The FortiWeb Web Application Firewall provides threat protection for enterprises, application service providers, and SaaS providers. It protects the web-based applications from attacks by the unauthorized users and data loss. Attacks may include DDoS, phishing, spammers, malicious software and anonymous Proxies. The application aware load balancing engine distributes traffic and routes across multiple web servers. This increases performance, resource utilization and stability by reducing server response times.
Fortinet provides protection against malicious activities, application layer DoS Attacks and threats like SQL injection and Cross-site scripting. Data compression and independent SSL encryption processor increases the transaction throughput by reducing processing requirements from web servers. The Web Application Firewall appliances include the technologies like 10 GE SFP+ bypass ports. They provide configurations up to 2x 2TB drives for onboard storage. It creates protection for application information disclosure by monitoring all outbound traffic. Customers can create their own granular signatures and DLP patterns with predefined rules for events.
It also provides a complete solution for Web-based Application through enterprise protection. Using advanced threat detection it monitors all activities to intercept and stop threats. FortiWeb protects against application attacks like Cross Site Scripting, SQL Injection and layer 7 DoS Attacks. It increases the throughput by providing additional acceleration for web application traffic. For small enterprise environments, it has 25 Mbps throughput and for high-end datacenter, it has 4 Gbps throughput.
Some of the features include:
Scanning is done to analyze the protected web applications and to detect security weaknesses for known and unknown vulnerabilities. With the integration of FortiASIC technology, it processes web transactions by providing hardware accelerated SSL offloading. The configuration synchronization allows a network-level failover in the event of unexpected outage events. A comprehensive security model is created so that it can protect any known or unknown vulnerabilities like day attacks. It continuously monitors real-time user activities and eliminates the need for manual configuration of security profiles on the same FortiWeb device.
The role-based administration rights are provided to designated domain owners to manage their own applications from others. By this it allows efficient bandwidth utilization and response time to users by compressing data retrieved from servers. FortiWeb reduces deployment costs by consolidating Web Application Firewall and web traffic acceleration.