- Call for next available delivery
- 4 Ethernet, Fast Ethernet, Gigabit Ethernet Ports
- Remote Management over HTTP
FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
Web applications are an easy target:
Although Payment Card Industry Data Security Standards (PCI DSS) compliance is the main reason most organizations deploy Web Application Firewalls (WAFs), many now realize that unprotected web applications are the easiest point of entry for even unsophisticated hackers. Externally facing web applications are vulnerable to attacks such as cross site scripting, SQL injection, and Layer 7 Denial of Service (Dos). Internal web applications are even easier to compromise if an attacker is able to gain access to an internal network where many organizations think they're protected by their perimeter network defenses.
Comprehensive Web application security with FortiWeb:
Using an advanced multi-layered and correlated approach, FortiWeb provides complete security for your external and internal web-based applications from the OWASP Top 10 and many other threats. Using IP Reputation services, botnets and other malicious sources are automatically screened out before they can do any damage. Dos detection and prevention keeps your applications safe from being overloaded by Layer 7 Dos attacks. FortiWeb checks that the request hasn't been manipulated using HTTP RFC validation. Requests are checked against FortiWeb's signatures to compare them against known attack types to make sure they're clean. Any files, attachments or code are scrubbed with FortiWeb's built-in antivirus and antimalware services. FortiWeb's auto-learning behavioral detection engine reviews all requests that have passed the tests for known attacks.
Included vulnerability scanning:
Only FortiWeb includes a web application vulnerability scanner in every appliance at no extra cost to help you meet PCI DSS compliance. FortiWeb's vulnerability scanning dives deep into all application elements and provides in-depth results of potential weaknesses in your applications. Vulnerability scanning is always up-to-date with regular updates from FortiGuard Labs.
Blazing fast SSL offloading:
FortiWeb is able to process up to tens of thousands of web transactions by providing hardware accelerated SSL offloading in most models. With near real-time decryption and encryption using ASIC-based chipsets, FortiWeb can easily detect threats that target secure applications.
Application delivery and authentication:
FortiWeb provides advanced Layer 7 load balancing and authentication offload services. FortiWeb can easily expand your applications across multiple servers using intelligent, applicationaware Layer 7 load balancing and can be combined with SSL offloading for load balancing secure application traffic. Using HTTP compression, FortiWeb can also improve bandwidth utilization and user response times for content-rich applications. Authentication offloading integrates with many authentication services including LDAP, NTLM, Kerberos and RADIUS with 2-factor authentication for RADIUS and RSA SecureID. Using these authentication services, you can easily publish websites and use Single Sign On (SSO) for any web application including Microsoft applications such as Outlook Web Access and SharePoint. Finally, FortiWeb can improve application response times by caching often-used content to serve it users faster than having to request the same information each time it is needed.
Secured by FortiGuard:
Fortinet's Award-winning FortiGuard Labs is the backbone for many of FortiWeb's layers in its approach to application security. Offered as 3 separate options, you can choose the FortiGuard services you need to protect your web applications. FortiWeb IP Reputation service protects you from known attack sources like botnets, spammers, anonymous proxies, and sources known to be infected with malicious software. FortiWeb Security Service is designed just for FortiWeb including items such as application layer signatures, malicious robots, suspicious URL patterns and web vulnerability scanner updates. Finally, FortiWeb offers FortiGuard's top-rated antivirus engine that scans all file uploads for threats that can infect your servers or other network elements.
Deep integration for advanced threat protection:
FortiWeb is one of many Fortinet products that provides integration with our FortiSandbox advanced threat detection platform. FortiWeb can be configured with FortiSandbox to share threat information and block threats as they're discovered in the sandboxing environment. Files uploaded to web servers can be sent to FortiSandbox for analysis. Alerts are sent immediately when malicious files are identified and future similar files are blocked immediately.
FortiWeb provides integration with third party vulnerability scanners to provide dynamic virtual patches to security issues in application environments. Vulnerabilities found by the scanner are quickly and automatically turned into security rules by FortiWeb to protect the application until developers can address it in the application code.
Central management and reporting:
FortiWeb offers the tools you need to manage multiple appliances and gain valuable insights on attacks that target your applications. From within a single management console you can configure and manage multiple FortiWeb gateways using VMware-based central management utility. If you need an aggregated view of attacks across your network, FortiWeb easily integrates into FortiAnalyzer reporting appliances for centralized logging and report consolidation from multiple FortiWeb devices.
# Ports: 4
appliance, power adapter, documentation
1.6"h x 8.3"w x 5.2"d
(4) 1000Base-T RJ-45
(1) RJ-45 console
(2) USB Type A
Consumption: 18W (typ.)
Networking Protocol: Ethernet, Fast Ethernet, Gigabit EthernetRemote Management Protocol: HTTP
This product is subject to our return policy. Please see our complete return policy for details.
Compliant Standards: CB, C-Tick, CUL, FCC Part 15 A, UL, VCCI
Call for Warranty
Call for Warranty