• Home
  • Check Point CloudGuard CNAPP vs. Fortinet FortiWeb

Check Point CloudGuard CNAPP vs Fortinet FortiWeb comparison

Cancel
You must select at least 2 products to compare!
Check Point Software Technologies Logo
Check Point CloudGuard CNAPP
Read 64 Check Point CloudGuard CNAPP reviews
1,461 views|877 comparisons
95% willing to recommend
Fortinet Logo
Fortinet FortiWeb
Read 83 Fortinet FortiWeb reviews
9,391 views|6,820 comparisons
88% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Vulnerability Management
June 2024
Executive Summary

We performed a comparison between Check Point CloudGuard CNAPP and Fortinet FortiWeb based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management.
To learn more, read our detailed Vulnerability Management Report (Updated: June 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Michael Schwatzman1
It can be deployed as a SaaS solution, provide a consolidated view, and complete vulnerability scans
By utilizing Check Point CloudGuard CNAPP for security, our clients can now protect both their cloud and on-premise assets. CloudGuard CNAPP also... Read more →
Anonymous User
Works fine for classic websites and simple load balancing but lacks specialized protection
The WAF profiles has been most effective at mitigating web-based threats – probably something standardized, but again, we haven't tested it on... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"We like the GSL Builder feature. When you're running a security operations center, you spend a lot of time monitoring endpoint activity to ensure there is no malicious traffic or anonymous access in the environment. The GSL Builder is helpful for deep investigations of a particular reason for an incident. You can use it to get more information.""It helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment.""It presents a real-time database that is always updated.""The initial setup is easy and not complex at all.""Dome9 has improved our organization; we have a centralized view of all of our assets, our visible assets our ECs, our inventories. And then all the policies are centralized, and it is easier to manage because everything is one component console.""We know the vulnerability in advance, so we can take some action for that vulnerability.""People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially.""Helps identify and correct misconfigurations in cloud environments, ensuring that infrastructure and applications are secure and optimized."

More Check Point CloudGuard CNAPP Pros →

"Fortinet is a great SD-WAN player when it comes to security capabilities.""When it comes to blocking unknown threats and attacks, I would give it the highest score possible. We first started using AWS and its Web Application Firewalls. That was okay, but it was quite a manual process to keep it up to date, whereas Fortinet is always up to date, and the default rules or the modules that you can turn on are very easy to use.""Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself.""You have the ability to control everything from one single dashboard.""The GUI is user-friendly.""The customers are very happy with this solution because of two things. First, the IPS integration with a web application is very tightly done on Fortinet. Second, the ease of use is there. The management interface or the GUI interface is very easy to use, configure, and manage. These are the two main valuable features. It supports integration with other Fortinet products. It also integrates very well with the firewall and sandboxing technology. They already have enough integration with different technologies. They have got a complete tech intelligence view of the whole product.""The policies and the filtering are the most valuable features, especially traffic, URL, and application filtering. The solution is excellent at detecting vulnerabilities.""It can scale well."

More Fortinet FortiWeb Pros →

Cons
"Down the road, we would like to see automation. That is probably a feature that most people want. If they can automate patching a vulnerability, it will be much easier.""We have had some issues with the performance. In some cases, the performance of CloudGuard CNAPP is impacted. Particularly during the intensive security scans in high-traffic environments, there has been a performance impact.""CloudGuard could be improved by including integration with vendors other than AWS, especially Azure, especially in permissions.""The biggest thing is the documentation aspect of Dome9 is a little lacking. They were purchased by Check Point about a year and a half to two years ago. When they integrated into Check Point's support system, a lot of the documentation that they had previously got mangled in the transition, e.g., linking to stuff on the Dome9 website that no longer exists. There are still a lot of spaces with incomplete links and stuff that is not as fully explained as it could be.""The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point.""In Dome9, there should be a policy validation option where we can validate the policy before we push it into production.""Adding a feature that allows me to easily identify the changes that have been made to the CIS benchmark and update my own policy accordingly would be a valuable addition to Check Point CloudGuard Posture Management.""It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."

More Check Point CloudGuard CNAPP Cons →

"It costs too much.""Fortinet FortiWeb could improve data integration.""We have had problems with deployments where we've had to contact technical support to resolve them.""The F5 solution has more features than Fortinet FortiWeb, such as multiple load balancing.""I had some small problems when I was upgrading firmware. After the upgrade, some of my certificates were deleted.​""It would also be helpful if they could introduce easier reporting. It's good to have those reports that go to C-level management, and Fortinet does provide some graphs, but if they went into some more detail, that would be great.""The solution could offer more integration opportunities.""A better load balancer is needed when multiple servers are used for the same website."

More Fortinet FortiWeb Cons →

Pricing and Cost Advice
  • "​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
  • "I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
  • "It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
  • "The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
  • "I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
  • "Right now, we have licenses on 500 machines, and they are not cheap."
  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."

    • More Check Point CloudGuard CNAPP Pricing and Cost Advice →

  • "Cheaper than others."
  • "FortiWeb can be purchased in VM mode for a lower price and the same features."
  • "Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes."
  • "​It really pays off to buy licences for multiple years​."
  • "​The pricing is reasonable."
  • "The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size."
  • "The solution gives us the best price to performance ratio."
  • "The costs are standard. We pay around $1,600 yearly."

    • More Fortinet FortiWeb Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Check Point CloudGuard Posture Management?
    Top Answer:The visibility in our cloud environment is the most valuable feature.
    Read all 33 answers   →
    What is your experience regarding pricing and costs for Check Point Cloud...
    Top Answer:The price is on the higher end.
    Read all 27 answers   →
    What needs improvement with Check Point CloudGuard Posture Management?
    Top Answer:We have concerns regarding the pricing and would appreciate seeing some improvements.
    Read all 32 answers   →
    What do you like most about Fortinet FortiWeb?
    Top Answer:The WAF profiles has been effective at mitigating web-based threats.
    Read all 48 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiWeb?
    Top Answer:The pricing is in the middle. I would rate the pricing a five out of ten. It feels like a justified cost for the features, but it might get more expensive in the future. Also, keep in mind that Check… more »
    Read all 38 answers   →
    What needs improvement with Fortinet FortiWeb?
    Top Answer:I'd like more customization. I'm not sure if everyone would agree, as it might add complexity. But for advanced users, it would be really useful to have access and the ability to manipulate packets… more »
    Read all 48 answers   →
    Ranking
    6th
    out of 111 in Vulnerability Management
    Views
    1,461
    Comparisons
    877
    Reviews
    55
    Average Words per Review
    672
    Rating
    8.6
    4th
    out of 82 in Web Application Firewall (WAF)
    Views
    9,391
    Comparisons
    6,820
    Reviews
    22
    Average Words per Review
    754
    Rating
    7.7
    Comparisons
    Also Known As
    Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
    Learn More
    Check Point Software Technologies
    Fortinet
    Overview

    Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

    Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

    Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

    Fortinet FortiWeb Features and Benefits

    APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

    • Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.

    • Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.

    • Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.

    • Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.

    • ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.

    • False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

    Reviews from Real Users

    Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

    Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

    A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

    Sample Customers
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    Top Industries
    REVIEWERS
    Security Firm22%
    Financial Services Firm18%
    Computer Software Company11%
    Cloud Solution Provider8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Security Firm8%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm24%
    Comms Service Provider20%
    Computer Software Company17%
    Government10%
    VISITORS READING REVIEWS
    Educational Organization38%
    Computer Software Company12%
    Financial Services Firm7%
    Comms Service Provider6%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise12%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise63%
    REVIEWERS
    Small Business49%
    Midsize Enterprise22%
    Large Enterprise28%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise48%
    Large Enterprise34%
    Buyer's Guide
    Vulnerability Management
    June 2024
    Download Free Report
    Find out what your peers are saying about Tenable, Wiz, SentinelOne and others in Vulnerability Management. Updated: June 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Check Point CloudGuard CNAPP is ranked 6th in Vulnerability Management with 64 reviews while Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Fortinet FortiWeb is rated 8.0. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, Wiz, AWS GuardDuty and Microsoft Defender for Cloud, whereas Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.