Please share with the community what you think needs improvement with Fortinet FortiWeb.
What are its weaknesses? What would you like to see changed in a future version?
The integration with other products should be improved. This product does not come with bare metal protection, so we need more network features. We don't want to be as dependent on a separate next-generation firewall. The pricing could be made more competitive.
We would like the interface to be easier to use and more user-friendly. The interface needs to be enhanced. We had trouble understanding it at first, but we got used to using it after six months. Then, it was simple to use.
Describing security rules should be improved. It's tricky to define new feature tools when you want to describe an attack pattern and want to block it.
More templates should be made available for reporting. I would like to see more improvements with respect to threat intelligence.
What I would like to see improved in Fortinet FortiWeb will probably be included in the next release. The legal feature needs better step-by-step use of the form. We use the FortiGate guidebook for step-by-step instructions. But the FortiWeb guidebook is only is a demonstration kit which is not enough for a new installation.
The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures. If you want a good security solution, you have to get in kicking high for things that are getting blocked and you have to whitelist some signatures to make things work. It's a time-consuming thing to do. It would be nice to whitelist private IP ranges and see which signatures are hit and whitelist them automatically - which I think is possible to do. It would also be nice to have some extra security in the solution. I just upgraded to 6.0 and there were some security additions, but it would be nice to have some more and be able to configure them in the right way. Specifically, an updated security policy would be nice.
We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point. But, from what I understand, we haven't looked at the market to see how this can be done yet.
First of all, upgrade path should be introduced for scaling up or down VM deployment. Second, they need to include better wizards for publishing common applications like MS Exchange. .
I would like to have an antivirus option.
New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems. I don't have anything to say about what to do to improve this product. It's a great solution for us.
FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection.