Listing Thumbnail

    Fortinet Managed Rules for AWS WAF Classic - Complete OWASP Top 10

     Info
    The Complete OWASP Top 10 Ruleset delivers comprehensive web application protection to protect against the OWASP Top 10 web application threats
    Listing Thumbnail

    Fortinet Managed Rules for AWS WAF Classic - Complete OWASP Top 10

     Info

    Overview

    Play video

    This listing is for AWS WAF Classic only. Fortinets WAF rulesets are based on the FortiWeb web application firewall security service signatures, and are updated on a regular basis to include the latest threat information from FortiGuard Labs. The Complete OWASP Top 10 Ruleset combines Fortinets other AWS WAF rulesets into one comprehensive package to protect web applications and to cover the entire list of OWASP Top 10 web application threats. Included are the SQLi/XSS, General and Known Exploits, and Malicious Bots rulesets.

    For extended web application firewall features such as detailed trigger/event visibility, custom whitelisting and dedicated tools to fine tune and manage detections as well as detailed event visibility and AI-based behavioral attack detection you can try the FortiWeb Cloud Product: https://aws.amazon.com/marketplace/pp/prodview-rbkvcwsvcpgsk?sr=0-1&ref_=beagle&applicationId=AWSMPContessa 

    For more information on AWS WAF Classic, you can find documentation here: https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html 

    Pricing information: Pricing consists of two dimensions:

    • $30 per month for each web ACL using the Fortinet Managed Rules, per region
    • $1.8 per million requests in each region

    Pricing examples:

    pricing example: 2x web acl in a single region (ie us-east-1)

    Managed rule group charges = $60.00 (2x units for 2x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $78.00/month

    pricing example: 2x web acl in two regions (ie us-east-1 & us-east-2)

    Managed rule group charges = $60.00 (2x units for 2x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $78.00/month

    pricing example: 3x web acl in two regions and one using a CloudFront (ie us-east-1, us-east-2, CloudFront)

    Managed rule group charges = $90.00 (3x units for 3x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $108.00/month

    Highlights

    • Complete set of all rules offered by Fortinet
    • Can be configured to log, alert and/or block
    • Regular updates from FortiGuard Labs

    Details

    Categories

    Delivery method

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Fortinet Managed Rules for AWS WAF Classic - Complete OWASP Top 10

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.

    Usage costs (2)

     Info
    Dimension
    Cost/unit
    Charge per month in each available region (pro-rated by the hour)
    $30.00
    Charge per million requests in each available region
    $1.80

    Vendor refund policy

    Non-Refundable

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    Support offered by Fortinet. Contact Fortinet directly by email - awswaf@fortinet.com . Please see FAQ for more info.

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    3
    4 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    25%
    0%
    25%
    50%
    0%
    4 AWS reviews
    |
    11 external reviews
    External reviews are sourced from G2  and are not included in the star rating for this product.
    Welli A.

    AWS WAF - API Gateway

    Reviewed on Sep 05, 2023
    Review provided by G2
    What do you like best about the product?
    This feature makes it very easy for developers like me. With this feature, I can create new projects quickly and easily!
    What do you dislike about the product?
    So far I'm using this feature well for problems I can still fix and I still like it
    What problems is the product solving and how is that benefiting you?
    So far I'm using this feature well for issues I can still fix and I still like it
    M T.

    34

    Reviewed on Sep 05, 2023
    Review provided by G2
    What do you like best about the product?
    Fortinet Managed Rules for AWS WAF - API Gateway offers robust pre-configured security rules, real-time threat intelligence, and seamless AWS integration, providing a comprehensive and easy-to-manage solution for safeguarding your API Gateway deployments.
    What do you dislike about the product?
    but I do not have access to specific user feedback or examples regarding Fortinet Managed Rules for AWS WAF - API Gateway. If you have specific questions or concerns about the service, I recommend reaching out to Fortinet directly or consulting online resources and reviews to gather information on user experiences, likes, and dislikes related to this product.
    What problems is the product solving and how is that benefiting you?
    Fortinet Managed Rules for AWS WAF - API Gateway aims to address several common security challenges associated with protecting web applications and APIs. Here's how it can benefit organizations:

    Protection Against Web Application Attacks: Fortinet Managed Rules help mitigate threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top Ten vulnerabilities. This protection ensures the integrity and availability of web applications and APIs.

    Automated Threat Intelligence: Fortinet incorporates real-time threat intelligence into their rules, allowing organizations to stay updated on emerging threats without manual intervention. This proactive approach helps defend against new attack vectors and vulnerabilities.

    Ease of Implementation: By providing pre-configured security rules, Fortinet simplifies the process of setting up and managing security for AWS API Gateway. This can save time and resources compared to manual rule creation.

    Centralized Management: Organizations can manage security policies across multiple API Gateway instances using Fortinet's centralized management console. This streamlines the administration of security rules and ensures consistency.

    Customization: While offering pre-configured rules, Fortinet Managed Rules also allow customization. Organizations can tailor security policies to their specific application requirements, ensuring a balance between security and functionality.

    Scalability: Fortinet's solution can scale with the organization's infrastructure, accommodating increased API traffic and maintaining effective security measures as the business grows.

    Compliance Support: For organizations subject to regulatory requirements, Fortinet Managed Rules can help establish and maintain the necessary security controls to meet compliance standards, thus avoiding potential legal and financial penalties.
    R M.

    Definitely recommend

    Reviewed on Sep 04, 2023
    Review provided by G2
    What do you like best about the product?
    Fortinet Managed Rules for AWS WAF are a game-changer when it comes to securing your AWS API Gateway. In a nutshell, this solution provides robust protection against a wide array of threats while offering ease of implementation and customization options.

    One of the standout features is the ease of implementation. Even for those with limited prior experience in WAF management, setting up Fortinet's Managed Rules is a breeze. Well-documented guides and responsive support make the process straightforward.

    The core strength of Fortinet Managed Rules lies in its comprehensive protection. It offers a broad set of rules that cover numerous threats, from SQL injection to cross-site scripting. This breadth enhances security by safeguarding against both known and emerging threats.
    What do you dislike about the product?
    Complexity for Beginners: While Fortinet provides documentation and support, users who are new to web application firewall (WAF) management might find the initial setup and rule configuration process somewhat complex. It may require a learning curve, especially for those unfamiliar with AWS WAF concepts.

    Cost Considerations: The cost of implementing Fortinet Managed Rules can be a concern for smaller organizations or startups. Depending on the level of protection and customization needed, the pricing might not fit every budget.
    What problems is the product solving and how is that benefiting you?
    Fortinet Managed Rules for AWS WAF in API Gateway tackle various security challenges and deliver substantial benefits to organizations. They provide protection against web application attacks, including common threats like SQL injection and cross-site scripting. This proactive defense prevents data breaches and unauthorized access to APIs. Real-time threat detection and mitigation capabilities are pivotal. Quick identification and response to potential threats minimize attack impact and maintain data integrity.
    mahnaz f.

    I have 2 project experiences using Fortinet Managed Rules for AWS WAF with API Gateway

    Reviewed on Sep 03, 2023
    Review provided by G2
    What do you like best about the product?
    as a .NET Core developer, you might find that one of the benefits of using Fortinet Managed Rules for AWS WAF - API Gateway is that it provides an easy-to-use solution for adding an extra layer of security to your web applications running on AWS API Gateway. The service offers pre-configured rules that can be easily integrated into your application, helping to protect against common web-based attacks. This can save you time and effort when it comes to implementing security measures for your application.
    What do you dislike about the product?
    as a .NET Core developer, you might find that one of the potential drawbacks of using Fortinet Managed Rules for AWS WAF - API Gateway is that it may add some additional latency to your application. This is because the service inspects incoming web requests and applies the configured rules before allowing the request to reach your application. While this added latency may be minimal, it is something to consider when deciding whether or not to use this service. Additionally, the cost of using this service may be a concern for some users as it is a paid service.
    What problems is the product solving and how is that benefiting you?
    Security: Fortinet Managed Rules provide pre-configured rules that help protect your web applications from common web-based attacks such as SQL injection and cross-site scripting (XSS). By using these rules, you can enhance the security of your applications running on AWS API Gateway.

    Compliance: If your application needs to meet specific compliance requirements, such as PCI DSS or HIPAA, Fortinet Managed Rules can help you meet those requirements by providing a set of security rules and configurations that align with industry standards.

    Simplified Implementation: Fortinet Managed Rules offer an easy-to-use solution for adding security to your applications. The rules are designed to integrate seamlessly with AWS API Gateway, making it convenient for .NET developers to implement and manage security measures without extensive manual configuration.

    Time and Cost Savings: By leveraging Fortinet Managed Rules, you can save time and effort in implementing and maintaining custom security rules. The pre-configured rules provided by the service eliminate the need for you to create and manage complex rule sets from scratch, potentially reducing development and maintenance costs.

    Overall, Fortinet Managed Rules for AWS WAF - API Gateway is solving security-related problems that can benefit .NET developers by providing an easy-to-use, pre-configured solution that enhances the security of their web applications running on AWS API Gateway, while also potentially saving time and cost.
    Jose C.

    Strict rules for adequate security

    Reviewed on Aug 26, 2023
    Review provided by G2
    What do you like best about the product?
    Through Fortinet rules we can achieve many things, security, vpn, proxy, data wherehouse, scalability, functionality, usability, all this can be achieved through a rules and policies appropriate and optimized for each business, we could say that the cost benefit is adequate and functional, achieving adequate levels of connectivity without much investment.
    What do you dislike about the product?
    In the world of security there is no time to criticize or belittle the policies that are handled, for the management of these rules must have an expert and especially the extent that these should be clear and optimized for the company because not all work for everything.
    What problems is the product solving and how is that benefiting you?
    They are necessary for all connectivity and perimeter security throughout the company in a transversal and horizontal way, so you can maintain scalability and robust connectivity, balancing services and this helps all important areas, from sales to logistics, Fortinet is a strong ally to achieve fundamental objectives of any company.
    View all reviews