Try our new research platform with insights from 80,000+ expert users

Fortinet FortiWeb vs Imperva DDoS comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 1, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
74
Ranking in other categories
CDN (1st), Distributed Denial-of-Service (DDoS) Protection (1st), Managed DNS (1st), Cloud Security Posture Management (CSPM) (14th)
Fortinet FortiWeb
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
94
Ranking in other categories
Web Application Firewall (WAF) (5th)
Imperva DDoS
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
77
Ranking in other categories
CDN (7th), Web Application Firewall (WAF) (23rd), Distributed Denial-of-Service (DDoS) Protection (9th)
 

Featured Reviews

Spencer Malmad - PeerSpot reviewer
It's easy to set up because you point the DNS to it, and it's working in under 15 minutes
Cloudflare is highly scalable. Cloudflare is a system with a web portal that the end users like me see. It's a console where we can adjust the DNS, caching, and security features all in that console. Cloudflare owns thousands of servers across the world that cache the data. It's a powerful solution. When clients sign up for Cloudflare, they're getting this monster content delivery network, security, and a web application firewall in one. It's all rolled into one, and it's massive. Unless you have your website hosted on a massive hosting provider, there's no way that you can deliver the amount of data that Cloudflare can provide to the end users. If you have static content, there's no way that you can ever match what Cloudflare can do. Obviously, there are competitors to Cloudflare that do the same, but I'm saying other types of solutions. Let's say you go with F5. Great, that's on-prem. That's in your colo. You can't deliver as much data to the internet as you can with a CDN. You don't have to spend $20,000 on a net scaler, F5, or whatever Cisco's selling now. You don't have to buy that. You pay them $50 a month or $150 a month. It's totally worth it because even in five years, you'll never get the performance value, not just the actual ROI. You have to consider how much throughput you can get with Cloudflare.
Kacem CHAMMALI - PeerSpot reviewer
Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb
The xFF, or X-Forwarded-For feature, IP reputation, and protected hostname. We can block access using the IP address, so no one can connect to our web server or website using the real IP. They need to use the FQDN instead. Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb and the option to protect the hostname. All traffic passes through FortiWeb. Machine learning capabilities in FortiWeb: I don't use machine learning all the time. In the initial phase of FortiWeb deployment, we use the learning process to detect the traffic passing through FortiGate to our website.
Syed Ubaid Ali Jafri - PeerSpot reviewer
I like the content monitoring feature which I haven't seen in other WAF solutions.
They could improve by minimizing false positive results. Although this occurs less with Imperva, we would like to see some further improvements. We have been using this product for last 1 years, it's result is very impressive. But due to the excessive load on the Web site where thousands of requests‎ are generated from legitimate users, however the request in which any sequential or specialised characters are requested would be directly blocked by impreva . Currently imperva blocks the special character request generated from the user, as I conduct a test where I am parsing the encoded html values of the same special characters to the input field, imperva bypasses these encoded values for example : ' i.e. %27 or / i.e %2F, the WAF bypasses these encoded characters. I hope that this device should have a capability to detect the pattern which is associated with Xss or Xsrf, rather then by not blocking the request which contains any special characters.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We're using dynamic components to build flexible pages to create and manage Git merge requests for code and reviews."
"Its most significant benefit to date is the speed with which it refreshes DNS records on the internet once you change it. If you are changing a website or registering a new record, it is very quick."
"Cloudflare allows us to self-host services such as Rocket.Chat and Node-RED, in high-availability mode, thanks to round robin DNS which allows us to share one hostname between our two locations."
"Easier http to https redirect using page rules"
"New and innovative way to protect the client's data."
"The most valuable feature is its usability."
"Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications."
"The solution offers the flexibility to control configuration rules."
"It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs."
"The GUI is user-friendly."
"The product's initial setup phase was straightforward, and since our company didn't have any problems with it, we didn't encounter many problems with the tool."
"We find that it is quite stable and reliable."
"FortiWeb's ease of deployment is what we liked the most about it. Implementing FortiWeb was extremely fast and easy, which was a significant advantage. It comes with several preconfigured rule sets and templates."
"We were able to protect our web servers from outside attacks."
"The most valuable features of FortiWeb include its dashboard and out-of-the-box integrations with other Fortinet products, which enhance its effectiveness."
"The most valuable feature of Fortinet FortiWeb is the ease of integration and configuration."
"The dashboard is good and user-friendly."
"The solution has a very good interface."
"This product is a reliable defense from malicious attacks on a network environment."
"It's very pretty easy to onboard the URL."
"On the real time, you can see live traffic, which is flowing into our website."
"Its unique interface for managing security performance and ease of use are the most valuable features of this solution."
"Gives us the ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action."
"There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well."
 

Cons

"The integration of LLMs on the dashboard is something that is needed in the tool."
"I think the APIs are a little bit hard for us to work with. The APIs could be more open so that we could integrate better with our SolarWinds or our monitoring solution."
"For large enterprises, the pricing is okay. However, the enterprise price for small projects is a bit high. A mid-tier pricing option would be beneficial."
"Support response time could be improved."
"There could be more courses with engineers. I like e-learning, however, having a specialist in a classroom is more comfortable for me."
"If they improve on the placement of their data centers, it would be better. I'm living in a remote area. I would like to connect to them without any kind of lag."
"Cloudflare could be improved by introducing a mid-tier pricing option."
"There are some issues with the CDN services."
"They could integrate some kind of machine learning and AI facilities to automate workflows."
"The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures."
"Sometimes, even if you follow the documentation, it doesn't work as expected."
"We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point."
"Integration and learning about attacks. I would improve these areas by making FortiWeb integrate with other network technologies and feedback from multiple platforms."
"The solution could improve its ease of use and add more advanced WAF features in future releases."
"Their documentation is fairly complete, but it's sometimes a little bit difficult to search for exactly what you're looking for to resolve an issue. There have been times when we've gone to try to search for areas that we needed to get information on, and it has not always been extremely clear exactly how a particular thing needs to be set up."
"It costs too much."
"I would like to see automated reporting to improve visibility."
"Its price could be improved. It is quite expensive. It will be good if we could export the configuration. Currently, to control the configuration, we need to go to each website, which is not very convenient."
"I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall."
"Imperva should have more points of presence in Africa."
"We faced issues regarding compliance with client procedures. The client had strict compliance rules, and Imperva needed to be on a VM, while the client required containerization, causing a conflict. They went with Imperva for the on-premise version but shelved the cloud project due to too many blockers."
"A limited tool if you're looking to customize."
"The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information."
"Analytics in the area of risk need to be improved to supply more information to the users for creating better environments."
 

Pricing and Cost Advice

"So far I use free tier and happy with it. You can subscribe to business package if needed."
"I give the price a five out of ten."
"The product's pricing is minimal compared to other products."
"When you compare Cloudflare DNS to other solutions, such as Akamai, the price is reasonable."
"The price is reasonable."
"The pricing depends on the usage, but the cheapest would be around 5,000 USD a month."
"We are using the free version."
"We don't have any issues with the price."
"The pricing is average; the product is neither particularly expensive nor affordable."
"The pricing is in the middle. I would rate the pricing a five out of ten. It feels like a justified cost for the features."
"Cheaper than others."
"The license to use Fortinet FortiWeb is approximately $14,000."
"It keeps changing, but it's based on the size of the VM you buy and also the traffic throughput you want from it, whereas what we have on Azure is just the traffic throughput. You can also pay on a monthly basis from Azure. During each part of the project, it's okay to get Azure-based licensing or AWS-based licensing for FortiWeb, but over time, you would want to go with the perpetual license. You should go to Fortinet and buy the license from them. So, there is a two-step process there."
"There are no costs in addition to the standard licensing fees."
"The product is expensive. I rate the pricing a ten out of ten."
"It is an expensive suite and it is an expensive solution, but it is a manageable one for an enterprise."
"The solution's price is high for small companies."
"​Although the pricing can be a little high, it is worth the protection and security that it offers.​"
"The cost is on par with other solutions such as Cloudflare and Akamai."
"It is a very expensive solution. The price is very high. A lot of customers tell us that they would love to use Imperva more. I have some customers who have 50 websites, but they have only 10 websites on Imperva because of the price. They would love to have all their websites running through Imperva, but they can't. They have to choose the more critical websites to protect because the price is very high. It is a very good product, but it is too expensive. If you buy a plan for 20 megabytes and you don't consume all of your 20 megabytes, it is okay, but if you consume more, you are charged for the superior traffic."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."
"We are satisfied with the pricing."
"The data packages are higher than our needs so we end up paying for data that we don't use."
"It is not expensive compared to the other similar solutions in this category."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Comparison Review

it_user68487 - PeerSpot reviewer
Nov 6, 2013
CloudFlare vs Incapsula: Web Application Firewall
CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web…
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
13%
Comms Service Provider
9%
Financial Services Firm
8%
Educational Organization
41%
Computer Software Company
9%
Financial Services Firm
7%
Government
5%
Financial Services Firm
17%
Computer Software Company
14%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
What do you like most about Fortinet FortiWeb?
The WAF profiles has been effective at mitigating web-based threats.
What is your experience regarding pricing and costs for Fortinet FortiWeb?
I would rate the licensing cost as seven out of ten, considering it good value for money. The price is affordable and...
What needs improvement with Fortinet FortiWeb?
There is room for improvement in the portability on multi-cloud environments. Enhanced DDoS integration to make Forti...
What do you like most about Imperva Incapsula?
We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.
What is your experience regarding pricing and costs for Imperva DDoS?
The pricing is rated a ten on a scale where ten is very expensive. The solution is only cloud-based and does not prov...
What needs improvement with Imperva DDoS?
Pricing can be improved, as it is quite expensive. Additionally, support response times for emails can sometimes be d...
 

Also Known As

Cloudflare DNS
No data available
Imperva Incapsula
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
Find out what your peers are saying about Fortinet FortiWeb vs. Imperva DDoS and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.