We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable features are the client VPN and content filtering."
"You don't need help from Barracuda to help with the deployment. The deployment is easy."
"The stability of the solution is good. I don't think we've experienced bugs, crashes, or glitches."
"The solution offers multiple security features. There are machine learning features and great URL encryption. It also offers multi-protocol support against DDoS attacks."
"Its recommendation about the probabilities on the website is great. It also has free probability managers for the website, which is really helpful. The protection engine, signature-based protection behavior, and analysis features are also great. It also has an ATP module for sandbox scanning and behavior analysis for file uploads."
"The initial setup is pretty straightforward, especially if you enlist assistance."
"We use Barracuda to protect the application. That's the main feature we use it for."
"The solution has been quite stable. It's reliable."
"The most valuable features are support and security."
"The GUI is user-friendly and it's easy to understand how to manage it."
"I have recently been looking at the SSL certificate features and the learning mode of the appliance. This appliance learns from the pattern of SSL attacks."
"The GUI is user-friendly."
"This product is very user-friendly."
"It is easy to install and to maintain."
"It's stable and works efficiently against OWASP Top 10 attacks."
"It is a stable product."
"The incident reporting needs to be improved."
"They could improve their performance, support, and their upgrades. Their updates used to be good. Their improvements were right on the money but nowadays, the updates are minor."
"The reporting aspect of the solution needs improvement. I don't find that it's very good. They could do some work on it to make it much better. It's not that the reporting isn't secure. It's just that I would prefer to store my reports for an extended period of time. Right now, that's not possible and I'd prefer it if that could change. I also would say that the reports themselves are expensive."
"The documentation is lacking. It's not like what you'd get if you were using Juniper or Cisco. They need to expand on it and make it more useful."
"Its interface can be better. It is not very friendly."
"We've had some blocks of the application and some false positives."
"Sometimes when we put it in action, we have some blogs that appear as false positives. I think that it's improving. Barracuda should minimize false positives."
"The solution needs to leverage some additional features to a broader scale of software-defined networks."
"I would like to see more improvements with respect to threat intelligence."
"Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."
"We would like the interface to be easier to use and more user-friendly. The interface needs to be enhanced."
"The integration with other products should be improved."
"FortiWeb needs to have support for the newest technology being used in web applications."
"In terms of performance, it needs to be more robust."
"The Layer 7 DDoS attacks need improvement, it could be better."
"Fortinet WAF came out recently, and there is not much feedback about customer experience. For each project, customers ask about the scenarios and references of the customers who have implemented this solution, which we don't have. They need to simplify the customer experience and provide more information so that we can propose Fortinet Fortiweb as a WAF solution to customers and convince them. They need to improve their service and training. We need good training to implement and use it properly and know more about it. We still don't know much about Fortinet WAF. We didn't get any proper training sessions. Other vendors like Cisco, Palo Alto, Check Point, and Barracuda provide such sessions. Whenever we receive a request from a customer for this solution, we just give the price. We don't propose this solution because we don't know much about it. We propose whatever we are familiar with and what is supported."
"The price of this solution is okay."
"The price of the solution is a little expensive. There is a license for this solution and it can be purchased every one, two, or five years."
"While I would have to check on the price of the solution, I feel it to be okay and it matches the market price."
"The price is reasonable, more so than other products."
"The costs are standard. We pay around $1,600 yearly."
"All our Fortinet pricing is bundled together for different products, like FortiGate, FortiAnalyzer, and FortiWeb. FortiWeb, by itself, is probably around $2,500 to $3,500."
"FortiWeb is more expensive than some competing products."
"Due to the situation in Iran with the sanctions, the price of this solution is very expensive."
"It's an expensive solution, although there are no additional costs."
"It is fine now. We had to earlier negotiate the price."
"It is an expensive suite and it is an expensive solution, but it is a manageable one for an enterprise."
"Its subscription prices are cheaper, and it is not very expensive. From a price perspective, Fortinet is a very well-known security vendor. Subscriptions are very simple. They have a couple of licenses on an appliance, and that's it. The cost is not that big. One license is 40K, which they give with all the products. Another one includes the subscriptions for threat prevention, IPS, sandboxing, etc, which is more than enough."
Barracuda Web Application Firewall is the ideal solution for organizations looking to protect web applications from data breaches and defacement. With the Barracuda Web Application Firewall, administrators do not need to wait for clean code or even know how an application works to secure their applications. Organizations can ensure robust security with a Barracuda Web Application Firewall hardware or virtual appliance, deployed either on-premises or in the cloud.
FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
Barracuda Web Application Firewall is ranked 7th in Web Application Firewall (WAF) with 12 reviews while Fortinet FortiWeb is ranked 1st in Web Application Firewall (WAF) with 23 reviews. Barracuda Web Application Firewall is rated 7.8, while Fortinet FortiWeb is rated 8.0. The top reviewer of Barracuda Web Application Firewall writes "Reliable and stable with a straightforward setup". On the other hand, the top reviewer of Fortinet FortiWeb writes "Reasonably priced and offers a good graphical user interface but need better integration capabilities". Barracuda Web Application Firewall is most compared with Microsoft Azure Application Gateway, F5 BIG-IP Local Traffic Manager (LTM), HAProxy, AWS WAF and Imperva Incapsula, whereas Fortinet FortiWeb is most compared with Fortinet FortiADC, Fortinet FortiOS, F5 Advanced WAF, F5 BIG-IP Local Traffic Manager (LTM) and Imperva Incapsula. See our Barracuda Web Application Firewall vs. Fortinet FortiWeb report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.