Protecting enterprise web applications

Next-generation operating system for Fortinet web application firewall solutions developed to help inprotect web applications from growing complexity of malicious application layer attacks

Tags: Fortinet Incorporation
  • E-Mail
Protecting enterprise web applications Automated malicious scanning and attacks means that security administrators need to react quickly to threats, says Bashaireh.
By  Mark Sutton Published  June 13, 2013

As data centres continue their ongoing transition from IPv4 to IPv6, the need to provide bi-directional support between the two communications protocols is essential to maintaining optimal security. FortiWeb 5.0 fully supports IPv4-to-IPv6 and IPv6-to-IPv4 communications.

What makes the FortiWeb product family unique is its ability to combine broad Web application protection with Layer 7 load balancing and a built-in vulnerability scanner in a simple-to-manage system that does not require add-on licenses for each system component.

FortiWeb 5 delivers new capabilities that include:

Search Engine Identification: With up to 30% of Web application traffic requests coming from known search engines such as Google, Bing, Yahoo and others, coupled with a proliferation of automated attacks, botnets, zombies and orchestrated DDoS attacks, the need to correctly identify sources and their intention is vital. FortiWeb 5 provides this capability so organizations can protect and optimize their Web applications accordingly. This feature also ties into the software’s new bot control identification layer, which proactively identifies whether in-bound traffic is coming from legitimate search engines or botnets, anonymous proxies, malicious sources or large scale automated attacks.

Bot Dashboard: As a complement to the bot control layer, the new bot dashboard provides security administrators an immediate visual snapshot of traffic hitting their Web applications so they can quickly ascertain whether bots crawling apps are known search engines or malicious scanners.

Real Browser Enforcement: As an enhancement to its application layer DoS protection, FortiWeb 5 enhances its Real Browser Enforcement challenge response action to better validate requests, ascertain the legitimacy of users and weed out automated DoS tools.

“Network security continues to be one of the most pressing concerns in the Middle East. The introduction of FortiWeb 5 and our new high end Web application firewalls helps cater for the needs of the most demanding enterprises and service providers in the region,” said Bashaireh.

“As enterprises constantly review their security strategies and add new layers of defence, not only are we introducing more intelligent protection against the OWASP Top 10 threats, we’re as well delivering new appliances that leverage an application-aware load balancing engine to distribute traffic and route content across multiple Web servers. The FortiWeb product line combines the best of both worlds — the industry’s most advanced Web application security with optimal performance.”

The company has also been increasing its investment in skills and services in the region, including an Authorised Training Centres (ATCs) program, to deliver training to Fortinet’s partner community.

“We plan as well to increase our technical and professional services resources in the region providing better pre-sales and post sales support to our partners and end-users. To provide further flexibility and cost effectiveness, we’ll start offering remote professional services to projects that require such kind of resources,” Bashaireh added.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code