• Home
  • Fortinet FortiWeb vs. Rapid7 Metasploit

Fortinet FortiWeb vs Rapid7 Metasploit comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
Fortinet FortiWeb
Read 83 Fortinet FortiWeb reviews
9,391 views|6,820 comparisons
88% willing to recommend
Rapid7 Logo
Rapid7 Metasploit
Read 18 Rapid7 Metasploit reviews
2,672 views|1,553 comparisons
94% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Web Application Firewall (WAF)
May 2024
Executive Summary

We performed a comparison between Fortinet FortiWeb and Rapid7 Metasploit based on real PeerSpot user reviews.

Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF).
To learn more, read our detailed Web Application Firewall (WAF) Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Anonymous User
People can run a pen test on our system whenever they like and we'll pass with flying colors
Being a data protection company, we have to meet a lot of specific requirements for customers. When people would say, "Our standard practice is to... Read more →
Aqeel Junaid
Helps find vulnerabilities in a system to determine whether the system needs to be upgraded
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code.""You have the ability to control everything from one single dashboard.""Auto Learn feature: Makes policy additions or deletions for my customers very simple​""Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them.""One main feature we are very happy about is file security and upload functionality.""It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs.""What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options.""Also, if you serve files or you accept files with your server, Fortiweb has built-in antivirus. The Fortinet product family also provides good IP intelligence (botnet C&C, etc.)."

More Fortinet FortiWeb Pros →

"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform.""The Search Engineering feature is good.""It's not possible to do penetration testing without being very proficient in Metasploit.""It allows us to concentrate solely on identified vulnerabilities without the hassle of additional setup.""I use Rapid7 Metasploit for payload generation and Post-Exploitation.""The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers.""Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten.""The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."

More Rapid7 Metasploit Pros →

Cons
"I would like to see the Application Delivery Control (ADC) and Web Application Firewall (WAF) combined in one device.""Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it.""The dashboards are not that configurable. Application-specific dashboards can be improved. If we have 50 applications, there should be something to see what's happening with these 50 applications. There could be a graph or a consolidated alert page where all alerts are inbuilt. They have other products that I can use, but this feature should be built into FortiWeb.""The memory use in each of the appliances is problematic.""FortiGate could be improved on the security end because we've had some incidents with the customer. Otherwise, there is no problem.""Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration.""The solution is not very scalable, to scale up would require another deployment with a new appliance and a change to the network.""It is not entirely user-friendly."

More Fortinet FortiWeb Cons →

"Rapid7 Metasploit could be made easier for new users to learn.""There are numerous outdated exploits in their database that should be updated.""We'd like them to offer better coverage of malware.""Metasploit cannot be installed on a machine with an antivirus.""The initial setup was a bit "tweaky" for the open-source version.""Better automation capabilities would be an improvement.""I think areas with shortcomings that need improvement are more integration and automation.""Advanced Infrastructure should be implemented in the next release for better orchestration."

More Rapid7 Metasploit Cons →

Pricing and Cost Advice
  • "Cheaper than others."
  • "FortiWeb can be purchased in VM mode for a lower price and the same features."
  • "Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes."
  • "​It really pays off to buy licences for multiple years​."
  • "​The pricing is reasonable."
  • "The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size."
  • "The solution gives us the best price to performance ratio."
  • "The costs are standard. We pay around $1,600 yearly."

    • More Fortinet FortiWeb Pricing and Cost Advice →

  • "I use the open-source version of this product. Pricing is not relevant."
  • "It is expensive. Our license expired, and our company is not thinking to renew because of our budget."
  • "The great advantage with Rapid7 Metasploit, of course, is that it's free."
  • "There are two versions available, one of which is the Pro version, and the other is the free version."
  • "Rapid7 Metasploit is cheaper than Tenable.io Vulnerability Management."
  • "On a scale of one to ten, where one is cheap and ten is expensive, I rate the product's pricing a six. So it's fairly priced."
  • "The pricing structure involves a one-time purchase cost of approximately twenty thousand dollars or euros for all customers."
  • "We pay monthly. The pricing is reasonable."

    • More Rapid7 Metasploit Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Fortinet FortiWeb?
    Top Answer:The WAF profiles has been effective at mitigating web-based threats.
    Read all 48 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiWeb?
    Top Answer:The pricing is in the middle. I would rate the pricing a five out of ten. It feels like a justified cost for the features, but it might get more expensive in the future. Also, keep in mind that Check… more »
    Read all 38 answers   →
    What needs improvement with Fortinet FortiWeb?
    Top Answer:I'd like more customization. I'm not sure if everyone would agree, as it might add complexity. But for advanced users, it would be really useful to have access and the ability to manipulate packets… more »
    Read all 48 answers   →
    What do you like most about Rapid7 Metasploit?
    Top Answer:I use Rapid7 Metasploit for payload generation and Post-Exploitation.
    Read all 16 answers   →
    What is your experience regarding pricing and costs for Rapid7 Metasploit?
    Top Answer:I have used the free version of Rapid7 Metasploit.
    Read all 13 answers   →
    What needs improvement with Rapid7 Metasploit?
    Top Answer:Rapid7 Metasploit could be made easier for new users to learn.
    Read all 14 answers   →
    Ranking
    4th
    out of 82 in Web Application Firewall (WAF)
    Views
    9,391
    Comparisons
    6,820
    Reviews
    22
    Average Words per Review
    754
    Rating
    7.7
    12th
    out of 111 in Vulnerability Management
    Views
    2,672
    Comparisons
    1,553
    Reviews
    7
    Average Words per Review
    402
    Rating
    7.9
    Comparisons
    Also Known As
    Metasploit
    Learn More
    Fortinet
    Rapid7
    Overview

    Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

    Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

    Fortinet FortiWeb Features and Benefits

    APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

    • Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.

    • Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.

    • Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.

    • Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.

    • ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.

    • False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

    Reviews from Real Users

    Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

    Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

    A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

    Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.

    Sample Customers
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon University
    Top Industries
    REVIEWERS
    Financial Services Firm24%
    Comms Service Provider20%
    Computer Software Company17%
    Government10%
    VISITORS READING REVIEWS
    Educational Organization38%
    Computer Software Company12%
    Financial Services Firm7%
    Comms Service Provider6%
    REVIEWERS
    Comms Service Provider36%
    Financial Services Firm18%
    Computer Software Company9%
    Mining And Metals Company9%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Manufacturing Company10%
    Government7%
    Company Size
    REVIEWERS
    Small Business49%
    Midsize Enterprise22%
    Large Enterprise28%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise48%
    Large Enterprise34%
    REVIEWERS
    Small Business26%
    Midsize Enterprise26%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise18%
    Large Enterprise58%
    Buyer's Guide
    Web Application Firewall (WAF)
    May 2024
    Download Free Report
    Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF). Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Rapid7 Metasploit is ranked 12th in Vulnerability Management with 18 reviews. Fortinet FortiWeb is rated 8.0, while Rapid7 Metasploit is rated 7.6. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Acunetix, Rapid7 InsightVM and Nucleus.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.