This week Defcon and Black Hat are taking place in Las Vegas, so get set for a storm of security product announcements and paranoia inducing security disclosures.
One of the first announcements to cross our desk is an update to Fortinet‘s Web application firewall (WAF): FortiWeb 4.0. The company announced an appliance version of FortiWeb as well. Both are available now.
Here are the new features, according to the FortiWeb’s announcement:
- A new denial of service (DoS) protection scheme provides network and application layer DoS policies. This enables FortiWeb appliances to analyze requests originating from individual users to determine whether they are authentic or masquerading as automated attacks.
- A new Period Blocking feature enhances organizational protection by enabling administrators to block users for specified periods of time rather than denying access on the basis of a particular connection.
- Advanced compression has also been added to allow for more efficient bandwidth utilization and improved user response time by compressing data retrieval from servers.
- New load balancing enhancements provide content-based “health checks” and offer additional alerts in the event of a server failure. For added protection when logging into FortiWeb devices, Radius/LDAP authentication is supported. Plus, access to FortiGuard updates – providing up-to-the-minute information on breaking threats, vulnerabilities and security research – are downloadable via proxy.
The timing for this set of features is impeccable, with renewed concerns over DoS attacks spurred by LulzSec, The Jester and others.
FortiWeb competes with companies such as Breach WebDefend, Citrix Netscaler, and Imperva SecureSphere.