FortiWeb Web Application Firewall (WAF) is PCI DSS compliant, top security—NSS Labs recommended, has groundbreaking throughput up to 20 Gbps, and is available in hardware and virtual form factors. Fortinet FortiWeb™ […]
Partners—Fortinet FortiWeb Web Application Firewall
FortiWeb Web Application Firewall (WAF) is PCI DSS compliant, top security—NSS Labs recommended, has groundbreaking throughput up to 20 Gbps, and is available in hardware and virtual form factors. Fortinet FortiWeb™ is able to process up to tens of thousands of web transactions by providing hardware accelerated SSL offloading in most models. Although Payment Card Industry Data Security Standards (PCI DSS) compliance is the main reason most organizations deploy Web Application Firewalls (WAFs), many now realize that unprotected web applications are the easiest point of entry for even unsophisticated hackers. Externally facing web applications are vulnerable to attacks such as cross site scripting, SQL injection, and Layer 7 Denial of Service (DoS). Internal web applications are even easier to compromise if an attacker is able to gain access to an internal network where many organizations think they’re protected by their perimeter network defenses. Custom code is usually the weakest link as development teams have the impossible task of staying on top of every new attack type. Fortinet FortiWeb offers FortiGuard’s™ top—rated antivirus engine that scans all file uploads for threats that can infect your servers or other network elements.
However, even commercial code is vulnerable as many organizations don’t have the resources to apply patches and security fixes as soon as they’re made available. Even if you apply every patch and have an army of developers to protect your systems, zero—day attacks can leave you defenseless and only able to respond after the attack has occurred. Deep integration with FortiGate™ and Fortinet FortiSandbox™—as the threat landscape evolves, many new threats require a multi pronged approach for protecting web—based applications. Advanced Persistent Threats that target users can take many different forms than traditional single—vector attack types and can evade protections offered only by a single device. Using an advanced multi—layered and correlated approach, Fortinet FortiWeb™ provides complete security for your external and internal web—based applications from the OWASP Top 10 and many other threats. Using IP Reputation services, botnets and other malicious sources are automatically screened out before they can do any damage. DoS detection and prevention keeps your applications safe from being overloaded by Layer 7 DoS attacks. Fortinet FortiWeb™ checks that the request hasn’t been manipulated using HTTP RFC validation.
Advanced False Positive Mitigation Tools
False positive detections can be very disruptive if a web application firewall isn’t configured correctly. Although the installation of a WAF may only take minutes, fine tuning it to minimize false positives can take days or even weeks, plus there’s the regular ongoing adjustments for application and environment changes. FortiWeb combats this problem with many sophisticated tools including alert tuning, white lists, automatic learning exceptions, correlated threat detection, and advanced code based syntax analysis. Blazing fast SSL offloading—Fortinet FortiWeb™ is able to process up to tens of thousands of web transactions by providing hardware accelerated SSL offloading in most models. With near real—time decryption and encryption using ASIC based chip sets, FortiWeb can easily detect threats that target secure applications. FortiWeb user tracking—Fortinet FortiWeb™ monitors users authenticating to web applications and tracks all their subsequent activity. All traffic and attack logs are attached with the username allowing rule enforcement and forensics at the user level. Fortinet FortiWeb™ is also available for Amazon Web Services™ and Microsoft Azure™.
Included Vulnerability Scanning
Only Fortinet FortiWeb™ includes a web application vulnerability scanner in every appliance at no extra cost to help you meet PCI DSS compliance. Fortinet FortiWeb™’s vulnerability scanning dives deep into all application elements and provides in—depth results of potential weaknesses in your applications. Vulnerability scanning is always up to date with regular updates from Fortinet FortiGuard Labs™. Deep integration with FortiGate™ and Fortinet FortiSandbox™—as the threat landscape evolves, many new threats require a multi pronged approach for protecting web—based applications. Advanced Persistent Threats that target users can take many different forms than traditional single—vector attack types and can evade protections offered only by a single device. Fortinet FortiWeb™’s integration with Fortinet FortiGate™ and Fortinet FortiSandbox™ extend basic WAF protections through synchronization and sharing of threat information to both deeply scan suspicious files and share infected internal sources. Fortinet FortiWeb™ is one of many Fortinet™ products that provides integration with Fortinet™’s FortiSandbox advanced threat detection platform.
Features And Benefits
Fortinet FortiWeb™ provides integration with leading third—party vulnerability scanners including Acunetix™, HP WebInspect™, IBM AppScan™, Qualys™ and WhiteHat™ to provide dynamic virtual patches to security issues in application environments. Vulnerabilities found by the scanner are quickly and automatically turned into security rules by FortiWeb to protect the application until developers can address them in the application code. Quarantined IPs HTTP Traffic service protects you from known attack sources like botnets, spammers, anonymous proxies, and sources known to be infected with malicious software. Fortinet FortiWeb Security Service™ is designed just for FortiWeb™ including items such as application layer signatures, malicious robots, suspicious URL patterns and web vulnerability scanner updates. Finally, Fortinet FortiWeb offers FortiGuard’s™ top—rated antivirus engine that scans all file uploads for threats that can infect your servers or other network elements. Fortinet FortiWeb™ provides maximum flexibility in supporting your virtual and hybrid environments. The virtual versions of FortiWeb support all the same features as Fortinet™ hardware—based devices and work with all the top hypervisors.
You must be logged in to post a comment.