Fortinet aims new Web app firewall at enterprise

There’s no shortage of security applications, but few deal with one of the biggest holes in the network: Web-based applications.

Traditional firewalls usually protect the lower levels of a network infrastructure, leaving Layer 7 applications needing personal or credit card information relatively open. Other dangers come from custom Web applications that are open to other kinds of attack. That’s given rise to specialty Web application firewalls from a number of unified threat management equipment makers including F5 Networks Inc., Barracuda Networks, Imperva Inc. and Fortinet Inc.

Fortinet’s latest Web firewall, the ForitWeb 3000C, takes the company to a bigger market than the traditional small and mid-sized companies it usually appeals to.

The 3000C, a combination Web application and XML firewall, can handle up to 1 Gigabit per second HTTP throughput or 40,000 transactions a second, said Idan Soen, a Fortinet product specialist.

As a result, he said, Fortinet believes to 3000C is good enough for enterprises and Internet service providers.

That may well be, says Paula Musich, senior enterprise security analyst for Current Analysis, a Sterling, Va., research firm. However, she added in an interview that the 3000C’s performance won’t be enough for the biggest companies and service providers. “But,” said, “I think there’s a niche for the performance range Fortinet is addressing.”

Enterprises might appreciate FortiWeb’s ability to automatically adapt to user patterns, she said. “Web application firewalls take a significant amount of expertise to develop policies,” she said, so an auto-learn function could help reduce the workload of security administrators

According to Soen, the biggest driver of the Web application firewall market comes from the credit card industry, which several years ago set the tough PCI standard for organizations wanting to use their services. Either organizations have to perform vulnerability code reviews or install a Web application firewall, the industry has said, to avoid facing sanctions.

Like all of the FortiWeb series, 2U-sized 3000C not only secures Web applications and services, it includes load balancing and application acceleration capabilities. The US$39,995 appliance also comes with the CP-7 fail-open/fail-close module. Two 1 TB hard drives are built-in for storage.

It can also be deployed in a reverse proxy mode, offline and a Layer 2 transparent inspection mode, and includes a Web vulnerability scanner.

Fortinet also announced a replacement for the FortiWeb 1000B. The 1U-sized 1000C has increased the number of transactions it can handle to 27,000 a second from 22,000. The US$19,995 unit also now includes the CP-7 module. It’s aimed at mid-sized companies or branch offices.

In addition, Fortinet has upgraded its software-only virtual appliance, the ForiWeb 4.0, to handle VMware ESC and ESXi 3.5/4.0 platforms.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Featured Reads