FortiWeb
Machine Learning Enabled Protection for Business-Critical Applications
Available as
FortiWeb, Fortinet’s Web Application Firewall, protects your business-critical web applications from attacks that target known and unknown vulnerabilities.
The attack surface of your web applications evolves rapidly, changing every time you deploy new features, update existing ones, or expose new web APIs. You need a solution that can keep up. FortiWeb is that solution.
FortiWeb takes a comprehensive approach to protecting Web applications, including IP reputation, DDoS protection, protocol validation, application attack signatures, bot mitigation, and more to defend your application against a wide range of threats, including the OWASP Top 10. But we don’t stop there.
FortiWeb machine learning automatically builds and maintains a model of normal user behavior and uses that model to identify benign and malicious application traffic without the time-consuming manual application-learning required by most WAFs.
FortiWeb WAFs provide advanced features that defend your web applications and APIs from known and zero-day threats. Using an advanced multi-layered approach, FortiWeb protects against the OWASP Top 10 and more. FortiWeb ML customizes the protection of each application, providing robust protection without requiring the time-consuming manual tuning required by other solutions. With ML, FortiWeb identifies anomalous behavior and, more importantly, distinguishes between malicious and benign anomalies. The solution also features robust bot mitigation capabilities, allowing benign bots to connect (e.g. search engines) while blocking malicious bot activity.
Hardware Appliances
|
Throughput
|
25 Mbps
|
| Ports |
4x GE RJ45
|
|
Throughput
|
100 Mbps
|
| Ports |
4x GE RJ45, 4x GE SFP
|
|
Throughput
|
250 Mbps
|
| Ports |
4x GE RJ45 (2x bypass), 4x GE SFP
|
|
Throughput
|
1 Gbps
|
| Ports |
2x GE SFP, 6x GE RJ45 (includes 4x bypass)
|
|
Throughput
|
1.3 Gbps
|
| Ports |
2x 10 GE SFP+, 2x GE RJ45, 4x GE RJ45 bypass, 4x GE SFP
|
|
Throughput
|
2.5 Gbps
|
| Ports |
2x 10 GE SFP+, 4x GE RJ45 bypass, 4x GE SFP
|
|
Throughput
|
20 Gbps
|
| Ports |
8x GE RJ45 bypass, 4x GE SFP, 2x 10G SFP+ bypass, 2x 10G SFP+
|
Virtual Machines
|
Throughput
|
25 Mbps
|
| vCPU |
1
|
|
Throughput
|
100 Mbps
|
| vCPU |
2
|
|
Throughput
|
500 Mbps
|
| vCPU |
4
|
|
Throughput
|
2 Gbps
|
| vCPU |
8
|
Public Cloud
FortiWeb is available in all major public cloud providers, including Amazon Web Services (AWS), Microsoft Azure, Oracle, and Google. Amazon Web Services (AWS) and Microsoft Azure are supported for both BYOL (bring your own license) and On-demand (pay-as-you go).
Container Appliances
|
Throughput
|
25 Mbps
|
|
Throughput
|
100 Mbps
|
|
Throughput
|
500 Mbps
|
|
Throughput
|
2 Gbps
|
SaaS
Requiring no hardware or software, FortiWeb Cloud WAF as a Service employs gateways running in most AWS regions to scrub your application traffic within the same region your applications reside. Scrubbing traffic in region addresses performance and regulatory concerns and keeping traffic cost to minimum.
With a built in simple setup wizard and predefined policies, FortiWeb Cloud delivers the security you need within minutes, removing the usual complexity required when setting up a WAF. More advanced users can easily enable additional security modules if needed, free of charge.