We performed a comparison between AWS WAF and Fortinet FortiWeb based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet FortiWeb is the winner in this comparison. According to reviews, it is a more comprehensive solution than AWS WAF. Reviewers are happier with the pricing of AWS WAF, however.
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats."
"The solution is stable."
"One common use case is using detection protection for enhancing security models in AWS. Another use case is implementing log analysis and response recovery procedures for email services."
"It's simple, easy to use."
"What I like best about AWS WAF is that it's a simple tool, so I could understand the basics of AWS WAF in two to three hours."
"If hackers try to insert bugs, the tool blocks it."
"The most valuable feature is that it is very easy to configure. It just takes a couple of minutes."
"Its best feature is that it is on the cloud and does not require local hardware resources."
"The most valuable features in Fortinet FortiWeb are sandboxing and threat prevention."
"The ability to configure multiple policies for different requirements is a strong feature of Fortinet FortiWeb."
"The support is quite good."
"The GUI is user-friendly and it's easy to understand how to manage it."
"What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options."
"The solution has a good sandbox feature."
"If I need something from tech support, I can get it answered within the hour."
"Provides good vulnerability scanning, IPS, and geolocalization."
"It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."
"AWS WAF should provide better protection to its users, and the security features need to improve."
"We need more support as we go global."
"We haven't faced any problems with the solution."
"When users choose the free service, there isn't great support available to them."
"The product must provide more features."
"The cost management has room for improvement."
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure."
"The dashboard evaluating the performance of each application connected to the web app's firewall is quite helpful, but the tool is only available in application performance management. So I think if Fortinet could better integrate that particular feature, it would add a lot of value to the product."
"We want to see more detailed logging, such as audit logging, as this would significantly enhance the solution's reporting. We currently get some information from logs, but more would be better."
"Most of the deployment is done by our development team because they have some parameters that match the configuration. However, when we initially did the deployment we used a consultant company."
"It can be better with web application firewalls."
"Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only."
"I would like to have an antivirus option."
"The product's scalability could be better."
"Centralized management of multiple devices, and GUI improvement, could reduce the learning curve."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. AWS WAF is rated 8.0, while Fortinet FortiWeb is rated 8.0. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and Prisma Cloud by Palo Alto Networks, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, Azure Web Application Firewall, Imperva Web Application Firewall and Cloudflare Web Application Firewall. See our AWS WAF vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.