The tool is a valuable web application that protects our internal mobile money application. It enforces policies, ensuring secure access for users connecting to the application. It complies with PCI DSS, safeguarding financial transactions and contributing to our revenue. The solution effectively addresses malware threats.
Fortinet Managed Rules for AWS WAF - API Security
Fortinet Inc.External reviews
49 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Protects internal applications and prevents target attacks
What is our primary use case?
What is most valuable?
The tool secures our critical applications, especially the mobile money application, which is often targeted by attacks. The solution provides rapid protection and has proven reliable against various threats. It blocks malicious traffic, including dormant and DDoS attacks, and offers integrated Web Application Firewall features to safeguard against compromises.
You can set it up for customer-facing web applications because customers don't necessarily know all the IP addresses. It uses a source-based approach where any source accessing the application is defined by its IP. When accessing the application, it checks if they are using HTTP or HTTPS and blocks them if necessary.
The tool's performance and security reporting capabilities contribute positively to IT security management. Consolidating management within the solution makes it easier for IT to handle the solutions. All functionalities managed on a single box reduce the number of boxes needed for management.
What needs improvement?
We have encountered issues with webhooks and management of FortiWeb Web Application Firewall's on-premise version.
For how long have I used the solution?
I have been using the product for three years.
What do I think about the stability of the solution?
You may encounter problems if you don't have FortiAnalyzer.
What do I think about the scalability of the solution?
My company has 11,000 users.
How are customer service and support?
We've encountered several issues before, like the web and firmware's lack of responsiveness for 50 minutes. The Firewall, FortiWeb Manager firmware, and firmware updates must sync properly. We've addressed this, and our partners have helped resolve these issues.
Which solution did I use previously and why did I switch?
I tried to work with Cisco, but it wasn't working well.
How was the initial setup?
FortiWeb Web Application Firewall's deployment is not complex. The setup involves connecting the switch and the firewall. Our main task is to redirect all traffic from the application to the website. The overall process can be completed in two weeks. Maintaining it isn't challenging, but the issue arises when the firmware becomes outdated; you must check and update it.
What about the implementation team?
FortiWeb Web Application Firewall helped us with the deployment.
What other advice do I have?
I rate the overall solution a nine out of ten.
Easy to setup, stable and scalable solution
What is our primary use case?
My main use case is for security and routing.
What is most valuable?
It is good for web tracking applications.
What needs improvement?
There is room for improvement in pricing, and actually, the price is a bit higher because on the same terms I purchased, the support subscription is so high.
For how long have I used the solution?
I've been using it for a long time. It has been more than three years now.
What do I think about the stability of the solution?
Stability is guaranteed stability. I'm okay with stability. I would rate the stability an eight out of ten.
What do I think about the scalability of the solution?
I would rate the scalability an eight out of ten.
How are customer service and support?
I am okay with the support. The support's subscription is high.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
pfSense is open-source and free, while FortiWeb is subscription-based. Both are manageable, but FortiWeb's features scale up connections per second, depending on the payment plan.
How was the initial setup?
I would rate my experience with the initial setup a nine out of ten, where one is difficult, and ten is easy.
It took us two days to set up.
What about the implementation team?
I deployed it myself. I just got a reference from the old system, and I configured it.
What's my experience with pricing, setup cost, and licensing?
I would rate the pricing a seven out of ten, where one is cheap and ten is expensive.
What other advice do I have?
Overall, I would rate it a solid eight out of ten.
User-friendly, stable and efficiently secure VMs and applications
What is our primary use case?
I initially deployed it for my company, but now I administrate it for a client.
What is most valuable?
We use it to secure VMs and applications in Azure. It protects against DDoS attacks.
It's very user-friendly.
What needs improvement?
There is room for improvement in the support. The response time could be faster. Plus, they ask for a lot of information. It is not easy to get support.
In future releases, I would like to see added antivirus features that provide user-based activity indicators. For example, if a user downloads a large number of files or connects frequently, the WAF could flag this activity for investigation.
For how long have I used the solution?
I have been using it for three months now.
What do I think about the stability of the solution?
It is a stable solution.
What do I think about the scalability of the solution?
It is a scalable product.
How are customer service and support?
For some initial issues. It's good, but not during the first year. FortiWeb could improve response time and first-level support clarity.
How would you rate customer service and support?
Positive
What about the implementation team?
The first implementation with an expert took two hours. My solo attempt took three weeks.
What other advice do I have?
Take time to test it thoroughly. Consider buying an existing solution if needed.
Overall, I would rate the solution an eight out of ten.
An easy-to-deploy solution with machine learning features that reduce false positives
What is most valuable?
The product has some unique features. The machine learning feature reduces the false positives. The tool detects zero-day attacks. It has an in-built antivirus, which most WAF tools do not have.
What needs improvement?
Advanced configurations require high skill. FortiWeb team should work on making it easier. The documentation is poor. The tool must provide advanced and robust DDoS protection.
For how long have I used the solution?
I have been using the solution for almost six years.
How are customer service and support?
The technical support is fine. The support team gives delayed responses if there is a complex issue.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I have worked with F5 Advanced WAF. It is a robust product and is suitable for complex environments. It is flexible. However, it depends on other solutions for inbuilt security and packet inspection.
How was the initial setup?
The initial setup is easy. It requires less intervention.
What's my experience with pricing, setup cost, and licensing?
I recommend the product to others. Overall, I rate the solution an eight out of ten.
An useer-friendly solution with easy configuration
What is most valuable?
The tool's HTTP traffic, website fixing, and blocking are fantastic. It is user-friendly with easy configuration.
What needs improvement?
FortiWeb Web Application Firewall needs to improve its performance.
What do I think about the scalability of the solution?
FortiWeb Web Application Firewall is scalable.
How are customer service and support?
The tool's tech support is good.
How was the initial setup?
The tool's installation is straightforward.
What's my experience with pricing, setup cost, and licensing?
FortiWeb Web Application Firewall is not expensive.
What other advice do I have?
I rate the solution an eight out of ten.
Helps us to view all of our logs on one platform
What is our primary use case?
I have a multi-cloud environment. I have a production workload in Nigeria, with some data centers in Continental Europe and in the East US in multiple regions.
We have two different public clouds, AWS and Azure. Because of how Fortinet works, we connect to our customers via a remote access VPN.
What is most valuable?
The fact that I can log into the platform and see everybody, see logs, authentication failure, and see everything on one platform, is the most valuable feature.
Emails can be configured, and text messages can be sent via the mobile app.
It is a cheap solution.
What needs improvement?
The user interface can be improved. Also, there are authentication failures that need improvement in the next release.
For how long have I used the solution?
How are customer service and support?
The technical support team is bad.
How would you rate customer service and support?
Neutral
What other advice do I have?
I would rate the overall solution a eight out of ten due to the support and user interface issues.
34
What do you like best about the product?
Fortinet Managed Rules for AWS WAF - API Gateway offers robust pre-configured security rules, real-time threat intelligence, and seamless AWS integration, providing a comprehensive and easy-to-manage solution for safeguarding your API Gateway deployments.
What do you dislike about the product?
but I do not have access to specific user feedback or examples regarding Fortinet Managed Rules for AWS WAF - API Gateway. If you have specific questions or concerns about the service, I recommend reaching out to Fortinet directly or consulting online resources and reviews to gather information on user experiences, likes, and dislikes related to this product.
What problems is the product solving and how is that benefiting you?
Fortinet Managed Rules for AWS WAF - API Gateway aims to address several common security challenges associated with protecting web applications and APIs. Here's how it can benefit organizations:
Protection Against Web Application Attacks: Fortinet Managed Rules help mitigate threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top Ten vulnerabilities. This protection ensures the integrity and availability of web applications and APIs.
Automated Threat Intelligence: Fortinet incorporates real-time threat intelligence into their rules, allowing organizations to stay updated on emerging threats without manual intervention. This proactive approach helps defend against new attack vectors and vulnerabilities.
Ease of Implementation: By providing pre-configured security rules, Fortinet simplifies the process of setting up and managing security for AWS API Gateway. This can save time and resources compared to manual rule creation.
Centralized Management: Organizations can manage security policies across multiple API Gateway instances using Fortinet's centralized management console. This streamlines the administration of security rules and ensures consistency.
Customization: While offering pre-configured rules, Fortinet Managed Rules also allow customization. Organizations can tailor security policies to their specific application requirements, ensuring a balance between security and functionality.
Scalability: Fortinet's solution can scale with the organization's infrastructure, accommodating increased API traffic and maintaining effective security measures as the business grows.
Compliance Support: For organizations subject to regulatory requirements, Fortinet Managed Rules can help establish and maintain the necessary security controls to meet compliance standards, thus avoiding potential legal and financial penalties.
Protection Against Web Application Attacks: Fortinet Managed Rules help mitigate threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top Ten vulnerabilities. This protection ensures the integrity and availability of web applications and APIs.
Automated Threat Intelligence: Fortinet incorporates real-time threat intelligence into their rules, allowing organizations to stay updated on emerging threats without manual intervention. This proactive approach helps defend against new attack vectors and vulnerabilities.
Ease of Implementation: By providing pre-configured security rules, Fortinet simplifies the process of setting up and managing security for AWS API Gateway. This can save time and resources compared to manual rule creation.
Centralized Management: Organizations can manage security policies across multiple API Gateway instances using Fortinet's centralized management console. This streamlines the administration of security rules and ensures consistency.
Customization: While offering pre-configured rules, Fortinet Managed Rules also allow customization. Organizations can tailor security policies to their specific application requirements, ensuring a balance between security and functionality.
Scalability: Fortinet's solution can scale with the organization's infrastructure, accommodating increased API traffic and maintaining effective security measures as the business grows.
Compliance Support: For organizations subject to regulatory requirements, Fortinet Managed Rules can help establish and maintain the necessary security controls to meet compliance standards, thus avoiding potential legal and financial penalties.
I have 2 project experiences using Fortinet Managed Rules for AWS WAF with API Gateway
What do you like best about the product?
as a .NET Core developer, you might find that one of the benefits of using Fortinet Managed Rules for AWS WAF - API Gateway is that it provides an easy-to-use solution for adding an extra layer of security to your web applications running on AWS API Gateway. The service offers pre-configured rules that can be easily integrated into your application, helping to protect against common web-based attacks. This can save you time and effort when it comes to implementing security measures for your application.
What do you dislike about the product?
as a .NET Core developer, you might find that one of the potential drawbacks of using Fortinet Managed Rules for AWS WAF - API Gateway is that it may add some additional latency to your application. This is because the service inspects incoming web requests and applies the configured rules before allowing the request to reach your application. While this added latency may be minimal, it is something to consider when deciding whether or not to use this service. Additionally, the cost of using this service may be a concern for some users as it is a paid service.
What problems is the product solving and how is that benefiting you?
Security: Fortinet Managed Rules provide pre-configured rules that help protect your web applications from common web-based attacks such as SQL injection and cross-site scripting (XSS). By using these rules, you can enhance the security of your applications running on AWS API Gateway.
Compliance: If your application needs to meet specific compliance requirements, such as PCI DSS or HIPAA, Fortinet Managed Rules can help you meet those requirements by providing a set of security rules and configurations that align with industry standards.
Simplified Implementation: Fortinet Managed Rules offer an easy-to-use solution for adding security to your applications. The rules are designed to integrate seamlessly with AWS API Gateway, making it convenient for .NET developers to implement and manage security measures without extensive manual configuration.
Time and Cost Savings: By leveraging Fortinet Managed Rules, you can save time and effort in implementing and maintaining custom security rules. The pre-configured rules provided by the service eliminate the need for you to create and manage complex rule sets from scratch, potentially reducing development and maintenance costs.
Overall, Fortinet Managed Rules for AWS WAF - API Gateway is solving security-related problems that can benefit .NET developers by providing an easy-to-use, pre-configured solution that enhances the security of their web applications running on AWS API Gateway, while also potentially saving time and cost.
Compliance: If your application needs to meet specific compliance requirements, such as PCI DSS or HIPAA, Fortinet Managed Rules can help you meet those requirements by providing a set of security rules and configurations that align with industry standards.
Simplified Implementation: Fortinet Managed Rules offer an easy-to-use solution for adding security to your applications. The rules are designed to integrate seamlessly with AWS API Gateway, making it convenient for .NET developers to implement and manage security measures without extensive manual configuration.
Time and Cost Savings: By leveraging Fortinet Managed Rules, you can save time and effort in implementing and maintaining custom security rules. The pre-configured rules provided by the service eliminate the need for you to create and manage complex rule sets from scratch, potentially reducing development and maintenance costs.
Overall, Fortinet Managed Rules for AWS WAF - API Gateway is solving security-related problems that can benefit .NET developers by providing an easy-to-use, pre-configured solution that enhances the security of their web applications running on AWS API Gateway, while also potentially saving time and cost.
Strict rules for adequate security
What do you like best about the product?
Through Fortinet rules we can achieve many things, security, vpn, proxy, data wherehouse, scalability, functionality, usability, all this can be achieved through a rules and policies appropriate and optimized for each business, we could say that the cost benefit is adequate and functional, achieving adequate levels of connectivity without much investment.
What do you dislike about the product?
In the world of security there is no time to criticize or belittle the policies that are handled, for the management of these rules must have an expert and especially the extent that these should be clear and optimized for the company because not all work for everything.
What problems is the product solving and how is that benefiting you?
They are necessary for all connectivity and perimeter security throughout the company in a transversal and horizontal way, so you can maintain scalability and robust connectivity, balancing services and this helps all important areas, from sales to logistics, Fortinet is a strong ally to achieve fundamental objectives of any company.
fortinet is good
What do you like best about the product?
Waf is protect my website and applications
What do you dislike about the product?
I very like fortinet products, so i like it
What problems is the product solving and how is that benefiting you?
It bock all traffic phishing, protect my Web site
showing 21 - 30