Fortinet 的網站應用程式防火牆 FortiWeb 可保護業務關鍵型網站應用程式,避免遭受針對已知和未知漏洞的攻擊。
網路應用程式的攻擊面迅速演變,每次您部署新功能、更新現有功能或公開新的網站 API 時都會發生變化。您需要一個能跟進變化的解決方案。 FortiWeb 就是這樣的解決方案。
概述
FortiWeb 型號與規格
FortiWeb 有各種不同形式,無論您是想要入門級的硬體設備還是可適應最新雲端環境的複雜 VM,都可以滿足。
View by:
FortiWeb 設備採用多核心處理器技術,結合硬體型的 SSL 工具,可提供極快的受保護 WAF 吞吐量。
吞吐量 |
50 Mbps |
| 港口 | 4x GE RJ45 |
吞吐量 |
250 Mbps |
| 港口 | 4x GE RJ45、4x GE SFP |
吞吐量 |
750 Mbps |
| 港口 | 4x GE RJ45 (2x bypass)、4x GE SFP |
吞吐量 |
1.3 Gbps |
| 港口 | 2x 10 GE SFP+、2x GE RJ45、4x GE RJ45 bypass、4x GE SFP |
吞吐量 |
2.5 Gbps |
| 港口 | 2x 10 GE SFP+、4x GE RJ45 bypass、4x GE SFP |
吞吐量 |
5 Gbps |
| 港口 | 4x 10 GE SFP+、8x GE RJ45 bypass、4x GE SFP |
吞吐量 |
20 Gbps |
| 港口 | 8x GE RJ45 bypass、4x GE SFP、2x 10G SFP+ bypass、2x 10G SFP+ |
FortiWeb 的虛擬版本可以部署在 VMware、Microsoft Hyper-V、Citrix XenServer、Open Source Xen、VirtualBox、KVM 和 Docker 平台上。
吞吐量 |
25 Mbps |
| vCPU | 1 |
吞吐量 |
100 Mbps |
| vCPU | 2 |
吞吐量 |
500 Mbps |
| vCPU | 4 |
吞吐量 |
3 Gbps |
| vCPU | 8 |
實際的效能值可能因網路流量與系統設定而異。使用 Dell PowerEdge R710 伺服器(2x Intel Xeon E5504 2.0 GHz 4 MB 快取)執行 VMware ESXi 5.5,4 vCPU 與 8 vCPU FortiWeb 虛擬設備指派 4 GB 的 vRAM,2 vCPU FortiWeb 虛擬設備指派 4 GB 的 vRAM,以查看其效能指標。
FortiWeb 適用於所有主要雲端提供商,包括 亞馬遜網路服務 (AWS)、Microsoft Azure、Oracle和 Google。對於亞馬遜網路服務 (AWS) 與 Microsoft Azure,均支援 BYOL(自帶授權)和按需計費(即用即付)。請參閱雲端 Marketplace 清單瞭解更多資訊:
FortiWeb 容器設備可在容器化環境中保護您的工作負載和資料。
吞吐量 |
25 Mbps |
吞吐量 |
100 Mbps |
吞吐量 |
500 Mbps |
吞吐量 |
3 Gbps |
吞吐量和其他指標都是每個版本允許的最大值。實際的效能值可能因網路流量與系統設定而異。
FortiWeb Cloud WAF-as-a-Service 是雲端的 SaaS 網站應用程式防火牆 (WAF),可保護公共雲端託管的網站應用程式免受 OWASP 十大安全威脅、零時差威脅以及其他應用程式層攻擊。
FortiWeb Cloud WAF as a Service 無需硬體或軟體,採用在大多數 AWS 區域中執行的閘道來清理應用程式所在相同區域內的應用程式流量。清理區域內的流量可解決效能和監管問題,並將流量成本降至最低。
FortiWeb Cloud WAF as a Service 無需硬體或軟體,採用在大多數 AWS 區域中執行的閘道來清理應用程式所在相同區域內的應用程式流量。清理區域內的流量可解決效能和監管問題,並將流量成本降至最低。
憑藉內建簡單的設定嚮導和預定義策略,FortiWeb Cloud 可在幾分鐘內提供防護,消除設定 WAF 時通常所需的複雜性。如有需要,更進階的使用者可以輕鬆免費啟用額外的安全模組。
如需更多資訊,請造訪此處。
FortiWeb Cloud WAF-as-a-Service (FWCWaaS)
FortiWeb Cloud WAF-as-a-Service 是安全即服務 (SaaS) 的雲端型網站應用程式防火牆 (WAF),可保護公共雲端託管的網站應用程式免受 OWASP 十大安全威脅、零時差威脅以及其他應用程式層攻擊。
|
Fortinet FortiWeb Cloud WAF-as-a-Service
Fortinet FortiWeb Cloud WAF-as-a-Service
立即觀看Fortinet 無需任何硬體或軟體,即可在應用程式所在的相同 AWS、Azure 和 Google Cloud 區域中使用 WAF 閘道提供 FortiWeb Cloud WAF-as-a-Service。清理區域內的流量可解決效能和監管問題,同時將流量成本降至最低。
憑藉內建設定嚮導和預定義策略,FortiWeb Cloud WAF-as-a-Service 可在幾分鐘內提供基本防護,消除設定 WAF 時通常所需的複雜性。如有需要,更進階的使用者可以輕鬆免費啟用額外的安全模組。瞭解有關 FortiWeb Cloud WAF-as-a-Service 的更多資訊。
網站應用程式的進階威脅防護
FortiWeb Cloud WAF-as-a-Service 可保護應用程式免受漏洞利用、機器人、惡意軟體上傳、DDoS 攻擊、進階持續性威脅 (APTs)、未知和零時差攻擊等威脅。該解決方案還利用 Fortinet 屢獲殊榮的 FortiGuard Labs 的服務,提供簽名、沙箱和 IP 信譽,確保組織獲得最新的威脅防護和更新。
低總體擁有成本 (TCO)
作為部署在與組織應用程式相同的 AWS、Azure 或 Google Cloud 區域中的雲端原生 SaaS 解決方案,FortiWeb Cloud WAF-as-a-Service 無需維護硬體或軟體,並可顯著降低出埠資料傳輸成本。享受應用程式和 WAF 之間流量的低延遲和區域內 AWS 帶寬速率的優勢。
簡化的合規性要求
Fortinet 使用與組織應用程式位於相同 AWS、Azure 或 Google Cloud 區域中的一組 WAF 閘道來提供 FortiWeb Cloud WAF-as-a-Service。這避免了應用程式可能受到其他區域監管要求的影響。
靈活購買方案
無論客戶偏好預先配置的容量還是按照處理的資料量付費,FortiWeb Cloud WAF-as-a-Service 都支援最適合客戶業務優先級和預算考慮因素的選項。
Google Cloud Marketplace
請參閱 Google Cloud Marketplace 清單獲取詳細資訊
AWS Marketplace
請參閱 AWS Marketplace 清單獲取詳細資訊
Azure Marketplace
請參閱 Azure Marketplace 清單獲取詳細資訊
Oracle Cloud Infrastructure Marketplace
請參閱 Oracle Cloud Infrastructure Marketplace 清單獲取詳細資訊
試用與免費試用
試用即時展示版,並免費試用 FortiWeb Cloud WAF-as-a-Service 14 天。
適用於 FortiWeb 的 FortiGuard 安全服務
FortiWeb 採用多種 FortiGuard 安全服務來保護網站應用程式免受攻擊。這些年度訂閱可以單獨購買,也可以與您的 FortiWeb 解決方案一起購買。
Web Application Security
FortiGuard Web Application Security uses information based on the latest application vulnerabilities, bots, suspicious URL patterns and data-type patterns, and specialized heuristic detection engines, to ensure your web applications remain safe from application-layer threats.
IP 聲譽評等 & 預防殭屍網路安全服務
FortiGuard IP 聲譽評等服務從 Fortinet 分佈式威脅感測器網路、CERT、MITRE、進行合作的競爭對手以及其他全球資源彙集惡意來源 IP 資料,這些資源共同協作,合力提供關於敵對來源的最新威脅情報。憑藉來自分佈式網路閘道近乎即時的情報,再結合 FortiGuard Labs 的世界級研究,組織可得到更安全的保護並對攻擊實施主動攔截。
FortiSandbox 雲端
FortiSandbox 雲端服務是一個進階威脅偵測解決方案,可執行動態分析以識別先前未知的惡意軟體。FortiSandbox 雲端產生的可執行情報會反饋到網路中的預防控制機制,進而消除威脅。
Credential Stuffing Defense
Fortinet’s Credential Stuffing Defense identifies login attempts using credentials that have been compromised using an always up-to-date feed of stolen credentials. Administrators can configure their supported devices to take various actions if a suspicious login is used including logging, alerts, and blocking.
服務套件組合
標準
為您的網站應用程式提供核心防護服務,包括網站應用程式安全、IP 聲譽評等 & 預防殭屍網路解決方案以及防毒服務。
進階
如果您想要最好的網站應用程式安全保護,可以選擇進階套件組合,其中涵蓋了標準套件組合裡所有的服務,外加 FortiCloud 沙箱服務以及憑證填充攻擊防禦服務。
資源
View by:
資料表
解決方案指南
電子書
網路研討會和影片
通用標準
Fortinet 的產品已獲得 NDPP、EAL2+ 與 EAL4+ 的通用標準認證。通用標準的評估包含對產品或系統在安全方面的正式且嚴格的分析與測試。眾多的測試活動涉及一個全面、正式、可重複的過程,以確認產品功能確如製造商所言。評估時還會對安全弱點以及潛在漏洞進行特別檢測。有關 Fortinet 最新通用標準認證的更多資訊如下所示:
- FortiWeb 5.6 CC NDcPP
經 ICSA Labs 驗證:防毒、企業防火牆、IPsec、NIPS、SSL-TLS 以及網站應用程式防火牆
FortiGate 與 FortiWeb 產品在 6 個常見認證項目中都是依據 ICSA 標準進行的評估。ICSA Labs 管理和贊助著安全聯盟,此聯盟為安全產品的主要供應商提供一個可進行情報分享的論壇。另外,ICSA Labs 還發佈調查、安全行業研究以及電腦安全產品買家指南。
FortiWeb 生態系統
FortiWeb 提供了眾多主要 IT 供應商的整合,以此作為 Fortinet Security Fabric 的一部分。以下是目前 FortiWeb 聯盟夥伴清單:
Hewlett Packard Enterprise
Hewlett Packard Enterprise is an industry-leading technology company that enables customers to go further, faster. With the industry’s most comprehensive portfolio, HPE's technology and services help customers around the world make IT more efficient, more productive, and more secure.
- Fortinet-HPE Alliance Brief
- HPE Aruba Solution Brief
- HPE Aruba Technical Guide
- Fortinet and HPE-GreenLake Solution Brief
- Fortinet and HPE Edgeline Converged Edge Systems and OT Link Solution Brief
- Fortinet and HPE IT OT Convergence Security Solution White Paper
- Fortinet and HPE Proliant for Microsoft Azure Solution Brief
- Fortinet and HPE Proliant for Microsoft Azure White Paper
- Fortinet-HPE SDN Solution Brief
- Fortinet, HPE, and Pensando Innovative Edge-to-Core Solution Brief
IBM
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
- IBM Security Alliance Overview
- Fortinet – IBM Security AppScan Solution Brief
- Fortinet – IBM Security QRadar Solution Brief
- Fortinet FortiGate and IBM QRadar Deployment Guide
- FortiGate App For IBM QRadar Technical Solution Guide
- Fortinet - IBM Resilient Technical Deployment Guide
- Fortinet - IBM Cloud Connector Solution Brief
- Fortinet FortiSOAR Connector for IBM QRadar
- IIoT World Webinar Recording
Qualys
Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions with over 8,800 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100.
Thales
Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology. Together with Fortinet, Thales provides advanced security certificate management by the Luna HSM for the encryption and decryption of secure application and session traffic.
WhiteHat
Combining advanced technology with the expertise of its global Threat Research Center (TRC) team, WhiteHat delivers application security solutions that reduce risk, reduce cost, and accelerate the deployment of secure applications and websites.
Fuse 社群
FortiWeb 生態系統
FortiWeb 提供了眾多主要 IT 供應商的整合,以此作為 Fortinet Security Fabric 的一部分。以下是目前 FortiWeb 聯盟夥伴清單:
Alcide
Alcide is a cloud-native security leader with the mission to empower DevOps and security teams to manage application and networking security through the intelligent automation of security policies applied uniformly, regardless of the workload and infrastructure.
Amazon Web Services
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
Cubro
Cubro is a leading manufacturer and global supplier of IT Network TAPs, Advanced Network Packet Brokers and Bypass Switches. Together with Fortinet we enable total network visibility into your traffic, where we differentiate solutions for Telecommunications, ISP, Data Centre, Enterprise, and Government in virtualized or physical environments.
D3 Security
D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.
DFLabs
DFLabs IncMan SOAR leverages existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of incidents. Together with Fortinet, IncMan allows joint customers to respond to security incidents in a faster, more informed and efficient manner.
ElevenPaths
At ElevenPaths, Telefónica Cyber Security Unit, we believe in the idea of challenging the current state of security, an attribute that must always be present in technology. We’re always redefining the relationship between security and people, with the aim of creating innovative security products which can transform the concept of security, thus keeping us one step ahead of attackers, who are increasingly present in our digital life.
- Fortinet-ElevenPaths Metashield for ICAP solution brief
- Fortinet-ElevenPaths Vamps solution brief
- Press Release
Gigamon
Gigamon provides active visibility into physical and virtual network traffic, enabling stronger security, and superior performance.
Google Cloud Platform
Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.
HashiCorp
HashiCorp is the leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, and Nomad are downloaded tens of millions of times each year and are broadly adopted by the Global 2000.
Hewlett Packard Enterprise
Hewlett Packard Enterprise is an industry-leading technology company that enables customers to go further, faster. With the industry’s most comprehensive portfolio, HPE's technology and services help customers around the world make IT more efficient, more productive, and more secure.
- Fortinet-HPE Alliance Brief
- HPE Aruba Solution Brief
- HPE Aruba Technical Guide
- Fortinet and HPE-GreenLake Solution Brief
- Fortinet and HPE Edgeline Converged Edge Systems and OT Link Solution Brief
- Fortinet and HPE IT OT Convergence Security Solution White Paper
- Fortinet and HPE Proliant for Microsoft Azure Solution Brief
- Fortinet and HPE Proliant for Microsoft Azure White Paper
- Fortinet-HPE SDN Solution Brief
- Fortinet, HPE, and Pensando Innovative Edge-to-Core Solution Brief
IBM
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
- IBM Security Alliance Overview
- Fortinet – IBM Security AppScan Solution Brief
- Fortinet – IBM Security QRadar Solution Brief
- Fortinet FortiGate and IBM QRadar Deployment Guide
- FortiGate App For IBM QRadar Technical Solution Guide
- Fortinet - IBM Resilient Technical Deployment Guide
- Fortinet - IBM Cloud Connector Solution Brief
- Fortinet FortiSOAR Connector for IBM QRadar
- IIoT World Webinar Recording
Micro Focus
Micro Focus is a global software company with 40 years of experience in delivering and supporting enterprise software solutions that help customers innovate faster with lower risk. Our portfolio enables our 20,000 customers to build, operate and secure the applications and IT systems that meet the challenges of change. We are a global software company, committed to enabling customers to both embrace the latest technologies and maximize the value of their IT investments. Everything we do is based on a simple idea: the fastest way to get results from new technology investments is to build on what you have–in essence, bridging the old and the new.
- Fortinet-Micro Focus Fortify WebInspect Solution Brief
- Fortinet-Micro Focus ArcSight ESM Solution brief
- ArcSight Marketplace
Microsoft Azure
Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.
Nutanix
Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform leverages web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.
Oracle
Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.
Qualys
Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions with over 8,800 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100.
Red Hat Ansible
Red Hat® Ansible® Automation Platform is the foundation for building and operating automation services at scale, providing enterprises a composable, collaborative, and trusted execution environment. Ansible helps enable the automated management of Fortinet’s flagship enterprise firewall, FortiGate, integrating it into customer’s IT automation strategies.
Restorepoint
Restorepoint’s solutions help organisations and service providers reduce cost, manage unforeseen risks, and to accelerate change management across their multi-vendor network infrastructures. Using our cost-effective products, customers can quickly automate Network Outage Protection, Compliance Auditing, and Privileged Access Management and to simplify Bulk Change Management.
Splunk
Splunk Inc. is the market-leading platform that powers Operational Intelligence.
Thales
Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology. Together with Fortinet, Thales provides advanced security certificate management by the Luna HSM for the encryption and decryption of secure application and session traffic.
WhiteHat
Combining advanced technology with the expertise of its global Threat Research Center (TRC) team, WhiteHat delivers application security solutions that reduce risk, reduce cost, and accelerate the deployment of secure applications and websites.
View by:
透過此完整的工作演示,您將有機會探索 FortiWeb 網站應用程式防火牆 (WAF) 的多種功能。您可以快速瞭解到 FortiWeb 如何輕鬆顯示系統資源使用情況和攻擊記錄,並透過易於使用的攻擊主控台提供您所需的一切。請務必查看我們的綜合網路保護概況與深度報告。
FortiWeb:網站應用程式和 API 保護使用案例
網站應用程式和 API 已成為構建業務關鍵型應用程式的首選工具,這些應用程式必須滿足業務需求。FortiWeb 提供保護這些現代網站應用程式所需的效能、可管理性和廣泛的保護功能。
應用程式保護
阻止對應用程式的已知威脅和零時差威脅,而不會阻止合法使用者,也不會產生傳統應用程式學習所需的過多日常管理費用。
API 保護
保護支援行動應用程式並啟用 B2B 通訊的 API。
機器人排解
阻止惡意機器人活動,而不會阻止支援合法業務需求的機器人,例如搜尋引擎或健康和效能監控工具。
功能與優點
進階可視分析
FortiWeb 的可視報告工具可提供對攻擊來源、類型與其他元素的詳細分析報告,此報告提供的見解是其他 WAF 解決方案無法提供的
減少誤報工具
這些進階工具最大程度地減少了對原則與異常清單的日常管理,以保證只有不受歡迎的流量被拒之門外
硬體型的加速
FortiWeb 提供行業領先的受保護 WAF 處理量和極為迅捷的安全流量加密/解密服務
FortiWeb 的 WAF 解決方案
FortiWeb WAF 提供進階功能,可保護您的網站應用程式和 API 免遭已知威脅和零時差威脅。FortiWeb 採用先進的多層方法,可抵禦 OWASP 十大安全威脅及諸多其他威脅。FortiWeb ML 可對每個應用程式的保護進行自訂,提供穩健的保護,而無需其他解決方案所需的耗時手動調整。透過 ML,FortiWeb 可以識別異常行為,更重要的是,可以區分惡意和良性異常。該解決方案還具有強大的機器人排解功能,允許良性機器人連線(例如搜尋引擎),同時阻止惡意機器人活動。
FortiWeb 提供部署選項,可以保護業務應用程式,無論應用程式託管在何處。選項包括可以部署在資料中心、雲端環境或雲端原生 SaaS 解決方案 FortiWeb Cloud WAF as a Service 中的硬體設備、虛擬機和容器。
FortiWeb 影片
閱讀 Steelcase 案例研究
