Compare AWS WAF vs. Fortinet FortiWeb
AWS WAF is ranked 8th in Web Application Firewall (WAF) with 7 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 13 reviews. AWS WAF is rated 7.8, while Fortinet FortiWeb is rated 8.2. The top reviewer of AWS WAF writes "Makes sure files are protected, but the solution should be more proactive in detecting threats". On the other hand, the top reviewer of Fortinet FortiWeb writes "Good pricing, and provides for faster and more secure application deployment". AWS WAF is most compared with Akamai Kona, Imperva Incapsula and F5 BIG-IP, whereas Fortinet FortiWeb is most compared with F5 BIG-IP, FortiADC and Cloudflare. See our AWS WAF vs. Fortinet FortiWeb report.
Most Helpful Review | |||
| |||
 Find out what your peers are saying about AWS WAF vs. Fortinet FortiWeb and other solutions. Updated: November 2019. 378,124 professionals have used our research since 2012. | |||
Quotes From Members
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pros | |
The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match. The initial setup was very straightforward. Deployment took about ten minutes or less. The customized billing is the most valuable feature. It is a one-click WAF with no effort needed. It is Amazon. Everything is scalable. It is beyond what we need. It's simple, easy to use. The most valuable feature is the way it blocks threats to external applications. The most valuable feature is the security, making sure that files are protected, preventing unauthorized users from accessing the system. | FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives. It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet. The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability. What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options. All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features. When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up. Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.). The most valuable feature is the web application firewall (WAF). |
Cons | |
The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively. They should work to define more threats, add more security, and make it more compliant with more security companies. In a future release of this solution, I would like to see additional management features to make things simpler. We need more support as we go global. The user experience, the interface, is lacking. Sometimes it's hard to find certain areas that it has alerted on. In a future release I would like to see automation. There's no interaction between the applications and that makes it tedious. We have to do the preparation all over again for each of our other applications. They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats. | Fortinet FortiWeb is not scalable. You'll need more budget to change the hardware. The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures. We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point. Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only. New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems. I would like to have an antivirus option. FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection. Their support needs improvement. |
Pricing and Cost Advice | |
There are different scale options available for WAF. There are no costs in addition to the standard licensing fees. It's an annual subscription. | The solution gives us the best price to performance ratio. The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size. The pricing is reasonable. It really pays off to buy licences for multiple years. Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes. Cheaper than others. FortiWeb can be purchased in VM mode for a lower price and the same features. |
 Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs. 378,124 professionals have used our research since 2012. | |
Ranking  | |
Views 2,739 Comparisons 2,161 Reviews 7 Average Words per Review 377 Avg. Rating 7.9 | Views 8,700 Comparisons 6,798 Reviews 10 Average Words per Review 349 Avg. Rating 8.1 |
Top Comparisons | |
 Compared 18% of the time.  Compared 16% of the time.  Compared 12% of the time. | Compared 26% of the time.  Compared 21% of the time.  Compared 6% of the time. |
Also Known As | |
| AWS Web Application Firewall | |
Learn | |
| Amazon Video Not Available | Fortinet |
Overview | |
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules. | FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats. |
Offer | |
Learn more about AWS WAF | Learn more about Fortinet FortiWeb |
Sample Customers | |
| eVitamins, 9Splay, Senao International | Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG |
Top Industries | |
Software R&D Company36% Comms Service Provider16% Media Company15% Retailer11% | Financial Services Firm30% Comms Service Provider20% Mining And Metals Company10% Local Government10% Software R&D Company33% Comms Service Provider21% Media Company8% Government6% |
Find out what your peers are saying about AWS WAF vs. Fortinet FortiWeb and other solutions. Updated: November 2019.
378,124 professionals have used our research since 2012.
See also AWS WAF Reviews, Fortinet FortiWeb Reviews, and our list of Best Web Application Firewall (WAF) Companies.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post
reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference
with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign in to see all reviews and comparisons. It's free!
By clicking Sign in with LinkedIn™ you agree to let IT Central Station use your LinkedIn profile
and email address in accordance with our Privacy Policy and agree to the Terms of Service.
- Unlimited access to 30000+ reviews from real users
- Your own page to promote your professional skills
- Join a community of experts to call upon for support
Already a member? Sign in.
By registering, you agree to our Terms of Service and Privacy Policy.
- Unlimited access to 30000+ reviews from real users
- Your own page to promote your professional skills
- Join a community of experts to call upon for support
Already a member? Sign In.