I am familiar with Fortinet FortiWeb, and I'm working with the product. I have been using Fortinet FortiWeb in my organization for the last three years. We are using Fortinet FortiWeb as a security solution because a few applications are running on our website through which external users are hitting our application. We have installed this product for outside users, not inside users, especially for outside users from the organization.
Fortinet FortiWeb Web Application Firewall WAF (PAYG)
Fortinet Inc.External reviews
62 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Security threats have been reduced through seamless deployment and strong integration with other tools
What is our primary use case?
What is most valuable?
Reporting in Fortinet FortiWeb is very good. Fortinet FortiWeb has positively impacted my organization because most of our servers and applications are secure from hackers and other security threats. We have a lot of security challenges, but with the installation of Fortinet FortiWeb, we have reduced many security threats with its help.
What needs improvement?
The reason it took one week to ten days is that fine-tuning is a challenge, as we have many applications behind the product. Fine-tuning took this time; otherwise, installation is one to two days of work only. Fine-tuning is a room for improvement in Fortinet FortiWeb.
For how long have I used the solution?
I have been using Fortinet FortiWeb in my organization for the last three years.
How are customer service and support?
I would rate the technical support of Fortinet as fine; they provide very nice technical support and are responsive.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We do not have options to replace it with another solution because we have installed it and we are using it. We have trained manpower, and it is not easy to replace.
How was the initial setup?
The deployment of Fortinet FortiWeb was actually easy and our team is managing it quite easily. The deployment of Fortinet FortiWeb in my case took one week to two weeks.
What about the implementation team?
I have a dedicated team to manage the product. For this purpose, we have only one engineer in our technical team.
What's my experience with pricing, setup cost, and licensing?
With pricing, I think Fortinet FortiWeb is a reasonable price compared to other products like Barracuda, as it is cheaper than Barracuda or maybe competitive. Most security products charge less at the time of purchase because of competition, but when we go to renewals, the prices become very high.
What other advice do I have?
I have used Fortinet FortiWeb's integration features. We have easily integrated all of the applications with the product. Most of the applications we are using are in-house built.
My technical team is looking after the best features. I have not used it extensively for maybe two and a half years. I have been involved in the installation, but I am not actually using the product. I work with it from time to time but not extensively.
I would assess Fortinet FortiWeb's adaptive machine learning and artificial intelligence as having new patches installed regarding artificial intelligence, but when we bought it, I think the learning feature was there. Now they have installed artificial intelligence features through patches.
We have a complete portfolio of Fortinet in our organization, including FortiMail, Fortinet FortiWeb, and FortiGate, along with multi-factor authentication. All of the products are from Fortinet. Fortinet tools integrate with each other and work in conjunction.
I think Fortinet FortiWeb has helped us meet regulatory compliance because we are not a regulatory organization, but our sister organization is regulatory. We have regulatory compliance with the International Civil Aviation Authority, whose audit teams have checked our data center and these security products, and they are satisfied with us. The question about leveraging Fortinet FortiWeb's automated policy management does not pertain to my domain because I am not so technical, but I am in a management role now. My engineer is more technical than me.
I would rate this product an eight point five out of ten.
Smart, Reliable Security with Impressive AI—Minor Slowdowns Under Heavy Load
What do you like best about the product?
What I appreciate most about FortiAppSec Cloud is its intelligent and automated approach to web application security, which makes the entire process much simpler. The AI driven threat detection is particularly impressive, as it can identify and block attacks in real time. This not only reduces the need for manual intervention but also ensures robust and consistent protection. Overall, I find it reliable, efficient, and straightforward to manage offering everything necessary for securing modern applications.
What do you dislike about the product?
What I dislike about FortiAppSec Cloud is that it can occasionally cause application performance to slow down, especially when managing high volumes of traffic or dealing with intricate security rules.
What problems is the product solving and how is that benefiting you?
This solution safeguards web applications from threats such as SQL injection and bots by using AI driven automation. It helps save time while ensuring that applications remain secure.
Powerful Automated Security, but Setup and Reporting Could Improve
What do you like best about the product?
FortiAppSec Cloud provides impressive automated protection by leveraging advanced AI to ensure strong web application security. It is highly effective at detecting and mitigating threats autonomously, which reduces the need for constant manual intervention. The deployment process is straightforward, and the platform integrates smoothly with existing cloud environments, making security management both simple and efficient.
What do you dislike about the product?
The initial configuration can be somewhat complex, particularly for those setting it up for the first time. This is especially true when it comes to fine-tuning custom security policies, which may require additional effort. Additionally, although the dashboards provide useful information, the reporting features lack flexibility. More customizable options would be helpful for users who need detailed analytics or have specific compliance requirements.
What problems is the product solving and how is that benefiting you?
FortiAppSec Cloud has been effective in safeguarding our web applications against threats such as SQL injection and bots. By doing so, it lessens the need for manual security tasks and enhances the overall reliability of our applications.
Robust AI Security and Easy Management, with Room for Smoother Setup
What do you like best about the product?
FortiAppSec Cloud stands out for its AI-driven threat detection and easy deployment. It delivers strong, adaptive protection against web attacks without needing constant tuning, ensuring security and performance while simplifying management through an intuitive, centralized dashboard.
What do you dislike about the product?
FortiAppSec Cloud can sometimes feel complex during initial configuration, especially for advanced policies. Its reporting options could be more detailed, and occasional latency during policy updates slightly affects real-time monitoring efficiency for large-scale deployments.
What problems is the product solving and how is that benefiting you?
FortiAppSec Cloud protects web applications from threats like SQL injection, cross-site scripting, and DDoS attacks. It automates security management, reduces manual intervention, and ensures compliance—helping maintain uptime, improve data protection, and boost user confidence with consistent, real-time threat mitigation.
Powerful Automated Protection, but Setup and Customization Need Improvement
What do you like best about the product?
What I appreciate most about FortiAppSec Cloud is its robust, automated protection for web applications. Deployment is straightforward, and the solution scales seamlessly to meet growing needs. Its AI-powered threat detection actively blocks attacks as they happen. Additionally, the user-friendly dashboard and comprehensive analytics make managing security both simple and effective.
What do you dislike about the product?
What I find challenging about FortiAppSec Cloud is that, despite its robust capabilities, the initial setup and configuration process can be quite complicated for those who are new to the platform. Making the most of some of its advanced features also demands a certain level of technical expertise. Furthermore, the user interface is not as intuitive as I would like, and the options for customizing reports are somewhat restricted when compared to other solutions.
What problems is the product solving and how is that benefiting you?
FortiAppSec Cloud safeguards my web applications against cyberattacks and data breaches, helping to minimize the risk of downtime and security incidents. Its automated threat detection and mitigation features save both time and resources, while also maintaining strong compliance and reliable performance for all my applications.
Absolutely Love This Cloud Sec!
What do you like best about the product?
1. Extremely Simple and Fast Deployment
2.Ease of Integration
3.Ease of Use
4.Cost-effective
2.Ease of Integration
3.Ease of Use
4.Cost-effective
What do you dislike about the product?
1. Less Flexibility than Competitors like F5, Imperva
2.Feature Depth Compared to Specialized WAFs
3.Potential for Performance Latency
2.Feature Depth Compared to Specialized WAFs
3.Potential for Performance Latency
What problems is the product solving and how is that benefiting you?
FortiAppSec addresses two critical challenges in my web application: the expanding, invisible API attack surface and the complexity of traditional WAF management. It solves the visibility issue by automatically discovering and cataloging all API endpoints through analysis of live traffic, providing complete command over all exposed assets. Furthermore, it simplifies operations by deploying as a cloud service in minutes via a simple DNS change, which significantly reduces operational overhead and allows teams to focus on strategy rather than continuous, complex WAF tuning.
Excellent Content Acceleration and Caching, No Complaints
What do you like best about the product?
caching, content routing, accelerating content delivery via globally distributed servers.
What do you dislike about the product?
Nothing to say. Very useful and good working features.
What problems is the product solving and how is that benefiting you?
Evolving threats & zero-day / sophisticated attacks.
Comprehensive Security Application
What do you like best about the product?
It's comprehensive security and highly user friendly.
What do you dislike about the product?
The documentation and configuration could have been much simple and user friendly
What problems is the product solving and how is that benefiting you?
It is solving the operational complexity and it provides simplified security
Review for FortiAppSec Cloud
What do you like best about the product?
This product is straightforward to use and implement. I appreciate its fully managed, cloud-based WAF approach, along with the real-time protection it offers and the responsive customer support. I rely on its machine learning and behavior-based detection features for daily monitoring, and I also value how seamlessly it integrates with other Fortinet products.
What do you dislike about the product?
Limited advanced configurations and custom rule tuning.
What problems is the product solving and how is that benefiting you?
This tool makes both load balancing and security management much simpler.
Excellent Protection, Complex Interface
What do you like best about the product?
I like that FortiAppSec Cloud provides AI-driven, fully managed WAF protection with minimal tuning required, excellent integration with Fortinet Security Fabric, and strong coverage for web apps and APIs against evolving threats.
What do you dislike about the product?
The interface could be more intuitive, and deeper customization or reporting options would improve flexibility. Integration with non-Fortinet tools also requires extra configuration.
What problems is the product solving and how is that benefiting you?
FortiAppSec Cloud protects our web apps and APIs from OWASP Top 10 threats and bot attacks while reducing manual management. It improves visibility, automates protection, and strengthens our overall security posture.
showing 1 - 10