Compare Fortinet FortiWeb vs. Imperva SecureSphere Web Application Firewall

Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 13 reviews while Imperva SecureSphere Web Application Firewall is ranked 5th in Web Application Firewall (WAF) with 9 reviews. Fortinet FortiWeb is rated 8.2, while Imperva SecureSphere Web Application Firewall is rated 9.0. The top reviewer of Fortinet FortiWeb writes "Good pricing, and provides for faster and more secure application deployment". On the other hand, the top reviewer of Imperva SecureSphere Web Application Firewall writes "Gives me peace of mind, blocks everything we need it to block". Fortinet FortiWeb is most compared with F5 BIG-IP, FortiADC and Cloudflare, whereas Imperva SecureSphere Web Application Firewall is most compared with F5 BIG-IP, Imperva Incapsula and Fortinet FortiWeb. See our Fortinet FortiWeb vs. Imperva SecureSphere Web Application Firewall report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Fortinet FortiWeb vs. Imperva SecureSphere Web Application Firewall and other solutions. Updated: September 2019.
371,639 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives.It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet.The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability.What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options.All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features.When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up.Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.).The most valuable feature is the web application firewall (WAF).

Read more »

Compared to other web application firewalls in the market, Imperva does things in the most accurate way.The dynamic profiling of websites is the solution's most valuable feature. The security is also good.Data masking is the most valuable feature of this solution.The solution is very scalable. It is one of the most important features. You can also expand resources and features as well.There are some features that are configured by default, so even without doing much, it can still provide a level of protection.It mitigates all of the availabilities of risks around web applications.The compliance is the most valuable aspect.It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF.

Read more »

Cons
Fortinet FortiWeb is not scalable. You'll need more budget to change the hardware.The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures.We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point.Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only.New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems.I would like to have an antivirus option.FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection.​Their support needs improvement.

Read more »

I think that better bot protection is needed in this solution.It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself.Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved.The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you.It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default.Their portal is very limited and needs improvement.It's a complicated tool to keep.There could be some limitations that from the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go. Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering.

Read more »

Pricing and Cost Advice
The solution gives us the best price to performance ratio.The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size.​The pricing is reasonable.​It really pays off to buy licences for multiple years​.Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes.Cheaper than others.FortiWeb can be purchased in VM mode for a lower price and the same features.

Read more »

The cost of this solution depends on the platform.Everybody complains about the price of this solution.Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately.

Read more »

report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
371,639 professionals have used our research since 2012.
Ranking
Views
8,462
Comparisons
6,597
Reviews
10
Average Words per Review
349
Avg. Rating
8.1
Views
4,492
Comparisons
3,670
Reviews
7
Average Words per Review
532
Avg. Rating
9.0
Top Comparisons
Compared 26% of the time.
Compared 21% of the time.
Compared 6% of the time.
Learn
Fortinet
Imperva
Overview

FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.

Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks.

Protect your applications in the cloud and on-premises with the same set of security policies and management capabilities. Safely migrate apps while maintaining full protection.

Deploy Imperva WAF on-premises, in AWS and Azure, or as a cloud service itself. Easily meet the specific security and service level requirements of individual applications.

Imperva WAF protects against the most critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers continually monitor the threat landscape and update Imperva WAF with the latest threat data.

Offer
Learn more about Fortinet FortiWeb
Learn more about Imperva SecureSphere Web Application Firewall
Sample Customers
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AGBlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Top Industries
REVIEWERS
Financial Services Firm30%
Comms Service Provider20%
Mining And Metals Company10%
Local Government10%
VISITORS READING REVIEWS
Software R&D Company37%
Comms Service Provider16%
Media Company9%
Financial Services Firm8%
VISITORS READING REVIEWS
Software R&D Company30%
Media Company13%
Outsourcing Company9%
Comms Service Provider9%
Find out what your peers are saying about Fortinet FortiWeb vs. Imperva SecureSphere Web Application Firewall and other solutions. Updated: September 2019.
371,639 professionals have used our research since 2012.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email