We performed a comparison between AWS WAF and Fortinet FortiWeb based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Fortinet FortiWeb is the winner in this comparison. According to reviews, it is a more comprehensive solution than AWS WAF. Reviewers are happier with the pricing of AWS WAF, however.
"The most valuable features of AWS WAF are its cloud-native and on-demand."
"The initial setup was very straightforward. Deployment took about ten minutes or less."
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats."
"AWS WAF is something that someone from a cloud background or cloud security background leverages. If they want to natively use a solution in the cloud, AWS WAF comes in handy. It's very useful for that, and the way we can fine-tune the WAF rules is also nice."
"We preferred the product based on its cost. AWS WAF is an out-of-the-box solution and integrates with the AWS services that we use. It's natively integrated with AWS."
"If hackers try to insert bugs, the tool blocks it."
"Stable and scalable web application firewall. Setting it up is straightforward."
"The interface is good."
"The most valuable feature of Fortinet FortiWeb is the ease of integration and configuration."
"FortiWeb is easy to operate with a reasonably high level of protection. FortiWeb provides multiple deployment options with a physical or virtual (FortiWeb-VM) appliance, and acts either as a reverse/transparent proxy or out-of-band. It is also available on AWS and Azure."
"Built-in security templates, AV integrated, strong threat intelligence."
"Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."
"It is a stable product."
"The solution is easy to configure and deploy."
"SSL Offloading simplifies the public certificate handling and brings additional protection features."
"The most valuable feature is the web application firewall (WAF)."
"When users choose the free service, there isn't great support available to them."
"They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats."
"The price could be improved."
"One area for improvement in AWS WAF could be the limitation on the number of rules, particularly those from third-party sources, within the free tier."
"The solution should identify why it blocks particular websites."
"We don't have much control over blocking, because the WAF is managed by AWS."
"The default content policy available in the tool is not very strong compared to the competitors."
"There is room for improvement in pricing."
"I would like to see more improvements with respect to threat intelligence."
"If the price was lower, it would be a bit more attractive, as an option, to the customers."
"When we look at the incident reports in the dashboard, they are available for a maximum duration of 24 hours. They should provide more time for the analysis and increase the duration of the availability of these reports. Currently, it gives the options for 5 minutes, 1 hour, and 24 hours. It would be excellent if there are more options for a longer time period. It may be configurable, but I don't know how to do it."
"Fortinet FortiWeb could improve in reference architecture for different deployment scenarios."
"It would also be helpful if they could introduce easier reporting. It's good to have those reports that go to C-level management, and Fortinet does provide some graphs, but if they went into some more detail, that would be great."
"FortiGate could be improved on the security end because we've had some incidents with the customer. Otherwise, there is no problem."
"Their documentation is fairly complete, but it's sometimes a little bit difficult to search for exactly what you're looking for to resolve an issue. There have been times when we've gone to try to search for areas that we needed to get information on, and it has not always been extremely clear exactly how a particular thing needs to be set up."
"The Layer 7 DDoS attacks need improvement, it could be better."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. AWS WAF is rated 8.0, while Fortinet FortiWeb is rated 8.0. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and Prisma Cloud by Palo Alto Networks, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, Azure Web Application Firewall, Imperva Web Application Firewall and Cloudflare Web Application Firewall. See our AWS WAF vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.