FORTIWEB WEB APPLICATION FIREWALL

FortiWeb is an appliance that secures Web-based applications. This Web security appliance provides Web application and XML firewalls to protect, balance, and accelerate Web applications, databases, and the information exchanged between them. The FortiWeb is designed for medium and large enterprises, application service providers, and SaaS providers; and can drastically reduce the deployment time and complexities of introducing web-based applications. FortiWeb applies Fortinet's industry leading threat research to protect web-based applications, improving the security of confidential information and aiding in legislative and PCI compliance. FortiWeb goes beyond traditional web application firewalls to provide XML security enforcement, application acceleration, and server load balancing.

• Web application firewall protection leverages signature and pattern matching, parameter validation, threshold based limits, session management, flow enforcement and other technologies to prevent attacks against vulnerable web applications.
• XML firewall enforces properly formed and coded pages through XML IPS, schema validation, WSDL verification, XML expression limiting and other Fortinet-developed security technologies.
• Guarantees security of web applications and secures sensitive database content by blocking threats such as cross-site scripting, SQL injection, buffer overflows, file inclusion, denial of service, cookie poisoning, schema poisoning, and countless other attacks.
• Aides in PCI DSS 6.5 and 6.6 compliance by protecting against OWASP top 10 web application vulnerabilities and using web application firewall technology to block web-based attacks.
• Reduces deployment and management complexities by ensuring protection of all web applications regardless of code changes or additions.
• SSL and XML encryption co-processing accelerates transaction times, offloads encryption functions, and SSL acceleration reduces web server processing requirements.
• Server load balancing and content-based routing increases application speeds, improves server resource utilization and stabilizes applications.
• Active/passive high availability support implements full configuration synchronization to ensure availability of applications.