The FortiWeb-400B from Fortinet provides a full application firewall that protects web-facing applications and data from theft, leakage or attack. This appliance includes a built-in web application vulnerability scanner, which can help determine potential risks in applications before they can be exploited.
We found this tool to be of average difficulty to deploy and configure. The initial deployment is quite straightforward, and it takes just a few minutes to get the appliance plugged into the network and up and running. The configuration of the appliance is another story. All configuration is done manually, and we found ourselves moving around the interface trying to figure out how to set up policy and manage web servers.
All management is done from the web-based interface. We found this to have a nice layout, but navigation could be confusing at times. We would like to see a more organized initial deployment process, possibly even a wizard or two to help with configuration.
However, once we figured out how to set the appliance up, we did find it to have a good amount of functionality and some clean load balancing and traffic management features. This appliance can be configured for almost any size environment with almost any set of application security requirements.
Documentation includes a quick-start guide, as well as a full documentation CD with administrator and installation manuals. We found all of this to be easy to follow and well organized. The administrator guide also features many screen shots and step-by-step configuration examples.
Fortinet offers both eight-hours-a-day/five-days-a-week and 24/7 support options for customers through an agreement. They can access phone-, email- and chat-based technical support, as well as an online portal with many resources, including a knowledge base, documentation and downloads.
At a price just shy of $9,000, we find this solution to be a good value for the money. While it does require some effort to learn how to configure and manage, the appliance offers solid protection along with a very configurable platform.