FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Andy_G
Staff
Staff

Description

This article describes the setup and configuration for Fortinet’s WAF Rule Groups on Amazon Web Services.  It also includes a set of frequently asked questions (FAQ).

Overview


AWS WAF Partner Rule Groups are subscription-based web application firewall signatures offered by third-party vendors to augment the basic WAF protection offered by Amazon’s WAF product.  These new rule groups allow AWS WAF customers to choose pre-packaged WAF rules from leading IT security providers.  Until now AWS was offering only SQL Injection and Cross-Site Scripting protection.  With Partner Rule Groups vendors now offer protection from a wide variety of application-layer attacks packaged in a variety of security rulesets.  Fortinet is offering 4 rule groups to AWS customers based on the FortiWeb WAF Service offered by FortiGuard:


RuleGroup
Description
SQLi/XSS Rule Group
The SQLi/XSS RuleGroup provides protection from the two primary web application attack types identified in the OWASP Top 10, SQL Injection and Cross-Site Scripting.
General Attacks and Known Exploits Rule Group
The General and Known Exploits rule group detects common and advanced OWASP Top 10 threats including numerous Injection attacks, Remote file inclusion (RFI), Local File Inclusion (LFI), HTTP Response Splitting, Database Disclosure vulnerabilities and other Common Vulnerabilities and Exposures (CVEs).
Malicious Bots Rule Group
The Malicious Bots Rule Group analyzes requests and blocks known content scrapers, spiders looking for vulnerabilities, and other unwanted automated clients that OWASP has identified as risks to web applications.
Complete OWASP Top 10 Rule Group
The Complete OWASP Top 10 Rule Group combines Fortinet’s other AWS WAF rule groups into one comprehensive package for the best web application protection offered by Fortinet to cover the entire list of OWASP Top 10 web application threats. Included are the SQLi/XSS, General and Known Exploits, and Malicious Bots rule groups.


Solution

The attached document provides a guide to deploying Fortinet ASW WAF Partner Rule Groups.
 
Contents
  • Overview
  • Setup
  • Creating Exceptions/Whitelisting
  • Viewing Attack Logs
  • FAQ

 

Contributors