1. leader badge
    FortiGate is a stable product.It is a good product. We have just blocked everything coming from some geographical locations or certain countries, and it has been working very efficiently when I look at logs, events, and incidents generated from the system. It is generating very good analytic reports about it. This is the most valuable thing about this solution. It has load balancing and almost everything that a web application firewall needs. It is very flexible and easy to learn and configure. It can be easily learned and configured by using the information available on different channels such as YouTube.
  2. leader badge
    The most valuable features are the geo-restriction denials and the web ACL.The access instruction feature is the most valuable. This is what we use the most.
  3. Find out what your peers are saying about Fortinet, Amazon, Microsoft and others in Web Application Firewall (WAF). Updated: April 2021.
    475,208 professionals have used our research since 2012.
  4. leader badge
    Some of the key features of this solution are the low-level maintenance required, floating proxy service, and load balancing.The solution is easy to set up.
  5. leader badge
    The solution is very good at intercepting traffic before it gets to our data centers. Its unique interface for managing security performance and ease of use are the most valuable features of this solution.
  6. leader badge
    The valuable features vary from customers to customers. Some customers are okay with the basic features of the WAF, and some customers use advanced WAF with a few other features.
  7. The solution has been quite stable. It's reliable.We use Barracuda to protect the application. That's the main feature we use it for.
  8. report
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    475,208 professionals have used our research since 2012.
  9. This is one of the best web application firewalls in the world and it provides our customers with very good protection.Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it. The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product.
  10. Provides mobile app security. I very much like the elastic search and reports, allowing us to have a 360-degree view of the customer's activities and enabling us to track down any suspicious bots.

Advice From The Community

Read answers to top Web Application Firewall (WAF) questions. 475,208 professionals have gotten help from our community of experts.
Menachem D Pritzker
There are so many products in the market today. Who are we going to be talking about 3-5 years from now?
author avatarStuart Berman
Real User

I doubt we will see a new firewall vendor, but I believe we will see new architectures that leverage the advanced capabilities of NGFW delivery through ISPs, think of it is a clean pipe for Internet access. The ISPs will use firewalls (virtualized and segmented by customers) to do the filtering before it hits your networks, just like we see with spam filtering.

I also believe we will see more edge networking, 5G networking where the firewall function will be built into the network at the edge. We already are seeing early versions of the with things like Curiosity OS by Sprint working with Ericsson. I think they will easily add existing VM firewalls to their platform and not reinvent the wheel.

author avatarISRAEL DIAZ DOMINGUEZ
User

Those firewalls that allow extend the perimeter. Nowadays, there is a issue with the static perimeter and all is going to change in the next semesters. In my opinion, solutions like Netskope are offering this extended perimeter functionality and they could lead the market.

author avatarNehad Elkordi
Real User

Cisco Portfolio is focusing on total security inside and outside including cloud security,two factor authentication & SDWAN.


Forti Portfolio is focusing on total security too inside and outside including cloud security & two factor authentication.


both are working with Sandbox which is important for 0 day attack.


Therefore If R&D for both vendors will keep as they are today i think they'll be market leaders and away by far for the next 5 years 

author avatarLipaz Hessel
Real User

Well with the SD-WAN raising it is common to see cloud firewall implementations, like ZScaler.



but as data center firewall, I don’t see any new player comes out unless it will come with a new surprising feature as the market have so many good vendors.

author avatarLuisCastro
Real User

1- Pfsense


2- Kerio Control


3- Fortinet


4- Cisco solutions

author avatarVaisakh Tr (Prophaze)
Consultant

Prophaze WAF,  having a disruptive technology that eliminates false positive and false negatives. Visioned for the future as it's built on the Kubernetes platform. The key thing about the product is, it can do auto profiling and can learn typical user behaviour as part of its ML algorithm . 

author avatarBrianCook
Reseller

I can think of 2 Firewalls that should be doing much better then they are, Kerio Control and ZyXEL ZyWall. Both have been around for a long time but have never gained the market share I feel they should have and I often find people have never heard of them. 

Rony_Sklar
It seems that there is some overlap between these two types of solutions - how do Bot Managers and WAF differ? How can they work together to improve security?
author avatarMike Kajubi
User

What’s the Difference Between a WAF and Bot Blocking Solution?


The main difference between a WAF and a bot mitigation solution is that the focal point of a bot mitigation solution is to only target bots. A WAF is capable of targeting them as well but is more focused on protecting against a combined threat profile to prevent app exploitations and safeguard sensitive data.

So which is better? It depends. If a company’s security goal is to minimize the probability of account takeover, content scraping, or denial of service attacks, to name a few examples, a bot mitigation solution would be best. If the goal is to safeguard against internal app exploitations, such as SQL injections or session hijacking, a Web Application Firewall serves best. It all depends on the security objective a company has for their web application, and in many cases, both solutions are leveraged to build a stronger security perimeter.

author avatarOluwatosin Omojola
Real User

A Bot manager differs from a WAF in that it focuses on the management of Bots which comprises about 50% of web traffic today. A good bot manager should be able to differentiate between good and bad bots and perform relevant actions to prevent overwhelming a web application by bot activity ( even in advanced bot attacks ) WAF, on the other hand, manages a broader spectrum of threat activities which also includes bot detection. However, WAF is primarily designed to protect against the exploitation of web application vulnerabilities, like SQL injection, cross-site scripting, cross-site request forgery, and others. By this description, although WAF can do some level of bot filtering, it is not as deep and advanced as a dedicated bot manager. Both can definitely work together to enhance the security posture of an application. A bot manager can be positioned in front of a WAF to filter malicious bot traffic before reaching the WAF which protects the application from bad traffic processing.

author avatarSaurabhPal
Real User

I have prepared some details regarding Bot Manager and WAF.


1. Traditional WAF have LIMITATION Mitigstion of Dynamic IP and headless attack whereas Bot manager can complete protect against the same.


2. WAF can not stop RIsk of blocking geniun false positive users whereas  Bot Manager can resolve the same.


3.  Bot Manager can't protect from API vulnarebilities whereas WAF can protect the same.


4. Bot Manager can't protect from Layer 7 DoS attack whereas WAF can protect the same.


5. Compliance of HIPAA and ACI is very limited for Bot Manager whereas for WAF it fulfill it fulfill compliance.

author avatarRobert Falbo
User

Bot solutions offer much more targeted protection against Bit traffic vs a WAF that is more owasp, sql injection, cross site scripting, and detailed rules.  Account takeovers using Bots is a common attack protected by these solutions.  

See more Web Application Firewall (WAF) questions »
Find out what your peers are saying about Fortinet, Amazon, Microsoft and others in Web Application Firewall (WAF). Updated: April 2021.
475,208 professionals have used our research since 2012.