Regarding areas for improvement, the documentation needs work. We had issues with a customer because the documentation didn't clearly show which devices can connect with FortiWeb WAF, leading to misconfiguration and difficult meetings. We also need deeper technical support - finding who's responsible for technical aspects is challenging. Hungary has a good Fortinet office with strong sales and pre-sales employees.
Senior Vice President Operations at Alackrity Consols
Real User
Top 20
2024-07-16T10:32:00Z
Jul 16, 2024
FortiWeb could have an inbound load balancing pack. Currently, they don't have it, but they have the print product for that. It'll be better if they have it on the same product.
We haven't faced any significant issues with FortiWeb Web Application Firewall. But they can lower the pricing, since it is a concern, especially in South Africa and the technical support, could be more responsive at times.
The price could be close to Imperva; Imperva is the number one firewall. FortiWeb cannot do some kind of ADC solution, like load balancing. I hope they improve that. I'm looking for the ADC solution, the load balancing solution. Because application firewalls with multiple line solutions do come with it. So, I think it should be integrated within FortiWeb WAF.
Learn what your peers think about FortiWeb Web Application Firewall (WAF). Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Head - System and Network Admin at Reliance Producers Cooperative
Real User
Top 10
2024-01-04T09:50:28Z
Jan 4, 2024
There is room for improvement in pricing, and actually, the price is a bit higher because on the same terms I purchased, the support subscription is so high.
Network Security Engineer at a computer software company with 5,001-10,000 employees
Real User
Top 20
2023-12-18T12:22:03Z
Dec 18, 2023
There is room for improvement in the support. The response time could be faster. Plus, they ask for a lot of information. It is not easy to get support. In future releases, I would like to see added antivirus features that provide user-based activity indicators. For example, if a user downloads a large number of files or connects frequently, the WAF could flag this activity for investigation.
Network & Security Engineer at a tech services company with 51-200 employees
Real User
Top 10
2023-11-24T11:19:25Z
Nov 24, 2023
FortiWeb WAF lacks several security features compared to F5. F5 can incept the traffic to layer seven; FortiWeb can do it, too, but it is a tough process. We have to get support from Fortinet.
Senior Security Consultant at a retailer with 10,001+ employees
Consultant
Top 20
2023-10-18T15:22:47Z
Oct 18, 2023
Advanced configurations require high skill. FortiWeb team should work on making it easier. The documentation is poor. The tool must provide advanced and robust DDoS protection.
Cybersecurity Team Leader at Summit Technology Solution
Real User
Top 5
2023-07-26T11:39:00Z
Jul 26, 2023
WAF needs more signatures on FortiWeb and updates the database continuously to protect against new attacks. I hope the next release includes integration with the vulnerability scanner, a great feature of FortiWeb. If customers have vulnerability scanners, they can export the scan's result and post it to FortiWeb to patch completely.
FortiWeb web application firewall (WAF) protects business-critical web applications from attacks that target known and unknown vulnerabilities. Advanced ML-powered features improve security and reduce administrative overhead. Capabilities include anomaly detection, API discovery and protection, bot mitigation, and advanced threat analytics to identify the most critical threats across all protected applications.
Regarding areas for improvement, the documentation needs work. We had issues with a customer because the documentation didn't clearly show which devices can connect with FortiWeb WAF, leading to misconfiguration and difficult meetings. We also need deeper technical support - finding who's responsible for technical aspects is challenging. Hungary has a good Fortinet office with strong sales and pre-sales employees.
The tool's price and performance are areas of concern where improvements are required.
FortiWeb WAF's tuning causes trouble. It's complicated. The solution needs to improve the signature feature as well.
FortiWeb could have an inbound load balancing pack. Currently, they don't have it, but they have the print product for that. It'll be better if they have it on the same product.
We haven't faced any significant issues with FortiWeb Web Application Firewall. But they can lower the pricing, since it is a concern, especially in South Africa and the technical support, could be more responsive at times.
The price could be close to Imperva; Imperva is the number one firewall. FortiWeb cannot do some kind of ADC solution, like load balancing. I hope they improve that. I'm looking for the ADC solution, the load balancing solution. Because application firewalls with multiple line solutions do come with it. So, I think it should be integrated within FortiWeb WAF.
It would be good if the solution integrated with other solutions, like SAP.
We have encountered issues with webhooks and management of FortiWeb Web Application Firewall's on-premise version.
There is room for improvement in pricing, and actually, the price is a bit higher because on the same terms I purchased, the support subscription is so high.
There is room for improvement in the support. The response time could be faster. Plus, they ask for a lot of information. It is not easy to get support. In future releases, I would like to see added antivirus features that provide user-based activity indicators. For example, if a user downloads a large number of files or connects frequently, the WAF could flag this activity for investigation.
FortiWeb WAF lacks several security features compared to F5. F5 can incept the traffic to layer seven; FortiWeb can do it, too, but it is a tough process. We have to get support from Fortinet.
Advanced configurations require high skill. FortiWeb team should work on making it easier. The documentation is poor. The tool must provide advanced and robust DDoS protection.
The user interface can be improved. Also, there are authentication failures that need improvement in the next release.
WAF needs more signatures on FortiWeb and updates the database continuously to protect against new attacks. I hope the next release includes integration with the vulnerability scanner, a great feature of FortiWeb. If customers have vulnerability scanners, they can export the scan's result and post it to FortiWeb to patch completely.
FortiWeb Web Application Firewall's signature database updates could be improved.