I am familiar with Fortinet FortiWeb, and I'm working with the product. I have been using Fortinet FortiWeb in my organization for the last three years. We are using Fortinet FortiWeb as a security solution because a few applications are running on our website through which external users are hitting our application. We have installed this product for outside users, not inside users, especially for outside users from the organization.

Reporting in Fortinet FortiWeb is very good. Fortinet FortiWeb has positively impacted my organization because most of our servers and applications are secure from hackers and other security threats. We have a lot of security challenges, but with the installation of Fortinet FortiWeb, we have reduced many security threats with its help.

The reason it took one week to ten days is that fine-tuning is a challenge, as we have many applications behind the product. Fine-tuning took this time; otherwise, installation is one to two days of work only. Fine-tuning is a room for improvement in Fortinet FortiWeb.

I have been using Fortinet FortiWeb in my organization for the last three years.

I would rate the technical support of Fortinet as fine; they provide very nice technical support and are responsive.

We do not have options to replace it with another solution because we have installed it and we are using it. We have trained manpower, and it is not easy to replace.

The deployment of Fortinet FortiWeb was actually easy and our team is managing it quite easily. The deployment of Fortinet FortiWeb in my case took one week to two weeks.

I have a dedicated team to manage the product. For this purpose, we have only one engineer in our technical team.

With pricing, I think Fortinet FortiWeb is a reasonable price compared to other products like Barracuda, as it is cheaper than Barracuda or maybe competitive. Most security products charge less at the time of purchase because of competition, but when we go to renewals, the prices become very high.

I have used Fortinet FortiWeb's integration features. We have easily integrated all of the applications with the product. Most of the applications we are using are in-house built.

My technical team is looking after the best features. I have not used it extensively for maybe two and a half years. I have been involved in the installation, but I am not actually using the product. I work with it from time to time but not extensively.

I would assess Fortinet FortiWeb's adaptive machine learning and artificial intelligence as having new patches installed regarding artificial intelligence, but when we bought it, I think the learning feature was there. Now they have installed artificial intelligence features through patches.

We have a complete portfolio of Fortinet in our organization, including FortiMail, Fortinet FortiWeb, and FortiGate, along with multi-factor authentication. All of the products are from Fortinet. Fortinet tools integrate with each other and work in conjunction.

I think Fortinet FortiWeb has helped us meet regulatory compliance because we are not a regulatory organization, but our sister organization is regulatory. We have regulatory compliance with the International Civil Aviation Authority, whose audit teams have checked our data center and these security products, and they are satisfied with us. The question about leveraging Fortinet FortiWeb's automated policy management does not pertain to my domain because I am not so technical, but I am in a management role now. My engineer is more technical than me.

I would rate this product an eight point five out of ten.

The FortiWeb Web Application Firewall (WAF) is used when customers want to publish their sites and protect their internal public websites. Some customers ask to protect their AWS or Azure network, and during that time, we also suggest the web solution. In the network, we can use next-generation firewalls upstream or in flows wherever required, making it mandatory with the parameter-level layer security.

We focus on websites with FortiWeb Web Application Firewall (WAF). Features such as anomaly input validation, XML protection, and API protection are already present, but we also need configuration settings that indicate the advantages or disadvantages of enabled features. If the GUI includes notifications and improved logging capabilities that allow us to see traffic and store logs for six months, that would be very helpful.

The features of FortiWeb Web Application Firewall (WAF) that have proven most effective in protecting web applications include web filtering, DDoS protection, geo-location blocking, and blocking SQL injection attacks.

The AI machine learning capabilities included in FortiWeb Web Application Firewall (WAF) analyze patterns effectively. For example, if any user tries to input any text format in a web form mistakenly using SQL queries, the web solution detects the input, checking whether it's impacting or analyzing queries in the database. Everything is analyzed to ensure protection.

Their AI technology is good. Overall, Fortinet is only good.

The improvement needed is in their response time. In the past three to four years, whenever we called for support, they responded quickly, often within five to ten minutes, and addressed our issues immediately. Now it takes longer, and they talk about SLA and 48-hour response times. Even with critical issues, they say, 'Okay, that ticket is assigned; we need to wait for their update in four hours or two hours,' which is taking too long now.

If there are issues, we need to contact the development team since we don't have configurations we can do ourselves; most features or configurations are managed by the development team. The graphical user interface looks difficult to understand, as other products allow us to see all features in one place.

The AI in FortiWeb Web Application Firewall (WAF) is just a checkmark option. To use machine learning features, we only need to enable or disable it. However, we must check how useful it is in real-time environments to determine how it protects or identifies threats.

There are features like web filtering, DDoS protection, geo-location blocking, SQL injection blocking, anomaly input validation, XML protection, and API protection already present, however, we also need configuration settings that indicate the advantages or disadvantages of enabled features. If the GUI includes notifications and improved logging capabilities that allow us to see traffic and store logs for six months, that would be very helpful. Currently, we cannot see any logs for allow traffic or monitor daily traffic effectively, which requires external syslog servers or cloud subscriptions. If inbuilt larger logging capability is added, it would enhance usability, and features like clickable options to unblock or create exceptions would greatly assist customers in managing their websites.

I have been working with them for Five years.

The technical support by Fortinet is good. The back-end development team is available, and if any issue arises, they will help us immediately by providing solutions when contacted.

The pricing for FortiWeb Web Application Firewall (WAF) is reasonable. That said, it depends on how many websites we need to protect. The licensing is based on the number of websites or individually. If the customer has multiple websites, the price reduces automatically since it depends on the number only. If the customer wants to buy initially, there is a default license available.

When going for multiple websites, the price also reduces.

I am providing next-generation firewalls or FortiWeb Web Application Firewalls (WAF).

Both web application firewalls and next-generation firewalls are available, which we are doing daily.

I usually recommend the FortiWeb Web Application Firewall (WAF) for various types of companies, including retail, hospitals, manufacturing, construction, and banking.

It is the best option on the market.

I rate FortiWeb Web Application Firewall (WAF) eight out of ten.

I mentioned that the firewalls, such as the one from Fortinet, help protect my infrastructure from outside attacks. They perform a lot of network scanning and do not allow any unauthorized person to access my details and data. That's their application. A similar action is performed by the web application firewall, where web applications are restricted to certain users. This means that not anyone with malicious intent can access my web application content.

The good thing about Fortinet is that their enablement is very good in terms of training me and enabling resources on their technology.

Secondly, if I look at their pricing, Fortinet's pricing is way more competitive than Cisco or Palo Alto. They have almost 45% share in the firewall market, as per IDC. Fortinet is a large-sized company where their channel program is very robust and very flexible. They also understand the different personas of the channel stakeholders. In that way, they are rapidly growing in the channel ecosystem space and have started getting a lot of business. They are replacing many big traditional players in that space.

There are some issues pertaining to the migration. If some of my customers want to migrate from F5 to Fortinet Firewall, or the Fortinet WAF solution, there are some migration issues since I cannot migrate all the elements quickly using Fortinet Firewall. There is some integration work required to do that.

I have been working with Fortinet for almost one year and eight or nine months.

Their support is truly exceptional when I compare it with similar large-sized companies. In that category, they are top-notch at this point in time.

I was with SquadCast earlier.

F5 is a leader. They have some technical supremacy. F5 is more in demand, however, other players like Radware are also available in the market.

I would rate the solution eight out of ten at least.

FortiWeb is used for protecting against malicious activities, such as SQL injections, for outward-facing web forms.

The most valuable features of FortiWeb include its dashboard and out-of-the-box integrations with other Fortinet products, which enhance its effectiveness. FortiWeb's position as part of the Fortinet platform makes it particularly beneficial for Fortinet customers, offering seamless integration and operational cost savings.

There is room for improvement in the portability on multi-cloud environments. Enhanced DDoS integration to make FortiWeb more unified with other Fortinet products could be beneficial.

I have personally been working with FortiWeb for approximately two years.

I would rate the stability of FortiWeb as nine out of ten, indicating highly stable performance.

I would rate the scalability of the product a seven out of ten. While it is multicloud-enabled, there is more automation in other products that may better suit complex environments.

I would rate the customer service and support as nine out of ten.

Our team, consisting of three certified Fortinet engineers, handles the deployment, although globally, Exclusive Networks has a large team of certified engineers.

Operational costs decrease when using FortiWeb within the Fortinet stack due to integrated assessments and security event management.

I would rate the licensing cost as seven out of ten, considering it good value for money. The price is affordable and reasonable for the features offered.

We also work with other vendors such as F5, Proofpoint, and Palo Alto, however, Fortinet stands out for its holistic vision of cybersecurity.

Overall, I would rate FortiWeb an eight out of ten for existing Fortinet customers due to its seamless integration and good value for money.

We use FortiWeb to connect external APIs to our on-prem data center solutions.

We use FortiWeb for extended protection profiles to mitigate SQL injection and other web application threats. It is effective against web application threats and helps with our API protection and load balancing.

Additionally, it is cost-effective compared to other solutions.

They could integrate some kind of machine learning and AI facilities to automate workflows. We need to update regular patches frequently, and it requires regular installation and testing of these patches.

We have been working with FortiWeb for almost five years.

It is stable for us, showing good performance in handling web security.

I would rate its scalability at six because we have to increase our CPU and memory capacities, as it is confined to CPU and memories.

I would rate the customer service and technical support between eight and nine out of ten.

The setup is easy to manage.

It helps us save costs, about 20% to 30%.

In comparison to other solutions, the price is reasonable.

FortiWeb is suitable for medium-scale companies. I recommend using this solution.

I'd rate the solution nine out of ten.

FortiWeb is used for web application protection. It protects a web application against attacks targeting their web applications, such as cross-site scripting, SQL injection, and other common application-specific attacks.

FortiWeb allows the organization to operate efficiently without any downtime or serious security breach.

FortiWeb has a very extensive library of known attack signatures, which makes the product fit for any environment, regardless if the customer uses Windows-specific or non-Windows-specific applications. It also has a very low rate of false positives and incorporates other FortiGuard capabilities, such as detection of botnet traffic.

For users not familiar with Fortinet, it could be beneficial to provide more user-friendly analytics and reporting. The product could offer better capabilities and analytics to pinpoint threat landscapes more efficiently.

I have been working with FortiWeb for approximately four years, maybe more.

FortiWeb has proven to be very stable and does not introduce latency in the network.

The product can scale according to the organization's traffic and architecture. It is available as a virtual appliance and a hardware appliance.

Fortinet provides very good support, which I would rate as eight out of ten.

At the moment, we are only working with Fortinet and not with other web application firewalls.

Someone without prior experience with the product might find it challenging to deploy. However, Fortinet provides good online training to assist administrators.

The total cost of ownership should be calculated based on the actual protection it offers to the application. Deploying FortiWeb can save 20% to 30% of resources within the organization.

FortiWeb uses a subscription-based license, but there is also an option for a perpetual license. It's not the cheapest solution. That said, it is worth the investment.

I have experience with other web application products.

I'd rate the solution nine out of ten.

I used FortiWeb, and I was looking if the SIPTNA from Symantec had something to do with the one from Fortinet. I am a consultant and I propose Fortinet products to my customers. I usually recommend FortiWeb for companies that are looking for a WAF.

It's really easier for them to integrate. Sometimes we help them, and once it's integrated, it doesn't have a lot of requirements from their side. They just have to keep the site going with their security assessment. They do not need for us to help them more.

Usually, people want to change, solutions and we recommend that it is easy to use. Even though most products have the same functionality nowadays, FortiWeb is easy to integrate.

Fortinet's technical support is pretty slow, especially when you have quick questions. The support kind of delays itself and sometimes takes more time. That's the only thing that I can think of at the moment.

Fortinet's technical support is pretty slow and kind of delays itself when you have quick questions.

I was using another solution. I just wanted to research it to see if it had something extra. It was just some research for a project. I just wanted to know if any of them had some qualities that seemed similar to Symantec.

It's true that we are the ones that usually deploy it for our clients. Since we do it for many of them, we think it's really easy. But as for many products, it's really straightforward.

We are the ones that usually deploy it for our clients. Since we do it for many of them, we think it's really easy.

It's better. Yeah, it's really good. It's one of the main points why we offer it. Since we are partners with them, sometimes we offer our customers a lower price.

The clients that we know use both FortiWeb and Symantec. I used FortiWeb, and I was looking if the SIPTNA from Symantec had something to do with the one from Fortinet.

I would recommend FortiWeb for web application security. Most products work the same despite being different solutions.

I'd rate the solution nine out of ten.

I use FortiWeb to protect all the domains in my organization. It safeguards my entire web segment. All the connections to my environment that do not come over VPN are protected by it, which is crucial as I work in the financial sector with a strong focus on security. FortiWeb stands in front of my environment, where either a firewall or WAF is used to inspect all inbound traffic.

It helps protect my organization by providing robust security measures for our web segment. By onboarding all my APIs and web applications onto FortiWeb, it ensures that traffic not coming through the firewall adheres to stringent security protocols. The SaaS model of FortiWeb also helps in managing latency effectively despite our users being in Nigeria while the infrastructure is based in Europe.

The features that I value most in FortiWeb include its inspection of traffic for Intrusion Prevention, Anti-Malware, and whitelisting capabilities. It allows specific IP whitelisting or even regional whitelisting, ensuring only whitelisted traffic from certain geographical regions can access the environment. These security features provide a comprehensive defense against malicious activities.

One area that needs improvement is the handling of SaaS downtime. When there is downtime at their data center, it becomes a transit point issue for us, causing downtime in our environment as well. Although measures like built-in redundancy and manual switching between data centers exist, there is room for improvement in making these transitions automatic without impacting the customer. Automating the migration without manual intervention would significantly enhance user experience during downtime. Additionally, being able to read non-flagged traffic for operational purposes could also be an area to improve.

I have been using FortiWeb for about three years now.

The performance of FortiWeb is impressive because I use it as a SaaS-based solution, meaning it is not hosted inside my environment. Despite initial concerns about latency due to traffic redirection, it has performed well even with our users situated in Nigeria accessing infrastructure deployed in Europe.

Their support is generally good, around a seven out of ten. They have a structured support system where you need to log into a platform to raise a case. For urgent issues, you need to raise a case and follow up with a phone call to escalate it to a higher priority. However, one downside is that getting immediate attention during emergencies can take up to thirty minutes or more.

Setting up the account is quick and can be done in thirty minutes to an hour if you know what you're doing. Onboarding applications are straightforward and can be completed in about ten minutes or less. Overall, the deployment can be completed in a matter of hours.

FortiWeb is cheaper by over ten percent compared to other solutions like Barracuda and F5.

I evaluated F5, Barracuda, and Cloudflare. FortiWeb stood out in terms of ease of use, management, and cost.

I would recommend using Fortinet above any other tool. It is secure, cost-effective, and easy to use. The deployment and operational aspects are user-friendly.

Our company provides data center and cloud services as infrastructure providers. When customers need infrastructure like VMs or server allocation, we provide them with the vendor and offer services to operate, manage, implement, and integrate these security components.

The most valuable feature is the tool's integration with load-balancing applications, similar to FortiADC. Its importance depends on customer requirements, such as whether they prioritize application load balancing or layer seven protection.

Regarding areas for improvement, the documentation needs work. We had issues with a customer because the documentation didn't clearly show which devices can connect with FortiWeb WAF, leading to misconfiguration and difficult meetings. We also need deeper technical support - finding who's responsible for technical aspects is challenging. Hungary has a good Fortinet office with strong sales and pre-sales employees.

I have been using the product for four to five years.

I rate the tool's stability a nine out of ten.

It's not good with normal perpetual licensing, but we can solve the problem using flex licensing. That's why I'd rate it nine out of ten. We're satisfied with it. Many of our customers, including small, medium, and enterprise businesses, use FortiWeb WAF.

I rate the tool's deployment ease as seven out of ten. We have spent about 600 working hours to implement it.

The product provides very good prices to customers. The price is set well and offers great value for money.

I rate the overall solution an eight out of ten. I advise others looking to use FortiWeb WAF to create deeper policy rules.