We performed a comparison between Barracuda Web Application Firewall and Fortinet FortiWeb based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."If an attack is coming continuously, you can ask the device to block it temporarily for two to three minutes. F5 has not provided us with an option to block certain IPs for some time. Barracuda can help you block someone if the source is from a different IP. You can apply the rule to the device and block it for whatsoever time you want. The solution will unblock the IP after the prescribed time as well."
"The volumetric DDoS defense is very good because I had a problem with a lot of volumetric DDoS attacks on my servers. After using Barracuda, those attacks have stopped and all the traffic is going smoothly to my servers and the system is working really well."
"The most valuable feature is the rule set."
"The stability of the solution is good. I don't think we've experienced bugs, crashes, or glitches."
"The most valuable features are the client VPN and content filtering."
"We only need one subscription to be protected against both active DDoS and offline DDoS attacks."
"We run it with no downtime, because it has good support."
"It is stable and the performance is good."
"The most valuable feature is ease of use."
"The most valuable feature is the attack signature and machine learning."
"It's stable and works efficiently against OWASP Top 10 attacks."
"The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability."
"The most valuable feature of Fortinet FortiWeb is the ease of integration and configuration."
"Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself."
"It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs."
"I like FortiWeb's usability and ease of configuration. It's simple to configure rules and exceptions inside the attack log. We block everything by default. If something isn't working, we ask the system admin to adjust the template and add exceptions."
"There are some vulnerabilities that are reported across the tools offered by Barracuda for some devices, which need to be taken care of from an improvement perspective."
"The solution needs to leverage some additional features to a broader scale of software-defined networks."
"One of Barracuda's limitations is its user interface. The GUI for configuration is not intuitive and has remained largely unchanged for the past 10 to 12 years."
"We get false positives about phishing emails."
"Barracuda Web Application Firewall’s scalability needs improvement."
"If you know nothing about networks, then you can't set it up."
"The GUI needs to be improved because it sometimes hangs and needs to be restarted."
"They should improve their features, so they easily compare to the competition."
"Another area for improvement is logging. When troubleshooting, the logs sometimes take a while to update. We've had people report that some things aren't logged if they're successful. It's a bit hit-and-miss. For example, sometimes people access one of our services, and it's successful, but we don't see that in the logs."
"The automation piece can be improved. Although they say it can be automated very well, there is still manual work. Its usability should be improved in terms of automation because we want to build an infrastructure with code, but you can't do that easily with this solution. If they can give us APIs in the firewalls that we can tap into, it would be perfect."
"Their documentation is fairly complete, but it's sometimes a little bit difficult to search for exactly what you're looking for to resolve an issue. There have been times when we've gone to try to search for areas that we needed to get information on, and it has not always been extremely clear exactly how a particular thing needs to be set up."
"In terms of performance, it needs to be more robust."
"The initial setup is complex."
"They could improve their support a little bit for faster response time."
"For advanced users, it would be really useful to have access and the ability to manipulate packets. If we can access and manipulate the contents of packets, even encrypted packets... that would be powerful. Since we're looking at packets arriving at our network, we would have the private key to access those packets and their information."
"The solution could have more customization."
More Barracuda Web Application Firewall Pricing and Cost Advice →
Barracuda Web Application Firewall is ranked 14th in Web Application Firewall (WAF) with 38 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. Barracuda Web Application Firewall is rated 8.2, while Fortinet FortiWeb is rated 8.0. The top reviewer of Barracuda Web Application Firewall writes "Provides strong issue discovery capabilities; enhance the security parameters of web applications and suitable for medium to large enterprises". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". Barracuda Web Application Firewall is most compared with F5 Advanced WAF, Microsoft Azure Application Gateway, HAProxy, Kemp LoadMaster and Radware Alteon, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Microsoft Azure Application Gateway. See our Barracuda Web Application Firewall vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.