We performed a comparison between Fortinet FortiWeb and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF)."FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives."
"The most valuable feature of Fortinet FortiWeb is the ease of integration and configuration."
"The support is quite good."
"Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself."
"Provides good vulnerability scanning, IPS, and geolocalization."
"The GUI makes it easy to scale in terms of learning and utilization."
"Auto Learn feature: Makes policy additions or deletions for my customers very simple"
"FortiWeb provides the level of security we need at an excellent price point. It's easy to deploy and operationally efficient."
"The tool's most useful feature for penetration testing is its automation capabilities. With the professional edition, you can upload the results from Nessus in the Rapid7 Metasploit solution portal."
"Technical support has been helpful and responsive."
"I use Rapid7 Metasploit for payload generation and Post-Exploitation."
"It is scalable. It's in line with our needs."
"Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten."
"The most valuable feature for us is the support for testing Linux-based web server components."
"The most valuable features of the solution are the scripts, the modules, and the tools that the Rapid7 Metasploit framework has."
"Rapid7 Metasploit is a useful product."
"Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."
"Lacks a VM demo to enable testing prior to purchase."
"The false positives are annoying."
"I would like to see more improvements with respect to threat intelligence."
"The initial setup in our data center was somewhat complex."
"They can introduce a scaled-down version for the SMB market. It would be very competitive in the environment."
"F5 and some other firewalls are easier to customize. FortiWeb could be more flexible and customizable. The documentation could also be improved because many of the advanced features aren't fully documented."
"A user interface or dashboard for troubleshooting is needed."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"The solution is not very scalable, it does not provide any automation to be able to scale it."
"The solution should improve the responsiveness of its live technical support."
"If your company's patch is not up to date, but you have other detection or defense solutions such as endpoint detection and response and antivirus software, the product exploit may not work effectively. This is because its exploit database update process is slow and not real-time. For zero-day vulnerabilities or new security threats, relying on Rapid7 Metasploit alone may not be effective."
"Better automation capabilities would be an improvement."
"At the time I was using it, the graphical user interface needed some improvements."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
"We'd like them to offer better coverage of malware."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Rapid7 Metasploit is ranked 11th in Vulnerability Management with 18 reviews. Fortinet FortiWeb is rated 8.0, while Rapid7 Metasploit is rated 7.6. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Acunetix, Rapid7 InsightVM and Nucleus.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.