Fortinet to secure applications on AWS with FortiWeb Cloud WAF-as-a-Service

 “As organizations increasingly build out their business in the cloud and use web applications, they increase their exposure to known and unknown targeted attacks,” said John Maddison, EVP of Products and Solutions at Fortinet. “Delivered through the Fortinet Security Fabric, FortiWeb Cloud Web Application Firewall (WAF)-as-a-Service allows organizations to rapidly deploy web applications while providing best-in-class security for mission-critical applications.”

The Evolving Attack Surface in the Cloud

To keep up with digital transformation, IT teams are increasingly deploying applications to the cloud and building cloud-native applications. However, this rapid deployment can introduce vulnerabilities and requires robust security to defend the evolving attack surface and protect applications from threats. Organizations’ disaggregation of security tools compounds the challenge of protecting the attack surface. IT teams need security solutions that accurately protect web assets, are intuitive and are simple to deploy and easy to manage in order to truly take advantage of the benefits of migrating applications to the cloud or building cloud-native applications. Pairing this with the shortage of general cybersecurity expertise and web application security in particular, DevOps teams managing web applications are especially in need of security solutions that are easy to use as the resources to monitor threats across hybrid cloud environments are limited.  

Reaping the Benefits of the Cloud with Fortinet’s Security-Driven Approach

Fortinet is addressing the issues that IT teams, including DevOps, face with the addition of FortiWeb Cloud WAF-as-a-Serviceto its cloud security portfolio. FortiWeb Cloud WAF-as-a-Serviceis available for purchase on AWS Marketplaceor through your preferred Fortinet reseller and leverages the flexibility of AWS by automatically provisioning security protection for customers across multiple AWS Regions. As part of the Fortinet Security Fabric, FortiWeb Cloud WAF-as-a-Serviceprovides the following benefits:

• Accurate and easy to manage Cloud WAF offering: As one of the first machine learning-enabled WAF technology in the industry, customers deploying FortiWeb Cloud WAF-as-a-Servicebenefit from high accuracy of detection and threat prevention, eliminating false positives and ensuring applications keep running. The solution also gives users the ability to perform a comprehensive self-tuning of policies to eliminate the operational overhead of managing a WAF service. FortiWeb Cloud WAF-as-a-Servicealso provides web application security that is easy to deploy and maintain with minimal configuration and management. The solution allows access to advanced configuration options when needed, removing the usual complexity required when setting up a WAF.
• Advanced threat protection for web applications: FortiWeb Cloud WAF-as-a-Servicesafeguards applications from vulnerability exploits, bots, malware uploads, DDoS attacks, advanced persistent threats (APTs), both unknown and zero-day attacks, among others. It also includes services from Fortinet’s award-winning FortiGuard Labs, providing signatures, sandboxing and IP reputation to ensure organizations have the latest protection and updates on threats.

• Low total cost of ownership (TCO): As a cloud-native SaaS solution deployed in the same AWS Region as an organizations’ applications, FortiWeb Cloud WAF-as-a-Servicedoesn’t require maintenance of hardware or software and can reduce outbound data transfer costs significantly. Organizations pay Intra-Region Data Transfer rates for traffic to the service and FortiWeb Cloud WAF-as-a-Service handles the data transfer out costs as part of its subscription. IT teams can leverage the benefits of low latency and intra-region bandwidth rates for traffic between applications and the WAF.

• Simplifies compliance requirements: Fortinet delivers FortiWeb Cloud WAF-as-a-Serviceusing a colony of WAF gateways in the same AWS Region as an organizations’ application. This avoids potentially subjecting the application to additional regional regulatory requirements.

• Flexible purchasing options: Whether customers prefer pre-provisioned capacity or paying by the volume of processed data, FortiWeb Cloud WAF-as-a-Servicesupports the most suitable option for customers’ business priorities and budgetary considerations.