We performed a comparison between Barracuda Web Application Firewall and Fortinet FortiWeb based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use Barracuda to protect the application. That's the main feature we use it for."
"Barracuda Web Application Firewall provides optimized performance, a user-friendly environment, helpful dashboards, and is simple to use."
"This product gives us visibility into what is going on in two servers, including connections and sessions, real-time alerts, very good reporting, and KPIs. It makes managing security of a critical server very easy, with a friendly GUI."
"Parameter Protection is a valuable feature."
"Has a good dashboard."
"The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."
"The stability of the product is good. Stability-wise, I rate the solution a ten out of ten."
"The most valuable feature of this solution is the simplicity of configuration."
"The most valuable features in Fortinet FortiWeb are sandboxing and threat prevention."
"The GUI is user-friendly and it's easy to understand how to manage it."
"The policies and the filtering are the most valuable features, especially traffic, URL, and application filtering. The solution is excellent at detecting vulnerabilities."
"The most important feature of this solution is protection from attack."
"It is easy to install and to maintain."
"Fortinet FortiWeb is priced well."
"Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.)."
"The ease of configuration is valuable. We have Azure WAF, we have OCI WAF, and we also have Cloud Armor for GCP, but their configuration isn't very easy. It's pretty simple in FortiWeb, and we can enable or configure whatever we want."
"The documentation is lacking. It's not like what you'd get if you were using Juniper or Cisco. They need to expand on it and make it more useful."
"They should improve their features, so they easily compare to the competition."
"We encountered a few glitches while implementing API security features into the product."
"An area for improvement in Barracuda Web Application Firewall is attack identification. Other banks identified attacks and tracked logs that the solution wasn't able to identify because of its ready-made rules pre-deployed by the vendor. My organization raised this issue with the technical support team. Another area to improve in Barracuda Web Application Firewall is its service desk. The team resorted to stonewalling because they couldn't accept that a feature was missing in the solution, and it was only after a lot of drilling down that the service desk team accepted that, and would be adding that feature in the future. My organization had to submit a report to the Reserve Bank of India with information on the logs identified and the attacks that happened, and that there was a failure on the part of the Barracuda Web Application Firewall. The Reserve Bank of India conducts a tri-monthly cyber risk audit in all Indian banks. Even smaller banks identified and caught attacks that my organization wasn't able to do, so I was looking into other solutions that competitor banks could be using because Barracuda Web Application Firewall failed to identify some of the attacks."
"The GUI needs to be improved because it sometimes hangs and needs to be restarted."
"We get false positives about phishing emails."
"Barracuda Web Application Firewall’s scalability needs improvement."
"There are issues when upgrading firewalls and we experience different issues across customers."
"FortiWeb needs to have support for the newest technology being used in web applications."
"Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration."
"New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems."
"We want to see more detailed logging, such as audit logging, as this would significantly enhance the solution's reporting. We currently get some information from logs, but more would be better."
"Integration and learning about attacks. I would improve these areas by making FortiWeb integrate with other network technologies and feedback from multiple platforms."
"The upgrade process could be a bit smoother."
"Sometimes, even if you follow the documentation, it doesn't work as expected."
"The documentation for the machine learning could be better."
More Barracuda Web Application Firewall Pricing and Cost Advice →
Barracuda Web Application Firewall is ranked 14th in Web Application Firewall (WAF) with 38 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. Barracuda Web Application Firewall is rated 8.2, while Fortinet FortiWeb is rated 8.0. The top reviewer of Barracuda Web Application Firewall writes "Provides strong issue discovery capabilities; enhance the security parameters of web applications and suitable for medium to large enterprises". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". Barracuda Web Application Firewall is most compared with F5 Advanced WAF, Microsoft Azure Application Gateway, HAProxy, Kemp LoadMaster and Radware Alteon, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Microsoft Azure Application Gateway. See our Barracuda Web Application Firewall vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.