Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
This solution can protect Layer 3, Layer 4 and Layer 7 attacks of applications for us.
Among its key features: Detects and mitigates DDoS attacks at L3 to L7; negligible to zero false-positives; Generates and sends reports without the need for an expensive third-party solution.
Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.).
The most valuable feature is the web application firewall (WAF).
Fortinet FortiWeb has improved my organization by protecting our customer's web infrastructure environment.
We were able to protect our web servers from outside attacks.
Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself.
SSL Offloading simplifies the public certificate handling and brings additional protection features.
L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code.
Auto Learn feature: Makes policy additions or deletions for my customers very simple
I find that there have been issues in the past year with the solution hanging. It freezes often.
All the thresholds that need to be configured should be included in the default so that user will not forget or misconfigure.
FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection.
Their support needs improvement.
The false positives are annoying.
I had some small problems when I was upgrading firmware. After the upgrade, some of my certificates were deleted.
Centralized management of multiple devices, and GUI improvement, could reduce the learning curve.
The interface could have the interdependent elements arranged sequentially and wizards that go through most common deployment actions.
Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration.
HA Architecture needs improvement. I would improve it by working on AP HA.
Pricing and Cost Advice
Information Not Available
The pricing is reasonable.
It really pays off to buy licences for multiple years.
Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes.
Cheaper than others.
FortiWeb can be purchased in VM mode for a lower price and the same features.
out of 45 in Web Application Security
out of 45 in Web Application Security
Compared 55% of the time.
Compared 16% of the time.
Compared 8% of the time.
Compared 27% of the time.
Compared 17% of the time.
Compared 11% of the time.
Also Known As
Distributed Denial of Service (DDoS) attacks are ever-evolving and use a variety of technologies. To successfully combat these attacks, you need a dynamic, multi-layered security solution. FortiDDoS protects from both known and zero day attacks with very low latency. It’s easy to deploy and manage, and includes comprehensive reporting and analysis tools.
FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
Learn more about FortiDDoS
Learn more about Fortinet FortiWeb
|Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data||Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG|