Compare AWS WAF vs. Fortinet FortiWeb
 | BrianFortington GRC Security Consultant at Ionize |
Find out what your peers are saying about AWS WAF vs. Fortinet FortiWeb and other solutions. Updated: January 2021.
464,655 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable feature is the security, making sure that files are protected, preventing unauthorized users from accessing the system."
"The most valuable feature is the way it blocks threats to external applications."
"It's simple, easy to use."
"It is a one-click WAF with no effort needed."
"It is Amazon. Everything is scalable. It is beyond what we need."
"The customized billing is the most valuable feature."
"The initial setup was very straightforward. Deployment took about ten minutes or less."
"The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match."
"When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up."
"All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features."
"What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options."
"The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability."
"It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet."
"FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives."
"The most valuable features are support and security."
"The GUI is user-friendly and it's easy to understand how to manage it."
Cons
"They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats."
"In a future release I would like to see automation. There's no interaction between the applications and that makes it tedious. We have to do the preparation all over again for each of our other applications."
"The user experience, the interface, is lacking. Sometimes it's hard to find certain areas that it has alerted on."
"We need more support as we go global."
"In a future release of this solution, I would like to see additional management features to make things simpler."
"They should work to define more threats, add more security, and make it more compliant with more security companies."
"The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively."
"For now, there is no feature to protect against attack of the bad bots"
"I would like to have an antivirus option."
"New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems."
"Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only."
"We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point."
"The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures."
"Fortinet FortiWeb is not scalable. You'll need more budget to change the hardware."
"I would like to see more improvements with respect to threat intelligence."
"Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."
"It's an annual subscription."
"There are no costs in addition to the standard licensing fees."
"There are different scale options available for WAF."
"AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
"It has a variable pricing scheme."
"We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
"The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size."
"The solution gives us the best price to performance ratio."
"The costs are standard. We pay around $1,600 yearly."
"All our Fortinet pricing is bundled together for different products, like FortiGate, FortiAnalyzer, and FortiWeb. FortiWeb, by itself, is probably around $2,500 to $3,500."
"FortiWeb is more expensive than some competing products."
"Due to the situation in Iran with the sanctions, the price of this solution is very expensive."
"It's an expensive solution, although there are no additional costs."
"It is fine now. We had to earlier negotiate the price."
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
464,655 professionals have used our research since 2012.
Top Answer: The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats.
Top Answer: Sometimes it's a bit difficult to check the rules because when you apply a rule, sometimes it's too much and we need to rewrite the rules and make compromises on the rules because it will block too… more »
Top Answer: Our primary use case is to protect our internal web solution. We use it to have an internal application for our customers. We are an SME worldwide company, so we have some internal website solutions… more »
Top Answer: The GUI is user-friendly.
Top Answer: FortiWeb is more expensive than some competing products.
Top Answer: The integration with other products should be improved. This product does not come with bare metal protection, so we need more network features. We don't want to be as dependent on a separate… more »
Views
10,376
Comparisons
8,587
Reviews
14
Average Words per Review
519
Rating
7.6
Views
13,791
Comparisons
11,194
Reviews
18
Average Words per Review
457
Rating
8.1
Compared 22% of the time.
Compared 10% of the time.
Compared 10% of the time.
Compared 9% of the time.
Compared 6% of the time.
Compared 18% of the time.
Compared 17% of the time.
Compared 10% of the time.
Compared 8% of the time.
Compared 5% of the time.
AWS Web Application Firewall
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.
FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
Learn more about AWS WAF
Learn more about Fortinet FortiWeb
eVitamins, 9Splay, Senao International
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
Computer Software Company26%
Comms Service Provider18%
Media Company16%
Financial Services Firm7%
Financial Services Firm29%
Comms Service Provider19%
Government14%
Computer Software Company14%
Comms Service Provider30%
Computer Software Company28%
Government6%
Media Company4%
Small Business20%
Midsize Enterprise33%
Large Enterprise47%
Small Business40%
Midsize Enterprise24%
Large Enterprise36%
Find out what your peers are saying about AWS WAF vs. Fortinet FortiWeb and other solutions. Updated: January 2021.
464,655 professionals have used our research since 2012.
AWS WAF is ranked 2nd in Web Application Firewall (WAF) with 14 reviews while Fortinet FortiWeb is ranked 1st in Web Application Firewall (WAF) with 23 reviews. AWS WAF is rated 7.6, while Fortinet FortiWeb is rated 8.2. The top reviewer of AWS WAF writes "Use this product to make it possible to deploy web applications securely". On the other hand, the top reviewer of Fortinet FortiWeb writes "Good pricing, and provides for faster and more secure application deployment". AWS WAF is most compared with Microsoft Azure Application Gateway, F5 BIG-IP, Akamai Kona Site Defender, Imperva Web Application Firewall and Imperva Incapsula, whereas Fortinet FortiWeb is most compared with Fortinet FortiADC, F5 BIG-IP, Fortinet FortiOS, Microsoft Azure Application Gateway and Cloudflare. See our AWS WAF vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.