FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using AI-enhanced multi-layer and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.
- Acceleration and Performance Multi-core processor technology combined with hardware-based SSL tools deliver blazing fast protected WAF throughput.
- Application Protection Protection from the OWASP Top Ten application attacks including Cross Site Scripting and SQL Injection.
- AI-based Machine Learning Threat Detection Dual-layer machine learning engines are employed to detect application request anomalies and determine if they are threats.
Comprehensive Web Application Security with FortiWeb
Using an advanced multi-layered and correlated approach, FortiWeb provides complete security for your external and internal web-based applications from the OWASP Top 10 and many other threats. At the heart of FortiWeb is AI-based detection engine that uses machine learning to identify requests that stray from normal patterns and takes action to protect applications from known and unknown zero-day threats.
Dual-Layer Machine Learning Powered by FortiGuard Labs
Although Web Application Firewalls are the best defense against attacks that target web-based applications, WAFs can be tedious and time-consuming to fine tune to prevent unwanted false positive detections. FortiWeb solves this challenge using an AI-based machine learning approach that employs two separate detection engines.
The first automatically and dynamically monitors all application elements for activity that strays from predicted entries. If this first engine flags what it determines is an anomaly, it is then sent to the second machine learning layer to assess if it is a threat or simply a benign variance such as a typo or new character that hasn’t been seen previously. If it is an attack, then FortiWeb can take actions such as logging, alerting and/or blocking the request. The second machine learning layer uses threat models that are included as part of the FortiWeb solution and are updated with the FortiGuard WAF Security Service to provide protection from new threats that require model retraining and testing.
FortiWeb’s machine learning accurately detects anomalies and more importantly identifies which are threats. Unlike prevailing autolearning detection models used by other WAF vendors that treat every anomaly as a threat, FortiWeb’s precision nearly eliminates false positive detections and catches attack types that others can’t.
Deep Integration into the Fortinet Security Fabric and Third-Party Scanners
As the threat landscape evolves, many new threats require a multi-pronged approach for protecting web-based applications. Advanced Persistent Threats that target users can take many different forms than traditional single-vector attack types and can evade protections offered only by a single device. FortiWeb’s integration with FortiGate and FortiSandbox extend basic WAF protections through synchronization and sharing of threat information to both deeply scan suspicious files and share infected internal sources.
FortiWeb also provides integration with leading third-party vulnerability scanners including Acunetix, HP WebInspect, IBM AppScan, Qualys, IBM QRadar, and WhiteHat to provide dynamic virtual patches to security issues in application environments. Vulnerabilities found by the scanner are quickly and automatically turned into security rules by FortiWeb to protect the application until developers can address them in the application code.
Solving the Challenge of False Threat Detections
False positive threat detections can be very disruptive and force many administrators to loosen security rules on their web application firewalls to the point where many often become a monitoring tool rather than a trusted threat avoidance platform. The installation of a WAF may take only minutes, however fine-tuning can take days, or even weeks. Even after setup, a WAF can require regular checkups and tweaks as applications and the environment change.
FortiWeb’s AI-based machine learning addresses false positive and negative threat detections without the need to tediously manage whitelists and fine-tune threat detection policies. With near 100% accuracy, the dual layer machine learning engines detect anomalies and then determine if they are threats unlike other methods that block all anomalies regardless of their intent. When combined with other tools, including user tracking, device fingerprinting, and threat weighting, FortiWeb virtually eliminates all false detection scenarios.
Advanced Graphical Analysis and Reporting
FortiWeb includes a suite of graphical analysis tools called FortiView. Similar to other Fortinet products such as FortiGate, FortiWeb gives administrators the ability to visualize and drill-down into key elements of FortiWeb such as server/IP configurations, attack and traffic logs, attack maps, and user activity. FortiView for FortiWeb lets administrators quickly identify suspicious activity in real time and address critical use cases such as origin of threats, common violations, and client/device risks.
Secured by FortiGuard
Fortinet’s Award-winning FortiGuard Labs is the backbone for many of FortiWeb’s layers in its approach to application security. Offered as 5 separate options, you can choose the FortiGuard services you need to protect your web applications. FortiWeb IP Reputation service protects you from known attack sources like botnets, spammers, anonymous proxies, and sources known to be infected with malicious software. FortiWeb Security Service is designed just for FortiWeb including items such as application layer signatures, machine learning threat models, malicious robots, suspicious URL patterns and web vulnerability scanner updates. Credential Stuffing Defense checks login attempts against FortiGuard’s list of compromised credentials and can take actions ranging from alerts to blocking logins from suspected stolen user ids and passwords. The FortiSandbox Cloud subscription enables FortiWeb to integrate with Fortinet’s cloud-sandbox service. Finally, FortiWeb offers FortiGuard’s top-rated antivirus engine that scans all file uploads for threats that can infect your servers or other network elements.
VM and Cloud Options
FortiWeb provides maximum flexibility in supporting your virtual and hybrid environments. The virtual versions of FortiWeb support all the same features as our hardware-based devices and can be deployed in VMware, Microsoft Hyper-V, Citrix XenServer, Open Source Xen, VirtualBox, KVM and Docker platforms. FortiWeb is also available for Amazon Web Services, Microsoft Azure, and Google Cloud.
Also available as a cloud-based subscription service, FortiWeb Cloud is a convenient and easy-to-deploy WAF that’s always up-to-date. For organizations that need to quickly deploy a WAF and keep maintenance to a minimum, FortiWeb Cloud scales to meet traffic demands without the hassles of managing hardware and software. Nearly a “set-and-forget” WAF, FortiWeb Cloud delivers basic web application functionality for smaller applications and distributed applications that are difficult to manage. Please note that FortiWeb Cloud does not support the entire feature set included in the hardware and VM versions. Please contact us for more information.