FortiWeb's ease of deployment is what we liked the most about it. Implementing FortiWeb was extremely fast and easy, which was a significant advantage. It comes with several preconfigured rule sets and templates.
Security Specialist at a manufacturing company with 10,001+ employees
Feb 17, 2023
The ease of configuration is valuable. We have Azure WAF, we have OCI WAF, and we also have Cloud Armor for GCP, but their configuration isn't very easy. It's pretty simple in FortiWeb, and we can enable or configure whatever we want.
CTO at a tech services company with 11-50 employees
Jan 19, 2023
When it comes to blocking unknown threats and attacks, I would give it the highest score possible. We first started using AWS and its Web Application Firewalls. That was okay, but it was quite a manual process to keep it up to date, whereas Fortinet is always up to date, and the default rules or the modules that you can turn on are very easy to use.
Director of IT at a consultancy with 11-50 employees
Feb 13, 2023
Some of the threat detection analytics and the filtering capabilities they give us for filtering a certain type of information that we don't want coming into the site are its valuable features. The analytics are pretty good in terms of being able to see what threats have been detected and mitigated, where they're coming from, and things like that.
The product's initial setup phase was straightforward, and since our company didn't have any problems with it, we didn't encounter many problems with the tool.
Director at a tech services company with 51-200 employees
Feb 10, 2022
Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them.
I like FortiWeb's usability and ease of configuration. It's simple to configure rules and exceptions inside the attack log. We block everything by default. If something isn't working, we ask the system admin to adjust the template and add exceptions.
Senior Security Engineer at a financial services firm with 1,001-5,000 employees
Mar 18, 2024
For advanced users, it would be really useful to have access and the ability to manipulate packets.
If we can access and manipulate the contents of packets, even encrypted packets... that would be powerful. Since we're looking at packets arriving at our network, we would have the private key to access those packets and their information.
Another area for improvement is logging. When troubleshooting, the logs sometimes take a while to update. We've had people report that some things aren't logged if they're successful. It's a bit hit-and-miss. For example, sometimes people access one of our services, and it's successful, but we don't see that in the logs.
Security Specialist at a manufacturing company with 10,001+ employees
Feb 17, 2023
The dashboards are not that configurable. Application-specific dashboards can be improved. If we have 50 applications, there should be something to see what's happening with these 50 applications. There could be a graph or a consolidated alert page where all alerts are inbuilt. They have other products that I can use, but this feature should be built into FortiWeb.
CTO at a tech services company with 11-50 employees
Jan 19, 2023
It would also be helpful if they could introduce easier reporting. It's good to have those reports that go to C-level management, and Fortinet does provide some graphs, but if they went into some more detail, that would be great.
Director of IT at a consultancy with 11-50 employees
Feb 13, 2023
Their documentation is fairly complete, but it's sometimes a little bit difficult to search for exactly what you're looking for to resolve an issue. There have been times when we've gone to try to search for areas that we needed to get information on, and it has not always been extremely clear exactly how a particular thing needs to be set up.
Director at a tech services company with 51-200 employees
Feb 10, 2022
The automation piece can be improved. Although they say it can be automated very well, there is still manual work. Its usability should be improved in terms of automation because we want to build an infrastructure with code, but you can't do that easily with this solution. If they can give us APIs in the firewalls that we can tap into, it would be perfect.
We use Kubernetes, so I would like to have a plugin to configure FortiWeb Cloud automatically using Kubernetes Ingress. That would reduce the complexity of setting up an Ingress object in Kubernetes. Some competing solutions help you configure Ingress and Kubernetes automatically.
