Try our new research platform with insights from 80,000+ expert users

Fortinet FortiWeb vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 2, 2024
 

Categories and Ranking

Cloudflare
Sponsored
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
71
Ranking in other categories
CDN (1st), Distributed Denial-of-Service (DDoS) Protection (1st), Managed DNS (1st), Cloud Security Posture Management (CSPM) (14th)
Fortinet FortiWeb
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
93
Ranking in other categories
Web Application Firewall (WAF) (4th)
Prisma Cloud by Palo Alto N...
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
108
Ranking in other categories
Web Application Firewall (WAF) (5th), Container Security (1st), Cloud Workload Protection Platforms (CWPP) (1st), Cloud Security Posture Management (CSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st)
 

Featured Reviews

Spencer Malmad - PeerSpot reviewer
It's easy to set up because you point the DNS to it, and it's working in under 15 minutes
Cloudflare is highly scalable. Cloudflare is a system with a web portal that the end users like me see. It's a console where we can adjust the DNS, caching, and security features all in that console. Cloudflare owns thousands of servers across the world that cache the data. It's a powerful solution. When clients sign up for Cloudflare, they're getting this monster content delivery network, security, and a web application firewall in one. It's all rolled into one, and it's massive. Unless you have your website hosted on a massive hosting provider, there's no way that you can deliver the amount of data that Cloudflare can provide to the end users. If you have static content, there's no way that you can ever match what Cloudflare can do. Obviously, there are competitors to Cloudflare that do the same, but I'm saying other types of solutions. Let's say you go with F5. Great, that's on-prem. That's in your colo. You can't deliver as much data to the internet as you can with a CDN. You don't have to spend $20,000 on a net scaler, F5, or whatever Cisco's selling now. You don't have to buy that. You pay them $50 a month or $150 a month. It's totally worth it because even in five years, you'll never get the performance value, not just the actual ROI. You have to consider how much throughput you can get with Cloudflare.
Kacem CHAMMALI - PeerSpot reviewer
Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb
The xFF, or X-Forwarded-For feature, IP reputation, and protected hostname. We can block access using the IP address, so no one can connect to our web server or website using the real IP. They need to use the FQDN instead. Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb and the option to protect the hostname. All traffic passes through FortiWeb. Machine learning capabilities in FortiWeb: I don't use machine learning all the time. In the initial phase of FortiWeb deployment, we use the learning process to detect the traffic passing through FortiGate to our website.
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is very good at mitigating threats."
"I rate its stability a ten out of ten."
"Cloudflare allows us to self-host services such as Rocket.Chat and Node-RED, in high-availability mode, thanks to round robin DNS which allows us to share one hostname between our two locations."
"I get a lot of value from Cloudflare's API because it enables you to build a separate environment inside the solution. You can create a domain for performing test requests before you move to the production environment and connect various domains."
"Easier http to https redirect using page rules"
"The technical support is good."
"The solution is stable, and the DNS servers are simple to use."
"When using services like Heroku, Cloudflare is very useful for CNAME flattening. I also use it for their end-to-end SSL with TLS authentication on nginx for securing servers."
"The support is quite good."
"When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up."
"Before a platform faces the internet, Fortinet FortiWeb inspects the traffic."
"It can scale well."
"The policies and the filtering are the most valuable features, especially traffic, URL, and application filtering. The solution is excellent at detecting vulnerabilities."
"It is easy to install and to maintain."
"Fortinet FortiWeb is priced well."
"Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.)."
"Comprehensive and valuable for providing security. It is scalable, its stability is impressive, and setting it up is straightforward."
"I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent."
"We found it to be easy and flexible. We could easily configure it for our needs, and we could spread the Prisma Cloud platform to 16 countries without encountering any kind of problem."
"I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions."
"We are provided with a single tool to protect all of our cloud resources and applications without having to manage and reconcile compliance reports."
"CSPM is very useful because it gives us good policies and violation alerts."
"It has helped us build confidence in our security and compliance. Prisma Cloud enables us to implement all these SOC 2 compliances and check the security. It provides visibility and control regardless of how complex our environment is."
"The UI is very good. We get all the things within a single UI."
 

Cons

"It should be easier to collect the logs with companies like Sumo. However, based on my discussions with the salespeople, I understand that's how they make their money. With the enterprise product, they want people doing those kinds of enterprise features to do the logging. They want them to pay a lot of money, and that's where I have an issue with them. That should be a default. You should be able to get the log no matter what. The logging should be universal."
"There should be a specific price list for enterprise-level customers."
"I think the APIs are a little bit hard for us to work with. The APIs could be more open so that we could integrate better with our SolarWinds or our monitoring solution."
"DNS Management."
"It would be helpful if the solution could continue evolving to compete with the other solutions on the market."
"It should confirm audit findings of the assigned area with auditees to ensure that the audit conclusions are based on an accurate understanding of the issues."
"It would be good if Cloudflare could have more servers for better traffic routing or an increase in the traffic routed. This is what I'd like to improve in Cloudflare."
"The solution could be more user-friendly."
"It would also be helpful if they could introduce easier reporting. It's good to have those reports that go to C-level management, and Fortinet does provide some graphs, but if they went into some more detail, that would be great."
"FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection."
"The memory use in each of the appliances is problematic."
"HA Architecture needs improvement. I would improve it by working on AP HA."
"If the price was lower, it would be a bit more attractive, as an option, to the customers."
"For advanced users, it would be really useful to have access and the ability to manipulate packets. If we can access and manipulate the contents of packets, even encrypted packets... that would be powerful. Since we're looking at packets arriving at our network, we would have the private key to access those packets and their information."
"Fortinet FortiWeb could improve in reference architecture for different deployment scenarios."
"I see no room for improvement at the moment."
"Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to."
"They should improve the user experience."
"The regional cost of Prisma Cloud in South Africa is high and could be improved."
"The solution does not currently support servers for GCP."
"Technical support could use some improvement."
"The Application Security dashboard was not as user-friendly as the Cloud Security dashboard."
"More documentation with real-world use cases would be helpful."
"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."
 

Pricing and Cost Advice

"The price of the solution is expensive."
"The pricing depends on the usage, but the cheapest would be around 5,000 USD a month."
"The cost primarily depends on the size of the organization."
"In terms of licensing costs, we don't pay for licensing for Cloudflare. We only establish communication, then for peering, Cloudflare takes care of the cross-connection in different data centers."
"Cloudflare's pricing is not much higher and is good for middle-level organizations."
"We are using the free tier of the solution."
"The solution is expensive when compared to other products but offers unlimited bandwidth."
"I believe their performance has improved, but I'd like to refrain from discussing the pricing aspect related to the cloud. The pricing, in my opinion, could be simplified, and I think they should consider reevaluating the pricing for support, as it can be quite high. At times, this cost can make it challenging to choose CARFAGuard or opt for the support."
"Fortinet FortiWeb's pricing is reasonable. Its licensing costs are yearly."
"When I use any other firewall, I have to take a license. It could be a perpetual license or subscription-based. In both cases, we have to pay some amount in advance, whereas in the case of FortiWeb, when using it as a service, I am paying half a dollar only for the domain name, and then I am paying based on the traffic or the number of requests."
"The price is competitive."
"The costs are standard. We pay around $1,600 yearly."
"The price of Fortinet FortiWeb is expensive in our Ethiopian currency."
"The product is expensive. I rate the pricing a ten out of ten."
"Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes."
"Previously, for each project, the cost was $800 to $1,000 per application. Now, it's $100 to $120. For some of the applications, there is a 90% reduction, and for some of the applications, there is a 50% reduction. We're paying only $500 to $600."
"We are encountering some resistance in the African market regarding the cost of Prisma Cloud."
"I wouldn't mind if it were cheaper. We are spending a fair amount of money on Prisma Cloud."
"The product is very expensive, but the cost is a necessary evil; I don't know how we could have any kind of cloud presence without this type of monitoring. The pricing is calculated by module and resource usage. Ultimately, it saves us money in the amount of time we would spend uncovering what it uncovers, and we might not make the required discoveries without it anyway. Prisma offers incredible value, though I wish it were cheaper."
"The price is high. In the future, when there are more competitors at the same level with different clouds, maybe the position will be different."
"Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
"The pricing of the solution is fair."
"This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive."
"The purchasing process was easy and quick. It is a very economical solution."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
824,145 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
25%
Computer Software Company
13%
Comms Service Provider
7%
Financial Services Firm
7%
Educational Organization
43%
Computer Software Company
9%
Financial Services Firm
8%
Government
4%
Educational Organization
17%
Financial Services Firm
13%
Computer Software Company
12%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
What do you like most about Fortinet FortiWeb?
The WAF profiles has been effective at mitigating web-based threats.
What is your experience regarding pricing and costs for Fortinet FortiWeb?
The pricing of Fortinet FortiWeb is affordable and competitive.
What needs improvement with Fortinet FortiWeb?
I see no room for improvement at the moment.
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

Cloudflare DNS
No data available
Palo Alto Networks Prisma Cloud, Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Fortinet FortiWeb vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: December 2024.
824,145 professionals have used our research since 2012.