New web application firewalls from Fortinet

Fortinet announced two new appliances for its FortiWeb family of web application firewalls – the FortiWeb-1000C, designed for mid-to-large enterprises, and FortiWeb-3000C, the flagship system for high-end enterprises, application service and cloud-based service providers.

Each appliance is equipped with the new FortiWeb 4.0 MR1 firmware that is designed to provide maximum protection for web applications containing sensitive data subject to PCI guidelines. The new web application firewalls will also blunt potentially crippling attacks such as SQL injection and cross-site scripting, and help prevent security breaches from exposing highly sensitive data loss such as credit card numbers and personally identifiable information.

In the case of retail and payment customers, the new FortiWeb products greatly minimize the complexity of complying with PCI Data Security Standard (DSS) section 6.5 and 6.6 as well as California Senate Bill 1386 that address the problems of identity theft and financial fraud. The FortiWeb-1000C and FortiWeb-3000C also provide robust patient data protection as part of HIPAA compliance for healthcare organizations.

The FortiWeb-1000C and 3000C appliances are integrated web application and XML firewalls that protect against attacks targeted at web applications and web services infrastructure. Because they provide detailed visibility into an organization’s threat landscape, the FortiWeb application firewalls eliminate the need to manage separate web and threat management tools and consoles.

To preserve optimal web application performance, the FortiWeb application firewalls leverage a load-balancing engine to distribute traffic and route content across multiple web servers. This load balancing increases application performance, improves resource utilization and application stability while reducing service response times.