FortiWeb 是 Fortinet 的 Web 应用防火墙,可保护您的关键业务 Web 应用免受针对已知和未知漏洞的攻击。
您的 Web 应用的攻击表面会迅速发展,每当您部署新功能、更新现有功能或公开新的 Web API 时都会发生变化。您需要一个能跟上这种节奏的解决方案。 而 FortiWeb 就是这样的解决方案。
概述
FortiWeb 型号与规格
FortiWeb 有各种不同的型号和形式,无论您是想要入门级的硬件设备还是可适应最新云环境的复杂 VM,都可以满足。
View by:
FortiWeb 设备采用多核处理器技术,结合基于硬件的 SSL 工具,以提供超快的受保护 WAF 吞吐量。
吞吐量 |
50 Mbps |
| 接口 | 4x GE RJ45 |
吞吐量 |
250 Mbps |
| 接口 | 4x GE RJ45、4x GE SFP |
吞吐量 |
750 Mbps |
| 接口 | 4x GE RJ45 (2x bypass)、4x GE SFP |
吞吐量 |
1.3 Gbps |
| 接口 | 2x 10 GE SFP+、2x GE RJ45、4x GE RJ45 bypass、4x GE SFP |
吞吐量 |
2.5 Gbps |
| 接口 | 2x 10 GE SFP+、4x GE RJ45 bypass、4x GE SFP |
吞吐量 |
5 Gbps |
| 接口 | 4x 10 GE SFP+、8x GE RJ45 bypass、4x GE SFP |
吞吐量 |
20 Gbps |
| 接口 | 8x GE RJ45 bypass、4x GE SFP、2x 10G SFP+ bypass、2x 10G SFP+ |
FortiWeb 的虚拟版本可以部署到 VMware、Microsoft Hyper-V、Citrix XenServer、Open Source Xen、VirtualBox、KVM 和 Docker 平台。
吞吐量 |
25 Mbps |
| vCPU | 1 |
吞吐量 |
100 Mbps |
| vCPU | 2 |
吞吐量 |
500 Mbps |
| vCPU | 4 |
吞吐量 |
3 Gbps |
| vCPU | 8 |
实际的性能值可能会因网络流量与系统配置而异。使用 Dell PowerEdge R710 服务器(2x Intel Xeon E5504 2.0 GHz 4 MB 高速缓冲内存)运行 VMware ESXi 5.5,4 vCPU 与 8 vCPU FortiWeb 虚拟设备分配 4 GB 的 vRAM,2 vCPU FortiWeb 虚拟设备分配 4 GB 的 vRAM,以查看其性能指标。
FortiWeb 可由所有主要的公有云供应商提供,包括 Amazon Web Services (AWS)、Microsoft Azure、Oracle 和 Google。 Amazon Web Services (AWS) 和 Microsoft Azure 均支持自带证书 (BYOL) 和即用即付 (PAYG) 两种方式。请参阅 Cloud Marketplace 列表,了解更多信息:
FortiWeb 容器设备可在容器化环境中保护您的工作负载和数据。
吞吐量 |
25 Mbps |
吞吐量 |
100 Mbps |
吞吐量 |
500 Mbps |
吞吐量 |
3 Gbps |
吞吐量和其他指标是每个版本允许的最大值。实际的性能值可能会因网络流量与系统配置而异。
FortiWeb Cloud WAF 即服务是一种基于云计算的 SaaS Web 应用防火墙 (WAF),可保护公有云托管 Web 应用免受 OWASP 十大安全威胁、零日威胁和其他应用层攻击。
FortiWeb Cloud WAF 即服务不需要硬件或软件,它利用在大多数 AWS 区域运行的网关来清理您的应用所在的同一区域内的应用流量。 清理区域内的流量有助于解决性能和监管问题,并将流量成本降至最低。
FortiWeb Cloud WAF 即服务不需要硬件或软件,它利用在大多数 AWS 区域运行的网关来清理您的应用所在的同一区域内的应用流量。 清理区域内的流量有助于解决性能和监管问题,并将流量成本降至最低。
通过内置的简单设置向导和预定义策略,FortiWeb Cloud 可在几分钟内就能提供您所需要的安全防护,并消除设置 WAF 时通常会有的复杂性。如果需要,更高级的用户可以免费轻松启用其他安全模块。
有关更多信息,请访问此处。
FortiWeb Cloud WAF 即服务 (FWCWaaS)
FortiWeb Cloud WAF 即服务是一种基于云计算的安全即服务 (SaaS) Web 应用防火墙 (WAF),可保护公有云托管 Web 应用免受 OWASP 十大安全威胁、零日威胁和其他应用层攻击。
|
Fortinet FortiWeb Cloud WAF-as-a-Service
Fortinet FortiWeb Cloud WAF-as-a-Service
马上观看Fortinet 无需硬件或软件,即可在应用所在的相同 AWS、Azure 和 Google Cloud 区域中使用 WAF 网关来交付 FortiWeb Cloud WAF 即服务。清理区域内的流量有助于解决性能和监管问题,同时将流量成本降至最低。
通过内置的设置向导和预定义策略,FortiWeb Cloud WAF 即服务可在几分钟内就能提供必要的安全防护,并消除设置 WAF 时通常会有的复杂性。如果需要,更高级的用户可以免费轻松启用其他安全模块。详细了解 FortiWeb Cloud WAF 即服务。
Web 应用的高级威胁防护
FortiWeb Cloud WAF 即服务可保护应用免遭漏洞利用、机器人程序、恶意软件上传、DDoS 攻击、高级持续性威胁 (APT)、未知攻击和零日攻击等的威胁。该解决方案还利用了 Fortinet 屡获殊荣的 FortiGuard Labs 的服务,提供签名、沙盒和 IP 信誉,以确保组织拥有最新的威胁保护和更新。
低总体拥有成本 (TCO)
作为与组织的应用部署在同一 AWS、Azure 或 Google Cloud 区域的云原生 SaaS 解决方案,FortiWeb Cloud WAF 即服务无需维护硬件或软件,并且可以显著降低出站数据传输成本。为您带来应用和 WAF 之间流量的低延迟以及区域内 AWS 带宽速率的优势。
简化合规要求
Fortinet 利用与组织的应用位于同一 AWS、Azure 或 Google Cloud 区域的 WAF 网关集落,来交付 FortiWeb Cloud WAF 即服务。这使得应用可以避免受到其他区域监管要求的约束。
购买方案灵活
无论客户喜欢预配置容量还是按处理的数据量付费,FortiWeb Cloud WAF 即服务都能支持最适合客户业务优先事项和预算考虑的选择。
Google Cloud Marketplace
有关详细信息,请参阅 Google Cloud Marketplace 列表
AWS Marketplace
有关详细信息,请参阅 AWS Marketplace 列表
Azure Marketplace
有关详细信息,请参阅 AWS Marketplace 列表
Oracle Cloud Infrastructure Marketplace
有关详细信息,请参阅 Oracle Cloud Infrastructure Marketplace 列表
体验和免费试用
体验现场演示,免费试用 FortiWeb Cloud WAF 即服务 14 天。
适用于 FortiWeb 的 FortiGuard 安全服务
FortiWeb 采用多种 FortiGuard 安全服务来保护 Web 应用程序免受攻击。这些年度订阅可以单独购买,也可以与您的 FortiWeb 解决方案一起购买。
Web Application Security
FortiGuard Web Application Security uses information based on the latest application vulnerabilities, bots, suspicious URL patterns and data-type patterns, and specialized heuristic detection engines, to ensure your web applications remain safe from application-layer threats.
IP 信誉和反僵尸网络
FortiGuard IP 信誉服务能够从威胁传感器、CERT、MITRE、合作友商及其他全球来源组成的 Fortinet 分布式网络中聚合恶意源 IP 数据,这些信息来源将协同提供有关恶意数据源的最新威胁情报。从分布式网络网关获取的近乎实时的情报与 FortiGuard 实验室提供的一流研究成果相结合,可确保组织安全无虞,并助力主动拦截攻击。
FortiCloud 沙箱
FortiCloud 沙箱服务是一款高级威胁检测解决方案,可执行动态分析,以识别以前未知的恶意软件。FortiCloud 沙箱生成的可执行情报将应用到您网络内的预防控制系统中,从而消除威胁。
Credential Stuffing Defense
Fortinet’s Credential Stuffing Defense identifies login attempts using credentials that have been compromised using an always up-to-date feed of stolen credentials. Administrators can configure their supported devices to take various actions if a suspicious login is used including logging, alerts, and blocking.
服务捆绑包
标准
为您的 web 应用程序提供核心防护服务,包括 Web 应用安全、IP 信誉和反僵尸网络解决方案以及杀毒服务。
高级
如果您想要最好的 web 应用安全保护,可以选择高级捆绑包,其中涵盖了标准捆绑包里所有的服务,外加 FortiCloud 沙盒服务以及凭据填塞攻击防御服务。
资源
View by:
案例研究
解决方案指南
电子书
网络研讨会和视频
通用标准
Fortinet 的产品已获得基于 NDPP、EAL2+ 与 EAL4+ 的通用标准认证。通用标准的评估包含对产品或系统在安全方面的正式且严格的分析与测试。众多的测试活动涉及一个全面、正式、可重复的过程,以确认产品功能确如制造商所言。评估时还会对安全弱点以及潜在漏洞进行特别检测。有关 Fortinet 最新通用标准认证的更多信息如下所示:
- FortiWeb 5.6 CC NDcPP
经 ICSA Labs 验证的:反病毒、企业防火墙、IPsec、NIPS、SSL-TLS 以及 Web 应用防火墙
FortiGate 与 FortiWeb 产品在 6 个常见认证项目里都是根据 ICSA 标准进行的评估。ICSA Labs 管理和赞助着安全联盟,此联盟为安全产品的主要供应商提供一个可进行情报共享的论坛。另外,ICSA Labs 还发布调查、安全行业研究以及计算机安全产品买家指南。
FortiWeb 生态系统
FortiWeb 提供了众多主要 IT 供应商的集成,以此作为 Fortinet Security Fabric 安全架构的一部分。以下是当前 FortiWeb 联盟合作伙伴列表:
Hewlett Packard Enterprise
Hewlett Packard Enterprise is an industry-leading technology company that enables customers to go further, faster. With the industry’s most comprehensive portfolio, HPE's technology and services help customers around the world make IT more efficient, more productive, and more secure.
- Fortinet-HPE Alliance Brief
- HPE Aruba Solution Brief
- HPE Aruba Technical Guide
- Fortinet and HPE-GreenLake Solution Brief
- Fortinet and HPE Edgeline Converged Edge Systems and OT Link Solution Brief
- Fortinet and HPE IT OT Convergence Security Solution White Paper
- Fortinet and HPE Proliant for Microsoft Azure Solution Brief
- Fortinet and HPE Proliant for Microsoft Azure White Paper
- Fortinet-HPE SDN Solution Brief
- Fortinet, HPE, and Pensando Innovative Edge-to-Core Solution Brief
- Fortinet, HPE, and Scality Distributed Object Storage Environment Solution Brief
- Fortinet and HPE Zerto Ransomware Protection Solution Brief
IBM
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
- IBM Security Alliance Overview
- Fortinet – IBM Security AppScan Solution Brief
- Fortinet – IBM Security QRadar Solution Brief
- Fortinet FortiGate and IBM QRadar Deployment Guide
- FortiGate App For IBM QRadar Technical Solution Guide
- Fortinet - IBM Resilient Technical Deployment Guide
- Fortinet - IBM Cloud Connector Solution Brief
- Fortinet FortiSOAR Connector for IBM QRadar
- IIoT World Webinar Recording
Qualys
Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions with over 8,800 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100.
Thales
Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology. Together with Fortinet, Thales provides advanced security certificate management by the Luna HSM for the encryption and decryption of secure application and session traffic.
WhiteHat
Combining advanced technology with the expertise of its global Threat Research Center (TRC) team, WhiteHat delivers application security solutions that reduce risk, reduce cost, and accelerate the deployment of secure applications and websites.
Fuse 社区
FortiWeb 生态系统
FortiWeb 提供了众多主要 IT 供应商的集成,以此作为 Fortinet Security Fabric 安全架构的一部分。以下是当前 FortiWeb 联盟合作伙伴列表:
Alcide
Alcide is a cloud-native security leader with the mission to empower DevOps and security teams to manage application and networking security through the intelligent automation of security policies applied uniformly, regardless of the workload and infrastructure.
Amazon Web Services
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
Cubro
Cubro is a leading manufacturer and global supplier of IT Network TAPs, Advanced Network Packet Brokers and Bypass Switches. Together with Fortinet we enable total network visibility into your traffic, where we differentiate solutions for Telecommunications, ISP, Data Centre, Enterprise, and Government in virtualized or physical environments.
D3 Security
D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.
DFLabs
DFLabs IncMan SOAR leverages existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of incidents. Together with Fortinet, IncMan allows joint customers to respond to security incidents in a faster, more informed and efficient manner.
ElevenPaths
At ElevenPaths, Telefónica Cyber Security Unit, we believe in the idea of challenging the current state of security, an attribute that must always be present in technology. We’re always redefining the relationship between security and people, with the aim of creating innovative security products which can transform the concept of security, thus keeping us one step ahead of attackers, who are increasingly present in our digital life.
- Fortinet-ElevenPaths Metashield for ICAP solution brief
- Fortinet-ElevenPaths Vamps solution brief
- Press Release
Gigamon
Gigamon provides active visibility into physical and virtual network traffic, enabling stronger security, and superior performance.
Google Cloud Platform
Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.
HashiCorp
HashiCorp is the leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, and Nomad are downloaded tens of millions of times each year and are broadly adopted by the Global 2000.
Hewlett Packard Enterprise
Hewlett Packard Enterprise is an industry-leading technology company that enables customers to go further, faster. With the industry’s most comprehensive portfolio, HPE's technology and services help customers around the world make IT more efficient, more productive, and more secure.
- Fortinet-HPE Alliance Brief
- HPE Aruba Solution Brief
- HPE Aruba Technical Guide
- Fortinet and HPE-GreenLake Solution Brief
- Fortinet and HPE Edgeline Converged Edge Systems and OT Link Solution Brief
- Fortinet and HPE IT OT Convergence Security Solution White Paper
- Fortinet and HPE Proliant for Microsoft Azure Solution Brief
- Fortinet and HPE Proliant for Microsoft Azure White Paper
- Fortinet-HPE SDN Solution Brief
- Fortinet, HPE, and Pensando Innovative Edge-to-Core Solution Brief
- Fortinet, HPE, and Scality Distributed Object Storage Environment Solution Brief
- Fortinet and HPE Zerto Ransomware Protection Solution Brief
IBM
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
- IBM Security Alliance Overview
- Fortinet – IBM Security AppScan Solution Brief
- Fortinet – IBM Security QRadar Solution Brief
- Fortinet FortiGate and IBM QRadar Deployment Guide
- FortiGate App For IBM QRadar Technical Solution Guide
- Fortinet - IBM Resilient Technical Deployment Guide
- Fortinet - IBM Cloud Connector Solution Brief
- Fortinet FortiSOAR Connector for IBM QRadar
- IIoT World Webinar Recording
Micro Focus
Micro Focus is a global software company with 40 years of experience in delivering and supporting enterprise software solutions that help customers innovate faster with lower risk. Our portfolio enables our 20,000 customers to build, operate and secure the applications and IT systems that meet the challenges of change. We are a global software company, committed to enabling customers to both embrace the latest technologies and maximize the value of their IT investments. Everything we do is based on a simple idea: the fastest way to get results from new technology investments is to build on what you have–in essence, bridging the old and the new.
- Fortinet-Micro Focus Fortify WebInspect Solution Brief
- Fortinet-Micro Focus ArcSight ESM Solution brief
- ArcSight Marketplace
Microsoft Azure
Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.
Nutanix
Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform leverages web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.
Oracle
Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.
Qualys
Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions with over 8,800 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100.
Red Hat Ansible
The Fortinet–Red Hat partnership enables innovative and high-performance security solutions that can be easily managed and scaled with automation to reduce complexity. Integrations between multiple Fortinet and Red Hat solutions, including Ansible, Openstack and Openshift, provide options to secure applications, workloads, networks, and clouds that can adapt to evolving business needs.
Restorepoint
Restorepoint’s solutions help organisations and service providers reduce cost, manage unforeseen risks, and to accelerate change management across their multi-vendor network infrastructures. Using our cost-effective products, customers can quickly automate Network Outage Protection, Compliance Auditing, and Privileged Access Management and to simplify Bulk Change Management.
Splunk
Splunk Inc. is the market-leading platform that powers Operational Intelligence.
Thales
Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology. Together with Fortinet, Thales provides advanced security certificate management by the Luna HSM for the encryption and decryption of secure application and session traffic.
WhiteHat
Combining advanced technology with the expertise of its global Threat Research Center (TRC) team, WhiteHat delivers application security solutions that reduce risk, reduce cost, and accelerate the deployment of secure applications and websites.
View by:
诚邀您订阅产品操作界面完整演示,我们将带您一同探索 FortiWeb WAF的多样化功能。您将快速了解FortiWeb如何保护Web服务器及应用,包括 SQL 注入、跨站点脚本编写、缓冲区溢出、Cookie 中毒、恶意来源和 DoS 攻击等复杂威胁防御。
FortiWeb Web 应用安全解决方案:Web 应用和 API 防护用例
Web 应用和 API 已成为构建业务关键型应用程序的首选工具,而这些应用程序必须跟上业务的需求。FortiWeb 提供保护这些现代 Web 应用所需的性能、可管理性和广泛的防护功能。
应用防护
保护应用免受已知威胁和零日威胁,而不会阻止合法用户,也不会产生传统应用学习所需的过多管理开支。
API 防护
保护支持移动应用并启用 B2B 通信的 API。
机器人程序攻击缓解
防御机器人程序的恶意活动,而不阻止支持合法业务需求的机器人程序,例如,搜索引擎或运行状况和性能监控工具。
功能与优点
高级可视分析
FortiWeb 的可视报告工具可提供对攻击来源、类型与其他元素的详细分析报告,此报告提供的见解是其他 WAF 解决方案无法提供的
减少误报工具
这些高级工具最大程度地减少了对政策与异常列表的日常管理,以保证只有不受欢迎的流量被拒之门外
基于硬件的加速
FortiWeb 提供行业领先的受保护 WAF 吞吐量和快如闪电的安全流量加密/解密服务
FortiWeb 的 WAF 解决方案
FortiWeb WAF 提供高级功能,以保护您的网络应用和 API 免受已知威胁和零日威胁。FortiWeb 采用先进的多层防护方法,可抵御 OWASP 十大安全威胁以及诸多其他威胁。FortiWeb ML 可自定义每个应用的保护,提供强大的安全防护功能,而无需像其他解决方案一样进行耗时的手动调谐。借助 ML,FortiWeb 可识别异常行为,更重要的是,可区分恶意和良性异常。该解决方案还具有强大的机器人程序攻击缓解功能,允许良性机器人程序进行连接(例如,搜索引擎),同时阻止恶意的机器人程序活动。
FortiWeb 提供的部署选项可以保护业务应用,无论这些应用被托管在哪里。这些选项包括硬件设备、虚拟机和容器,它们可以部署在数据中心、云环境中,或者部署在云原生 SaaS 解决方案 FortiWeb Cloud WAF 即服务中。
FortiWeb 视频
阅读 Steelcase 案例研究
