We performed a comparison between Barracuda WAF-as-a-Service and Fortinet FortiWeb based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product's bot protection feature is valuable for our company."
"The solution can be used for threat prevention or as a cloud-to-cloud backup system"
"I like its ability to identify known attacks, including DDOS attacks. It's valuable because software must be able to stop known attacks. Application attacks are evolving all the time. When it comes to software-as-a-service, we need to have software that knows about all the latest attacks. It should also protect against major unknown attacks."
"The most valuable features of the solution are it is plug and play, has automated policies, a simple configuration, and is easy to create rules."
"It provides an ease of policy management."
"The most valuable features are support and security."
"All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features."
"FortiWeb is easy to operate with a reasonably high level of protection. FortiWeb provides multiple deployment options with a physical or virtual (FortiWeb-VM) appliance, and acts either as a reverse/transparent proxy or out-of-band. It is also available on AWS and Azure."
"Some of the threat detection analytics and the filtering capabilities they give us for filtering a certain type of information that we don't want coming into the site are its valuable features. The analytics are pretty good in terms of being able to see what threats have been detected and mitigated, where they're coming from, and things like that."
"Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."
"It is a good product. We have just blocked everything coming from some geographical locations or certain countries, and it has been working very efficiently when I look at logs, events, and incidents generated from the system. It is generating very good analytic reports about it. This is the most valuable thing about this solution. It has load balancing and almost everything that a web application firewall needs. It is very flexible and easy to learn and configure. It can be easily learned and configured by using the information available on different channels such as YouTube."
"The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability."
"The deployment was very easy."
"It's a very specific solution that is only requested for a customer's web code or their global IT policy."
"The solution can improve by bundling Security Operation Center (SOC) with the WAF-as-a-Service, it would provide a lot more value to customers."
"We found it a bit slow when accessing it through the web browser. The URL also exposed the user name and the hashed password. When I log into my Barracuda WAF user portal, I could see the username and the hashed password on the URL itself. So, it is not very secure, and it is important to take that off."
"The stability of the product is an area of concern where improvements are required."
"One significant area for improvement in Barracuda WAF-as-a-Service lies in its market positioning and pricing strategy."
"The product's scalability could be better."
"The interface could have the interdependent elements arranged sequentially and wizards that go through most common deployment actions."
"FortiWeb needs to have support for the newest technology being used in web applications."
"When we look at the incident reports in the dashboard, they are available for a maximum duration of 24 hours. They should provide more time for the analysis and increase the duration of the availability of these reports. Currently, it gives the options for 5 minutes, 1 hour, and 24 hours. It would be excellent if there are more options for a longer time period. It may be configurable, but I don't know how to do it."
"I know that we have run into some issues with an SSL certificate and how it functions. Sometimes this breaks connectivity or just limits certain websites that are whitelisted."
"The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures."
"We want to see more detailed logging, such as audit logging, as this would significantly enhance the solution's reporting. We currently get some information from logs, but more would be better."
"The documentation for the machine learning could be better."
Barracuda WAF-as-a-Service is ranked 30th in Web Application Firewall (WAF) with 5 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. Barracuda WAF-as-a-Service is rated 7.2, while Fortinet FortiWeb is rated 8.0. The top reviewer of Barracuda WAF-as-a-Service writes "Easy to install platform with valuable policy management features ". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". Barracuda WAF-as-a-Service is most compared with Cloudflare Web Application Firewall, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall. See our Barracuda WAF-as-a-Service vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.