Try our new research platform with insights from 80,000+ expert users

Fortinet FortiWeb pros and cons

Vendor: Fortinet

4.0 out of 5

95 reviews
89% willing to recommend

965 followers

Pros & Cons summary

Fortinet FortiWeb offers built-in antivirus, AI-driven threat detection, and strong threat intelligence, providing robust protection against web attacks. It integrates seamlessly with other Fortinet products, enhancing security layers. Praised for high performance and cost-effectiveness, it features a valuable web application firewall. However, improvements in HA architecture, support service, reporting capabilities, and initial setup process are needed. Enhanced threat intelligence and DDoS protection are also recommended for optimizing its comprehensive protection capabilities.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Fortinet FortiWeb offers powerful threat detection and protection capabilities, including antivirus and file security.

High integration with the Fortinet family products enhances overall security architecture and performance.

Fortinet FortiWeb provides comprehensive WAF capabilities, securing web applications against various attacks.

AWS and Azure compatibility offers flexibility in deployment options for cloud-based solutions.

The machine learning capabilities improve its threat detection accuracy, minimizing false negatives.

CONS

Fortinet FortiWeb could offer better integration opportunities and improve integration with non-Fortinet solutions.

Its documentation, especially for advanced features and machine learning, could be improved.

Fortinet FortiWeb requires enhancements in threat intelligence capabilities and logging.

Support and training for Fortinet FortiWeb could be improved; response times and quality of support are inconsistent.

Fortinet FortiWeb is not entirely scalable, with complexities in deployment and integration.

Fortinet FortiWeb Pros review quotes

reviewer2000166

Senior Security Engineer at a financial services firm with 1,001-5,000 employees

Mar 18, 2024

The WAF profiles has been effective at mitigating web-based threats.

Read full review

Blair Griffith-Barwell

Principal Network Architect at a financial services firm with 201-500 employees

Feb 17, 2023

FortiWeb's ease of deployment is what we liked the most about it. Implementing FortiWeb was extremely fast and easy, which was a significant advantage. It comes with several preconfigured rule sets and templates.

Read full review

reviewer2106345

Security Specialist at a manufacturing company with 10,001+ employees

Feb 17, 2023

The ease of configuration is valuable. We have Azure WAF, we have OCI WAF, and we also have Cloud Armor for GCP, but their configuration isn't very easy. It's pretty simple in FortiWeb, and we can enable or configure whatever we want.

Read full review

Fortinet FortiWeb

Free Report: Fortinet FortiWeb Reviews and More

Learn what your peers think about Fortinet FortiWeb. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.

848,716 professionals have used our research since 2012.

reviewer2078280

CTO at a tech services company with 11-50 employees

Jan 19, 2023

When it comes to blocking unknown threats and attacks, I would give it the highest score possible. We first started using AWS and its Web Application Firewalls. That was okay, but it was quite a manual process to keep it up to date, whereas Fortinet is always up to date, and the default rules or the modules that you can turn on are very easy to use.

Read full review

reviewer2100774

Director of IT at a consultancy with 11-50 employees

Feb 13, 2023

Some of the threat detection analytics and the filtering capabilities they give us for filtering a certain type of information that we don't want coming into the site are its valuable features. The analytics are pretty good in terms of being able to see what threats have been detected and mitigated, where they're coming from, and things like that.

Read full review

HB

Network Security Engineer at GAFI

Apr 3, 2024

The product's initial setup phase was straightforward, and since our company didn't have any problems with it, we didn't encounter many problems with the tool.

Read full review

IT Infrastructures Administrator at Esprit

Apr 1, 2024

We can block access using the IP address so no one can connect to our web server or website using the real IP.

Read full review

reviewer1472592

Director at a tech services company with 51-200 employees

Feb 10, 2022

Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them.

Read full review

Director of IT at a software factory

Mar 13, 2023

I like FortiWeb's usability and ease of configuration. It's simple to configure rules and exceptions inside the attack log. We block everything by default. If something isn't working, we ask the system admin to adjust the template and add exceptions.

Read full review

Senior Technical Consultant at PROMOS consult

Jun 16, 2022

One main feature we are very happy about is file security and upload functionality.

Read full review

Show 10 more reviews (out of 81)

Fortinet FortiWeb Cons review quotes

reviewer2000166

Senior Security Engineer at a financial services firm with 1,001-5,000 employees

Mar 18, 2024

For advanced users, it would be really useful to have access and the ability to manipulate packets. If we can access and manipulate the contents of packets, even encrypted packets... that would be powerful. Since we're looking at packets arriving at our network, we would have the private key to access those packets and their information.

Read full review

Blair Griffith-Barwell

Principal Network Architect at a financial services firm with 201-500 employees

Feb 17, 2023

Another area for improvement is logging. When troubleshooting, the logs sometimes take a while to update. We've had people report that some things aren't logged if they're successful. It's a bit hit-and-miss. For example, sometimes people access one of our services, and it's successful, but we don't see that in the logs.

Read full review

reviewer2106345

Security Specialist at a manufacturing company with 10,001+ employees

Feb 17, 2023

The dashboards are not that configurable. Application-specific dashboards can be improved. If we have 50 applications, there should be something to see what's happening with these 50 applications. There could be a graph or a consolidated alert page where all alerts are inbuilt. They have other products that I can use, but this feature should be built into FortiWeb.

Read full review

Fortinet FortiWeb

Free Report: Fortinet FortiWeb Reviews and More

Learn what your peers think about Fortinet FortiWeb. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.

848,716 professionals have used our research since 2012.

reviewer2078280

CTO at a tech services company with 11-50 employees

Jan 19, 2023

It would also be helpful if they could introduce easier reporting. It's good to have those reports that go to C-level management, and Fortinet does provide some graphs, but if they went into some more detail, that would be great.

Read full review

reviewer2100774

Director of IT at a consultancy with 11-50 employees

Feb 13, 2023

Their documentation is fairly complete, but it's sometimes a little bit difficult to search for exactly what you're looking for to resolve an issue. There have been times when we've gone to try to search for areas that we needed to get information on, and it has not always been extremely clear exactly how a particular thing needs to be set up.

Read full review

HB

Network Security Engineer at GAFI

Apr 3, 2024

Though the reporting is a nice aspect associated with the tool, I feel that it has certain shortcomings and can be made better.

Read full review

IT Infrastructures Administrator at Esprit

Apr 1, 2024

Maybe the load balancing options could be enhanced.

Read full review

reviewer1472592

Director at a tech services company with 51-200 employees

Feb 10, 2022

The automation piece can be improved. Although they say it can be automated very well, there is still manual work. Its usability should be improved in terms of automation because we want to build an infrastructure with code, but you can't do that easily with this solution. If they can give us APIs in the firewalls that we can tap into, it would be perfect.

Read full review

Director of IT at a software factory

Mar 13, 2023

We use Kubernetes, so I would like to have a plugin to configure FortiWeb Cloud automatically using Kubernetes Ingress. That would reduce the complexity of setting up an Ingress object in Kubernetes. Some competing solutions help you configure Ingress and Kubernetes automatically.

Read full review

Senior Technical Consultant at PROMOS consult

Jun 16, 2022

The GUI could be better. It's limited.

Read full review

Show 10 more reviews (out of 80)

Product Categories

Product Categories

Web Application Firewall (WAF)

Fortinet Cloud Security

Popular Comparisons

Popular Comparisons

Prisma Cloud by Palo Alto Networks vs Fortinet FortiWeb

Microsoft Azure Application Gateway vs Fortinet FortiWeb

Azure Front Door vs Fortinet FortiWeb

AWS WAF vs Fortinet FortiWeb

F5 Advanced WAF vs Fortinet FortiWeb

NetScaler vs Fortinet FortiWeb

Cloudflare Web Application Firewall vs Fortinet FortiWeb

Imperva Web Application Firewall vs Fortinet FortiWeb

Imperva DDoS vs Fortinet FortiWeb

Akamai App and API Protector vs Fortinet FortiWeb

Azure Web Application Firewall vs Fortinet FortiWeb

Radware Alteon vs Fortinet FortiWeb

NGINX App Protect vs Fortinet FortiWeb

Fastly vs Fortinet FortiWeb

Barracuda Web Application Firewall vs Fortinet FortiWeb

See all alternatives

Product Categories

Product Categories

Web Application Firewall (WAF)

Fortinet Cloud Security

Popular Comparisons

Popular Comparisons

Prisma Cloud by Palo Alto Networks vs Fortinet FortiWeb

Microsoft Azure Application Gateway vs Fortinet FortiWeb

Azure Front Door vs Fortinet FortiWeb

AWS WAF vs Fortinet FortiWeb

F5 Advanced WAF vs Fortinet FortiWeb

NetScaler vs Fortinet FortiWeb

Cloudflare Web Application Firewall vs Fortinet FortiWeb

Imperva Web Application Firewall vs Fortinet FortiWeb

Imperva DDoS vs Fortinet FortiWeb

Akamai App and API Protector vs Fortinet FortiWeb

Azure Web Application Firewall vs Fortinet FortiWeb

Radware Alteon vs Fortinet FortiWeb

NGINX App Protect vs Fortinet FortiWeb

Fastly vs Fortinet FortiWeb

Barracuda Web Application Firewall vs Fortinet FortiWeb

See all alternatives

Related questions

47

Which lesser known firewall product has the best chance at unseating the market leaders?

72

Which WAF solution would you recommend to cater to 100 to 125 concurrent sessions?

89

What do you recommend for a securing Web Application?

34

Fortinet vs Sophos? Help choose a NGFW solution that can replace Microsoft TMG.

69

Imperva WAF vs. Barracuda: Which One is Better?

284

F5 vs. Imperva WAF?

393

When should companies use SSL Inspection?

669

NGFW with URL Filtering vs Web Proxy

1,168

How does a WAF help to protect against DDoS attacks?

32

What's right for me? Fortinet or Citrix?