Overview:
FortiWeb is a web application firewall (WAF) that
protects hosted web applications and API from
attacks that target known and unknown exploits.
Using machine learning to model each application,
FortiWeb defends applications from known
vulnerabilities and from zero-day threats.
Acceleration and Performance
Multi-core processor technology combined with
hardware-based SSL tools deliver blazing fast
protected WAF throughput.
Application Protection
Protection from the OWASP Top Ten application
attacks including Cross Site Scripting and
SQL Injection.
AI-based Machine Learning Threat Detection
FortiWeb uses machine learning to continuously
model each application to detect anomalies and
identify threats.
API Protection
Protect your API interfaces from malicious traffic by
parsing the contents of each API call. Supports
APIs implemented using XML, JSON API, and
RESTful API.
Bot Mitigation
Protect websites, mobile applications, and APIs
from automated threats by activating bot mitigation
feature including thresholds, biometric bot
detection, and bot deception.
Highlights
- Machine learning that detects and
blocks threats while minimizing
false positives
- Up to 20 Gbps protected WAF
throughput
- Bot mitigation
- Protection for APIs, including
those used to support mobile
applications
- Enhanced protection with Fortinet
Security Fabric integration
- Visual analytics tools for advanced
threat insights
- Third-party integration and
virtual patching
Highlights:
Comprehensive Web Application Security with FortiWeb
Using an advanced multi-layered and correlated approach, FortiWeb provides complete security for your web-based applications from the
OWASP Top 10 and many other threats. FortiWeb’s first layer of defense uses traditional WAF detection engines (e.g. attack signatures,
IP reputation, protocol validation, and more) to identify and block malicious traffic, powered by intelligence from Fortinet’s industry-leading
security research from FortiGuard Labs. FortiWeb’s machine learning detection engine then examines traffic that passes this first layer, using
a continuously updated model of your application to identify malicious anomalies and block them as well.
Machine Learning Improves Detection and Drives Operational Efficiency
FortiWeb’s multi-layer approach provides two key benefits: superior threat detection and improved operational
efficiency.
FortiWeb’s ability to detect anomalous behavior relative to the specific application being protected enables the
solution to block unknown, never-before-seen exploits, providing your best protection against zero-day attacks
targeting your application.
Operationally, FortiWeb machine learning relieves you of time-consuming tasks such as remediating false
positives or manually tuning WAF rules. FortiWeb continually updates the model as your application evolves,
so there is no need to manually update rules every time you update your application. FortiWeb enables you to
get your code into production faster, eliminating the need for time-consuming manual WAF rules tuning and
troubleshooting the false positives that plague less advanced WAFs.
FortiWeb’s machine learning accurately detects anomalies and identifies which are threats. Unlike prevailing auto-learning detection models used by other WAF vendors that treat every anomaly as a threat, FortiWeb’s precision nearly eliminates false positive detections and catches attack types that others cannot.
Deep Integration into the Fortinet Security
Fabric and Third-Party Scanners
As the threat landscape evolves, many new threats require a
multi-pronged approach for protecting web-based applications.
Advanced Persistent Threats that target users can take many
different forms than traditional single-vector attack types and
can evade protections offered only by a single device.
FortiWeb’s integration with FortiGate and FortiSandbox extend
basic WAF protections through synchronization and sharing of
threat information to both deeply scan suspicious files and
share infected internal sources.
FortiWeb also provides integration with leading third-party
vulnerability scanners including Acunetix, HP WebInspect,
IBM AppScan, Qualys, IBM QRadar, and WhiteHat to provide
dynamic virtual patches to security issues in application
environments. Vulnerabilities found by the scanner are quickly
and automatically turned into security rules by FortiWeb to
protect the application until developers can address them in
the application code.
Solving the Challenge of False
Threat Detections
False positive threat detections can be very disruptive and force
many administrators to loosen security rules on their web application
firewalls to the point where many often become a monitoring tool
rather than a trusted threat avoidance platform. The installation of a
WAF may take only minutes, however fine-tuning can take days, or
even weeks. Even after setup, a WAF can require regular checkups
and tweaks as applications and the environment change.
FortiWeb’s AI-based machine learning addresses false positive and
negative threat detections without the need to tediously manage
whitelists and fine-tune threat detection policies. With near 100%
accuracy, the dual layer machine learning engines detect anomalies
and then determine if they are threats unlike other methods that
block all anomalies regardless of their intent. When combined with
other tools, including user tracking, device fingerprinting, and threat
weighting, FortiWeb virtually eliminates all false detection scenarios.
API Security
The use of APIs has become increasingly popular in recent years
to help speed application delivery and to provide simplified
application-to-application accessibility. As APIs are part of many
applications, they have become a new vector for application layer
attacks and exploits, similar to traditional web-based applications.
FortiWeb provides an easy-to-deploy solution to protect your API
with attack signatures, parameter enforcement and many other
tools. With FortiWeb you can easily publish your applications and
their APIs knowing they are both protected.
Advanced Graphical Analysis and Reporting
FortiWeb includes a suite of graphical analysis tools called
FortiView. Similar to other Fortinet products such as FortiGate,
FortiWeb gives administrators the ability to visualize and drill-down
into key elements of FortiWeb such as server/IP configurations,
attack and traffic logs, attack maps, OWASP Top 10 attack
categorization, and user activity. FortiView for FortiWeb lets
administrators quickly identify suspicious activity in real time and
address critical use cases such as origin of threats, common
violations, and client/device risks.
Secured by FortiGuard
Fortinet’s Award-winning FortiGuard Labs is the backbone for many
of FortiWeb’s layers in its approach to application security. Offered
as 5 separate options, you can choose the FortiGuard services
you need to protect your web applications. FortiWeb IP Reputation
service protects you from known attack sources like botnets,
spammers, anonymous proxies, and sources known to be infected
with malicious software. FortiWeb Security Service is designed just
for FortiWeb including items such as application layer signatures,
machine learning threat models, malicious robots, suspicious
URL patterns and web vulnerability scanner updates. Credential
Stuffing Defense checks login attempts against FortiGuard’s list of
compromised credentials and can take actions ranging from alerts
to blocking logins from suspected stolen user ids and passwords.
The FortiSandbox Cloud subscription enables FortiWeb to integrate
with Fortinet’s cloud-sandbox service. Finally, FortiWeb offers
FortiGuard’s top-rated antivirus engine that scans all file uploads for
threats that can infect your servers or other network elements.
VM and Public Cloud Options
FortiWeb provides maximum flexibility in supporting your virtual
and hybrid environments. The virtual versions of FortiWeb support
all the same features as our hardware-based devices and can be
deployed in VMware, Microsoft Hyper-V, Citrix XenServer, Open
Source Xen, VirtualBox, KVM and Docker platforms. FortiWeb is
also available for AWS, Azure, Google Cloud, and Oracle Cloud as
a VM, and as WAF as a Service on AWS, Azure, and Google Cloud.
For more information, see Fortiweb-Cloud.com.