Compare Fortinet FortiWeb vs. Rapid7 Metasploit

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Fortinet, Amazon, Imperva and others in Web Application Firewall (WAF). Updated: November 2020.
448,542 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up.""All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features.""What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options.""The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability.""It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet.""FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives.""The most valuable features are support and security.""The GUI is user-friendly and it's easy to understand how to manage it."

More Fortinet FortiWeb Pros »

"It's not possible to do penetration testing without being very proficient in Metasploit.""The option to generate phishing emails has proven to be very valuable in understanding the behavior of users.""It contains almost all the available exploits and payloads.""The most valuable feature for us is the support for testing Linux-based web server components.""The reporting on the solution is good.""All of the features are great."

More Rapid7 Metasploit Pros »

Cons
"I would like to have an antivirus option.""New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems.""Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only.""We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point.""The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures.""Fortinet FortiWeb is not scalable. You'll need more budget to change the hardware.""I would like to see more improvements with respect to threat intelligence.""Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it."

More Fortinet FortiWeb Cons »

"The initial setup was a bit "tweaky" for the open-source version.""Metasploit cannot be installed on a machine with an antivirus.""It is necessary to add some training materials and a tutorial for beginners.""Better automation capabilities would be an improvement.""The solution should improve the responsiveness of its live technical support.""At the time I was using it, the graphical user interface needed some improvements."

More Rapid7 Metasploit Cons »

Pricing and Cost Advice
"The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size.""The solution gives us the best price to performance ratio.""The costs are standard. We pay around $1,600 yearly.""All our Fortinet pricing is bundled together for different products, like FortiGate, FortiAnalyzer, and FortiWeb. FortiWeb, by itself, is probably around $2,500 to $3,500.""FortiWeb is more expensive than some competing products.""Due to the situation in Iran with the sanctions, the price of this solution is very expensive.""It's an expensive solution, although there are no additional costs.""It is fine now. We had to earlier negotiate the price."

More Fortinet FortiWeb Pricing and Cost Advice »

"I use the open-source version of this product. Pricing is not relevant.""It is expensive. Our license expired, and our company is not thinking to renew because of our budget.""The great advantage with Rapid7 Metasploit, of course, is that it's free."

More Rapid7 Metasploit Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
448,542 professionals have used our research since 2012.
Questions from the Community
Top Answer: FortiWeb is more expensive than some competing products.
Top Answer: The integration with other products should be improved. This product does not come with bare metal protection, so we need more network features. We don't want to be as dependent on a separate… more »
Ask a question

Earn 20 points

Ranking
Views
12,870
Comparisons
10,474
Reviews
17
Average Words per Review
452
Avg. Rating
8.0
7th
Views
6,150
Comparisons
3,713
Reviews
5
Average Words per Review
468
Avg. Rating
7.4
Popular Comparisons
Compared 19% of the time.
Compared 6% of the time.
Compared 51% of the time.
Compared 12% of the time.
Compared 7% of the time.
Compared 2% of the time.
Also Known As
Metasploit
Learn
Fortinet
Rapid7
Overview

FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.

Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.

Offer
Learn more about Fortinet FortiWeb
Learn more about Rapid7 Metasploit
Sample Customers
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AGCity of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon University
Top Industries
REVIEWERS
Financial Services Firm30%
Comms Service Provider20%
Computer Software Company15%
Government10%
VISITORS READING REVIEWS
Computer Software Company30%
Comms Service Provider27%
Media Company6%
Government5%
VISITORS READING REVIEWS
Comms Service Provider32%
Computer Software Company26%
K 12 Educational Company Or School4%
Media Company4%
Company Size
REVIEWERS
Small Business40%
Midsize Enterprise23%
Large Enterprise37%
REVIEWERS
Small Business14%
Midsize Enterprise43%
Large Enterprise43%
Find out what your peers are saying about Fortinet, Amazon, Imperva and others in Web Application Firewall (WAF). Updated: November 2020.
448,542 professionals have used our research since 2012.

Fortinet FortiWeb is ranked 1st in Web Application Firewall (WAF) with 21 reviews while Rapid7 Metasploit is ranked 7th in Vulnerability Management with 5 reviews. Fortinet FortiWeb is rated 8.0, while Rapid7 Metasploit is rated 7.4. The top reviewer of Fortinet FortiWeb writes "Good pricing, and provides for faster and more secure application deployment". On the other hand, the top reviewer of Rapid7 Metasploit writes "Straightforward to set up, and helpful for moving from development to production". Fortinet FortiWeb is most compared with Fortinet FortiADC, F5 BIG-IP, Microsoft Azure Application Gateway, Fortinet FortiOS and AWS WAF, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Wireshark, Rapid7 InsightVM, Qualys VM and Vectra AI.

See our list of .

We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.