Introduction to FortiWeb and its functionalities

What is FortiWeb

FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks targeting known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and zero-day threats. The Web Application Security Service from FortiGuard Labs utilizes information based on the latest application vulnerabilities, bots, suspicious URL and data patterns, and specialized heuristic detection engines to keep your applications safe.

FortiWeb also offers a machine-learning function that enables it to automatically detect malicious web traffic. In addition to detecting known attacks, the feature can detect potential unknown zero-day attacks to provide real-time protection for web servers.

Configurable Features

FortiWeb allows you to configure these features:

  • Vulnerability scanning and patching
  • IP reputation, web application attack signatures, credential stuffing defense, anti-virus, and FortiWeb Cloud Sandbox powered by FortiGuard
  • Real-time attack insights and reporting with advanced visual analytics tools
  • Integration with FortiGate and FortiSandbox for ATP detection
  • Behavioral attack detection
  • Advanced false positive and negative detection avoidance

FortiWeb hardware and virtual machine platforms are available for medium and large enterprises, as well as for service providers.

Benefits

FortiWeb is designed specifically to protect web servers. It provides specialized application layer threat detection and protection for HTTP and HTTPS services, including:

  • Apache Tomcat
  • nginx
  • Microsoft IIS
  • JBoss
  • IBM Lotus Domino
  • Microsoft SharePoint
  • Microsoft Outlook Web App (OWA)
  • RPC and ActiveSync for Microsoft Exchange Server
  • Joomla
  • WordPress

FortiWeb’s integrated web-specific vulnerability scanner drastically reduces challenges associated with protecting regulated and confidential data by detecting your exposure to the latest threats, especially the OWASP Top 10.

FortiWeb’s HTTP firewall and denial-of-service (DoS) attack-prevention protects your web applications from attack. Using advanced techniques to provide bidirectional protection against sophisticated threats like SQL injection and cross-site scripting (XSS) attacks, FortiWeb also helps you defend against threats like identity theft, financial fraud, and corporate espionage.

FortiWeb provides the tools you need to monitor and enforce government regulations, industry best practices, and internal security policies, including firewalling and patching requirements from PCI DSS.

Features

FortiWeb’s application-aware firewall and load balancing engine can:

  • Secure HTTP/HTTPS applications.
  • Prevent and reverse defacement.
  • Improve application stability.
  • Monitor servers for downtime & connection load.
  • Reduce response times.
  • Accelerate SSL/TLS.*
  • Accelerate compression.
  • Rewrite content on the fly.

*On VM models, acceleration is due to offloading the cryptography burden from the back-end server. On hardware models, cryptography is also hardware-accelerated via ASIC chips.

FortiWeb significantly reduces deployment costs by consolidating WAF, hardware acceleration, load balancing, and vulnerability scanning in a single platform with no per-user pricing. These features:

  • Reduce the total resources required to protect your regulated, Internet-facing data.
  • Ease the challenges associated with policy enforcement and regulatory compliance.