We performed a comparison between Fortinet FortiWeb and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF)."L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code."
"You have the ability to control everything from one single dashboard."
"Auto Learn feature: Makes policy additions or deletions for my customers very simple"
"Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."
"One main feature we are very happy about is file security and upload functionality."
"It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs."
"What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options."
"Also, if you serve files or you accept files with your server, Fortiweb has built-in antivirus. The Fortinet product family also provides good IP intelligence (botnet C&C, etc.)."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"The Search Engineering feature is good."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"It allows us to concentrate solely on identified vulnerabilities without the hassle of additional setup."
"I use Rapid7 Metasploit for payload generation and Post-Exploitation."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten."
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"I would like to see the Application Delivery Control (ADC) and Web Application Firewall (WAF) combined in one device."
"Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."
"The dashboards are not that configurable. Application-specific dashboards can be improved. If we have 50 applications, there should be something to see what's happening with these 50 applications. There could be a graph or a consolidated alert page where all alerts are inbuilt. They have other products that I can use, but this feature should be built into FortiWeb."
"The memory use in each of the appliances is problematic."
"FortiGate could be improved on the security end because we've had some incidents with the customer. Otherwise, there is no problem."
"Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration."
"The solution is not very scalable, to scale up would require another deployment with a new appliance and a change to the network."
"It is not entirely user-friendly."
"Rapid7 Metasploit could be made easier for new users to learn."
"There are numerous outdated exploits in their database that should be updated."
"We'd like them to offer better coverage of malware."
"Metasploit cannot be installed on a machine with an antivirus."
"The initial setup was a bit "tweaky" for the open-source version."
"Better automation capabilities would be an improvement."
"I think areas with shortcomings that need improvement are more integration and automation."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Rapid7 Metasploit is ranked 12th in Vulnerability Management with 18 reviews. Fortinet FortiWeb is rated 8.0, while Rapid7 Metasploit is rated 7.6. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Acunetix, Rapid7 InsightVM and Nucleus.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.