies and the filtering are the most valuable features, especially traffic, URL, and application filtering. The solution is excellent at detecting vulnerabilities."
 

Cons

"Compatibility with multiple cloud environments needs improvement. Both stability and scalability need to be improved."
"The accuracy of the automatic learning feature needs improvement."
"F5 Advanced WAF could improve resource usage, it is CPU intensive. Additionally, adding automated remediation would be a benefit. For example, an easy button alerts us of the events that are occurring, and what we want to do at the time. An automated approach where somebody could be alerted very quickly. Instead of going and reconfiguring everything, an automated approach is what I'm looking at."
"They could provide better pricing."
"The BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective."
"F5 Advanced needs to improve its bot protection. The solution needs to have machine learning to learn the behavior of the customer to recognize the human versus the bot. This is a difficult feature to explain to our customers. I would like documentation about the bot feature to make it easier for the customer to understand."
"One area for improvement in the product is its SSO integration, which posed challenges and required significant effort to resolve."
"The solution's dashboard could be improved. When you're moving from policy to policy, the logs and the integration of the logs in other systems aren't straightforward."
"The solution could improve its ease of use and add more advanced WAF features in future releases."
"If the price was lower, it would be a bit more attractive, as an option, to the customers."
"It would also be helpful if they could introduce easier reporting. It's good to have those reports that go to C-level management, and Fortinet does provide some graphs, but if they went into some more detail, that would be great."
"We use Kubernetes, so I would like to have a plugin to configure FortiWeb Cloud automatically using Kubernetes Ingress. That would reduce the complexity of setting up an Ingress object in Kubernetes. Some competing solutions help you configure Ingress and Kubernetes automatically."
"The memory use in each of the appliances is problematic."
"The dashboards are not that configurable. Application-specific dashboards can be improved. If we have 50 applications, there should be something to see what's happening with these 50 applications. There could be a graph or a consolidated alert page where all alerts are inbuilt. They have other products that I can use, but this feature should be built into FortiWeb."
"We would like the interface to be easier to use and more user-friendly. The interface needs to be enhanced."
"Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration."
 

Pricing and Cost Advice

"The pricing for F5 Advanced WAF is comparable to a Rolls-Royce. Its price is a bit high when you compare it with other vendors. F5 Advanced WAF is a bit expensive. The customer was on a three-year plan and it was around $560,000."
"I rate F5 Advanced WAF's pricing a three out of ten."
"It is a little bit costly, but it has all the features that are required."
"Pricing for this solution is higher than average."
"The cost is slightly above average."
"I would rate the pricing as seven out of ten"
"F5 Advanced WAF pricing structure should be adjusted to meet the need of small to medium-sized companies."
"A yearly license for F5 Advanced WAF is expensive."
"The license to use Fortinet FortiWeb is approximately $14,000."
"Due to the situation in Iran with the sanctions, the price of this solution is very expensive."
"FortiWeb offers these services at a price that SME customers can afford, but it's also suitable for large enterprises. Still, they need to put in more work to gain a greater share of enterprise business because they face stiff competition in this segment from F5, Cloudflare, and some others."
"FortiWeb can be purchased in VM mode for a lower price and the same features."
"The solution is cheaper compared with other solutions. It has a yearly license."
"Cheaper than others."
"​It really pays off to buy licences for multiple years​."
"The solution gives us the best price to performance ratio."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
814,325 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
14%
Government
8%
Manufacturing Company
7%
Educational Organization
42%
Computer Software Company
10%
Financial Services Firm
7%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about F5 Advanced WAF?
It's a fairly easy-to-use and user-friendly tool. My administrators and team also like its ability to customize the rules per the requirements.
What is your experience regarding pricing and costs for F5 Advanced WAF?
I would rate the pricing as seven out of ten. Sometimes, for specific models, additional licenses over the standard one need to be purchased. F5 Advanced WAF doesn't offer a single license that fit...
What needs improvement with F5 Advanced WAF?
More legacy protocols should be added to the solution. The aforementioned protocols are generally less used and might have been phased out from multiple solutions. But some of the large corporation...
What do you like most about Fortinet FortiWeb?
The WAF profiles has been effective at mitigating web-based threats.
What is your experience regarding pricing and costs for Fortinet FortiWeb?
FortiWeb is cheaper by over ten percent compared to other solutions like Barracuda and F5.
What needs improvement with Fortinet FortiWeb?
One area that needs improvement is the handling of SaaS downtime. When there is downtime at their data center, it becomes a transit point issue for us, causing downtime in our environment as well. ...
 

Learn More

 

Overview

 

Sample Customers

MAXIMUS, Vivo, American Systems, Bangladesh Post Office, City Bank
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
Find out what your peers are saying about F5 Advanced WAF vs. Fortinet FortiWeb and other solutions. Updated: October 2024.
814,325 professionals have used our research since 2012.