Fortinet FortiWeb Reviews

We use FortiWeb for protecting web applications.

The product has a very user-friendly dashboard.

The software's support services could be better compared to Sophos.

The product's scalability could be better compared to Sophos.

It is challenging to communicate with the FortiWeb's support team.

We use Sophos as well.

FortiWeb's configuration process is more difficult than Sophos. I rate the process a one out of ten.

The product is expensive. I rate the pricing a ten out of ten.

I rate FortiWeb a five out of ten.

We are partners with Fortinet. We specialize in power customers. We use many products like FortiGate, FortiWeb, FortiAnalyzer, FortiSIEM, and FortiSandbox.

All the FortiGate products are new, even the Fortinet switches we are selling to our customers. We also install and configure the network for our customers.

With this product, you can secure all the Fortinet products together. I'm an entrepreneur. Most people fail in the publication of a firewall.

FortiWeb offers machine learning in the latest product. Before that, there was an auto-learning feature. This fixed many problems. There are no false negatives now. 

Fortinet FortiWeb now has artificial intelligence and machine learning.

What I would like to see improved in Fortinet FortiWeb will probably be included in the next release. The legal feature needs better step-by-step use of the form. 

We use the FortiGate guidebook for step-by-step instructions. But the FortiWeb guidebook is only is a demonstration kit which is not enough for a new installation.

FortiWeb is a stable solution.

Fortinet FortiWeb is not scalable. There is a model and a license if you want to use it. You'll need more budget to change the hardware. FortiWeb is not scalable on the same plan.

The initial setup is not simple for all the products. Some Fortinet products vary, but overall it is straightforward.

In the version of Fortinet FortiWeb that we have, it does not include the scanner. We cannot access every feature. If you have all the popular products, you can use the system perfectly to connect everything. 

Fortinet can improve the security firebase in support for HTTPS and the CPU with additional configurations. On a scale from 1 to 10, I would rate Fortinet FortiWeb a two.

Security.

• Web application security features, because they are more effective
• Stability 
• Auto Learn feature: Makes policy additions or deletions for my customers very simple

HA Architecture. I would improve it by working on AP HA.

No issues with stability.

No issues with stability, with the true network topology.

I am Fortinet expert, but L4 support is working very well.

Previously used F5, NetScaler, Imperva. Other products feature LB WAFs, so a limited WAF feature. This product's primary feature is WAF. I chose this product because it prioritizes security.

Very complex. More security features.

Cheaper than others.

F5, NetScaler, Imperva and Squid.

Here's how I would break down my rating of this product:

• Session Management: 10 out of 10 
• Security: 10 out of 10 
• Stability: 10 out of 10
• Health check feature: eight out of 10.

If your goal is security, FortiWeb is your best choice.

We are using Fortinet FortiWeb to deliver service to our customers.

The valuable feature of Fortinet FortiWeb vulnerability scanner.

I have been using Fortinet FortiWeb for approximately 14 years.

The Fortinet FortiWeb is very stable.

We did not have any problems with the scalability of Fortinet FortiWeb.

We have the development and network teams using the solution. It is approximately seven people in total.

I did not use the support from Fortinet FortiWeb.

The initial setup We Fortinet FortiWeb is straightforward. The full process of the deployment took approximately two weeks to 16 days.

Most of the deployment is done by our development team because they have some parameters that match the configuration. However, when we initially did the deployment we used a consultant company.

The license to use Fortinet FortiWeb is approximately $14,000.

I rate the price of Fortinet FortiWeb a four out of five.

The solution does not require a lot of maintenance.

I would recommend this solution to others. If someone wants to use the internet with an application website or any other internet application, content filtering is very useful to filter all the requests that are coming to the server so that no one can hack or harm the system.

I rate Fortinet FortiWeb a nine out of ten.

We use it mostly to secure our web platform for things like Internet banking, email, and SMTP. It is for anything that is external coming into our internal network.

We were having a lot of probe attacks coming through from our external networks. Now, the traffic has to come through our firewall, then FortiWeb. Basically, FortiWeb acts like a second firewall for all our applications.

We have been using all the features and everything is nice. 

I have recently been looking at the SSL certificate features and the learning mode of the appliance. This appliance learns from the pattern of SSL attacks. 

We would like the interface to be easier to use and more user-friendly. The interface needs to be enhanced. 

We had trouble understanding it at first, but we got used to using it after six months. Then, it was simple to use.

We have been using it for five years (since 2015). 

We haven't had any issues with it so far. 

The scalability is okay. There hasn't been a need to upgrade. We have found something that can adapt to our environment and that we can use for a long period of time.

We plan to use the product for the next two years. There are no major upgrades planned anytime soon.

There are four users for the product (with two being from the security team).

We have needed minimal support for the solution. The support has been okay.

We did not have a solution that we previously used.

It is complex to set up in learning mode. It takes a lot of time to learn the pattern of the web application before we put in the rule. The rule itself is a bit complex. We had to go by trial and error because there is nothing standard on the device.

The deployment took almost six hours to get up and running.

We used a reseller. They helped us implement the device. 

The reseller also does deployment and maintenance. For this, it takes about two of their staff and one or two of our staff internally. The staff will generally have experience in networking and firewalls with a background in security and port mapping.

All our Fortinet pricing is bundled together for different products, like FortiGate, FortiAnalyzer, and FortiWeb. FortiWeb, by itself, is probably around $2,500 to $3,500.

Since we were using FortiGate firewall, we decided to look at FortiWeb. We also looked into several solutions, like Check Point and Palo Alto.

The type of product you get depends on what you want to protect, how you want to protect it, and how many people will be accessing FortiWeb.

What we have now is working fine.

I would rate FortiWeb as an eight (out of 10).

We mainly use it for protection. OS scanning and load balancing are two of its main use cases.

My team is most probably working with its latest version. In terms of the deployment, lately, it has been on the cloud because the end-user-facing web applications are usually live on the cloud.

Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them.

The compliance piece is the best feature. Load balancing is also valuable, which is something that all web application firewalls do. Another valuable feature is high availability. You can scale it very well. Load balancing and high availability are the two reasons why we picked it for a couple of banks.

From the feature perspective, it is pretty rich. The automation piece can be improved. Although they say it can be automated very well, there is still manual work. Its usability should be improved in terms of automation because we want to build an infrastructure with code, but you can't do that easily with this solution. If they can give us APIs in the firewalls that we can tap into, it would be perfect. 

I would also like it to scale automatically based on the traffic.

I have been using this solution for about six years.

I've never seen any issues, but when you turn on all the features or every single scanning, that's when it slows down a bit.

It is scalable, but it is a roundabout way of automated scaling. It is not truly automated scaling. In general, when the size is okay, scaling is not a problem. I would like it to scale automatically based on the traffic, but that doesn't happen because automation is not there.

I haven't seen any big issues with performance. We ran 20,000 connections through it, and it was okay. When you deploy it in the cloud, you can increase the size of the VM, and with extra licensing, it is fine performance-wise.

It is suitable for medium and large customers. My team has deployed at least 500 of these in the last few years. In general, it's okay. We don't have any issue with it.

They have been pretty good, honest, and upfront. It all comes down to expectations when you buy these things.

I know the country manager very well. He is my friend for Fortinet. They are very good in terms of support. 

When you buy these things from a marketplace like Amazon or AWS, the support is not as good as it can be because the first line of support is the cloud provider, and then there is the vendor. So, our preference usually is to go directly to the vendor because they know more about it.

One of the best things about Azure Firewall is the automation. There is a huge difference. The second thing is pricing. 

With FortiWeb, when you want to buy HA, you need to start designing high availability across different regions. With Azure, it comes by default.

It depends on the customer and the use case. Usually, it's straightforward, but as you add more applications, it can become more and more complex.

The deployment duration varies. Usually, designing, building, and putting in production take about four weeks, but it also depends on the application type.

It requires maintenance all the time. Everything requires maintenance. Usually, we build it and operationalize it, and we then hand it over to the customer.

It keeps changing, but it's based on the size of the VM you buy and also the traffic throughput you want from it, whereas what we have on Azure is just the traffic throughput. You can also pay on a monthly basis from Azure. During each part of the project, it's okay to get Azure-based licensing or AWS-based licensing for FortiWeb, but over time, you would want to go with the perpetual license. You should go to Fortinet and buy the license from them. So, there is a two-step process there.

I would advise getting the right engineer. You need someone who is a specialist, and that's very important.

I would rate it an eight out of 10. 

We are primarily using the solution for our security applications as well as email and internet protection.

The product is very easy to use.

We find that it is quite stable and reliable. 

The solution can scale quite well.

The installation process is very simple. 

The technical support on offer is helpful.

The solution could offer more integration opportunities. 

We started using the solution about five or so years ago. It's been a while at this point. 

The stability has been good over the years. It does not crash or freeze. There are no bugs or glitches. The performance is reliable. 

The product does scale well. If a company needs to expand it, it can do so.

Some of our clients have over a hundred users. Others only have 50. the size of the setups varies. 

We've had a good experience with technical support. They are helpful and responsive. We're quite satisfied with the level of service they provide. 

We also currently use Cisco for some security and protection.

We found the initial setup to be easy. It's straightforward. It's not complex or difficult at all. A company shouldn't have any issues with the setup at all.

The installation and deployment process is fast. It doesn't take more than a day.

We have two engineers on staff that can handle deployment and maintenance. 

We have a team in-house that can manage it. We don't need the assistance of outside integrators or consultants. 

We have a yearly subscription that we renew annually.

We're using the latest version of the solution. I cannot speak to the exact version number, as I don't have it on hand. 

We're a company that helps implement this product for clients. 

At this time, I'd rate the product at an eight out of ten. We've largely been very satisfied with its capabilities. 

I'd recommend the product to other users and companies. 

We are using this product to protect something similar to an online banking network.

We have had a lot of web application attacks and this product has protected us. Once it was implemented, most of our problems were solved. For example, we had a DDoS attack against the seventh layer and it protected us.

The most valuable feature is that this product represents a whole solution, including a WAF, and even anti-defacements. It is not just a single feature.

Anti-defacement has an amazing feature whereby if something bypasses the WAF then they can rollback the website.

The user experience is very good and it is simple to use.

They have AI and machine learning capabilities, so if you are using the WAF then you don't need extra features.

The initial setup in our data center was somewhat complex.

We have been using Fortinet FortiWeb since 2008.

FortiWeb is a stable product.

We have been working with this solution for more than 12 years and it has scaled with our requirements. We upgraded a lot of hardware and applications, and things change from time to time. There is not just a single point where we changed something that tested the scalability.

Technical support is amazing. We have 24x7 support and every time we have contacted them, it takes less than two hours before everything is solved. We are confident that if we have any issue then we can communicate with the vendor and they will help us to solve the problem.

In our data center and with the complexity of it, it takes one or two days to implement and fine-tune.

We deployed this product in-house. We started with the training and then we implemented the solution. In case we have any problem then we can communicate with the vendor.

We have three security specialists who work as a team for maintenance.

We renew our contract and license every three years. There are no costs in addition to the standard licensing fees. There is just one cost.

Prior to implementing FortiWeb, we tested Barracuda, F5, Citrix, and Sophos.

FortiWeb is a security product that I can recommend. My advice for anybody who is implementing this type of solution is not to simply believe the words of the vendors. Test the product in your environment and then you can select the best one for your needs. A lot of vendors nowadays will tell you that they are the best, but the best thing to do is test each of the products inside your network.

The roadmap that the vendor has for this product is good. They have a lot of extra features that they are developing for future releases. They have an amazing R&D team, they know the competition, and they know the market. In my department, we find that it is amazing and are not searching for additional functionality.

I would rate this solution a ten out of ten.