FortiWeb
Web Application Firewall – FortiWeb
Rješenje namijenjeno za zaštitu web aplikacija
Nezaštićene web aplikacije hakerima omogućavaju najjednostavniji pristup do podataka koji se nalaze iza tih aplikacija. S povećanjem online poslovanja postoji i sve više web aplikacija koje je potrebno prikladno zaštiti. Fortinetov pristup je korištenje FortiWeb web aplikacijskih firewallova koji imaju ugrađene mehanizme razumijevanja i zaštite web prometa. Sva ova rješenja štite i od OWASP Top 10 prijetnji. Dodatno je dostupan i Web Application Security servis koji korištenjem FortiGuard Labs potpisa omogućuje zaštitu od svih aplikacijskih ranjivosti. Rješenje također ima i L7 load balancing mogućnosti i SSL ubrzavanje prometa.
FortiWeb omogućava 100% zaštitu od svih naprednih napada na web aplikacije uz pomoć:
- Vulnerability scan
- IP reputation, signatures of attacks, antvirius with FortiGuard support
- Detection of behavioral attacks, threat scanning: protection against botnets, DoS, automatic attacks, etc.
- Integration with FortiSandbox for ATP detection
- Instruments that provide visibility to attacks
- Validity in both AWS and Azure Marketplaces
Jednostavna integracija s FortiGate i FortiSandbox uređajima
Dodavanjem FortiWeb uređaja u Fortinet Security Fabric omogućena je jednostavna integracija s FortiGate uređajem. Na ovaj način svo web aplikacijsko skeniranje se odrađuje na FortiWeb uređaju.
Na isti način se FortiWeb može povezati i s FortiSandbox uređajem ili cloud servisom, koji omogućava provjeru svih dokumenata koji se postavljaju na web server.
FortiWeb funkcionalnosti
Deployment options
- Reverse Proxy
- Inline Transparent
- True Transparent Proxy
- Offline Sniffing
- WCCP
Web Security
- Automatic profiling (white list)
- Web server and application signatures (black list)
- IP Reputation
- IP Geolocation
- HTTP RFC compliance
Application Attack Protection
- OWASP Top 10
- Cross Site Scripting
- SQL Injection
- Cross Site Request Forgery
- Built-in Vulnerability Scanner
- Third-party scanner integration (virtual patching)
Security Services
- Web services signatures
- XML protocol conformance
- Malware detection
- Virtual patching
- Protocol validation
- Brute force protection
- Cookie poisoning protection
- Custom error message and error code handling
- Operating system intrusion signatures
- Known threat and zero-day attack protection
- DoS prevention
- Advanced correlation protection using multiple security elements
- Data leak prevention
- Protection
Application Delivery
- Layer 7 server load balancing
- URL Rewriting
- Content Routing
- HTTPS/SSL Offloading
- HTTP Compression
- Caching
Authentication
- Active and passive authentication
- Site Publishing and SSO
- RSA Access for 2-factor authentication
- LDAP and RADIUS support
- SSL client certificate support
Management and Reporting
- Web user interface
- Command line interface
- Central management for multiple devices
- REST API
- Centralized logging and reporting
- Real-time dashboards
- Bot dashboard
- Geo IP Analytics
- SNMP, Syslog and email Logging/Monitoring
- Administrative Domains with full RBAC
Other
- IPv6 Ready
- HSM Integration
- High Availability with Config-sync for syncing across multiple active appliances
- Auto setup and default configuration settings for simplified deployment
- Setup Wizards for common applications and databases
- Preconfigured for common Microsoft applications; Exchange, SharePoint, OWA
- Predefined security policies for Drupal and WordPress applications