Hello FortiGate admins
On FortiWeb appliance I can see all protected attack signatures with description and full details, but I can't find such list on FortiGate's WAF and anywhere on docs.fortinet.com.
Anyone knows if it is documented somewhere?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @AEK ,
You can see signature details of the WAF in Fortigate with event ID.
Apart from that I am worried you would be able to see any additional details in Fortigate related to WAF signatures.
Best Regards,
Saneesh
Thanks @saneeshpv_FTNT
But I mean the full list like we can see on FortiWeb.
It seems not documented neither, so we can't really know which Web attacks can FortiGate's WAF protect us from.
Hi @AEK ,
I believe this is because FortiWeb is a purpose build Web Application Firewall for protecting the Web (HTTP/S) traffic from the OWASP top 10 Web attacks and it defenitely has more detailed information about the attack signatures. But when it comes to fortigate, this feature is limited and it has only basic set of signatures available for OWASP top 10 and hence I don't think there is specific documentation available for this in Fortigate. On a side note, I would recommend if the Customer is actually looking to publish their webapplication with WAF protection, they should defenitely look for a FortiWeb and not rely on Fortigate WAF.
Best Regards,
Saneesh
Thanks Saneesh
However I believe Fortinet shouldn't leave it undocumented.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.