Try our new research platform with insights from 80,000+ expert users
Senior Network Security Planning at Ooredoo Kuwait
Reseller
Has a mechanism to detect all of your entries that aren't used and clean them up but they should have an antivirus option
Pros and Cons
  • "When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up."
  • "I would like to have an antivirus option."

What is our primary use case?

Our primary use case is as a firewall. We use a lot of Fortinet products. We have email security and FortiGate IPS. 

How has it helped my organization?

When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up.

What is most valuable?

The most valuable features are the access policies and how Fortinet gets the compilation done is really good.

What needs improvement?

I would like to have an antivirus option. 

Buyer's Guide
Fortinet FortiWeb
December 2024
Learn what your peers think about Fortinet FortiWeb. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

Stability is very good. 

What do I think about the scalability of the solution?

We haven't had any issues with scalability. You can scale up easily. 

How are customer service and support?

Their technical support is good. 

Which solution did I use previously and why did I switch?

We previously used Cisco. We switched because all they are is a brand name. It was a failure. We gave it a year to improve the product and it didn't so we switched. 

How was the initial setup?

The initial setup was straightforward. The deployment didn't take much time. The support guys were really good. The transition from Cisco to Fortinet was a bit challenging but they had tools to make it easier. 

We require three staff for the deployment and maintenance. 

What about the implementation team?

We are the resellers. 

What other advice do I have?

I would rate it a seven out of ten. A seven and not a ten because of the antivirus issue. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Soroush-Enayati - PeerSpot reviewer
Network security engineer at freelancer
Real User
Great machine learning, artificial intelligence and behaviour detection
Pros and Cons
  • "It helps us prevent attacks on servers."
  • "The initial setup is complex."

What is our primary use case?

It helps us prevent attacks on servers, and we deploy it on-premises.

What is most valuable?

There are many valuable features. It has machine learning, artificial intelligence, behaviour detection, and many other features capable of detecting web attacks.

What needs improvement?

The initial setup could be simplified.

For how long have I used the solution?

We have been using the solution for approximately ten years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and support?

We do not have experience with customer service and support.

How was the initial setup?

The initial setup is complex and takes between three to six months.

What about the implementation team?

We implemented the solution in-house.

What's my experience with pricing, setup cost, and licensing?

Fortinet FortiWeb has some types of licenses, and the main licenses refer to updating a signature and a pattern.

Which other solutions did I evaluate?

We evaluated machine learning and the main signatures about known attack signatures.

What other advice do I have?

I rate the solution a ten out of ten, and I recommend it for every organization with web services.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Fortinet FortiWeb
December 2024
Learn what your peers think about Fortinet FortiWeb. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Pedro Andrade - PeerSpot reviewer
General Manager at Ip4u
Real User
Good reporting and a nice user interface but can be a bit expensive
Pros and Cons
  • "It can scale well."
  • "The upgrade process could be a bit smoother."

What is most valuable?

The reporting available is pretty great.

We find the configuration capabilities to be very good. 

Technical support is helpful.

It's stable. 

It can scale well. 

I like the user interface. 

What needs improvement?

It's not the most popular option. Many clients prefer instead Citrix or Proxy Blue Coat. It might be a bit difficult to configure. 

The upgrade process could be a bit smoother. 

Sometimes the integration doesn't work on the first or second try.

The solution is a bit expensive. 

For how long have I used the solution?

We first installed the solution eight or nine years ago. We've used it for almost a decade. 

What do I think about the stability of the solution?

The solution is pretty stable. I'd rate it a three out of five in terms of stability. Sometimes the upgrades don't go as smoothly as we would like. 

What do I think about the scalability of the solution?

The solution is scalable. I'd rate it four out of five in terms of how easy it is to expand the product. 

How are customer service and support?

I can't complain about the technical support. They are pretty good. I found them to be helpful. However, it may depend on the engineer you get on the line. 

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup has a moderate level of difficulty.

We only need one person to deploy and maintain the product.

It takes about a week to have the entire solution set up.

What about the implementation team?

We install the solution for our clients. 

What was our ROI?

It's always difficult to measure ROI when it comes to security. It's always just a smart investment for a company.

What's my experience with pricing, setup cost, and licensing?

The product can be costly.

The licenses are paid annually. You do have several licensing choices. They don't have too much choice. However, their options are good. 

What other advice do I have?

We are not an end user. We are resellers.

I'd rate the solution seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Manager at a construction company with 1-10 employees
Real User
Provides security and an easy setup, however scalability is a concern
Pros and Cons
  • "The most important feature of this solution is protection from attack."
  • "The solution is not very scalable, to scale up would require another deployment with a new appliance and a change to the network."

What is our primary use case?

We use the solution to protect the various services of our site, E-commerce, file service, and download service.

What is most valuable?

The most important feature of this solution is protection from an attack.

What needs improvement?

The maintenance fee for this product could be improved and it needs to be easier to scale up. 

For how long have I used the solution?

I have been using the solution for four to five years. 

What do I think about the stability of the solution?

Stability is very important and yes, the product is stable.

What do I think about the scalability of the solution?

The solution is not very scalable, to scale up would require another deployment with a new appliance and a change to the network.

How are customer service and support?

I would say technical support is good for this solution.

How was the initial setup?

Setup for this solution is easy, with one being easy and five being hard I would rate it a two out of five. Deployment took a few days. 

What's my experience with pricing, setup cost, and licensing?

We have between 100 and 200 users of the solution in our company. 

What other advice do I have?

I would rate the solution a six out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Commercial Manager at Natco Information technology
Real User
Simple to set up with good technical support and the ability to scale
Pros and Cons
  • "We find that it is quite stable and reliable."
  • "The solution could offer more integration opportunities."

What is our primary use case?

We are primarily using the solution for our security applications as well as email and internet protection.

What is most valuable?

The product is very easy to use.

We find that it is quite stable and reliable. 

The solution can scale quite well.

The installation process is very simple. 

The technical support on offer is helpful.

What needs improvement?

The solution could offer more integration opportunities. 

For how long have I used the solution?

We started using the solution about five or so years ago. It's been a while at this point. 

What do I think about the stability of the solution?

The stability has been good over the years. It does not crash or freeze. There are no bugs or glitches. The performance is reliable. 

What do I think about the scalability of the solution?

The product does scale well. If a company needs to expand it, it can do so.

Some of our clients have over a hundred users. Others only have 50. the size of the setups varies. 

How are customer service and technical support?

We've had a good experience with technical support. They are helpful and responsive. We're quite satisfied with the level of service they provide. 

Which solution did I use previously and why did I switch?

We also currently use Cisco for some security and protection.

How was the initial setup?

We found the initial setup to be easy. It's straightforward. It's not complex or difficult at all. A company shouldn't have any issues with the setup at all.

The installation and deployment process is fast. It doesn't take more than a day.

We have two engineers on staff that can handle deployment and maintenance. 

What about the implementation team?

We have a team in-house that can manage it. We don't need the assistance of outside integrators or consultants. 

What's my experience with pricing, setup cost, and licensing?

We have a yearly subscription that we renew annually.

What other advice do I have?

We're using the latest version of the solution. I cannot speak to the exact version number, as I don't have it on hand. 

We're a company that helps implement this product for clients. 

At this time, I'd rate the product at an eight out of ten. We've largely been very satisfied with its capabilities. 

I'd recommend the product to other users and companies. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Dino R - PeerSpot reviewer
System Administrator at a insurance company with 1,001-5,000 employees
Real User
Top 10
Provides good feedback for development and is easy to scale up
Pros and Cons
  • "It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs."
  • "The dashboard evaluating the performance of each application connected to the web app's firewall is quite helpful, but the tool is only available in application performance management. So I think if Fortinet could better integrate that particular feature, it would add a lot of value to the product."

What is our primary use case?

Generally, we are using it to protect our internet-facing web applications. So if there are any security vulnerabilities in our applications, the solution can provide protection.

How has it helped my organization?

It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs.

What is most valuable?

They have a sort of table that defines the functions of certain applications, ex. which function has the slowest or fastest response. This enables our in-house development team or vendors to review our application and fix the functions if necessary. 

What needs improvement?

The dashboard evaluating the performance of each application connected to the web app's firewall is quite helpful, but the tool is only available in application performance management. So I think if Fortinet could better integrate that particular feature, it would add a lot of value to the product.

For how long have I used the solution?

I have been using FortiWeb for three years.

What do I think about the stability of the solution?

I think it's quite reliable so long as it's configured. 

What do I think about the scalability of the solution?

As long as we accurately scale our requirements from the start, I think the solution is quite scalable and quite easy to scale up later on.

How are customer service and technical support?

They are quite helpful. But I think because our department is quite stable and configured correctly, we are rarely using the support. Everything works perfectly.

How was the initial setup?

I think it's quite complex because we need to know how the application works.  

What about the implementation team?

We are using local support to configure the solutions for us. We also purchase local maintenance and support on top of the routine product support and updates. Because it is a
very specialized product, we need a very skillful person with expertise in the product to configure the solution for us.

What's my experience with pricing, setup cost, and licensing?

In a high availability cluster configuration, where the primary FortiGate is working and the secondary is a backup, Fortinet requires us to buy two licenses instead of one whether we are actually using it or not. With other products, you only purchase one license because we only use one license per instance.

What other advice do I have?

You need to accurately calculate the requirements of your infrastructure before implementing FortiWeb or any other web application firewall. Accuracy is very critical when scaling the product or the model that will be deployed on your infrastructure. 

I would rate FortiWeb an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Information Security Engineer with 1,001-5,000 employees
Vendor
With Layer 7 server load balancing, it makes decisions based on the content of messages. It also can offload slow connections from the upstream servers.

What is most valuable?

  • Web services signature: Helped us on secure key exchange, authentication and integrity of the transmissions.
  • Virtual patching: We publish many web services through FortiWeb. We are able to quickly resolve vulnerabilities.
  • Layer 7 server load balancing: The device made smart decisions based on the content of messages. Also, with compression and encryption, it can offload slow connections from the upstream servers. That greatly improved performance.
  • Zero-day protection
  • Advance correlation
  • URL rewriting and content rewriting

How has it helped my organization?

Before FortiWeb deployment, we were using a combination of commercial and open-source products. It was a hassle for the administrators, due to which some areas were unintentionally overlooked and caused many problems. With FortiWeb, we got a one-box solution for internet and internet security, which reduced the time required of the administrators and improved visibility at the larger scale.

What needs improvement?

Usually patches and version upgrades are really buggy, so we usually wait about one month for a stable release to upgrade. They need to improve the new version/patch delivery mechanism. For example, if a patch fixes one functionality for web services but also causes some other functionality failure.

For how long have I used the solution?

I have been using it since 2014.

What do I think about the stability of the solution?

In the first few months, we had some issues but with a custom patch, we are good.

What do I think about the scalability of the solution?

No scalability problems so far.

How are customer service and technical support?

I rate technical support 8.5/10.

Which solution did I use previously and why did I switch?

We were using combination of solutions, due to our organisation's policies. Due to lack of visibility, administrative issues and response times, we shifted.

How was the initial setup?

We had a complex environment, with multiple offices across the globe with all the data in and out from our HQ.

What's my experience with pricing, setup cost, and licensing?

At the time of deployment, and still now, the price was considerable less than other solutions and varies according to license type.

Which other solutions did I evaluate?

We also evaluated Cisco and McAfee.

What other advice do I have?

It is a great product, but be careful with version upgrades.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Cyber Security Engineer at a tech services company with 201-500 employees
Real User
A competitively priced and stable solution
Pros and Cons
  • "The deployment was very easy."
  • "The documentation for the machine learning could be better."

What is our primary use case?

The version we are using is not old, but neither is it up to date. 

We implement FortiWeb to block incoming attacks to our network and web applications.

We use complex authentication rules and forms, in addition to the solution, for protection. We also do caching with static websites and compression. 

What is most valuable?

I would say that machine learning is the most valuable upgrade from 5.8, both before and after 5.9.

What needs improvement?

The documentation for the machine learning could be better. They do not provide proper documentation explaining how the solution works or how to configure it. A good, valid KB article would be helpful. 

It is difficult to configure the machine learning and get it up and running. We put in a week of learning mode and then place it in our production. The machine and data learning is a pain point. I work with different clients. The machine-learning algorithm doesn't learn all the URL patterns. 

It would be nice to see certain software changes in order to add some kind of betterment with machine learning.

What do I think about the stability of the solution?

As a hardware device, the solution is very stable. This is true when compared with other web application firewalls. 

What do I think about the scalability of the solution?

Hardware is not very shareable, as increasing capacity would require the use of a different one. But there is good scalability when it comes to WAF, SaaS and cloud solutions. The CPU cores and RAM memory capacity can always stand improvement.

How are customer service and technical support?

From the time a ticket is created, technical support takes a while to respond, especially when compared with Cisco. In this area it is not so great. 

How was the initial setup?

The deployment was very easy. Since it concerns hardware, one only need plug in the firewall and bring it up by connecting the device. It is pretty easy and not time consuming. The deployment takes, perhaps, one hour. But, the configuration and machine learning are important. 

What's my experience with pricing, setup cost, and licensing?

The license can be renewed on an annual or tri-annual basis. The price is competitive. 

What other advice do I have?

The solution protects a web server with more than 1,000 users making use of the solution. 

The solution is good. It has a preferable price, stability and security, all which recommend it to other users. My only issue is with the machine learning. 

I rate Fortinet FortiWeb as an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
PeerSpot user
Buyer's Guide
Download our free Fortinet FortiWeb Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free Fortinet FortiWeb Report and get advice and tips from experienced pros sharing their opinions.