Fortinet Introduces Next Generation Operating System for Web Application Firewall Product Family

Fortinet Introduces Next Generation Operating System for Web Application Firewall Product Family

Fortinet Introduces Next Generation Operating System for Web Application Firewall Product FamilyFortinet, a provider of high-performance network security, introduced the next-generation operating system (OS) for its FortiWeb Web application firewalls product family, providing important security advancements to protect against increasingly malicious application layer attacks. The new FortiWeb 5 OS, which is backward compatible with the entire FortiWeb family, features critical security advancements that include the ability to accurately identify the origin of Web application traffic to proactively distinguish between legitimate and malicious sources.

FortiWeb provides the ability to distinguish between legitimate known search engine requests, scanners, crawlers and other threshold based tools. This expands the bot identification and analysis coverage recently introduced with the FortiGuard IP Reputation service, which monitors IPs that are compromised or behaving abnormally.

Designed for MSSPs, ISPs and large enterprises

In conjunction with the FortiWeb 5 rollout, Fortinet is also introducing three new Web application firewall appliances: the FortiWeb-3000D, FortiWeb-3000DFsx and FortiWeb-4000D, which are designed for large enterprises, service providers and large data centers that require high-performance, Web-application security. The FortiWeb-3000D and FortiWeb-3000DFsx support up to 1.5 Gbps of throughput while the FortiWeb-4000D supports up 4 Gbps. The new appliances are 50 to 100 percent faster than their predecessors and provide robust protection against the Open Web Application Security Project’s (OWASP) top 10 risks and aid in PCI DSS 6.6 compliance.

Addressing Web Application Pain Points

Because today’s Web applications are being accessed and/or targeted by automated scripting tools, scans, search engines and unknown or malicious sources, security administrators need to quickly and easily identify those sources and traffic types. This is critical to distinguish good and bad traffic types and sources. FortiWeb technology now provides a graphical dashboard to easily spot and track bot traffic trends.

Moreover, the need to protect against application layer DoS attacks is increasingly important, given the precipitous rise in attacks on application resources. This is in stark contrast to hackers’ previous focus on disrupting network bandwidth. FortiWeb 5 expands the previously released challenge response mechanism that distinguishes legitimate Web application requests from automated DoS tools to support in multiple different policies, providing better flexibility and granularity.

And, as data centers continue their ongoing transition from IPv4 to IPv6, the need to provide bi-directional support between the two communication protocols is essential to maintaining optimal security. FortiWeb 5.0 fully supports IPv4-to-IPv6 and IPv6-to-IPv4 communications.

What’s New in FortiWeb 5

What makes the FortiWeb product family unique is its ability to combine broad Web application protection with Layer 7 load balancing and a built-in, vulnerability scanner in a simple-to-manage system that does not require add-on licenses for each system component.

FortiWeb 5 delivers new capabilities that include:

  • Search Engine Identification: With up to 30% of Web application traffic requests coming from known search engines, such as Google, Bing, Yahoo and others, coupled with a proliferation of automated attacks, botnets, zombies and orchestrated DDoS attacks, the need to correctly identify sources and their intention is vital. FortiWeb 5 provides this capability so organizations can protect and optimize their Web applications accordingly. This feature also ties into the software’s new bot control identification layer, which proactively identifies whether in-bound traffic is coming from legitimate search engines or botnets, anonymous proxies, malicious sources or large-scale, automated attacks.
  • Bot Dashboard: As a complement to the bot control layer, the new bot dashboard provides security administrators an immediate visual snapshot of traffic hitting their Web applications, so they can quickly ascertain whether bot-crawling apps are known search engines or malicious scanners.
  • Real Browser Enforcement: As an enhancement to its application layer DoS protection, FortiWeb 5 enhances its Real Browser Enforcement challenge response action to better validate requests, ascertain the legitimacy of users and weed out automated DoS tools.

“The introduction of FortiWeb 5 and our new high end Web application firewalls are designed for the most demanding enterprises and service providers,” said John Maddison, vice president of marketing for Fortinet. “Not only are we introducing more intelligent protection against the OWASP top 10 threats, we’re delivering new appliances that leverage an application-aware, load-balancing engine to distribute traffic and route content across multiple Web servers. The FortiWeb product line combines the best of both worlds – the industry’s most advanced Web application security with optimal performance.”

The FortiWeb 5 OS is now available as a free update to all existing customers with a valid support contract from https://support.fortinet.com. The newFortiWeb-3000D, FortiWeb-3000DFsx andFortiWeb-4000D are available today.

To learn more about Fortinet’s FortiWeb 5 operating system and the FortiWeb-3000D, FortiWeb-3000DFsx and the FortiWeb-4000D, please register here for a free Webinar, event number 572 212 639.

Featured

  • Data Driven, Proactive Response

    As cities face rising demands for smarter policing and faster emergency response, Real Time Crime Centers (RTCCs) are emerging as essential hubs for data-driven public safety. In this interview, two experts with deep field experience — Ross Bourgeois of New Orleans and Dean Cunningham of Axis Communications — draw on decades of operational, leadership and technology expertise to share how RTCCs are transforming public safety through innovation, interagency collaboration and a relentless focus on community impact. Read Now

  • Integration Imagination: The Future of Connected Operations

    Security teams that collaborate cross-functionally and apply imagination and creativity to envision and design their ideal integrated ecosystem will have the biggest upside to corporate security and operational benefits. Read Now

  • Smarter Access Starts with Flexibility

    Today’s workplaces are undergoing a rapid evolution, driven by hybrid work models, emerging smart technologies, and flexible work schedules. To keep pace with growing workplace demands, buildings are becoming more dynamic – capable of adapting to how people move, work, and interact in real-time. Read Now

  • Trends Keeping an Eye on Business Decisions

    Today, AI continues to transform the way data is used to make important business decisions. AI and the cloud together are redefining how video surveillance systems are being used to simulate human intelligence by combining data analysis, prediction, and process automation with minimal human intervention. Many organizations are upgrading their surveillance systems to reap the benefits of technologies like AI and cloud applications. Read Now

  • Right-Wing Activist Charlie Kirk Dies After Utah Valley University Shooting

    Charlie Kirk, a popular conservative activist and founder of Turning Point USA, died Wednesday after being shot during an on-campus event at Utah Valley University in Orem, Utah Read Now

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.