FortiWeb Web 应用安全解决方案:Web 应用防火墙 (WAF)
高性能、全面的 Web 应用安全解决方案
Gartner 2020 Magic Quadrant for Web Application Firewalls (WAF)-
设备
-
虚拟机
-
SaaS
-
云
-
容器
FortiWeb 概述
未受到保护的 Web 应用程序是最容易被黑客侵入的端口,还容易受到各种类型的攻击。FortiWeb 的多层关联方法可保护您的 Web 应用程序免遭 OWASP 十大安全威胁等攻击。再结合 FortiGuard Labs 的 Web 应用安全服务,您将免受最新应用程序漏洞、僵尸网络、可疑 URL 的威胁,使用专门的启发式检测引擎,您的应用程序将可以防御诸如 SQL 注入、跨站点脚本编写、缓冲区溢出、Cookie 中毒、恶意来源和 DoS 攻击等复杂威胁。
FortiWeb 新闻
FortiWeb 软件版本 5.9.0
2018 年 3 月 19 日:FortiWeb 发布的 5.9 版软件拥有几个重要特征,如,在 Azure 上对 FortiWeb VM 提供按需支持、为 AV 提供 FTP 附件扫描以及沙盒威胁检测。 请查阅发行说明。
适用于 Azure Marketplace 的 FortiWeb 按需购买版本
2018 年 3 月 12 日:FortiWeb 虚拟机现在可支持自带许可 (BYOL) 与按需(即用即付)购买。请查阅 Azure Marketplace 列表寻找 FortiWeb。
FortiWeb 视频
FortiWeb 产品详情
无论是简单满足合规标准还是为关键任务托管应用程序提供防护,FortiWeb 的 web 应用防火墙都能提供高级功能,防护 web 应用程序免受已知威胁和零日威胁。FortiWeb 采用高级多层关联方法为您的内外部 web 应用程序提供完整的安全防护,让您远离 OWASP 十大安全威胁和诸多其他威胁。FortiWeb 的核心是基于行为的检测引擎,可以智能检测偏离正常形式的威胁,在攻击者做出破坏前进行阻止。
功能与优点
经验证的 Web 应用保护
FortiWeb 可防御 OWASP 十大安全威胁、DDoS 攻击以及诸多其他威胁,为您的关键任务 web 应用程序提供保护
基于行为的检测
除了常规的签名更新和许多其他的防御层之外,FortiWeb 基于行为的应用学习可以检测到零日攻击
Security Fabric 安全架构集成
FortiGate 防火墙与 FortiSandbox 的集成可防御高级持续性威胁
高级可视分析
FortiWeb 的可视报告工具可提供对攻击来源、类型与其他元素的详细分析报告,此报告提供的见解是其他 WAF 解决方案无法提供的
减少误报工具
这些高级工具最大程度地减少了对政策与异常列表的日常管理,以保证只有不受欢迎的流量被拒之门外
基于硬件的加速
FortiWeb 提供行业领先的受保护 WAF 吞吐量和快如闪电的安全流量加密/解密服务
FortiWeb 型号与规格
FortiWeb 有众多不同型号和各种不同形式,无论您是想要入门级的硬件设备还是可适应最新云环境的复杂 VM,都可以满足。
吞吐量 |
25 Mbps |
| 接口 | 4x GE RJ45 |
吞吐量 |
250 Mbps |
| 接口 | 4x GE RJ45、4x GE SFP |
吞吐量 |
480 Mbps |
| 接口 | 4x GE RJ45 (2x bypass)、4x GE SFP |
吞吐量 |
1.3 Gbps |
| 接口 | 2x 10 GE SFP+、2x GE RJ45、4x GE RJ45 bypass、4x GE SFP |
吞吐量 |
2.5 Gbps |
| 接口 | 2x 10 GE SFP+、4x GE RJ45 bypass、4x GE SFP |
吞吐量 |
5 Gbps |
| 接口 | 4x 10 GE SFP+、8x GE RJ45 bypass、4x GE SFP |
吞吐量 |
20 Gbps |
| 接口 | 8x GE RJ45 bypass、4x GE SFP、2x 10G SFP+ bypass、2x 10G SFP+ |
吞吐量 |
25 Mbps |
| vCPU | 1 |
吞吐量 |
100 Mbps |
| vCPU | 2 |
吞吐量 |
500 Mbps |
| vCPU | 4 |
吞吐量 |
2 Gbps |
| vCPU | 8 |
如果您已经是 FortiWebCloud 的用户,请点击此处访问服务。
适用于 FortiWeb 的 FortiGuard 安全服务
FortiWeb 采用多种 FortiGuard 安全服务来保护 Web 应用程序免受攻击。这些年度订阅可以单独购买,也可以与您的 FortiWeb 解决方案一起购买。
Web Application Security
FortiGuard Web Application Security uses information based on the latest application vulnerabilities, bots, suspicious URL patterns and data-type patterns, and specialized heuristic detection engines, to ensure your web applications remain safe from application-layer threats.
IP 信誉和反僵尸网络
FortiGuard IP 信誉服务能够从威胁传感器、CERT、MITRE、合作友商及其他全球来源组成的 Fortinet 分布式网络中聚合恶意源 IP 数据,这些信息来源将协同提供有关恶意数据源的最新威胁情报。从分布式网络网关获取的近乎实时的情报与 FortiGuard 实验室提供的一流研究成果相结合,可确保组织安全无虞,并助力主动拦截攻击。
FortiCloud 沙箱
FortiCloud 沙箱服务是一款高级威胁检测解决方案,可执行动态分析,以识别以前未知的恶意软件。FortiCloud 沙箱生成的可执行情报将应用到您网络内的预防控制系统中,从而消除威胁。
内容阻断 & 复原
内容阻断 & 复原 (CDR) 功能可实时移除文件中所有的活动内容,创建一个清洁的平面文件。所有活动内容都被视为可疑内容并被移除。CDR 可以处理所有传入文件,对它们进行解构,然后移除所有不符合防火墙策略的元素。
服务捆绑包
标准
为您的 web 应用程序提供核心防护服务,包括 Web 应用安全、IP 信誉和反僵尸网络解决方案以及杀毒服务。
高级
如果您想要最好的 web 应用安全保护,可以选择高级捆绑包,其中涵盖了标准捆绑包里所有的服务,外加 FortiCloud 沙盒服务以及凭据填塞攻击防御服务。
Data Sheets
Solution Guides
White Papers
Analyst Reports
Webinars
Videos
Training
Product Demos
FortiWeb Cloud WAF as a Service demo
Log into our SaaS portal and explore the many features of our FortiWeb Cloud WAF as a Service. Enjoy comprehensive Web Application Security without the need to manage and maintain appliances or virtual instances.
Access the demoFortiWeb Demo
This full working demo lets you explore the many features of our FortiWeb Web Application Firewall (WAF). You’ll quickly see how FortiWeb easily displays system resource utilization and attack logs, and gives you everything you need in the easy-to-use attack console. Be sure to check out our comprehensive web protection profiles and in-depth reporting.
Complete the form below to access the demo.
Common Criteria
Fortinet products have received NDPP, EAL2+, and EAL4+ based Common Criteria certifications. Common Criteria evaluations involve formal rigorous analysis and testing to examine security aspects of a product or system. Extensive testing activities involve a comprehensive and formally repeatable process, confirming that the security product functions as claimed by the manufacturer. Security weaknesses and potential vulnerabilities are specifically examined during an evaluation. More information on the latest Fortinet Common Criteria Certifications are available below:
ICSA Labs Certified: Antivirus, Corporate Firewall, IPsec, NIPS, SSL-TLS, and Web Application Firewall
FortiGate and FortiWeb products are evaluated against ICSA criteria in 6 popular Certification programs. ICSA Labs manages and sponsors security consortia that provides a forum for intelligence sharing among the leading vendors of security products. In addition, ICSA Labs publishes surveys, security industry studies, and buyer's guides for computer security products.
NSS Labs WAF 2014 SVM
In its first-ever web application firewall testing, NSS Labs reported that the FortiWeb-1000D achieved an overall block rate of 99.85% at $2.77 TCO per protected connection per second that earned the WAF “Recommended” status in their Web Application Firewall Security Value Map.
FortiWeb Ecosystem
FortiWeb provides integration with many leading IT vendors as part of the Fortinet Security Fabric. Below is a list of current FortiWeb Alliance Partners:
Alcide is a cloud-native security leader with the mission to empower DevOps and security teams to manage application and networking security through the intelligent automation of security policies applied uniformly, regardless of the workload and infrastructure.
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.
DFLabs IncMan SOAR leverages existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of incidents. Together with Fortinet, IncMan allows joint customers to respond to security incidents in a faster, more informed and efficient manner.
Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology. Together with Fortinet, Thales provides advanced security certificate management by the Luna HSM for the encryption and decryption of secure application and session traffic.
Gigamon provides active visibility into physical and virtual network traffic, enabling stronger security, and superior performance.
Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.
Hewlett Packard Enterprise is an industry-leading technology company that enables customers to go further, faster. With the industry’s most comprehensive portfolio, HPE's technology and services help customers around the world make IT more efficient, more productive, and more secure.
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
- Fortinet – IBM Security AppScan Solution Brief
- Fortinet – IBM Security QRadar Solution Brief
- Fortinet FortiGate and IBM QRadar Deployment Guide
- FortiGate App For IBM QRadar Technical Solution Guide
- Fortinet - IBM Resilient Technical Deployment Guide
- Fortinet - IBM Cloud Connector Solution Brief
- Fortinet FortiSOAR Connector for IBM QRadar
LinkShadow Cybersecurity Analytics Platform is a world-leading UEBA and Threat-Hunting Solution Provider. Together with Fortinet, LinkShadow can empower the Security team with cutting-edge Threat Anticipation with Proactive Incident Response, while simultaneously gaining rapid insight into the effectiveness of the existing security investments.
Micro Focus is a global software company with 40 years of experience in delivering and supporting enterprise software solutions that help customers innovate faster with lower risk. Our portfolio enables our 20,000 customers to build, operate and secure the applications and IT systems that meet the challenges of change. We are a global software company, committed to enabling customers to both embrace the latest technologies and maximize the value of their IT investments. Everything we do is based on a simple idea: the fastest way to get results from new technology investments is to build on what you have–in essence, bridging the old and the new.
- Fortinet-Micro Focus Fortify WebInspect Solution Brief
- Fortinet-Micro Focus ArcSight ESM Solution brief
- ArcSight Marketplace
Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.
Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform leverages web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.
Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.
Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions with over 8,800 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100.
Restorepoint’s solutions help organisations and service providers reduce cost, manage unforeseen risks, and to accelerate change management across their multi-vendor network infrastructures. Using our cost-effective products, customers can quickly automate Network Outage Protection, Compliance Auditing, and Privileged Access Management and to simplify Bulk Change Management.
Splunk Inc. is the market-leading platform that powers Operational Intelligence.
Combining advanced technology with the expertise of its global Threat Research Center (TRC) team, WhiteHat delivers application security solutions that reduce risk, reduce cost, and accelerate the deployment of secure applications and websites.
常见问题解答
IPS 或防火墙不能为基于 web 的托管应用程序提供防护?
下一代以及应用程序感知 IPS 防火墙扩展并加强了防护功能、新增了其他功能,但“应用程序感知”的主要功能还是专注于在内网客户端访问互联网时对其进行保护/限制,而不是保护内部应用程序免受外部威胁。而 Web 应用防火墙则不同,它们会保护内部 web 应用程序免受外部复杂的应用层攻击。它们提供主动和被动安全模型,并可抵御当今应用程序的主要威胁(SQL 注入、跨站点脚本编写、URL 访问、CSRF、注入攻击等等)。
我需要多大的 WAF?
决定 WAF 大小的因素有许多,请根据应用程序吞吐量、用户数量以及需保护的站点数量综合考虑。我们强烈建议您与 Fortinet 合作伙伴进行咨询,找到满足您需求的最佳选择。
FortiWeb Cloud 与内部 FortiWeb 部署有何区别?
FortiWeb Cloud 是一款“瘦身版”WAF 解决方案,提供被动安全模型规则;而 FortiWeb 平台则是完整版 WAF,主动和被动安全模型都有提供。大部分使用云 WAF 的客户是为了寻求一种无忧型解决方案,以便快速配置并使用,无需进行日常管理。FortiWeb Cloud 提供 FortiWeb 在内部提供的一部分功能,但采用简单、直接的配置与管理方式来满足这些需求。
如果我已经有一个安全网关 (SWG),我是否还需要一个 WAF?
需要。SWG 可防止组织内用户访问被感染的外部网站或者托管于组织外部的不良内容。WAF 则保护托管的基于 web 的应用程序免受外部攻击者发起的攻击。简单地说,就是 SWG 对用户进行保护,而 WAF 对应用程序进行保护。
FortiWeb WAF 与 WAF 在 ADC 上的对比
专用 WAF 设备不会降低性能,另外像 FortiWeb 这样的设备拥有处理能力,可以对应用程序攻击执行基于行为的检测。ADC 上的大部分 WAF 模块仅提供对应用程序的基本 WAF 防护。
FortiWeb 可以对应用程序漏洞进行永久性修复吗?
可以。在开发团队能对漏洞部署永久补丁之前,FortiWeb 可以提供应用程序临时补丁,或者对漏洞进行永久性修复。我们通常建议对一个已知漏洞进行永久修复,然而在许多情况下,这是不可能或不现实的,例如继承的应用程序或即将停用的旧应用程序。