Can you please point me towards some technical explanations what are the protections/signatures provided by each type of FortiWeb FortiGard subscriptions.
Am I right that out of the box FortiWeb will cover standard OWASP 20, plus:
Support Registration - harware support + new firmware versions
FortiGuard Security Service – there will be constant stream of product specific signatures
AV is self explanatory (I wonder why one need AV on WAF)
IP Reputation – will provide definition on known bot harms, and low score internet subnets
Credential Stuffing – “Fortinet’s Credential Stuffing Defense identifies login attempts using credentials that have been compromised using an always up-to-date feed of stolen credentials.”
FortiSandBox is self explanatory (again, not sure about need for this on the WAF)[/ul]
If there is a WAF device with NONE of the subscriptions – how much security can be delivered for Web Apps? Are there any "FortiGuard Security Service" come inside the firmware update with each new firmware version?
One of the most important things you can do is to ensure that your FortiWeb is receiving regular updates from the FortiGuard FortiWeb Web Security service and FortiGuard Antivirus service.
Without these updates, your FortiWeb cannot detect the newest threats.
Event logs record FortiGuard update attempts. In addition to scheduling polls for automatic updates, you can also manually update the service packages or initiate an connectivity test to the FDN at any time. For details, see Connecting to FortiGuard services.
[ul]Cross-site scripting (XSS)SQL injection and many other code injection stylesRemote file inclusion (RFI)Local file inclusion (LFI)OS commandsTrojans/virusesExploitsSensitive server information disclosurePersonally identifiable information leaks[/ul]
To defend against known attacks, FortiWeb scans:
[ul]Parameters in the URL of HTTP GET requestsParameters in the body of HTTP POST requestsXML in the body of HTTP POST requests (if Enable XML Protocol Detection is enabled. See To configure an inline protection profile.)CookiesHeadersJSON Protocol DetectionUploaded filename(MULTIPART_FORM_DATA_FILENAME)[/ul]
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.