Fortinet tweaks FortiWeb operating system


Fortinet Inc. has updated its Web application firewall and vulnerability scanner operating system it says gives network and security managers more tools to protect enterprises, a move an industry analyst says helps it keep up with competitors.

“This is Fortinet being aggressive in trying to expand their share of the Web application firewall market,” Paula Musich, senior analyst for enterprise networking and security at Current Analysis, said in an interview.

One improvement to FortiWeb 4.0 MR3– which runs on all FortiWeb appliances —  that caught her eye is Period Blocking, which allows administrators to block suspicious users for a set period of time.

“It’s really timely given all the attention we’re seeing lately in advanced persistent threats and spear phishing,” Musich said.

Other changes to the software include new protection from denial-of-service attacks through network and application layer policies. This lets the appliances analyze requests from individuals to determine if they are authentic, the company says.

Security is also increased with the addition of support for Radius/LDAP authentication when anyone tries to log onto a FortiWeb device.

The load balancer has been enhanced, and what the company says is advanced compression has been added to use bandwidth more efficiently.

Fortinet [Nasdaq: FTNT] has also integrated FortiWeb with the FortiAnalyzer for centrally managing all logs and reports.

Organizations that also use the FortiGate consolidated security appliances may appreciate that the FortiWeb interface has been changed and is now similar to its sibling. Musich notes that could help in eliminating a need for IT staff to learn a new interface.

The company also released this week a sister version of its FortiWeb 3000C appliance for enterprises and service providers with fibre connectivity. The 3000CFsx has identical performance – 1 Gbps HTTP throughput and the ability to process 40,000 transactions a second – but in addition to copper ports it has two fibre ports with a fail open bypass option. 


Please enter your comment!
Please enter your name here