Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Fortinet Unveils New Web App Firewall OS, Appliances

Fortinet has introduced a new operating system for its FortiWeb Web application firewalls.

Fortinet has introduced a new operating system for its FortiWeb Web application firewalls.

With FortiWeb 5 OS, the company has added a number of security enhancements to help users separate legitimate and malicious traffic. Announced today alongside of the operating system are three new Web application firewall appliances – FortiWeb-3000D, FortiWeb-3000DFsx and FortiWeb-4000D.

Designed for managed security service providers, Internet Service Providers and other large enterprises, FortiWeb 5 includes a search engine identification feature that is tied into the bot control identification layer and proactively identifies whether in-bound traffic is coming from legitimate search engines, botnets, anonymous proxies or some other source.

Fortinet Logo“The introduction of FortiWeb 5 and our new high end Web application firewalls are designed for the most demanding enterprises and service providers,” said John Maddison, vice president of marketing for Fortinet, in a statement. “Not only are we introducing more intelligent protection against the OWASP Top 10 threats, we’re delivering new appliances that leverage an application-aware load balancing engine to distribute traffic and route content across multiple Web servers.”

FortiWeb 5 also enhances its Real Browser Enforcement challenge response action to enhance request validation and determine the legitimacy of users versus automated denial-of-service tools. There is also a new bot dashboard available in the release as a compliment to the bot control layer that provides security administrators a visual snapshot of traffic hitting their Web application.

The FortiWeb 5 OS is now available as a free update to all existing customers with a valid support contract. The appliances are available today. 

Advertisement. Scroll to continue reading.
Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Staying the course and sticking to strategic goals allows security professionals to steadily and continually improve the security posture of their organization without allowing distractions to divert precious resources away from more important tasks.

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.