Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
filiaks1
New Contributor II

Created on ‎07-17-2023 12:29 PM Edited on ‎07-17-2023 12:38 PM

Does the FortiWeb WAF support Application learning positive security?

Hello to Everyone,

 

 

Does the FortiWeb WAF support Application learning (AL) / traffic learning positive security?

 

 

From the article https://www.fortinet.com/blog/business-and-technology/fortiweb-release-6-0--ai-based-machine-learnin... I see that there is an ML option but I couldn't find anything about AL as every other major WAF vendor has AL and most now also have ML as it is great to combine AL with the ML learning as ML can stop or change the score of some signatures/violations after the AL is done with learning good URL/cookies/parameters/file types/http headers and methods as to clear false positives.

Labels:
407
0 Kudos
3 REPLIES 3
Anthony_E
Community Manager
Community Manager

Created on ‎07-19-2023 11:16 PM

Hello,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
366
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎07-24-2023 02:41 AM

Hello filiaks1,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

 

 

Thanks,

Jean-Philippe - Fortinet Community Team
336
0 Kudos
saneeshpv_FTNT
Staff
Staff

Created on ‎07-24-2023 04:23 AM

Hi,

 

 

FortiWeb’s AI-based machine learning evaluates application requests to determine if they are normal, benign anomalies, or anomalies that are threats and this way it nearly eliminates false positive detections and hence the need to manually fine tune WAF rules. 

 

The anomaly detection model of machine learning feature observes the URLs, parameters, and HTTP Method of HTTP and/or HTTPS sessions passing to your web servers and builds mathematical models to detect abnormal traffic. 

 

Machine learning | FortiWeb 7.0.0 (fortinet.com)

 

Compared to other vendor which uses positive security model to Learn known good, and fine tune policy around it, FortiWEB help you perform these tasks using its advanced AI-Based Machine learning model.

On top this, FortiWeb has "Monitor Mode" option under Server policy which will help Alert Traffic violation and not actually block them during the initial deployment or testing phase. This is to ensure that your Legitimate traffic is allowed while it still block the real attack.

 

Best Regards,

Preview file
69 KB
329
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.