Fortinet FortiWeb Reviews

Mostly we use FortiWeb for replacing reverse proxy from our systems and add some security features to it to protect the web portal we are providing to our customers.  We use it to rewrite URLs and redirect FQDNs, et cetera, et cetera. That's the normal part.

The main feature I like is the ability to redirect web traffic from a readable URL to a real URL. All the security features are good.

One main feature we are very happy about is file security and upload functionality. It will restrict the number of file types that can be uploaded to our portal and prevents any malware. It helps with security.

We had some trouble using some features. Maybe we understood it the wrong way when reading the manual. We had to implement some workarounds to help this problem.

The GUI could be better. It's limited. 

I've been using the solution for one year. 

There are no complaints on our side. The performance and stability are fine. We used to have a cluster of two appliances. Everything seems to be fine when we update the firmware. We haven't had any issues.

The scalability may be slightly limited. We use hardware appliances. We need to buy appliances which have enough performance. You need to think about the sizing before you buy it. Scalability is not really possible with hardware. 

We use it more and more. We are going to migrate all the connections which are directed to a proxy to the classification firewall.

Normally, technical support is very good. All the tickets I opened have been solved in an average time.

Positive

It was the very first time that we used a web application firewall. We never used anything before.

We had some difficulties at the beginning in terms of setting it up. It was a very new product for us. We never had web protection firewalls before. We had some support from our supplier, so we referred to the initial implementation to get it done with external support.

I'd rate the ease of implementation at a three out of five. 

From a technical perspective, the deployment does not take a long time. Our problem internally was the organization and the planning as well as the communication with the other teams. That's what took so long. We started maybe one and a half years ago with the implementation and productive status was reached at the end of 2021. That's a long time. That said, one would say the management is at fault, not the actual technical staff.

At a cluster, so single point of failure, all this stuff, it kind of took around 24 hours to get it up. The offline time was very difficult, however.

We have two good people on staff that can handle deployment and maintenance. We are looking for another employee in the market, however, it's been very difficult to find someone.

The implementation was done in-house with some help from our supplier.

We have not noted an ROI yet.

We actually expanded our subscription for the next three years. I don't remember the exact price. It should be somewhere about 36,000 Euros. That's the cost for three years. It's moderately priced. I'd rate the general cost at a three out of five. 

We thought about other options, however, since we had a very good experience with the FortiGate Firewall, I decided to buy FortiWeb. They operate well together. 

We are just customers and end-users.

Potential new users should compare different products from different vendors to make a decision on a web application firewall. It doesn't matter if it is FortiWeb, or F5, or something else, just take some time to compare. 

I'd rate the solution six out of ten.

We have deployed a couple of projects for our customers to protect their online e-commerce systems. They have web-based applications for online ordering, for example, for online ordering from a hypermarket. It seems to be a very good solution. We have replaced the existing Barracuda devices of a customer. We deal with the latest version of Fortinet FortiWeb.

The customers are very happy with this solution because of two things. First, the IPS integration with a web application is very tightly done on Fortinet. Second, the ease of use is there. The management interface or the GUI interface is very easy to use, configure, and manage. These are the two main valuable features.

It supports integration with other Fortinet products. It also integrates very well with the firewall and sandboxing technology. They already have enough integration with different technologies. They have got a complete tech intelligence view of the whole product. 

They could improve their support a little bit for faster response time. 

I have been using Fortinet FortiWeb for two years.

It is very stable.

It is very scalable. The web application firewall is protecting the web servers in an organization from outside to inside. It probably has more than 1,000 users.

Their technical support needs a little bit of improvement in terms of faster response time.

The initial setup is very straightforward. It took about 30 to 40 minutes for one web application for default settings. If you want to go with complex settings, then it would probably take three to four days to understand the application backend and everything else.

We used a system integrator. One Admin is more than enough to deploy and maintain it. It is very stable and easy to configure and deploy.

Its subscription prices are cheaper, and it is not very expensive. From a price perspective, Fortinet is a very well-known security vendor.

Subscriptions are very simple. They have a couple of licenses on an appliance, and that's it. The cost is not that big. One license is 40K, which they give with all the products. Another one includes the subscriptions for threat prevention, IPS, sandboxing, etc, which is more than enough.

Fortinet FortiWeb is rated as one of the top WAF devices in many of the independent research reports. Our customers find Fortinet FortiWeb much better than other solutions. 

We plan to continue using this solution if an opportunity is there. It depends on the customer's requirements. If a customer is going for an online e-commerce website, we would always recommend going with Fortinet FortiWeb. 

I would rate Fortinet FortiWeb an eight out of ten.

I used FortiWeb, and I was looking if the SIPTNA from Symantec had something to do with the one from Fortinet. I am a consultant and I propose Fortinet products to my customers. I usually recommend FortiWeb for companies that are looking for a WAF.

It's really easier for them to integrate. Sometimes we help them, and once it's integrated, it doesn't have a lot of requirements from their side. They just have to keep the site going with their security assessment. They do not need for us to help them more.

Usually, people want to change, solutions and we recommend that it is easy to use. Even though most products have the same functionality nowadays, FortiWeb is easy to integrate.

Fortinet's technical support is pretty slow, especially when you have quick questions. The support kind of delays itself and sometimes takes more time. That's the only thing that I can think of at the moment.

Fortinet's technical support is pretty slow and kind of delays itself when you have quick questions.

Positive

I was using another solution. I just wanted to research it to see if it had something extra. It was just some research for a project. I just wanted to know if any of them had some qualities that seemed similar to Symantec.

It's true that we are the ones that usually deploy it for our clients. Since we do it for many of them, we think it's really easy. But as for many products, it's really straightforward.

We are the ones that usually deploy it for our clients. Since we do it for many of them, we think it's really easy.

It's better. Yeah, it's really good. It's one of the main points why we offer it. Since we are partners with them, sometimes we offer our customers a lower price.

The clients that we know use both FortiWeb and Symantec. I used FortiWeb, and I was looking if the SIPTNA from Symantec had something to do with the one from Fortinet.

I would recommend FortiWeb for web application security. Most products work the same despite being different solutions.

I'd rate the solution nine out of ten.

FortiWeb is used for protecting against malicious activities, such as SQL injections, for outward-facing web forms.

The most valuable features of FortiWeb include its dashboard and out-of-the-box integrations with other Fortinet products, which enhance its effectiveness. FortiWeb's position as part of the Fortinet platform makes it particularly beneficial for Fortinet customers, offering seamless integration and operational cost savings.

There is room for improvement in the portability on multi-cloud environments. Enhanced DDoS integration to make FortiWeb more unified with other Fortinet products could be beneficial.

I have personally been working with FortiWeb for approximately two years.

I would rate the stability of FortiWeb as nine out of ten, indicating highly stable performance.

I would rate the scalability of the product a seven out of ten. While it is multicloud-enabled, there is more automation in other products that may better suit complex environments.

I would rate the customer service and support as nine out of ten.

Positive

Our team, consisting of three certified Fortinet engineers, handles the deployment, although globally, Exclusive Networks has a large team of certified engineers.

Operational costs decrease when using FortiWeb within the Fortinet stack due to integrated assessments and security event management.

I would rate the licensing cost as seven out of ten, considering it good value for money. The price is affordable and reasonable for the features offered.

We also work with other vendors such as F5, Proofpoint, and Palo Alto, however, Fortinet stands out for its holistic vision of cybersecurity.

Overall, I would rate FortiWeb an eight out of ten for existing Fortinet customers due to its seamless integration and good value for money.

The solution's most valuable feature is its security profile. 

The solution could improve its ease of use and add more advanced WAF features in future releases.

I have been working with the product for more than five years. 

I've worked with both F5 and Fortinet and find F5 to be much better. F5 is easier to implement, more compatible with applications, and more robust and stable. Regarding securing applications behind the WAF, F5 generally provides better security.

The solution's implementation is not complex and depends on the number and complexity of customers' applications. 

Fortinet FortiWeb's pricing is reasonable. Its licensing costs are yearly. 

The product has been in the WAF business for a long time. Its maturity cannot be compared to other alternatives. Based on my experience with Fortinet FortiWeb, I'd recommend it in specific cases, especially if you have a limited budget. It can meet basic requirements. However, other vendors have better features and support. I rate the overall product a six out of ten. 

We primarily view the VPN net and use the WAF as our web protection.

The interface is very straightforward and easy to use.

It's stable. 

The support is quite good.

We found the initial setup pretty simple. 

Sometimes, even if you follow the documentation, it doesn't work as expected. 

The solution can be a bit pricey.

I've used the solution for about one year, or maybe a bit more than that.

Sometimes it is not as stable as it could be. We've had some issues. Sometimes the loading will be disrupted for no apparent reason. It might be due to the WAF.

We have not tested the scalability of the product.

We have two people working on the solution right now. 

It's possible that we will scale the solution in the future. There is the potential that we will use it on another project.

We have contacted support for reliability issues, and they have been able to resolve everything within a matter of hours. They are very quick. 

Positive

We previously used F5. F5 needs a bit of a higher skill set. It takes some experience to operate.

The implementation took about two months. It's not so hard to set everything up. It's easier than, for example, F5, to set up.

In terms of maintenance, for WAF, I need about three people to handle various tasks. 

We hired a consultant to assist us during the setup. The consultant helped my people learn the process so we could become self-sufficient. 

We have not seen any ROI at this time. 

The solution is a little expensive. I'd rate it a three out of five in terms of affordability.

I cannot speak to the exact price we pay for the product.

We didn't really look into other options as my boss is pretty well versed in other options. However, we are always looking into comparisons. 

We are using the latest version of the solution.

I'd rate the solution an eight out of ten.

The support services, performance, and pricing are all valuable features. The performance is excellent.

The initial setup process could be improved.

I've been working with this solution for two years.

It is deployed both on-premises and on the cloud.

In general, we have small projects, so the scalability has been fine for our clients.

As for users, we have, in general, 50 to 100 clients.

My colleagues at the network operations center have contacted technical support. I would rate technical support at eight on a scale from one to ten.

Positive

We sell and work with several options, but we feel comfortable with Fortinet FortiWeb because the performance and feedback are great.

In general, the initial setup is easy, and I would rate it at four out of five.

I deployed it myself.

There's only one payment for the duration of the license. On a scale from one to five, I would rate pricing at four.

I have not encountered any additional costs on my projects involving Fortinet FortiWeb.

I sell or presell, and in general, the feedback is great. In fact, I think that Fortinet FortiWeb is number one in terms of performance.

I am using FortiWeb as a web application firewall and as a load balancer for HTTP applications. 

The most valuable feature is ease of use.

It has an all-in-one license, unlike F5 where you need separate licenses for the antivirus, IP reputation, denial of service attacks, etc. With FortiWeb, the all-in-one license is one of the most beneficial features.

I would like to see the Application Delivery Control (ADC) and Web Application Firewall (WAF) combined in one device. For example, if I have one device that costs $2,600 USD then it can have two licenses, where it can operate as a load balancer as well as a WAF.

We have been using FortiWeb for three years.

This is a good solution, stability-wise.

FortiWeb is a scalable product and we have about 3,000 users.

That said, we need to purchase a model with more capacity because this is a small one, and our business has expanded in the past three years.

We have been in contact with technical support and we are satisfied with them.

We did not use another similar solution before choosing FortiWeb.

The initial setup is straightforward.

Any FortiWeb deployment needs about two weeks because when it is first implemented, in phase one, machine learning takes place. It is needed because every application needs some customization. FortiWeb needs approximately two weeks to build this profile. After that, an expert will do some fine-tuning on the profile and the appliance will start to work.

During the deployment, we used a system integrator, but after that, we can manage it by ourselves. Our network team has seven people including one technician, one manager, and five administrators.

There are no licensing costs.

In summary, this is a good product and I can recommend it for others.

I would rate this solution an eight out of ten.