The FortiWeb family of web application firewalls provides specialized, layered application threat protection for medium and large enterprises, application service providers, and SaaS providers. FortiWeb web application firewall protects your web-based applications and Internet-facing data from attack and data loss. Using advanced techniques to provide bidirectional protection against malicious sources and sophisticated threats like SQL injection and Cross-site scripting, FortiWeb platforms help you prevent identity theft, financial fraud and corporate espionage. FortiWeb delivers the technology you need to monitor and enforce government regulations, industry best practices, and internal policies.
FortiWeb significantly reduces deployment costs by consolidating Web Application Firewall, web traffic acceleration, and application traffic balancing into a single device with no per-user pricing. It drastically reduces the time required to protect your regulated Internet-facing data and eases the challenges associated with policy enforcement and regulatory compliance. Its intelligent, application-aware load balancing and data compression and optimization engine increases application performance, improves resource utilization and application stability while reducing server response times.
Auto-learn security profiling
Automatically and dynamically build a security model of protected applications by continuously monitoring realtime user activity. Eliminate the need for manual configuration of security profiles.
Application layer vulnerability protection
Provide out of the box protection for the most complex attacks such as SQL Injection, Cross Site Scripting, CSRF and many others. Together with the Auto Learn profiling system and advanced abilities, FortiWeb is able to create rules down to the single application element.
Dos protection
Multiple protection policies for network and application layer denial of service threats. Sophisticated mechanism helps identify and block automated attacks.
Data leak prevention
Extended monitoring and protection for credit card leakage and application information disclosure by tightly monitoring all outbound traffic. Allow customers to create their own granular signatures and DLP patterns together with predefined rules for any type of events.
Site publishing and SSO
Publish Microsoft applications such as Outlook Web Access and SharePoint with authentication delegation and single sign on integration.
Web defacement protection
Unique capabilities for monitoring protected applications for any defacement and ability to automatically and quickly revert to stored version.
Correlated threat detection
Advanced correlation of multiple attack detection mechanisms uncover sophisticated threats. Through integration of elements such as attack signatures, suspicious URLs and unknown headers, multi-event thresholds can be set up to increase attack accuracy and minimize false positive detections.
Vulnerability assessments
Automatically scans and analyzes the protected web applications and detects security weaknesses, potential application known and unknown vulnerabilities to complete a comprehensive solution for PCI DSS.
HTTP RFC compliance validation
FortiWeb blocks any attacks manipulating the HTTP protocol by maintaining strict RFC standards to prevent attacks such as encoding attacks, buffer overflows and other application specific attacks.
Antivirus
Scan file uploads using Fortinet's Antivirus engine with regular FortiGuard updates.
Multiple deployment options
Transparent inspection and True Transparent Proxy, Reverse Proxy and Offline modes allow deploying FortiWeb into any environment.
Geo IP and bot analysis
Map requests to their geographic location and analyze traffic from malicious robots, crawlers, scanners, website scrapers, and search engines.
IPv6 ready
Simplify network configuration with dual-stack support for both IPv4 to IPv6 and IPv6 to IPv4 communication.
Authentication offload
Offload your web server authentication to the FortiWeb platform while supporting different authentication schemes such as Local, LDAP, NTLM, Kerberos and RADIUS with 2-factor authentication for RADIUS and RSA SecureID.
Pre-defined policies
Allows for one click deployments and greatly eases the process of policy creation.
High availability
The high availability mode provides configuration synchronization and allows for a network-level failover in the event of unexpected outage events. Integrated bypass interfaces provide additional fail open capability for single box deployments.
Centralized logging and reporting
Centrally manage all logs and reports from multiple FortiWeb gateways with FortiAnalyzer integration.
Administrative domains
Provide role-based administration rights to designated domain owners to manage their own applications separately from others on the same FortiWeb device.
Application aware load balancing
Intelligent, application aware layer 7 load balancing eliminates performance bottlenecks, reduces deployment complexity and provides seamless application integration.
Data compression
Allows efficient bandwidth utilization and response time to users by compressing data retrieved from servers.
SSL offload
With the integration of award winning FortiASIC technology, FortiWeb is able to process tens of thousands of web transactions by providing hardware accelerated SSL offloading.