Overview
This product is not for AWS WAF Classic. Fortinets WAF rulesets are based on the FortiWeb web application firewall security service signatures, and are updated on a regular basis to include the latest threat information from FortiGuard Labs. The Complete OWASP Top 10 Ruleset provides a comprehensive package for web application protection offered by Fortinet to help cover the entire list of OWASP Top 10 web application threats. Includes protection for SQL Injection, Cross Site Scripting, General and Known Exploits, Malicious Bots and Common Vulnerabilities and Exposures (CVE).
For extended web application firewall features such as protection for zero attacks using AI-based behavioral attack detection, detailed attack log visibility, custom whitelisting and dedicated tools to fine tune and manage detections you can try Fortinet FortiWeb Cloud WAF-as-a-Service, a SaaS service that requires no hardware or software deployed https://aws.amazon.com/marketplace/pp/Fortinet-Inc-Fortinet-FortiWeb-Cloud-WAF-as-a-Serv/B07PXMWJT1 .
Fortinet Managed Rules for AWS WAF Video Tutorial https://pages.awscloud.com/mp-kickstart-fortinet.html?&trk=ta_a134p000003yoFjAAI&trkCampaign=AWSMP_pap_x_x_content-hub-resources&sc_channel=ta&sc_campaign=ta_awsmp_card&sc_outcome=Marketplace&sc_geo=mult
Pricing information: Pricing consists of two dimensions:
- $30 per month for each web ACL using the Fortinet Managed Rules, per region
- $1.8 per million requests in each region
Pricing examples:
pricing example: 2x web acl in a single region (ie us-east-1)
Managed rule group charges = $60.00 (2x units for 2x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $78.00/month
pricing example: 2x web acl in two regions (ie us-east-1 & us-east-2)
Managed rule group charges = $60.00 (2x units for 2x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $78.00/month
pricing example: 3x web acl in two regions and one using a CloudFront (ie us-east-1, us-east-2, CloudFront)
Managed rule group charges = $90.00 (3x units for 3x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $108.00/month
Highlights
- Complete set to help protect against the OWASP Top 10
- Can be configured to log, alert and/or block
- Regular updates from FortiGuard Labs
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Cost/unit |
---|---|
Charge per month in each available region (pro-rated by the hour) | $30.00 |
Charge per million requests in each available region | $1.80 |
Vendor refund policy
Non-Refundable
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Support offered by Fortinet. Contact Fortinet directly by email - awswaf@fortinet.com . Please see FAQ for more info.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
AWS WAF - API Gateway
34
Protection Against Web Application Attacks: Fortinet Managed Rules help mitigate threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top Ten vulnerabilities. This protection ensures the integrity and availability of web applications and APIs.
Automated Threat Intelligence: Fortinet incorporates real-time threat intelligence into their rules, allowing organizations to stay updated on emerging threats without manual intervention. This proactive approach helps defend against new attack vectors and vulnerabilities.
Ease of Implementation: By providing pre-configured security rules, Fortinet simplifies the process of setting up and managing security for AWS API Gateway. This can save time and resources compared to manual rule creation.
Centralized Management: Organizations can manage security policies across multiple API Gateway instances using Fortinet's centralized management console. This streamlines the administration of security rules and ensures consistency.
Customization: While offering pre-configured rules, Fortinet Managed Rules also allow customization. Organizations can tailor security policies to their specific application requirements, ensuring a balance between security and functionality.
Scalability: Fortinet's solution can scale with the organization's infrastructure, accommodating increased API traffic and maintaining effective security measures as the business grows.
Compliance Support: For organizations subject to regulatory requirements, Fortinet Managed Rules can help establish and maintain the necessary security controls to meet compliance standards, thus avoiding potential legal and financial penalties.
Definitely recommend
One of the standout features is the ease of implementation. Even for those with limited prior experience in WAF management, setting up Fortinet's Managed Rules is a breeze. Well-documented guides and responsive support make the process straightforward.
The core strength of Fortinet Managed Rules lies in its comprehensive protection. It offers a broad set of rules that cover numerous threats, from SQL injection to cross-site scripting. This breadth enhances security by safeguarding against both known and emerging threats.
Cost Considerations: The cost of implementing Fortinet Managed Rules can be a concern for smaller organizations or startups. Depending on the level of protection and customization needed, the pricing might not fit every budget.
I have 2 project experiences using Fortinet Managed Rules for AWS WAF with API Gateway
Compliance: If your application needs to meet specific compliance requirements, such as PCI DSS or HIPAA, Fortinet Managed Rules can help you meet those requirements by providing a set of security rules and configurations that align with industry standards.
Simplified Implementation: Fortinet Managed Rules offer an easy-to-use solution for adding security to your applications. The rules are designed to integrate seamlessly with AWS API Gateway, making it convenient for .NET developers to implement and manage security measures without extensive manual configuration.
Time and Cost Savings: By leveraging Fortinet Managed Rules, you can save time and effort in implementing and maintaining custom security rules. The pre-configured rules provided by the service eliminate the need for you to create and manage complex rule sets from scratch, potentially reducing development and maintenance costs.
Overall, Fortinet Managed Rules for AWS WAF - API Gateway is solving security-related problems that can benefit .NET developers by providing an easy-to-use, pre-configured solution that enhances the security of their web applications running on AWS API Gateway, while also potentially saving time and cost.