We performed a comparison between Fortinet FortiWeb and Imperva DDoS based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives."
"Provides good vulnerability scanning, IPS, and geolocalization."
"All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features."
"High-performance and detection engines, provide a high rate of exposure of web attacks."
"When it comes to blocking unknown threats and attacks, I would give it the highest score possible. We first started using AWS and its Web Application Firewalls. That was okay, but it was quite a manual process to keep it up to date, whereas Fortinet is always up to date, and the default rules or the modules that you can turn on are very easy to use."
"The GUI makes it easy to scale in terms of learning and utilization."
"FortiWeb is easy to operate with a reasonably high level of protection. FortiWeb provides multiple deployment options with a physical or virtual (FortiWeb-VM) appliance, and acts either as a reverse/transparent proxy or out-of-band. It is also available on AWS and Azure."
"The WAF profiles has been effective at mitigating web-based threats."
"We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping."
"There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well."
"Technical support provides good, quick responses."
"An improvement has been to our website: It increases the speed of our response, the capacity of the site, and optimizes the bandwidth."
"On the activity log, I can see the exact details, the visit, and the threat."
"Imperva DDoS is fairly stable, and its availability is quite high."
"The complete solution is valuable for everything it delivers and the protection it offers."
"Provides Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this."
"A better load balancer is needed when multiple servers are used for the same website."
"In my experience, Fortinet FortiWeb could improve the intelligent features to acknowledge whether any threat or incident that's running happened. Then give us the ability to escalate it to layer 2 or layer 3 in the network operations."
"Centralized management of multiple devices, and GUI improvement, could reduce the learning curve."
"They can introduce a scaled-down version for the SMB market. It would be very competitive in the environment."
"Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."
"We want to see more detailed logging, such as audit logging, as this would significantly enhance the solution's reporting. We currently get some information from logs, but more would be better."
"We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point."
"The solution could offer more integration opportunities."
"The rules surrounding the making of web applications could be improved."
"Some maintenance must be performed by our IT team."
"It would be better if we were able to manage and apply changes to multiple websites/web applications, and search WAF logs for multiple websites, via the Incapsula dashboard."
"The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information."
"It would be beneficial to include vulnerability management in the solution, similar to what they have for their on-premise solution."
"I miss being able to integrate the dashboard with other BI tools we are using. We have to export and import data to be able to present it, and doing so is a lot of work."
"The weakest point of Imperva is their first level of support, which should be improved. They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIM tool or a SIM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. I had a call yesterday with Imperva for the roadmap, and I just told them this. They agreed that this is an improvement point from their side."
"The cost could be lower; our end clients need to have a high budget to purchase this solution."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Imperva DDoS is ranked 16th in Web Application Firewall (WAF) with 74 reviews. Fortinet FortiWeb is rated 8.0, while Imperva DDoS is rated 8.8. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Imperva DDoS writes "I like the content monitoring feature which I haven't seen in other WAF solutions". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Imperva DDoS is most compared with Cloudflare, Akamai, Arbor DDoS, Radware DefensePro and Imperva SecureSphere Database Security. See our Fortinet FortiWeb vs. Imperva DDoS report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.