The new FortiWeb-1000B is a mid- to large-enterprise product and is the first in a family of Fortinet web application security appliances.
FortiWeb appliances can drastically reduce the deployment time and complexities associated with securing Web-based applications, and can also aid companies in meeting regulatory mandates such as PCI-DSS compliance.
Together with Fortinet's FortiDB database security product, the FortiWeb-1000B forms the basis for a broad protection schema to support the growing prevalence of cloud computing and other enterprise activities that have a need to access confidential and personal data over the Internet or intranets.
Web applications are essentially a public interface to databases storing sensitive information, so the need to secure this interface is as critical as securing the databases themselves.
While many web applications today have built-in security protocols, writing secure web application code is difficult and often not the priority of the developer. In addition, there are a number of challenges to securing the code of various web applications: New vulnerabilities, patching schedules, code revisions, code access, vulnerability identification and deployment timelines.
The ideal scenario would separate the security of the web application from the application itself to enforce uniform security measures regardless of the level of security built into the web application and provide an umbrella of security protection across a number of web applications.
“With the Internet representing such a preponderance of business interactions today, the opportunities that cyber criminals have to target both the communications and the data it carries is almost limitless without the right precautions in place,” Jon Crotty, IDC. “Web and XML applications are de-rigueur requirements for any business that wants to have an online presence — and that's just about everyone — so we fully expect web application firewall to burgeon as a business, especially with the growth of SaaS and cloud computing. A product that simplifies and strengthens the implementation of web applications should find strong reception.”
The FortiWeb-1000B Web security appliance is ideal for medium and large enterprises, ASPs, and Software-as-a-Service/cloud computing providers. Key benefits of the FortiWeb-1000B include the following:
Web applications secured – Provides uniform, umbrella approach to securing multiple web-based applications with web application and XML firewalls, regardless of strength of web application's native security code;
Deployment simplified – Simplifies deployment and management of web applications with a central security appliance;
Content accelerated – Accelerates web applications through XML/SSL offloading with the FortiASIC CP6, shared by Fortinet's FortiGate® integrated security product for improved performance;
Resources load balanced – Load balances traffic and routes content across multiple web servers for improved server resource utilisation, increased performance and application stability;
Compliance achieved – Complies with PCI version 1.2 requirements, ensuring that a web-application firewall is in place in front of public-facing web applications to detect and prevent web-based attacks.