Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Andy_G
Staff
Staff

Created on ‎02-08-2018 03:57 AM Edited on ‎12-20-2021 10:47 AM By Anonymous

Article Id 190997

Technical Tip: Deploying Fortinet AWS WAF Partner Rule Groups

Description

This article describes the setup and configuration for Fortinet’s WAF Rule Groups on Amazon Web Services.  It also includes a set of frequently asked questions (FAQ).

Overview

AWS WAF Partner Rule Groups are subscription-based web application firewall signatures offered by third-party vendors to augment the basic WAF protection offered by Amazon’s WAF product.  These new rule groups allow AWS WAF customers to choose pre-packaged WAF rules from leading IT security providers.  Until now AWS was offering only SQL Injection and Cross-Site Scripting protection.  With Partner Rule Groups vendors now offer protection from a wide variety of application-layer attacks packaged in a variety of security rulesets.  Fortinet is offering 4 rule groups to AWS customers based on the FortiWeb WAF Service offered by FortiGuard:
RuleGroup
 Description
SQLi/XSS Rule Group
 The SQLi/XSS RuleGroup provides protection from the two primary web application attack types identified in the OWASP Top 10, SQL Injection and Cross-Site Scripting.
General Attacks and Known Exploits Rule Group
 The General and Known Exploits rule group detects common and advanced OWASP Top 10 threats including numerous Injection attacks, Remote file inclusion (RFI), Local File Inclusion (LFI), HTTP Response Splitting, Database Disclosure vulnerabilities and other Common Vulnerabilities and Exposures (CVEs).
Malicious Bots Rule Group
 The Malicious Bots Rule Group analyzes requests and blocks known content scrapers, spiders looking for vulnerabilities, and other unwanted automated clients that OWASP has identified as risks to web applications.
Complete OWASP Top 10 Rule Group
 The Complete OWASP Top 10 Rule Group combines Fortinet’s other AWS WAF rule groups into one comprehensive package for the best web application protection offered by Fortinet to cover the entire list of OWASP Top 10 web application threats. Included are the SQLi/XSS, General and Known Exploits, and Malicious Bots rule groups.


Solution

The attached document provides a guide to deploying Fortinet ASW WAF Partner Rule Groups.
 
Contents
  • Overview
  • Setup
  • Creating Exceptions/Whitelisting
  • Viewing Attack Logs
  • FAQ

 

Preview file
1165 KB
Labels:
21623
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.