Fortinet FortiWeb vs NGINX App Protect comparison

Fortinet and F5 are both solutions in the Web Application Firewall (WAF) category. Fortinet is ranked #4 with an average rating of 7.7, while F5 is ranked #16 with an average rating of 8.8. Fortinet holds a 8.4% mindshare in WAF, compared to F5’s 2.2% mindshare. Additionally, 89% of Fortinet users are willing to recommend the solution, compared to 95% of F5 users who would recommend it.

Fortinet FortiWeb

Read 92 Fortinet FortiWeb reviews

8,228 Views
5,709 Comparison Views

89% willing to recommend

NGINX App Protect

Read 22 NGINX App Protect reviews

2,551 Views
1,900 Comparison Views

95% willing to recommend

Fortinet FortiWeb

NGINX App Protect

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Fortinet FortiWeb and NGINX App Protect based on real PeerSpot user reviews.

Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Fortinet FortiWeb vs. NGINX App Protect Report (Updated: October 2024).

Buyer's Guide

Fortinet FortiWeb vs. NGINX App Protect

October 2024

Download the complete report

Helped 815,854 peers since 2012

Categories and Ranking

Fortinet FortiWeb

Ranking in Web Application Firewall (WAF)

4th

Average Rating

7.8

Number of Reviews

Ranking in other categories

No ranking in other categories

NGINX App Protect

Ranking in Web Application Firewall (WAF)

16th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Container Security (21st), API Security (4th)

Mindshare comparison

As of November 2024, in the Web Application Firewall (WAF) category, the mindshare of Fortinet FortiWeb is 8.4%, up from 7.4% compared to the previous year. The mindshare of NGINX App Protect is 2.2%, down from 2.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Web Application Firewall (WAF)

Featured Reviews

Kacem CHAMMALI

IT Infrastructures Administrator at Esprit

Apr 1, 2024

Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb

The xFF, or X-Forwarded-For feature, IP reputation, and protected hostname. We can block access using the IP address, so no one can connect to our web server or website using the real IP. They need to use the FQDN instead. Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb and the option to protect the hostname. All traffic passes through FortiWeb. Machine learning capabilities in FortiWeb: I don't use machine learning all the time. In the initial phase of FortiWeb deployment, we use the learning process to detect the traffic passing through FortiGate to our website.

Read full review

Tomaz Sobczak

Security System Engineer at Ascomp S.A.

Jun 25, 2024

Signature-based detection, DOS protection, and bot protection

NGINX App Protect is easier to automate and configure, or manage from an API. This is good for securing applications. However, it's not suitable for more complex tasks. NGINX App Protect positively impacted performance changes. There's a cache or it works like a proxy, so it can speed up…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"When it comes to blocking unknown threats and attacks, I would give it the highest score possible. We first started using AWS and its Web Application Firewalls. That was okay, but it was quite a manual process to keep it up to date, whereas Fortinet is always up to date, and the default rules or the modules that you can turn on are very easy to use."

"The product has a very user-friendly dashboard."

"It's easy to use and allows us to integrate solutions together."

"The initial setup is pretty straightforward."

"SSL Offloading simplifies the public certificate handling and brings additional protection features."

"FortiWeb provides the level of security we need at an excellent price point. It's easy to deploy and operationally efficient."

"FortiWeb offers a good price for the marketplace. In the Sri Lankan market, it's hard to find high-end products that can match FortiWeb's pricing. For high-end solutions, the price is always extremely high."

"The customers are very happy with this solution because of two things. First, the IPS integration with a web application is very tightly done on Fortinet. Second, the ease of use is there. The management interface or the GUI interface is very easy to use, configure, and manage. These are the two main valuable features. It supports integration with other Fortinet products. It also integrates very well with the firewall and sandboxing technology. They already have enough integration with different technologies. They have got a complete tech intelligence view of the whole product."

More Fortinet FortiWeb pros

"The tool's most valuable feature is the OWASP certification. Additionally, the tool's ability to enforce strong passwords and OTP within minutes is impressive. With its analytics and recommendations, it is a very good solution."

"The most valuable feature of NGINX App Protect is the reverse proxy."

"The stability of the product is very impressive since it handles 60,000 to 70,000 requests or transactions per second."

"NGINX App Protect has complete control over the HTTP session."

"It's very easy to deploy."

"The tool is not complex and is very user-friendly."

"I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes."

"The initial setup was simple and took three to four days."

More NGINX App Protect pros

Cons

"Fortinet WAF came out recently, and there is not much feedback about customer experience. For each project, customers ask about the scenarios and references of the customers who have implemented this solution, which we don't have. They need to simplify the customer experience and provide more information so that we can propose Fortinet Fortiweb as a WAF solution to customers and convince them. They need to improve their service and training. We need good training to implement and use it properly and know more about it. We still don't know much about Fortinet WAF. We didn't get any proper training sessions. Other vendors like Cisco, Palo Alto, Check Point, and Barracuda provide such sessions. Whenever we receive a request from a customer for this solution, we just give the price. We don't propose this solution because we don't know much about it. We propose whatever we are familiar with and what is supported."

"I would like to see more improvements with respect to threat intelligence."

"I had some small problems when I was upgrading firmware. After the upgrade, some of my certificates were deleted."

"In terms of performance, it needs to be more robust."

"Lacks functionalities that are available in other solutions."

"Its threat intelligence capabilities may not be as advanced as some competitors."

"I see no room for improvement at the moment."

"The integration with other products should be improved."

More Fortinet FortiWeb cons

"The dashboard could provide a more comprehensive view of the status of the connections."

"The integration of NGINX App Protect could improve."

"The solution needs to be improved in the e-commerce portal."

"The product's price is high, making it an area of concern where improvements are required. The tool's licensing model is also not good."

"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."

"I encountered issues with NGINX App Protect while trying to upgrade custom rules."

"Currently, the policies have to be handled manually, and you have to create from scratch, which can be a bit time-consuming, in a large environment."

"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."

More NGINX App Protect cons

Pricing and Cost Advice

"It should be somewhere about 36,000 Euros. That's the cost for three years. It's moderately priced."

"FortiWeb offers these services at a price that SME customers can afford, but it's also suitable for large enterprises. Still, they need to put in more work to gain a greater share of enterprise business because they face stiff competition in this segment from F5, Cloudflare, and some others."

"The solution is very inexpensive when compared to F5 Advanced WAF and Avi Networks but offers the same benefits."

"The price of Fortinet FortiWeb is expensive in our Ethiopian currency."

"The cost isn't expensive."

"The pricing is in the middle. I would rate the pricing a five out of ten. It feels like a justified cost for the features."

"The product is expensive. I rate the pricing a ten out of ten."

"The pricing is reasonable."

More Fortinet FortiWeb pricing and cost advice

"Really understand the licensing model, because we underestimated that."

"The pricing is reasonable because NGINX operates on an instance basis."

"The solution's price is reasonable."

"There is a license needed to use NGINX App Protect."

"The price of NGINX App Protect is approximately $3,000 annually. All of our licenses are observed by a managed service partner."

"NGINX is not expensive."

"The licensing fees for this solution are pretty expensive for what it does, but there is no alternative."

"There is a monthly or annual subscription to use NGINX App Protect. There are not any additional costs to the subscription."

More NGINX App Protect pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.

See recommendations

815,854 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

42%

Computer Software Company

10%

Financial Services Firm

Government

Computer Software Company

20%

Financial Services Firm

13%

Manufacturing Company

Energy/Utilities Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Fortinet FortiWeb?

The WAF profiles has been effective at mitigating web-based threats.

See all answers

What is your experience regarding pricing and costs for Fortinet FortiWeb?

It's better. Yeah, it's really good. It's one of the main points why we offer it. Since we are partners with them, sometimes we offer our customers a lower price.

See all answers

What needs improvement with Fortinet FortiWeb?

Fortinet's technical support is pretty slow, especially when you have quick questions. The support kind of delays itself and sometimes takes more time. That's the only thing that I can think of at ...

See all answers

What do you like most about NGINX App Protect?

It's very easy to deploy.

See all answers

What is your experience regarding pricing and costs for NGINX App Protect?

The product's price is high.

See all answers

What needs improvement with NGINX App Protect?

The product's price is high, making it an area of concern where improvements are required. The tool's licensing model is also not good. The product should have more documentation, especially like t...

See all answers

Comparisons

F5 Advanced WAF vs Fortinet FortiWeb

Compared 23% of the time

Fortinet FortiADC vs Fortinet FortiWeb

Compared 16% of the time

Cloudflare Web Application Firewall vs Fortinet FortiWeb

Compared 7% of the time

AWS WAF vs Fortinet FortiWeb

Compared 6% of the time

Cloudflare vs Fortinet FortiWeb

Compared 2% of the time

More Fortinet FortiWeb Competitors

Microsoft Azure Application Gateway vs NGINX App Protect

Compared 21% of the time

AWS WAF vs NGINX App Protect

Compared 11% of the time

F5 Advanced WAF vs NGINX App Protect

Compared 11% of the time

open-appsec vs NGINX App Protect

Compared 8% of the time

Akamai API Security vs NGINX App Protect

Compared 7% of the time

More NGINX App Protect Competitors

Product Reports

Buyer's Guide

Fortinet FortiWeb

November 2024

Download Fortinet FortiWeb product report

Buyer's Guide

NGINX App Protect

November 2024

Download NGINX App Protect product report

Also Known As

No data available

NGINX WAF, NGINX Web Application Firewall

Learn More

Fortinet

Overview

Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

Fortinet FortiWeb Features and Benefits

APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.
Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.
Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.
Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.
ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.
False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

Reviews from Real Users

Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:

Integrating security controls directly into the development automation pipeline
Applying and managing security for modern and distributed application environments such as containers and microservices
Providing the right level of security controls without impacting release and go-to-market velocity
Complying with security and regulatory requirements

NGINX App Protect offers:

Expanded security beyond basic signatures to ensure adequate controls
F5 app‑security technology for efficacy superior to ModSecurity and other WAFs
Confidently run in “blocking” mode in production with proven F5 expertise
High‑confidence signatures for extremely low false positives
Increases visibility, integrating with third‑party analytics solutions
Integrates security and WAF natively into the CI/CD pipeline
Deploys as a lightweight software package that is agnostic of underlying infrastructure
Facilitates declarative policies for “security as code” and integration with DevOps tools
Decreases developer burden and provides feedback loop for quick security remediation
Accelerates time to market and reduces costs with DevSecOps‑automated security

Sample Customers

Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG

Information Not Available

Buyer's Guide

Fortinet FortiWeb vs. NGINX App Protect

October 2024

Free Report: Fortinet FortiWeb vs. NGINX App Protect

Find out what your peers are saying about Fortinet FortiWeb vs. NGINX App Protect and other solutions. Updated: October 2024.

DOWNLOAD NOW

815,854 professionals have used our research since 2012.

See our Fortinet FortiWeb vs. NGINX App Protect report.

See our list of best Web Application Firewall (WAF) vendors.

We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.