Fortinet FortiWeb vs Imperva Web Application Firewall comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Fortinet FortiWeb and Imperva Web Application Firewall based on real PeerSpot user reviews.

Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Fortinet FortiWeb vs. Imperva Web Application Firewall Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It can scale well.""Provides good vulnerability scanning, IPS, and geolocalization.""Both the internal firewall management and the cloud can be managed by a single console.""The most valuable feature of this solution is Fail-Open.""The most valuable features in Fortinet FortiWeb are sandboxing and threat prevention.""We were able to protect our web servers from outside attacks.""It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet.""If I need something from tech support, I can get it answered within the hour."

More Fortinet FortiWeb Pros →

"It has fewer false positives""Learning mode and custom policies are helpful features.""It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF.""Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance.""The configurability of the tools and the ease of operation to be the most valuable feature of Imperva.""I have had a positive experience with Imperva Web Application Firewall's tech support so far. They are knowledgeable and respond on time.""The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand.""The solution can scale."

More Imperva Web Application Firewall Pros →

Cons
"Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration.""New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems.""I know that we have run into some issues with an SSL certificate and how it functions. Sometimes this breaks connectivity or just limits certain websites that are whitelisted.""Fortinet WAF came out recently, and there is not much feedback about customer experience. For each project, customers ask about the scenarios and references of the customers who have implemented this solution, which we don't have. They need to simplify the customer experience and provide more information so that we can propose Fortinet Fortiweb as a WAF solution to customers and convince them. They need to improve their service and training. We need good training to implement and use it properly and know more about it. We still don't know much about Fortinet WAF. We didn't get any proper training sessions. Other vendors like Cisco, Palo Alto, Check Point, and Barracuda provide such sessions. Whenever we receive a request from a customer for this solution, we just give the price. We don't propose this solution because we don't know much about it. We propose whatever we are familiar with and what is supported.""The Layer 7 DDoS attacks need improvement, it could be better.""It would also be helpful if they could introduce easier reporting. It's good to have those reports that go to C-level management, and Fortinet does provide some graphs, but if they went into some more detail, that would be great.""FortiGate could be improved on the security end because we've had some incidents with the customer. Otherwise, there is no problem.""They can introduce a scaled-down version for the SMB market. It would be very competitive in the environment."

More Fortinet FortiWeb Cons →

"It should be more user-friendly. Like other web solutions, it would be helpful to be able to easily do policy configuration and identification inside the application. Understanding the in-depth configuration of a policy is somewhat difficult for an engineer, and they can improve that.""The user interface could be better.""It is complicated to integrate the solution's on-cloud version with other platforms.""It's a complicated tool to keep.""The tool needs to improve CPU and storage memory.""The UI interface needs improvement.""I would like the solution to improve its support response time.""In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy."

More Imperva Web Application Firewall Cons →

Pricing and Cost Advice
  • "Cheaper than others."
  • "FortiWeb can be purchased in VM mode for a lower price and the same features."
  • "Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes."
  • "​It really pays off to buy licences for multiple years​."
  • "​The pricing is reasonable."
  • "The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size."
  • "The solution gives us the best price to performance ratio."
  • "The costs are standard. We pay around $1,600 yearly."
  • More Fortinet FortiWeb Pricing and Cost Advice →

  • "Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately."
  • "Everybody complains about the price of this solution."
  • "The cost of this solution depends on the platform."
  • "The price of this solution is a little bit high compared to competitors."
  • "There are some licenses that you have to buy to use some features. Its price could be better. Price is always important because, at the end of the day, customers have a budget. If you can meet the budget, you can sell, and if you don't, you cannot sell."
  • "There is a license for this solution and we purchase the license annually with no additional fees."
  • "There are a couple of different licensing models."
  • "The price of Imperva Web Application Firewalls is expensive compared to others."
  • More Imperva Web Application Firewall Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The product has a very user-friendly dashboard.
    Top Answer:The product is expensive. I rate the pricing a ten out of ten.
    Top Answer:The software's support services could be better compared to Sophos.
    Top Answer:For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you have to look for other ADC's like F5, Imperva, Radware, Fortinet, etc. 
    Top Answer:You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot of DDoS attacks that were well managed (even not seen by the customer) by Imperva… more »
    Ranking
    Views
    9,816
    Comparisons
    7,110
    Reviews
    21
    Average Words per Review
    637
    Rating
    7.8
    Views
    8,565
    Comparisons
    6,865
    Reviews
    15
    Average Words per Review
    313
    Rating
    8.5
    Comparisons
    Learn More
    Overview

    Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

    Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

    Fortinet FortiWeb Features and Benefits

    APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

    • Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.

    • Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.

    • Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.

    • Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.

    • ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.

    • False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

    Reviews from Real Users

    Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

    Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

    A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

    Imperva Web Application Firewall is a versatile solution that protects web applications and databases from various attacks, including DDoS, cross-site scripting, and SQL injection attacks. It offers data security, availability, and access control and can be deployed on-premises or on the cloud. 

    The solution has good security against web attacks and offers advanced bot protection, API security, and mitigation features. Imperva WAF is easy to configure and deploy; it has good customer service and an excellent user interface.

    Sample Customers
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
    Top Industries
    REVIEWERS
    Financial Services Firm26%
    Comms Service Provider21%
    Computer Software Company18%
    Government8%
    VISITORS READING REVIEWS
    Educational Organization37%
    Computer Software Company12%
    Comms Service Provider6%
    Financial Services Firm6%
    REVIEWERS
    Computer Software Company26%
    Financial Services Firm21%
    Insurance Company11%
    Comms Service Provider11%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company14%
    Insurance Company7%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business51%
    Midsize Enterprise23%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise46%
    Large Enterprise35%
    REVIEWERS
    Small Business53%
    Midsize Enterprise16%
    Large Enterprise31%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise15%
    Large Enterprise65%
    Buyer's Guide
    Fortinet FortiWeb vs. Imperva Web Application Firewall
    March 2024
    Find out what your peers are saying about Fortinet FortiWeb vs. Imperva Web Application Firewall and other solutions. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 82 reviews while Imperva Web Application Firewall is ranked 6th in Web Application Firewall (WAF) with 44 reviews. Fortinet FortiWeb is rated 8.0, while Imperva Web Application Firewall is rated 8.6. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Offers simulation for studying infrastructure and hybrid infrastructure protection". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Cloudflare Web Application Firewall, whereas Imperva Web Application Firewall is most compared with AWS WAF, F5 Advanced WAF, Microsoft Azure Application Gateway, Azure Front Door and Akamai App and API Protector. See our Fortinet FortiWeb vs. Imperva Web Application Firewall report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.