Fortinet tweaks Web application firewalls

Howard Solomon

11 years ago

The advantage of appliances being run by an operating system is that new features can be easily added. As a result, its become common for network equipment makers to torque their operating systems regularly to meet the demands of customers and competitors

The latest do to this is Fortinet Inc., which announced version 5.0 of its FortiWeb operating system for its Web application firewalls.

The new OS – which is backwards compatible for existing FortiWeb appliances – includes more visibility into traffic and enhanced defences for distributed denial of service (DDoS) attacks.

The company also announced performance upgrades to some of the hardware.

“Customers are looking for additional functionality in their Web application firewalls,” Idan Soen, Fortinet’s director of product management for the FortiWeb line, said in an interview.

“It’s not just about security. They want to know what’s going on — how much traffic is hitting their environment, what type of traffic.” Some sites have discovered that over 30 per cent of their traffic comes from search engines, he noted. Much of it is legitimate, but some can be malicious.

RELATED CONTENT

FortiMail messaging gateway strengthened

Fortinet’s new UTMs, switches for distributed firms

Fortinet adds third 5000-series blade

In conjunction with Fortinet’s FortiGuard IT Reputation service, which feeds FortiWeb appliances daily with information on on new malicious sources, Version 5.0 of the operating system helps network managers better identify whether traffic is coming from crawlers, bad robots spiders and Web scanners that look for web site vulnerabilities or from legitimate search engines.

The data is displayed on a new dashboard that aggregates the information.

As for meeting DDoS attacks, version 5.0 improves on the previous operating system’s real browser enforcement, which is a challenge/response system that asks a user to reply to a request using Javascript that shows whether the connection is a real person or an attack.

Now the system can be an automated action for every DDoS policy. As a result IT managers can define the time threshold the user has to reply. If the answer doesn’t come back fast enough, then an automated action (alert, block etc.) can set up.

Several new appliances were alos announced”

–the 3000D offers up to up to 1.5 Gbps throughput (50 per cent faster than the 3000C), 60,000 transactions per second. Also comes with 16 GB of RAM. Pricing hasn’t changed.

It replaces the 3000C, which supported up to 1 Gbps of throughput and up to 40,000 transactions per second;

–3000CFsx, the same specs as the 3000C, but has a fibre by-pass port;

–and the 4000D, which offers up to 2 Gpbs and up to 100,000 transactions per second. It comes with 32 Gb of RAM.

It replaces the 4000C, which could handle up to 70 transactions per second.