Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The URL filtering is very good and you can create a group for customized URLs.
The most valuable feature is the ability to automatically learn the traffic in our environment, and change the merit recommendations based on that.
In general, the features are all great. However, if I need to take hardware for ASA, because they need to upgrade to Firepower, we want to create rules. For that, most of the time we go to the command line. Right now Firepower is working really hard on the grid. You can apply all those rules to the grid. Even if you want to monitor the logs, for example, the activity will tell you which particular user has been blocked because of that rule. Firepower's monitoring interface is very good, because you can see each and every piece. ASA also had it, but there you needed to type the command and be under the server to see all that stuff. In Firepower you have the possibility to go directly to the firewall. The way the monitoring is displayed is also very nice. The feature I appreciate most in Firepower is actually the grid. The grid has worked very well.
I like most of Cisco's features, like malware detection and URL filtering.
The most valuable feature of this solution is the filtering.
The solution can be integrated with some network electors like Cisco Stealthwatch, Cisco ISE, and Active Directory to provide the client with authentication certificates.
The whole solution is very good, and stable.
Cisco technical support is unbeatable. It offers a premium service every time.
FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives.
It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet.
The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability.
What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options.
All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features.
When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up.
Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.).
The most valuable feature is the web application firewall (WAF).
There are problems setting up VPNs for some regions.
We are unhappy with technical support for this solution, and it is not as professional as what we typically expect from Cisco.
To be frank, the product is not really stable, although they're working on that. Whenever I go to the technical community with an issue, they will usually say that it is not there yet, but the technical team are working on it. The issues are not insolvable. I think they should just keep working on the product to make sure that the product can become very stable. The technical support is great. I appreciate that. We have a lot of communities supporting Firepower now, so you can find help for whatever issue you have.
I don't think this solution is a time-based control system, because one cannot filter traffic based on time.
If the price is brought down then everybody will be happy.
With the next release, I would like to see some PBR, so that you can do the configuration with the features.
The customization of the rules can be simplified.
The pricing needs to be improved. We have lots of low-budget clients around us. Budget constraints are always a deterrent in our market.
Fortinet FortiWeb is not scalable. You'll need more budget to change the hardware.
The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures.
We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point.
Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only.
New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems.
I would like to have an antivirus option.
FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection.
Their support needs improvement.
Pricing and Cost Advice
I don't know the exact amount, but most of the time when I go to a company with a proposition, they will say, "This thing that you are selling is good, but it's expensive. Why don't you propose something like FortiGate, Check Point, or Palo Alto?" Cisco device are expensive compared to other devices.
Licensing for this solution is paid on a yearly basis.
We have a three-year license for this solution.
The solution gives us the best price to performance ratio.
The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size.
The pricing is reasonable.
It really pays off to buy licences for multiple years.
Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes.
Cheaper than others.
FortiWeb can be purchased in VM mode for a lower price and the same features.
out of 45 in Intrusion Detection and Prevention Software
Average Words per Review
out of 39 in Web Application Firewall (WAF)
Average Words per Review
Compared 16% of the time.
Compared 15% of the time.
Compared 14% of the time.
Compared 25% of the time.
Compared 23% of the time.
Compared 5% of the time.
Also Known As
Snort is an open-source, rule-based, intrusion detection and prevention system. It combines the benefits of signature-, protocol-, and anomaly-based inspection methods to deliver flexible protection from malware attacks. Snort gained notoriety for being able to accurately detect threats at high speeds.
FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
Learn more about Cisco Sourcefire SNORT
Learn more about Fortinet FortiWeb
|CareCore, City of Biel, Dimension Data, LightEdge, Lone Star College System, National Rugby League, Port Aventura, Smart City Networks, Telecom Italia, The Department of Education in Western Australia||Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG|
No Data Available
Financial Services Firm30%
Comms Service Provider20%
Mining And Metals Company10%
Software R&D Company32%
Comms Service Provider22%
See also Cisco Sourcefire SNORT Reviews, Fortinet FortiWeb Reviews, and our list of Best Intrusion Detection and Prevention Software Companies.