We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable features are support and security."
"The GUI is user-friendly and it's easy to understand how to manage it."
"I have recently been looking at the SSL certificate features and the learning mode of the appliance. This appliance learns from the pattern of SSL attacks."
"The GUI is user-friendly."
"This product is very user-friendly."
"It is easy to install and to maintain."
"It's stable and works efficiently against OWASP Top 10 attacks."
"It is a stable product."
"The simplicity of the solution and its ability to integrate easily with others are its most valuable aspects."
"This is a SaaS product, so it is always up to date."
"Good customization; able to report and take action on alerts."
"The solution was very easy to configure. It wasn't hard at all to adjust it to our needs."
"Load balancing and web application firewall features are the most valuable."
"WAF feature replicates the firewall."
"The pricing is quite good."
"The solution is easy to set up."
"I would like to see more improvements with respect to threat intelligence."
"Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."
"We would like the interface to be easier to use and more user-friendly. The interface needs to be enhanced."
"The integration with other products should be improved."
"FortiWeb needs to have support for the newest technology being used in web applications."
"In terms of performance, it needs to be more robust."
"The Layer 7 DDoS attacks need improvement, it could be better."
"Fortinet WAF came out recently, and there is not much feedback about customer experience. For each project, customers ask about the scenarios and references of the customers who have implemented this solution, which we don't have. They need to simplify the customer experience and provide more information so that we can propose Fortinet Fortiweb as a WAF solution to customers and convince them. They need to improve their service and training. We need good training to implement and use it properly and know more about it. We still don't know much about Fortinet WAF. We didn't get any proper training sessions. Other vendors like Cisco, Palo Alto, Check Point, and Barracuda provide such sessions. Whenever we receive a request from a customer for this solution, we just give the price. We don't propose this solution because we don't know much about it. We propose whatever we are familiar with and what is supported."
"The pricing of the solution could be improved. Right now, it's a bit expensive."
"For the first-time user, it is difficult to understand so the user-interface needs to be improved."
"Needs easier integration with the existing SIAM."
"The security of the product could be adjusted."
"It does not have the flexibility for using public IPs in version 2."
"Scalability can be an issue."
"The monitoring on the solution could be better."
"The configuration is very specific right now and needs to be much more flexible."
"The costs are standard. We pay around $1,600 yearly."
"All our Fortinet pricing is bundled together for different products, like FortiGate, FortiAnalyzer, and FortiWeb. FortiWeb, by itself, is probably around $2,500 to $3,500."
"FortiWeb is more expensive than some competing products."
"Due to the situation in Iran with the sanctions, the price of this solution is very expensive."
"It's an expensive solution, although there are no additional costs."
"It is fine now. We had to earlier negotiate the price."
"It is an expensive suite and it is an expensive solution, but it is a manageable one for an enterprise."
"Its subscription prices are cheaper, and it is not very expensive. From a price perspective, Fortinet is a very well-known security vendor. Subscriptions are very simple. They have a couple of licenses on an appliance, and that's it. The cost is not that big. One license is 40K, which they give with all the products. Another one includes the subscriptions for threat prevention, IPS, sandboxing, etc, which is more than enough."
"It is not expensive."
"Every solution comes with a license and cost. Microsoft provides the license and the total cost is for the maintenance every year."
"Between v1 and v2, there is a lot of change in the pricing. It is very costly compared to AWS."
FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 - TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.
Fortinet FortiWeb is ranked 1st in Web Application Firewall (WAF) with 23 reviews while Microsoft Azure Application Gateway is ranked 2nd in Web Application Firewall (WAF) with 11 reviews. Fortinet FortiWeb is rated 8.0, while Microsoft Azure Application Gateway is rated 7.0. The top reviewer of Fortinet FortiWeb writes "Reasonably priced and offers a good graphical user interface but need better integration capabilities". On the other hand, the top reviewer of Microsoft Azure Application Gateway writes "Needs better security and functionality, and requires more intelligence to make it competitive". Fortinet FortiWeb is most compared with Fortinet FortiADC, Fortinet FortiOS, F5 Advanced WAF, F5 BIG-IP Local Traffic Manager (LTM) and AWS WAF, whereas Microsoft Azure Application Gateway is most compared with Azure Front Door, F5 BIG-IP Local Traffic Manager (LTM), AWS WAF, Cloudflare and NGINX Plus. See our Fortinet FortiWeb vs. Microsoft Azure Application Gateway report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.