We performed a comparison between Fortinet FortiWeb and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF)."All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features."
"FortiWeb offers a good price for the marketplace. In the Sri Lankan market, it's hard to find high-end products that can match FortiWeb's pricing. For high-end solutions, the price is always extremely high."
"You have the ability to control everything from one single dashboard."
"One of the big advantages of using Fortinet FortiWeb is all the Fortinet family solutions use the same user interface and logic. This makes it easy to use, configure, manage, and understand if you have used one of their solutions before or are wanting to implement other Fortinet solutions in the future. Additionally, all Fortinet solutions can be managed with one application called FortiManager."
"The ease of configuration is valuable. We have Azure WAF, we have OCI WAF, and we also have Cloud Armor for GCP, but their configuration isn't very easy. It's pretty simple in FortiWeb, and we can enable or configure whatever we want."
"The most valuable features are support and security."
"The most valuable feature is the attack signature and machine learning."
"Fortinet FortiWeb has improved my organization by protecting our customer's web infrastructure environment."
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"Technical support has been helpful and responsive."
"It contains almost all the available exploits and payloads."
"The reporting on the solution is good."
"All of the features are great."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"Rapid7 Metasploit is a useful product."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"It may be better if it were easier to create roles."
"The false positives are annoying."
"For advanced users, it would be really useful to have access and the ability to manipulate packets. If we can access and manipulate the contents of packets, even encrypted packets... that would be powerful. Since we're looking at packets arriving at our network, we would have the private key to access those packets and their information."
"The product’s stability could be improved."
"It would also be helpful if they could introduce easier reporting. It's good to have those reports that go to C-level management, and Fortinet does provide some graphs, but if they went into some more detail, that would be great."
"I would like to see the Application Delivery Control (ADC) and Web Application Firewall (WAF) combined in one device."
"The initial setup in our data center was somewhat complex."
"FortiWeb needs to have support for the newest technology being used in web applications."
"The open-source version has reporting limitations. You need to develop these capabilities yourself. Built-in reporting is an excellent feature for penetration testing, but it isn't a must-have. The solution could also cover more vulnerabilities. Metasploit has around 10,000 exploits in its library, but more is always better."
"It is necessary to add some training materials and a tutorial for beginners."
"The initial setup was a bit "tweaky" for the open-source version."
"The solution is not user-friendly and has room for improvement."
"We'd like them to offer better coverage of malware."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"There are numerous outdated exploits in their database that should be updated."
"I think areas with shortcomings that need improvement are more integration and automation."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Rapid7 Metasploit is ranked 13th in Vulnerability Management with 18 reviews. Fortinet FortiWeb is rated 8.0, while Rapid7 Metasploit is rated 7.6. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Acunetix, Rapid7 InsightVM and Nucleus.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.