We performed a comparison between F5 Advanced WAF and Fortinet FortiWeb based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: F5 Advanced WAF has an edge over Fortinet FortiWeb in this comparison. According to reviews, it has more advanced features than Fortinet FortiWeb. In addition, it received better marks in the ROI category.
"F5 technical support is excellent. They are experts who always provide the right solution, and they understand the problem. Their response and resolution times are good."
"It's flexible and powerful, and the users can input their own rules to the system."
"The most valuable feature is artificial intelligence and to get extra internal access."
"The support experience is better than average."
"F5's user-friendly interface and seamless integration stand out as the most valuable features for us."
"The most valuable feature of F5 Advanced WAF is its ability to have a pool of resources that can distribute your traffic, and that is a plus for me. My company tried to look into a competitor, Imperva, but it was lacking that capability, so F5 Advanced WAF outperforms Imperva."
"There is no need to worry about updating signatures because WAF will automatically update the signatures for you."
"The solution isn't too expensive. The license allows you to license what you need and leave out what you don't need."
"The ability to configure multiple policies for different requirements is a strong feature of Fortinet FortiWeb."
"FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives."
"When it comes to blocking unknown threats and attacks, I would give it the highest score possible. We first started using AWS and its Web Application Firewalls. That was okay, but it was quite a manual process to keep it up to date, whereas Fortinet is always up to date, and the default rules or the modules that you can turn on are very easy to use."
"The most valuable feature of this solution is Fail-Open."
"High-performance and detection engines, provide a high rate of exposure of web attacks."
"The WAF profiles has been effective at mitigating web-based threats."
"It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet."
"L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code."
"Most customers encounter stability issues with the product's Big-IP logs."
"You have to buy another module with an extra license, to have the authentication feature."
"The user interface (UI) seems a bit outdated. Making it more user-friendly would be beneficial."
"Its price should be better. It is expensive."
"There is a gap in report management."
"The deployment side is quite complex."
"For me, an area for improvement in F5 Advanced WAF is the reporting as it isn't so clear. The vendor needs to work on the reporting capability of the solution. What I'd like to see in the next release of F5 Advanced WAF is threat intelligence to protect your web application, particularly having that capability out-of-the-box, and not needing to pay extra for it, similar to what's offered in FortiWeb, for example, any request that originates from a malicious IP will be blocked automatically by FortiWeb. F5 Advanced WAF should have the intelligence for blocking malicious IPs, or automatically blocking threats included in the license, instead of making it an add-on feature that users have to pay for apart from the standard licensing fees."
"The solution could improve by having an independent capture module. It has a built feature that you can deploy the capture on your published website. However, it's not very user-friendly. When you compare this feature to Google Capture or other enterprise captures, they are very simple. It needs a good connection to the F5 Advanced WAF sandbox. When you implement this feature in the data center, you may suffer some complications with connecting to the F5 Advanced WAF sandbox. This should be improved in the future."
"The false positives are annoying."
"A better load balancer is needed when multiple servers are used for the same website."
"HA Architecture needs improvement. I would improve it by working on AP HA."
"The initial setup process could be improved."
"Lacks a VM demo to enable testing prior to purchase."
"The support side of things can be improved."
"The reporting could be optimized."
"Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."
F5 Advanced WAF is ranked 2nd in Web Application Firewall (WAF) with 55 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. F5 Advanced WAF is rated 8.6, while Fortinet FortiWeb is rated 8.0. The top reviewer of F5 Advanced WAF writes "Flexible configuration, reliable, and highly professional support". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". F5 Advanced WAF is most compared with Microsoft Azure Application Gateway, AWS WAF, Imperva Web Application Firewall, F5 BIG-IP Local Traffic Manager (LTM) and Prisma Cloud by Palo Alto Networks, whereas Fortinet FortiWeb is most compared with Fortinet FortiADC, AWS WAF, Azure Web Application Firewall, Imperva Web Application Firewall and Cloudflare Web Application Firewall. See our F5 Advanced WAF vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.