Integration with existing infrastructure has improved efficiency and centralized management
What is our primary use case?
The main use case for Fortinet FortiWeb is handling huge amounts of data from the customer side when they lack proper data structure. Customers request a solution that can manage large volumes of data and classify it, which is the primary reason they select Web Application Firewalls.
Additionally, they seek to protect and separate applications within their network between production and non-production environments, as well as define bandwidth allocation for approved applications and restrict forbidden ones.
What is most valuable?
Fortinet does not have the best Web Application Firewall in the world, but they do have interoperable systems. From the customer side, especially if they are already buying FortiGates, firewalls, mail, proxy, and other solutions, it becomes much easier for them to purchase Fortinet FortiWeb. This is because there is one technical support team and a single point of contact from the vendor side when they need technical expertise.
The main benefits provided to users who already have other Fortinet solutions include better economics and easier maintenance due to unified technical support and a convenient single point of contact. Updates are much easier because Fortinet has one operating system for all their products. If the customer buys a manager as the central console of the whole system, they can operate all systems from one console and deploy all updates, renewals, or other changes.
What needs improvement?
Fortinet can improve their technical support, especially the response time. There appears to be an issue with their SLA. When a customer opens a ticket, it is picked up within one or two hours. However, after the customer submits a specific question and requests troubleshooting help from Fortinet support, it takes at least three to five days to provide a proper answer. The response time from the support team is an area that requires improvement.
For how long have I used the solution?
We are a distributor and I continue to work with Fortinet solutions as a reseller distributor.
What do I think about the stability of the solution?
I have not received any complaints or reports of issues from our partners or our technical team regarding stability. Perhaps three or four years ago there was an incident at a customer site in Serbia, but that was not related to Fortinet. The issue was related to network segmentation because they could not reach all logs from their network. The problem was not from Fortinet but from the Cisco ASA, not the switch.
What do I think about the scalability of the solution?
For scalability on a scale from one to ten, Fortinet FortiWeb is very scalable and it is easy to improve the bandwidth and the system. You can add additional boxes that combine together to achieve a bigger throughput for investigation and research.
How was the initial setup?
I have not received any complaints from the partner side regarding troubles or issues with implementation. The implementation of Fortinet FortiWeb and WAF into the Fortinet ecosystem proceeded very smoothly.
What about the implementation team?
That is a question for the technical part of my team and is not within my area of responsibility.
What other advice do I have?
We primarily sell Fortinet's flagship model, which is FortiGate, their next-generation firewall. After that, we sell switches, wireless devices, and solutions such as mail, web protection, and EDR. These are the most sold products in Serbia from Fortinet's portfolio.
We have recently closed a deal in Serbia with Fortinet FortiWeb.
The documentation is excellent, particularly the implementation manual. The pricing is very competitive compared to most vendors producing similar solutions. When comparing Fortinet FortiWeb to F5 BIG-IP, which is their matching solution, Fortinet FortiWeb uses smaller boxes while meeting the same technical specifications. This automatically makes Fortinet FortiWeb cheaper than F5. F5 is considered the most sold vendor in this area for Web Application Firewalls globally, and Fortinet FortiWeb offers better pricing in comparison. I would rate this product a ten out of ten.
Efficient threat prevention and reporting with strong ROI
What is our primary use case?
We are studying ClearPass as a solution. I was requesting a comparison between Aruba ClearPass and FortiWeb Forti.
How has it helped my organization?
FortiWeb has been a helpful investment in our network.
What is most valuable?
The reporting and token system is good. The AI machine learning was qualified to block and report any suspicious activity.
What needs improvement?
I see no room for improvement at the moment.
For how long have I used the solution?
I have been familiar with FortiWeb for about three years now.
How are customer service and support?
The technical support is very helpful. I rate their technical support a nine out of ten.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I only worked with similar solutions as a POC.
How was the initial setup?
The initial setup was easy.
What was our ROI?
FortiWeb has been a good investment, helping our network and providing a return on investment.
What's my experience with pricing, setup cost, and licensing?
The pricing of Fortinet FortiWeb is affordable and competitive.
What other advice do I have?
I recommend FortiWeb to others. I wish there were more integration with Azure systems.
I'd rate the solution ten out of ten.
AWS WAF - API Gateway
What do you like best about the product?
This feature makes it very easy for developers like me. With this feature, I can create new projects quickly and easily!
What do you dislike about the product?
So far I'm using this feature well for problems I can still fix and I still like it
What problems is the product solving and how is that benefiting you?
So far I'm using this feature well for issues I can still fix and I still like it
Definitely recommend
What do you like best about the product?
Fortinet Managed Rules for AWS WAF are a game-changer when it comes to securing your AWS API Gateway. In a nutshell, this solution provides robust protection against a wide array of threats while offering ease of implementation and customization options.
One of the standout features is the ease of implementation. Even for those with limited prior experience in WAF management, setting up Fortinet's Managed Rules is a breeze. Well-documented guides and responsive support make the process straightforward.
The core strength of Fortinet Managed Rules lies in its comprehensive protection. It offers a broad set of rules that cover numerous threats, from SQL injection to cross-site scripting. This breadth enhances security by safeguarding against both known and emerging threats.
What do you dislike about the product?
Complexity for Beginners: While Fortinet provides documentation and support, users who are new to web application firewall (WAF) management might find the initial setup and rule configuration process somewhat complex. It may require a learning curve, especially for those unfamiliar with AWS WAF concepts.
Cost Considerations: The cost of implementing Fortinet Managed Rules can be a concern for smaller organizations or startups. Depending on the level of protection and customization needed, the pricing might not fit every budget.
What problems is the product solving and how is that benefiting you?
Fortinet Managed Rules for AWS WAF in API Gateway tackle various security challenges and deliver substantial benefits to organizations. They provide protection against web application attacks, including common threats like SQL injection and cross-site scripting. This proactive defense prevents data breaches and unauthorized access to APIs. Real-time threat detection and mitigation capabilities are pivotal. Quick identification and response to potential threats minimize attack impact and maintain data integrity.
AWS WAF managed services rules
What do you like best about the product?
It gives the desired security features and is customized to ones needs
What do you dislike about the product?
there is sp much to explore that sometimes one is done with personal options where much more is still to explore
What problems is the product solving and how is that benefiting you?
Its saving a lot of my time in terms of managing the security while you work with peace of mind for the projects deliveries
A low-maintenance software with machine learning features aiding small-enterprise users
What is our primary use case?
In most cases, the customer uses WAF to protect web applications.
What is most valuable?
The machine learning on FortiWeb WAF is valuable. It is useful for new customers because it provides new signatures, and machine learning, which can help provide new information to customers about their websites.
What needs improvement?
WAF needs more signatures on FortiWeb and updates the database continuously to protect against new attacks. I hope the next release includes integration with the vulnerability scanner, a great feature of FortiWeb. If customers have vulnerability scanners, they can export the scan's result and post it to FortiWeb to patch completely.
For how long have I used the solution?
I have been working with FortiWeb WAF for four years. We are working with the latest version.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
The solution is not scalable. If you are running medium-sized hardware, you must upgrade and purchase new hardware. Fortinet has an issue with scalability at this point.
How are customer service and support?
I have received fantastic support.
How was the initial setup?
The initial setup and config are a piece of cake. The steps followed during deployment depend on the customer since not all customers have the same deployment phases. We guide deployment depending on the customer's needs. Most of the time I have deployed FortiWeb, it took one month. We needed to boot up vulnerability and configure security controls on each website. After that, the administrator on the customer's side will continue working with FortiWeb.
Maintenance is easy because WAF has a powerful view of logs.
What's my experience with pricing, setup cost, and licensing?
Fortinet has a single license, and it's easy to deploy the license and doesn't take time to retrieve it. WAF is just plug-and-play, unlike other vendors. WAF wins this point. FortiWeb WAF is priced well for customers compared to other vendors' solutions.
Which other solutions did I evaluate?
I also work with F5 Networks. The comparison is a little bit complicated. Depending on the customer's needs, we do not recommend deploying F5 in a small environment. F5 needs a lot of administrators and an IT department. On the other hand, Fortinet will be better in this situation. We need a few people to support WAF. Otherwise, both vendors are perfect.
What other advice do I have?
If you plan to deploy FortiWeb, you must have the right device to achieve high availability. I rate FortiWeb WAF a ten out of ten.
Awesome Network visibility
What do you like best about the product?
Comprehensive Protection and Simplified Deployment and Management
What do you dislike about the product?
Not enough capabilities to detect things such as bots and anomolys.
What problems is the product solving and how is that benefiting you?
being able to be deployed locally is huge in terms of configuration and scalability. It protects for many intrusion attempts, web filtering and stops malware.
The Great AWS WAF
What do you like best about the product?
Fortinet Managed AWS WAF provides very brilliant rulesets that can be applied to the AWS Environments. The ruleset can be applied to protect the web application from different threat vectors and attacks.
What do you dislike about the product?
The facilities provided were very limited when compared to the fortiweb appliance. The AWS-WAF does not provide machine learning algorithms and Facilities to detect the threats, anomalies occurring on the web application Environment.
What problems is the product solving and how is that benefiting you?
Using the Fortinet Managed Rules for AWS WAF, I was protecting the Web applications from the OWASP attacks, implementing the rulesets that are required to reduce the exposure of the application to the threat and vulnerability. The benefits realized after AWS WAF implementation was
1. very less threat
2. Reduced attacks
3. protection from web-based malware sites.
