FortiWeb: Comprehensive web application security
FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using AI-enhanced multi-layer and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
Using an advanced multi-layered and correlated approach, FortiWeb provides complete security for your external and internal web-based applications from the OWASP Top 10 and many other threats. At the heart of FortiWeb is an AI-based detection engine that uses machine learning to identify requests that stray from normal patterns and takes action to protect applications from known and unknown zero-day threats.
Advanced graphical analysis and reporting
FortiWeb includes a suite of graphical analysis tools called FortiView. Similar to other Fortinet products such as FortiGate, FortiWeb gives administrators the ability to visualise and drill down into key elements of FortiWeb such as server/IP configurations, attack and traffic logs, attack maps, OWASP Top 10 attack categorisation, and user activity. FortiView for FortiWeb lets administrators quickly identify suspicious activity in real-time and address critical use cases such as the origin of threats, common violations, and client/device risks.
Deep integration into the Fortinet Security Fabric and third-party scanners
As the threat landscape evolves, many new threats require a multi-pronged approach for protecting web-based applications. Advanced Persistent Threats that target users can take many different forms than traditional single-vector attack types and can evade protections offered only by a single device. FortiWeb’s integration with FortiGate and FortiSandbox extend basic WAF protections through synchronisation and sharing of threat information to both deeply scan suspicious files and share infected internal sources.
FortiWeb Cloud WAF: Enjoy the protection of a full-featured Web Application Firewall (WAF)
FortiWeb Cloud WAF as a Service delivers Web application security as a SaaS solution. Protect your hosted web applications without deploying and managing infrastructure — let Fortinet secure your applications while you focus on delivering business value with your Web applications. The solution requires minimal configuration and management and can be deployed in front of your applications by subscribing via the AWS Marketplace. The solution uses multiple protection techniques to quickly and accurately mitigate threats while allowing normal traffic to proceed.
A full-featured WAF that’s easy to deploy and manage
With FortiWeb Cloud WAF as a Service, enjoy the protection of a full-featured Web Application Firewall (WAF) as you rapidly roll out your applications in AWS without managing and maintaining your own infrastructure. Your attack surface changes every time you deploy a new Internet-facing application, and with public cloud you can deploy those Internet-facing applications faster than ever. You need a solution that can protect any web-based application you deploy, including shortlived applications that may only run for a short time and long-lived applications that can evolve rapidly as you adopt a DevOps approach to deliver applications and services at high velocity. Protecting your applications with a SaaS-delivered WAF solution also provides the ability to pay-as-you-go, allowing you to provide the same protection for all of your AWS-hosted applications without standing up excess capacity that might be underutilised.
Your dedicated Fortinet experts
is an award-winning Fortinet Partner with advanced specialties, and the distinction of multiple certified engineers on staff. Our engineers are recognised by Fortinet as technical experts and advocates of Fortinet solutions. That means you can count on for the technical know-how and hands-on experience to accurately assess your business requirements, and design, implement, and manage a Fortinet-based solution to suit your needs.
FortiWeb cloud WAF benefits
FortiWeb Cloud WAF as a Service uses the same comprehensive approach to security as other FortiWeb form factors, including IP reputation, DDoS protection, protocol validation, application attack signatures, and more to defend your application against a wide range of threats, including the OWASP Top 10.
100% Cloud-based WAF as a Service
Pay as you go, based on traffic and the number of applications protected
Protection against OWASP Top 10, including cross-site scripting and SQL injection
Rapid deployment via AWS Marketplace
Advanced analytics and reporting
Delivered within the same AWS region as your application, providing improved performance, a simplified regulatory environment, and reduced bandwidth costs