Fortinet FortiWeb 1000B
Combined Web Application and XML Firewall
The FortiWeb 1000B has been discontinued. If you currently own a FortiWeb-1000B and need to renew your services or subscriptions, click here to jump to more pricing!
Overview:
Unmatched Protection for Web Applications
The FortiWeb family of web application firewalls provides specialized, layered application threat protection for medium and large enterprises, application service providers, and SaaS providers. Combining both web application firewall and XML firewall capabilities in a single platform, the FortiWeb solution allows enterprises to protect against application-level attacks targeted at web applications and web services infrastructure.
FortiWeb’s integrated web application and XML firewalls protect your web-based applications and internet-facing data from attack and data loss. Using advanced techniques to provide bi-directional protection against sophisticated threats like SQL injection and cross-site scripting, FortiWeb platforms help you prevent identity theft, financial fraud and corporate espionage.
Measure Policy Compliance
You can measure your compliance with policies, such as the Payment Card Industry’s Data Security Standard (PCI DSS) regulatory framework, with FortiWeb’s customizable, preconfigured reporting tools. FortiWeb delivers the technology you need to monitor and enforce government regulations, industry best practices, and internal policies.
The FortiWeb family drastically reduces the time required to protect your regulated internet-facing data and eases the challenges associated with policy enforcement and regulatory compliance. FortiWeb appliances also leverage an intelligent, application-aware load-balancing engine to distribute traffic and route content across multiple web servers. This load balancing increases application performance, improves resource utilization and application stability while reducing server response times.
Accelerate Deployment and Lower Costs
FortiWeb significantly reduces deployment costs by consolidating Web Application Firewall, XML filtering, web traffic acceleration, and application traffic balancing into a single device with no per-user pricing. It offers an integrated, cost-effective web application security platform for any medium and large enterprise.
Features & Benefits:
| Features | Benefits |
|---|---|
| Inline Reverse Proxy, Transparent, and Offline Deployment Modes | Deploy FortiWeb into existing networks without the need for a network-level redesign or changes to web application and network infrastructure |
| Auto-Learning Security Profiles | Discovers the structure and usage pattern of web applications, removes the need for manual configuration of access policies and security profiles |
| Web Vulnerability Scanner | Scans web applications to detect existing vulnerabilities, complementing the Web Application Firewall for PCI DSS section 6.6 |
| Data Leak Prevention | Analyzes all outbound traffic alerting/blocking any credit card leakage and information disclosure |
| PCI DSS | Helps organizations meet PCI compliance requirements by providing a comprehensive solution for web application protection |
Ultimate Protection and Monitoring for Web Applications
FortiWeb provides flexible and reliable protection by utilizing a range of security modules:
Data Leak Prevention - Extended monitoring and protection for credit card leakage and application information disclosure by tightly monitoring all outbound traffic. Anti Web Defacement - Unique capabilities for monitoring protected applications for any defacement and ability to automatically and quickly revert to stored version. HTTP RFC Compliance Validation - FortiWeb blocks any attacks manipulating the HTTP protocol by maintaining strict RFC standards to prevent attacks such as encoding attacks, buffer overflows and other application specific attacks. Web Application Vulnerability Assessments - Automatically scans and analyzes the protected web applications and detects security weaknesses, potential application known and unknown vulnerabilities to complete a comprehensive solution for PCI DSS. Auto-Learn Security Profiling - Automatically and dynamically builds a security model of protected applications by continuously monitoring real time user activity. Access outside the baseline can then be alerted or blocked. |
Application Layer Vulnerability Protection - Out of the box protection for the most complex attacks such as SQL Injection, Cross Site Scripting, CSRF and many others. Together with the Auto Learn profiling system and advanced abilities to create rules down to the single application element. FortiWeb provides the ultimate protection from today’s most sophisticated hackers. FortiGuard - Utilizing Fortinet’s renowned FortiGuard service FortiWeb customers get up to date dynamic protection from the Fortinet® Global Security Research Team, which researches and develops protection against known and potential application security threats. PCI DSS - Helps organizations meet PCI compliance requirements by providing a comprehensive solution for web application protection. XML Firewall - Provides an XML firewall capability with schema validation, XML Firewall, IPS and routing capabilities. |
Robust, Efficient Implementation and Management
FortiWeb accelerates and simplifies the process of protecting your critical web applications:
Multiple Deployment Options - FortiWeb provides a flexible solution that you can easily introduce into any environment or existing network implementations:
Authentication Offload - FortiWeb introduces a simple integration with any environment allowing you to offload your web server authentication to the FortiWeb platform while supporting different authentication schemes such as Local, LDAP and NTLM. |
High Performance and Availability - With the integration of award winning FortiASIC™ technology, FortiWeb is able to process tens of thousands of web transactions and provide hardware accelerated SSL offload and advanced load balancing capabilities. The high availability mode provides configuration synchronization and allows for a network-level failover in the event of unexpected outage events. Logging and Reporting - FortiWeb’s extensive and accurate logging capabilities provide you with the specific attack details you need to pinpoint the threat as it happens. Hundreds of out-of-the-box report types allow administrators or auditors to analyze attacks, events, and traffics for regulatory compliance purposes. |
Technical Specifications:
| Models | 400B | 1000B |
|---|---|---|
| Hardware Specifications | ||
| Total 10/100/1000 Interfaces (RJ-45) | 4 | 4 |
| USB Ports | 1 | 2 |
| Internal Storage | 500 GB | 1 TB |
| System Performance | ||
| Throughput | 100 Mbps | 500 Mbps |
| Max HTTP Trans/sec | 10,000 | 22,000 |
| Latency | Sub-millisecond | Sub-millisecond |
| Deployment Modes | Reverse Proxy, Transparent Inline, Offline Sniffing | Reverse Proxy, Transparent Inline, Offline Sniffing |
| High Availability Configurations | Active/Passive | Active/Passive |
| Unlimited User Licenses | Yes | Yes |
| Dimensions | ||
| Height x Width x Length (in) | 1.7 x 17.5 x 14.5 in | 1.7 x 16.7 x 30.4 in |
| Height x Width x Length (cm) | 4.3 x 43.8 x 36.8 cm | 4.3 x 42.6 x 77.2 cm |
| Weight | 10 lbs (4.53 kg) | 36 lbs (16.3 kg) |
| Rack Mountable | Yes | Yes |
| Environment | ||
| Power Required | 100-240 VAC, 50-60 Hz, 4.0 amp (max) | 100-240 VAC, 50-60 Hz, 4.8 amp (max) |
| Power Consumption (AVG) | 121W | 260W |
| Operating Temperature | 32 to 104 deg F (0 - 40 deg C) | 50 to 95 deg F (10 - 35 deg C) |
| Storage Temperature | -13 to 158 deg F (-25 to 70 deg C) | -40 to 149 deg F (-40 to 65 deg C) |
| Humidity | 5 to 95% non-condensing | 5 to 95% non-condensing (twmax=38C) |
| Compliance | ||
| Compliance | FCC Class A Part 15, CE Mark | FCC Class A Part 15, CE Mark |
Deployment:
Interface:
Dashboard: High-level view of your environment with real time traffic and attack statistic graphs to provide ‘at a glance’ view of status of web application security
Management Reports: FortiWeb management reports contain the information you need to measure your policy compliane and risk profile, as well as understand the threats you face
Common Threats:
FortiWeb Protects Against A Wide Range of Attacks:
|
|
|
Documentation:
Download the Fortinet
FortiWeb Series Datasheet (PDF).
| Fortinet Products | ||
|---|---|---|
| FortiWeb Security Service | ||
| FortiWeb Security Service for FortiWeb-1000B, 1-Year | #FC-10-V1002-137-02-12 Our Price: $3,999.00 |
|
| Fortinet FortiCare 8x5 Subscriptions | ||
| FortiWeb-1000B FortiCare 8x5, Renewals | ||
| The FortiCare 8x5 Renewal includes 8x5 Enhanced Support, Return and Replace, Firmware Upgrades, VPN, Traffic Management | ||
| 8x5 FortiCare for FortiWeb-1000B, 1-Year Renewal | #FC-10-V1002-311-02-12 Our Price: $2,999.00 |
|
| Fortinet FortiCare 24x7 Subscriptions | ||
| FortiWeb-1000B FortiCare 24x7, Renewals | ||
| The FortiCare 24x7 Renewal includes 24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware Upgrades, VPN, and Traffic Management | ||
| 24x7 FortiCare for FortiWeb-1000B, 1-Year Renewal | #FC-10-V1002-247-02-12 Our Price: $4,999.00 |
|