2023 年雲端安全報告
2023 年雲端安全報告談到如何保護雲端應用程式仍是組織進入 2023 年的首要任務。
網頁應用服務防火牆
FortiWeb 可保護業務關鍵型網路應用程式與 API,避免遭受針對已知與未知漏洞的新興網路威脅的攻擊。
免費產品展示 下載資料表
概述
抵禦針對網路應用程式與 API 的 OWASP 十大威脅、複雜機器人及 DDoS 攻擊
FortiWeb 具備異常偵測、API 發現和防護、機器人緩解及客戶端安全防護功能。其運用人工智慧來偵測零時差攻擊、執行進階威脅分析,並內建 SOC 代理程式。如此一來,FortiWeb 便能降低本機、混合式及雲端部署的行政負擔與 TCO。作為 FortiFlex 計劃的一部分,還能正確調整雲端服務與支出。
網頁應用服務安全
偵測並阻擋新興威脅,包括針對應用程式的人工智慧生成零時差攻擊,同時保障合法使用者安全。FortiWeb 的雙層機器學習方法可消除傳統應用程式學習所需的過多管理開銷。透過應用機器學習建模每項應用程式,FortiWeb 透過識別惡意模式、降低誤報率,並根據情境優先處理補救措施,有效降低管理負擔。
機器人防禦
阻止惡意機器人活動,但不會阻止支援合法業務需求的機器人,例如搜尋引擎或健康和效能監控工具。減少對降低使用者體驗的過時技術的依賴,並利用機器人欺騙、生物特徵偵測和機器學習等進階技術,準確識別及管理機器人流量。FortiWeb 機器人防護功能提供您所需的可視性與控制,而且不會因不必要的驗證碼或挑戰而降低使用者操作速度。
API 發現與保護
保護支援企業對企業通訊以及行動應用程式的 API。FortiWeb API 發現和保護會持續評估應用程式流量,運用機器學習演算法自動發現 API。FortiWeb 提供開箱即用政策以及針對每種架構規格(OpenAPI、XML、JSON)自動產生的主動安全模型政策,以阻斷 API 攻擊。保護 API 並將 API 安全順暢整合到 CI/CD 管道中。
客戶端保護
FortiWeb 可滿足 PCI DSS 的一項關鍵需求,即監控支付頁面上執行的指令碼。客戶端保護將 FortiWeb 的防護能力延伸至瀏覽器環境,解決在內容傳遞至客戶端後所衍生的現代威脅。這是一項政策導向的功能,能在使用者瀏覽器內偵測並緩解未經授權的活動,例如第三方指令碼注入、DOM 操控及表單劫持。此功能對於抵禦能規避傳統要求/回應檢查的進階客戶端攻擊至關重要。
功能與優點
FortiWeb 可提供保護現代網路應用程式所需的效能、可管理性及廣泛的防護能力。其以多種形式提供,包含硬體、虛擬機器及 SaaS,並可在公共雲端市集取得。
網路應用程式和 API 安全
抵禦所有 OWASP 十大威脅、DDOS 攻擊、機器人攻擊、側錄等
零時差防護
精準偵測並即時緩解未知和零時差攻擊
安全織網整合
整合 FortiGate新世代防火牆 NGFW 和 FortiSandbox,抵禦進階持續性威脅 (APT)
進階分析
使用建議的行動手冊和威脅獵捕功能簡化工作流程
FortiAI-Assist
加速取證與情境決策,提升整體運作效率
硬體型的加速
提供業界領先的受保護 WAF 吞吐量和快速流量加密/解密
FortiWeb 使用案例
網頁應用服務安全
封鎖應用程式的已知和零時差威脅,不封鎖合法的使用者。
機器人防禦
阻止惡意機器人活動,不封鎖支援合法業務需求的機器人。
API 發現與保護
保護啟用 B2B 通訊並支援行動應用程式的 API。
威脅偵測和響應
使用威脅分析整合原始事件資料,清晰呈現最顯著威脅。
監管法規遵循
滿足與面向公眾應用程式相關的監管法規遵循需求,包括 PCI-DSS 需求。
安全營運中心即服務 (SOCaaS)
透過 Fortinet 的安全營運中心強化安全性,實現全天候監控、分類與事故報告。
第三方驗證
2025 年 SecureIQLabs 雲端 WAAP 比較報告
Fortinet 在獨立測試中榮登領導者地位,於安全防護與運作效能領域傲視群雄
FortiWeb 以頂尖解決方案脫穎而出,在 2025 年 SecureIQLab 報告中展現無與倫比的防護能力,其安全效能 (92.39%) 與運作效率 (96.2%) 均位居業界之冠。本報告是根據在多種常見及複雜情境下對每項技術的實際測試結果。FortiWeb 擅長阻擋進階威脅、降低誤判率,並簡化部署與管理,從而確保強大的安全性同時避免運作阻力。
下載報告 »
FortiGuard AI 驅動安全服務
FortiWeb 採用多種 FortiGuard 安全服務來保護網站應用程式免受攻擊。這些年度訂閱可以單獨購買,也可以與您的 FortiWeb 解決方案一起購買。
查看所有服務
Content Security
Web Security
Device Security
Application Security
SOC NOC 安全
FortiGuard AI-based Inline Malware Prevention Service
Performs AI-powered real-time inspection of files for protection against unknown threats, zero-days, and sophisticated file-based attacks.
IP 聲譽評等 & 預防殭屍網路安全服務
從 Fortinet 分散式威脅感測器網路、CERT、MITRE 等來源彙集惡意來源 IP 資料,合力提供最新威脅情報。
FortiGuard 防毒服務
防範最新的多態攻擊、病毒、惡意軟體(包括勒索軟體)以及其他威脅。
案例研究
Fundación Dondé
Mexican Non-Profit Relies on Fortinet Security Fabric to Consolidate Security Strategy for 400 Remote Locations
Majestic Resorts
Caribbean Luxury Hotel Chain Builds an Optimized and Secure Wireless Infrastructure to Support Over 15,000 Simultaneous Device Connections
The Elite Flower
Fortinet Helps a Colombian Flower Exporter Implement an Integrated Platform to Connect and Secure Its Network of 52 Remote Farms
Mississippi Department of Employment Security
Fortinet Gets the Job Done Securely and Efficiently for the Mississippi Department of Employment Security
型號與規格
FortiWeb 有各種不同形式,無論您是想要入門級的硬體設備還是可適應最新雲端環境的複雜 VM,都可以滿足。
導覽:
FortiWeb 設備採用多核心處理器技術,結合硬體型的 SSL 工具,可提供極快的受保護 WAF 吞吐量。
吞吐量 |
100 Mbps |
| 港口 | 4 GE RJ45 |
吞吐量 |
500 Mbps |
| 港口 | 4 GE RJ45,4 SFP GE |
吞吐量 |
750 Mbps |
| 港口 | 4 GE RJ45(2 個旁路),4 SFP GE |
吞吐量 |
1 Gbps |
| 港口 | 4 GE RJ45(2 個旁路),4 SFP GE |
吞吐量 |
2.5 Gbps |
| 港口 | 8 個旁路,4 個 SFP GE(非旁路) |
吞吐量 |
5 Gbps |
| 港口 | 4GE(4 個旁路),4 SFP GE |
吞吐量 |
10 Gbps |
| 港口 | 8GE(8 旁路) |
吞吐量 |
70 Gbps |
| 港口 | 8GE(8 旁路) |
FortiWeb 的虛擬版本可以部署在 VMware、Microsoft Hyper-V、Citrix XenServer、Open Source Xen、VirtualBox、KVM 和 Docker 平台上。
有關支援的版本,請查閱 FortiWeb VM 安裝指南。
吞吐量 |
25 Mbps |
| vCPU | 1 |
吞吐量 |
100 Mbps |
| vCPU | 2 |
吞吐量 |
500 Mbps |
| vCPU | 4 |
吞吐量 |
3 Gbps |
| vCPU | 8 |
吞吐量 |
6Gbps |
| vCPU | 16 |
實際的效能值可能因網路流量與系統設定而異。使用 Dell PowerEdge R710 伺服器(2x Intel Xeon E5504 2.0 GHz 4 MB 快取)執行 VMware ESXi 5.5,4 vCPU 與 8 vCPU FortiWeb 虛擬設備指派 4 GB 的 vRAM,2 vCPU FortiWeb 虛擬設備指派 4 GB 的 vRAM,以查看其效能指標。
FortiWeb 適用於所有主要雲端提供商,包括 亞馬遜網路服務 (AWS)、Microsoft Azure、Oracle和 Google。對於亞馬遜網路服務 (AWS) 與 Microsoft Azure,均支援 BYOL(自攜授權)和按需計費(即用即付)。請參閱雲端市集清單瞭解更多資訊:
FortiWeb 容器設備可在容器化環境中保護您的工作負載和資料。
吞吐量 |
25 Mbps |
吞吐量 |
100 Mbps |
吞吐量 |
500 Mbps |
吞吐量 |
3 Gbps |
吞吐量和其他指標都是每個版本允許的最大值。實際的效能值可能因網路流量與系統設定而異。
FortiWeb Cloud WAF-as-a-Service 是雲端的 SaaS 網頁應用服務防火牆 (WAF),可保護公共雲端託管的網站應用程式免受 OWASP 十大安全威脅、零時差威脅以及其他應用層攻擊
FortiWeb 雲端 WAF as a Service 無需硬體或軟體,採用在大多數 AWS 區域中執行的閘道來清理應用程式所在相同區域內的應用程式流量。 清理區域內的流量可解決效能和監管問題,並將流量成本降至最低。
FortiWeb 雲端 WAF as a Service 無需硬體或軟體,採用在大多數 AWS 區域中執行的閘道來清理應用程式所在相同區域內的應用程式流量。 清理區域內的流量可解決效能和監管問題,並將流量成本降至最低。
憑藉內建簡單的設定嚮導和預定義策略,FortiWeb Cloud 可在幾分鐘內提供防護,消除設定 WAF 時通常所需的複雜性。如有需要,更進階的使用者可以輕鬆免費啟用額外的安全模組。
如需更多資訊,請造訪此處。
FortiCare 支援與專業服務
Fortinet 致力於協助我們的客戶取得成功,並且 FortiCare 服務每年都會幫助數千家組織從其對 Fortinet 產品和服務的投入中獲得最大利益。為實現這一目標,FortiCare 遵循生命週期方法並提供獨特的服務,幫助客戶邁向成功之路。
技術支援服務
按裝置提供的各種選項可實現高效運作。FortiCare Elite 選項針對關鍵產品提供了 15 分鐘的回應時間。
進階支援
按帳戶提供各種白手套服務,透過指定專家的運作審查,減少中斷並提高生產力。
專業服務
我們的多廠商專家可以設計並部署以最佳做法為基礎的全面解決方案,協助您達成網路或安全目標並採用新功能。
維修換貨
所有產品系列均提供進階維修換貨選項,可快速更換有缺陷的硬體,達成您的可用性目標。
資源
資料表
分析報告
檢查清單
電子書
解決方案簡介
影片
網路研討會
白皮書
Protect your web applications and APIs from known and unknown threats with Fortinet and AWS »
Safeguard your dynamic surfaces with security that innovates faster than attackers
Secure Web Applications and APIs with Fortinet FortiWeb »
Fortinet FortiWeb, in its various forms (hardware, virtual machine, or SaaS), simplifies application security and overcomes the above challenges. Using machine learning (ML) algorithms, it protects applications and APIs from inherent risks, exploitable vulnerabilities, and malicious bots
Cloud-Native Solution for Web Application Security »
FortiWeb-Cloud WAF-as-a-Service (WaaS) delivers full-featured, cost-effective security for web applications with a minimum of configuration and management.
FortiADC and FortiWeb Architecture »
In this video, we will cover the different types of reference architectures based on FortiADC and FortiWeb Solutions.
FortiADC and FortiWeb Fabric Integration »
In this video, we will focus on how FortiADC and FortiWeb solutions can integrated with Fortinet Security Fabric. We will be covering different types of Fortinet products that will enhance the application security platform.
Protecting Web Applications with FortiWeb »
Mark Byers, Director of Product Marketing, provides an overview on how to protect web applications from code-based vulnerabilities with FortiWeb Web Application Firewalls.
Fortinet Web Application Security »
Dynamic patching of web-based applications to defend against threats that target known and unknown vulnerabilities.
FortiWeb Manager video »
A short overview of FortiWeb’s VM-based central management tools.
FortiWeb Manager Demo »
FortiWeb Manager Demo
Revolutionizing Application Security: From Complexity to Clarity »
Discover how a new approach, centered on integrating security, analytics, and performance optimization into one unified platform, simplifies operations and enhances clarity in your security strategy.
Inside the 2025 Web App Security Report: See What Your Tools Don't See »
In this webinar, application security experts from Fortinet and Cybersecurity Insiders will discuss the report’s key findings and share proven strategies for closing visibility gaps, hardening APIs, and stopping automated threats before they escalate.
Practical Tips for Application Security in the Age of AI »
Many web application firewalls rely on machine learning (ML) to secure digital assets. But ML has both benefits and limitations. Threat actors are adopting AI tools to create and launch attacks, so security teams must shore up their defenses.
生態系統
Alcide
Alcide is a cloud-native security leader with the mission to empower DevOps and security teams to manage application and networking security through the intelligent automation of security policies applied uniformly, regardless of the workload and infrastructure.
Amazon Web Services
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
Cubro
Cubro is a leading manufacturer and global supplier of IT Network TAPs, Advanced Network Packet Brokers and Bypass Switches. Together with Fortinet we enable total network visibility into your traffic, where we differentiate solutions for Telecommunications, ISP, Data Centre, Enterprise, and Government in virtualized or physical environments.
D3 Security
D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.
DFLabs
DFLabs IncMan SOAR leverages existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of incidents. Together with Fortinet, IncMan allows joint customers to respond to security incidents in a faster, more informed and efficient manner.
ElevenPaths
At ElevenPaths, Telefónica Cyber Security Unit, we believe in the idea of challenging the current state of security, an attribute that must always be present in technology. We’re always redefining the relationship between security and people, with the aim of creating innovative security products which can transform the concept of security, thus keeping us one step ahead of attackers, who are increasingly present in our digital life.
- Fortinet-ElevenPaths Metashield for ICAP solution brief
- Fortinet-ElevenPaths Vamps solution brief
- Press Release
Gigamon
Gigamon provides active visibility into physical and virtual network traffic, enabling stronger security, and superior performance.
Google Cloud Platform
Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.
HashiCorp
HashiCorp is the leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, and Nomad are downloaded tens of millions of times each year and are broadly adopted by the Global 2000.
Hewlett Packard Enterprise
Hewlett Packard Enterprise is an industry-leading technology company that enables customers to go further, faster. With the industry’s most comprehensive portfolio, HPE's technology and services help customers around the world make IT more efficient, more productive, and more secure.
- Fortinet-HPE Alliance Brief
- HPE Aruba Solution Brief
- HPE Aruba Technical Guide
- Fortinet and HPE-GreenLake Solution Brief
- Fortinet and HPE Edgeline Converged Edge Systems and OT Link Solution Brief
- Fortinet and HPE IT OT Convergence Security Solution White Paper
- Fortinet and HPE Proliant for Microsoft Azure Solution Brief
- Fortinet and HPE Proliant for Microsoft Azure White Paper
- Fortinet-HPE SDN Solution Brief
- Fortinet, HPE, and Pensando Innovative Edge-to-Core Solution Brief
- Fortinet, HPE, and Scality Distributed Object Storage Environment Solution Brief
- Fortinet and HPE Zerto Ransomware Protection Solution Brief
培訓與認證
其他訓練
Learn how to protect your organization and improve its security against advanced threats that bypass traditional security controls. You will also learn how other advanced threat protection (ATP) components—FortiGate, FortiMail, FortiWeb, and FortiClient—leverage this threat intelligence information to protect organizations from advanced threats.
In this course, you will explore web application threats and countermeasures focused on Fortinet Solution. You will learn the motivations of attacks on web applications through to understanding and executing attack techniques and then learn how to configure Fortinet Solution to mitigate them.
