Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Fortinet Launches New Web Application Firewall Appliances

Fortinet Logo

Fortinet, a provider of network security solutions, today introduced three new appliances to its line of Web application firewalls designed to address the needs of businesses ranging from mid-sized organizations up through large enterprises and service providers.

Fortinet Logo

Fortinet, a provider of network security solutions, today introduced three new appliances to its line of Web application firewalls designed to address the needs of businesses ranging from mid-sized organizations up through large enterprises and service providers.

Sunnyvale, California-based Fortinet also introduced enhancements to the FortiWeb 4.0 MR3 operating system, including new logging and reporting, ease-of-use and security and configuration capabilities.

The new Web application firewall lineup includes the FortiWeb-4000C, FortiWeb-3000C FSX and FortiWeb-400C.

FortiWeb-4000C

The new high performance FortiWeb-4000C targets large data centers that need to protect Web applications such as those containing data subject to PCI-DSS guidelines. This enterprise-grade Web application firewall appliance supports 70,000 transactions-per-second and 2 Gbps throughput.

FortiWeb-4000CThe FortiWeb-4000C makes use of hardware-based acceleration to improve enforcement of data loss prevention (DLP) policies. Due to the intense scanning required for outgoing data and information accessed by users, DLP policies typically require significant CPU power. With hardware dedicated to DLP processes, the FortiWeb-4000C is able to deliver high performance while freeing up core CPU resources for other tasks.

FortiWeb-3000C FSX

The FortiWeb-3000C FSX retains all of the features and benefits of the FortiWeb-3000C appliance with the addition of a fiber bypass card to support large data centers requiring fiber support. The new appliance features an additional fiber bypass interface supporting fiber SX interfaces. The FortiWeb-3000C, FSX offers flexible deployment options with layer-seven load balancing and hardware- and software-based acceleration to improve resource utilization and application stability, while reducing server response times.

FortiWeb-400C

Advertisement. Scroll to continue reading.

The FortiWeb-400C replaces the FortiWeb-400B and is offered as a cost-effective Web application firewall appliance designed to secure Web applications and protect sensitive database content by blocking threats such as cross-site scripting, SQL injection, buffer overflows, file inclusion, denial-of-service and cookie poisoning. The FortiWeb-400C and other FortiWeb appliances also feature a Web vulnerability scanner and aid in PCI DSS 6.6 compliance by protecting against the Open Web Application Security Project’s (OWASP) Top 10 Web Application Vulnerabilities.

Updated FortiWeb 4.0 MR3 
Operating System

That latest version of FortiWeb 4.0 MR3, the core operating system that powers the FortiWeb product family, brings enhancements focusing on three key areas: logging and reporting, security and configuration, and ease-of-use.

In terms of logging and reporting, FortiWeb 4.0 MR3 provides integration with Fortinet’s FortiAnalyzer, offering an easy way to centrally manage logs and reports from multiple FortiWeb physical or virtual appliances, as well as other Fortinet products. A new FortiWeb analytics interface makes real-time data analysis easier and enables organizations to analyze Web server usage from a Hit, Flow and Attack point of view. In addition, security administrators can map these requests based on their geographic point of origin to have a better understanding of server behavior and identify potential threats, the company said.

To defend against denial-of-service (DoS) attacks, FortiWeb 4.0 MR3 features a new protection layer that provides network and application DoS policies. Leveraging new algorithms contained in these DoS policies, the FortiWeb product family can now analyze requests originating from users to determine their legitimacy or if they are being triggered by automated attacks associated with Advanced Persistent Threats (APT) or news strains of malware. The new operating software also provides period blocking, which enhances protection by enabling administrators to block individual users for specified periods of time instead of just a specific connection. It also supports advanced compression for more efficient bandwidth utilization and improved user response time. In addition, new load balancing enhancements provide content-based health checks and new alerts in the event of server failures.

The new lineup of Fortinet appliances are available immediately

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.