{"id":2245,"date":"2025-05-22T15:15:25","date_gmt":"2025-05-22T15:15:25","guid":{"rendered":"https:\/\/havari.me\/?p=2245"},"modified":"2025-05-22T15:15:26","modified_gmt":"2025-05-22T15:15:26","slug":"fortiweb-%d8%af%d8%b1%d8%b9-%d8%a7%d9%84%d8%aa%d8%b7%d8%a8%d9%8a%d9%82%d8%a7%d8%aa-%d8%a7%d9%84%d8%b0%d9%83%d9%8a%d8%a9-%f0%9f%94%a5","status":"publish","type":"post","link":"https:\/\/havari.me\/en\/waf\/fortiweb-%d8%af%d8%b1%d8%b9-%d8%a7%d9%84%d8%aa%d8%b7%d8%a8%d9%8a%d9%82%d8%a7%d8%aa-%d8%a7%d9%84%d8%b0%d9%83%d9%8a%d8%a9-%f0%9f%94%a5\/","title":{"rendered":"FortiWeb - Smart App Armor \ud83d\udd25"},"content":{"rendered":"<ul>\n<li>What is FortiWeb?<\/li>\n<li>Difference from FortiGate<\/li>\n<li>Difference from traditional and Next-Gen Firewalls<\/li>\n<li>Why it's a necessary tool to protect modern applications<\/li>\n<\/ul>\n<h1>FortiWeb - Smart App Armor \ud83d\udd25<\/h1>\n<hr \/>\n<h3>\ud83e\udde0 First: What is FortiWeb?<\/h3>\n<blockquote><p><strong>FortiWeb<\/strong> is <strong>Web Application Firewall (WAF)<\/strong> from Fortinet.<br \/>\nIt protects web applications from common attacks such as:<\/p><\/blockquote>\n<ul>\n<li>\u2705 <strong>SQL Injection<\/strong><\/li>\n<li>\u2705 <strong>Cross-Site Scripting (XSS)<\/strong><\/li>\n<li>\u2705 <strong>Cookie Poisoning<\/strong><\/li>\n<li>\u2705 <strong>Remote File Inclusion<\/strong><\/li>\n<li>\u2705 <strong>Zero-Day Attacks (thanks to AI)<\/strong><\/li>\n<li>\u2705 <strong>DDoS at the application layer<\/strong><\/li>\n<\/ul>\n<hr \/>\n<h3>\ud83e\uddf0 FortiWeb is not just a firewall!<\/h3>\n<p>It is:<\/p>\n<ul>\n<li>\ud83d\udd0e <strong>Intelligent HTTP\/S traffic analyzer<\/strong><\/li>\n<li>\ud83e\udde0 uses <strong>AI and Machine Learning<\/strong> To understand natural user behavior<\/li>\n<li>\ud83d\udd10 supports <strong>Encryption, Session Signing, Input Validation<\/strong><\/li>\n<li>\ud83e\uddec Integrates with FortiGate, FortiSandbox, FortiSIEM and FortiAnalyzer<\/li>\n<\/ul>\n<hr \/>\n<h2>\u2694\ufe0f Difference between FortiWeb and FortiGate or traditional Firewalls?<\/h2>\n<table>\n<thead>\n<tr>\n<th>Comparison<\/th>\n<th>FortiWeb<\/th>\n<th>FortiGate (NGFW)<\/th>\n<th>Traditional Firewall<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Scope of protection<\/strong><\/td>\n<td>Web Applications (HTTP\/HTTPS)<\/td>\n<td>Network and protocols<\/td>\n<td>Network only<\/td>\n<\/tr>\n<tr>\n<td><strong>Focus<\/strong><\/td>\n<td>Application Attacks (Layer 7)<\/td>\n<td>Network + Application Attacks<\/td>\n<td>Network attacks (Layer 3-4)<\/td>\n<\/tr>\n<tr>\n<td><strong>Intelligence<\/strong><\/td>\n<td>User Behavior Analysis - AI\/ML<\/td>\n<td>IPS\/IDS - network behavior<\/td>\n<td>Often no intelligence<\/td>\n<\/tr>\n<tr>\n<td><strong>SQLi\/XSS protection<\/strong><\/td>\n<td>\u2705 Yes<\/td>\n<td>\u274c Partially<\/td>\n<td>\u274c No<\/td>\n<\/tr>\n<tr>\n<td><strong>Application-specific interface<\/strong><\/td>\n<td>\u2705 Specialized<\/td>\n<td>\u274c No<\/td>\n<td>\u274c No<\/td>\n<\/tr>\n<tr>\n<td><strong>Examples of use<\/strong><\/td>\n<td>Securing websites, SaaS applications, APIs<\/td>\n<td>Enterprise Protection, VPN, IPS, Web Filtering<\/td>\n<td>Simple protection for small businesses<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr \/>\n<h3>\ud83c\udfaf When do I need FortiWeb?<\/h3>\n<ul>\n<li>When there are <strong>Sensitive web application<\/strong> Like this:\n<ul>\n<li>Online stores<\/li>\n<li>Government gates<\/li>\n<li>Health or banking apps<\/li>\n<\/ul>\n<\/li>\n<li>When you need to <strong>Security compliance<\/strong> Like this:\n<ul>\n<li><strong>PCI-DSS<\/strong><\/li>\n<li><strong>HIPAA<\/strong><\/li>\n<li><strong>ISO 27001<\/strong><\/li>\n<\/ul>\n<\/li>\n<li>When facing attacks <strong>Bypassing the traditional firewall<\/strong><\/li>\n<\/ul>\n<hr \/>\n<h3>\ud83d\udd17 FortiWeb + FortiGate = golden combination \ud83d\udd10<\/h3>\n<ul>\n<li><strong>FortiGate<\/strong> Protects the network and stops attacks before they get in<\/li>\n<li><strong>FortiWeb<\/strong> Protects the app from attacks that pass through FortiGate unnoticed<\/li>\n<li>together:<br \/>\n\u2705 \u062a\u062d\u0644\u064a\u0644 \u0639\u0644\u0649 \u0637\u0628\u0642\u0629 \u0627\u0644\u0634\u0628\u0643\u0629 + \u0627\u0644\u062a\u0637\u0628\u064a\u0642<br \/>\n\u2705 \u062a\u063a\u0637\u064a\u0629 \u062b\u063a\u0631\u0627\u062a OWASP Top 10<br \/>\n\u2705 \u0643\u0634\u0641 \u0648\u0645\u062d\u0627\u0631\u0628\u0629 Zero-Day threats<\/li>\n<\/ul>\n<hr \/>\n<h3>\u2705 Why FortiWeb is the choice of security professionals?<\/h3>\n<ul>\n<li>Easy to integrate with DevOps + CI\/CD<\/li>\n<li>Advanced protection for <strong>API and RESTful APIs<\/strong><\/li>\n<li>Supports self-learning for legitimate requests<\/li>\n<li>Deep reporting and analytics via FortiAnalyzer<\/li>\n<li>Available as:\n<ul>\n<li>Appliance<\/li>\n<li>VM<\/li>\n<li>Cloud (AWS\/Azure\/GCP)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<hr \/>\n<h2>\ud83e\udde8 Conclusion:<\/h2>\n<blockquote><p>\ud83d\udee1\ufe0f <strong>FortiGate protects the gateway<\/strong><\/p>\n<p>\ud83d\udd10 <strong>FortiWeb protects the inner door<\/strong><\/p>\n<p>\u2694\ufe0f The two together = <strong>An impenetrable security fortress<\/strong><\/p><\/blockquote>\n<hr \/>\n<h2><\/h2>","protected":false},"excerpt":{"rendered":"<p>\u0645\u0627 \u0647\u0648 FortiWeb\u061f \u0627\u0644\u0641\u0631\u0642 \u0628\u064a\u0646\u0647 \u0648\u0628\u064a\u0646 FortiGate \u0627\u0644\u0641\u0631\u0642 \u0628\u064a\u0646\u0647 \u0648\u0628\u064a\u0646 \u0627\u0644\u0640 Firewalls \u0627\u0644\u062a\u0642\u0644\u064a\u062f\u064a\u0629 \u0648Next-Gen Firewalls \u0644\u0645\u0627\u0630\u0627 \u064a\u0639\u062a\u0628\u0631 \u0623\u062f\u0627\u0629 \u0636\u0631\u0648\u0631\u064a\u0629 \u0644\u062d\u0645\u0627\u064a\u0629 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u062d\u062f\u064a\u062b\u0629 FortiWeb \u2013 \u062f\u0631\u0639 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0630\u0643\u064a\u0629 \ud83d\udd25 \ud83e\udde0 \u0623\u0648\u0644\u0627\u064b: \u0645\u0627 \u0647\u0648 FortiWeb\u061f FortiWeb \u0647\u0648 \u062c\u062f\u0627\u0631 \u062d\u0645\u0627\u064a\u0629 \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 (WAF) \u0645\u0646 \u0634\u0631\u0643\u0629 Fortinet. \u064a\u0642\u0648\u0645 \u0628\u062d\u0645\u0627\u064a\u0629 \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0645\u0646 \u0647\u062c\u0645\u0627\u062a \u0634\u0627\u0626\u0639\u0629 \u0645\u062b\u0644: \u2705 SQL Injection \u2705 [&hellip;]<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[65],"tags":[73,72],"class_list":["post-2245","post","type-post","status-publish","format-standard","hentry","category-waf","tag-cyber-security","tag-hacking"],"acf":[],"aioseo_notices":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/posts\/2245","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/comments?post=2245"}],"version-history":[{"count":3,"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/posts\/2245\/revisions"}],"predecessor-version":[{"id":2248,"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/posts\/2245\/revisions\/2248"}],"wp:attachment":[{"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/media?parent=2245"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/categories?post=2245"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/havari.me\/en\/wp-json\/wp\/v2\/tags?post=2245"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}