Sold by: Fortinet Inc.
Deployed on AWS
The Complete OWASP Top 10 Ruleset delivers comprehensive web application protection to protect against the OWASP Top 10 web application threats
Overview
This product is not for AWS WAF Classic. Fortinets WAF rulesets are based on the FortiWeb web application firewall security service signatures, and are updated on a regular basis to include the latest threat information from FortiGuard Labs. The Complete OWASP Top 10 Ruleset provides a comprehensive package for web application protection offered by Fortinet to help cover the entire list of OWASP Top 10 web application threats. Includes protection for SQL Injection, Cross Site Scripting, General and Known Exploits, Malicious Bots and Common Vulnerabilities and Exposures (CVE).
For extended web application firewall features such as protection for zero attacks using AI-based behavioral attack detection, detailed attack log visibility, custom whitelisting and dedicated tools to fine tune and manage detections you can try Fortinet FortiWeb Cloud WAF-as-a-Service, a SaaS service that requires no hardware or software deployed https://aws.amazon.com/marketplace/pp/Fortinet-Inc-Fortinet-FortiWeb-Cloud-WAF-as-a-Serv/B07PXMWJT1 .
Fortinet Managed Rules for AWS WAF Video Tutorial https://pages.awscloud.com/mp-kickstart-fortinet.html?&trk=ta_a134p000003yoFjAAI&trkCampaign=AWSMP_pap_x_x_content-hub-resources&sc_channel=ta&sc_campaign=ta_awsmp_card&sc_outcome=Marketplace&sc_geo=mult
Pricing information: Pricing consists of two dimensions:
- $30 per month for each web ACL using the Fortinet Managed Rules, per region
- $1.8 per million requests in each region
Pricing examples:
pricing example: 2x web acl in a single region (ie us-east-1)
Managed rule group charges = $60.00 (2x units for 2x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $78.00/month
pricing example: 2x web acl in two regions (ie us-east-1 & us-east-2)
Managed rule group charges = $60.00 (2x units for 2x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $78.00/month
pricing example: 3x web acl in two regions and one using a CloudFront (ie us-east-1, us-east-2, CloudFront)
Managed rule group charges = $90.00 (3x units for 3x web ACLs) Managed rule group request charges = $1.80/million * 10 million = $18.00 Total AWS Marketplace charges = $108.00/month
Highlights
- Complete set to help protect against the OWASP Top 10
- Can be configured to log, alert and/or block
- Regular updates from FortiGuard Labs
Details
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/unit |
|---|---|
Charge per month in each available region (pro-rated by the hour) | $30.00 |
Charge per million requests in each available region | $1.80 |
Vendor refund policy
Non-Refundable
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
Support offered by Fortinet. Contact Fortinet directly by email - awswaf@fortinet.com . Please see FAQ for more info.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Fortinet Managed Rules for AWS WAF - API Gateway
By Fortinet Inc.
The Fortinet Managed Rules for AWS API Gateway is a comprehensive package for the best web application protection to help protect against the OWASP Top 10 web application threats, including SQLi/XSS attacks, General and Known Exploits, and Malicious Bots.
Imperva's Managed Rules for IP Reputation allow you to take a proactive approach to threat prevention and security management by providing an extensive IP whitelist/blacklist that is regularly monitored and updated.
Protect against web exploits. F5 Web Exploits Rules for AWS WAF, provides protection against web attacks that are part of the OWASP Top 10, such as: SQLi, XSS, command injection, No-SQLi injection, path traversal, and predictable resource.
Trend Cloud One
By Trend Micro
Trend Cloud One™ - A comprehensive cloud security platform purpose-built for those building in AWS. Click subscribe to start your free trial and discover what automated, flexible, all-in-one cloud security can do for you! Remember, your 30-day free trial includes access to the entire Trend Cloud One platform + access to our always free tiers. To learn more about our always-free tiers, check out the additional support section!
Customer reviews
Welli A.
AWS WAF - API Gateway
Reviewed on Sep 05, 2023
Review provided by G2
What do you like best about the product?
This feature makes it very easy for developers like me. With this feature, I can create new projects quickly and easily!
What do you dislike about the product?
So far I'm using this feature well for problems I can still fix and I still like it
What problems is the product solving and how is that benefiting you?
So far I'm using this feature well for issues I can still fix and I still like it
Leave a comment0 comments
M T.
34
Reviewed on Sep 05, 2023
Review provided by G2
What do you like best about the product?
Fortinet Managed Rules for AWS WAF - API Gateway offers robust pre-configured security rules, real-time threat intelligence, and seamless AWS integration, providing a comprehensive and easy-to-manage solution for safeguarding your API Gateway deployments.
What do you dislike about the product?
but I do not have access to specific user feedback or examples regarding Fortinet Managed Rules for AWS WAF - API Gateway. If you have specific questions or concerns about the service, I recommend reaching out to Fortinet directly or consulting online resources and reviews to gather information on user experiences, likes, and dislikes related to this product.
What problems is the product solving and how is that benefiting you?
Fortinet Managed Rules for AWS WAF - API Gateway aims to address several common security challenges associated with protecting web applications and APIs. Here's how it can benefit organizations:
Protection Against Web Application Attacks: Fortinet Managed Rules help mitigate threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top Ten vulnerabilities. This protection ensures the integrity and availability of web applications and APIs.
Automated Threat Intelligence: Fortinet incorporates real-time threat intelligence into their rules, allowing organizations to stay updated on emerging threats without manual intervention. This proactive approach helps defend against new attack vectors and vulnerabilities.
Ease of Implementation: By providing pre-configured security rules, Fortinet simplifies the process of setting up and managing security for AWS API Gateway. This can save time and resources compared to manual rule creation.
Centralized Management: Organizations can manage security policies across multiple API Gateway instances using Fortinet's centralized management console. This streamlines the administration of security rules and ensures consistency.
Customization: While offering pre-configured rules, Fortinet Managed Rules also allow customization. Organizations can tailor security policies to their specific application requirements, ensuring a balance between security and functionality.
Scalability: Fortinet's solution can scale with the organization's infrastructure, accommodating increased API traffic and maintaining effective security measures as the business grows.
Compliance Support: For organizations subject to regulatory requirements, Fortinet Managed Rules can help establish and maintain the necessary security controls to meet compliance standards, thus avoiding potential legal and financial penalties.
Protection Against Web Application Attacks: Fortinet Managed Rules help mitigate threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top Ten vulnerabilities. This protection ensures the integrity and availability of web applications and APIs.
Automated Threat Intelligence: Fortinet incorporates real-time threat intelligence into their rules, allowing organizations to stay updated on emerging threats without manual intervention. This proactive approach helps defend against new attack vectors and vulnerabilities.
Ease of Implementation: By providing pre-configured security rules, Fortinet simplifies the process of setting up and managing security for AWS API Gateway. This can save time and resources compared to manual rule creation.
Centralized Management: Organizations can manage security policies across multiple API Gateway instances using Fortinet's centralized management console. This streamlines the administration of security rules and ensures consistency.
Customization: While offering pre-configured rules, Fortinet Managed Rules also allow customization. Organizations can tailor security policies to their specific application requirements, ensuring a balance between security and functionality.
Scalability: Fortinet's solution can scale with the organization's infrastructure, accommodating increased API traffic and maintaining effective security measures as the business grows.
Compliance Support: For organizations subject to regulatory requirements, Fortinet Managed Rules can help establish and maintain the necessary security controls to meet compliance standards, thus avoiding potential legal and financial penalties.
R M.
Definitely recommend
Reviewed on Sep 04, 2023
Review provided by G2
What do you like best about the product?
Fortinet Managed Rules for AWS WAF are a game-changer when it comes to securing your AWS API Gateway. In a nutshell, this solution provides robust protection against a wide array of threats while offering ease of implementation and customization options.
One of the standout features is the ease of implementation. Even for those with limited prior experience in WAF management, setting up Fortinet's Managed Rules is a breeze. Well-documented guides and responsive support make the process straightforward.
The core strength of Fortinet Managed Rules lies in its comprehensive protection. It offers a broad set of rules that cover numerous threats, from SQL injection to cross-site scripting. This breadth enhances security by safeguarding against both known and emerging threats.
One of the standout features is the ease of implementation. Even for those with limited prior experience in WAF management, setting up Fortinet's Managed Rules is a breeze. Well-documented guides and responsive support make the process straightforward.
The core strength of Fortinet Managed Rules lies in its comprehensive protection. It offers a broad set of rules that cover numerous threats, from SQL injection to cross-site scripting. This breadth enhances security by safeguarding against both known and emerging threats.
What do you dislike about the product?
Complexity for Beginners: While Fortinet provides documentation and support, users who are new to web application firewall (WAF) management might find the initial setup and rule configuration process somewhat complex. It may require a learning curve, especially for those unfamiliar with AWS WAF concepts.
Cost Considerations: The cost of implementing Fortinet Managed Rules can be a concern for smaller organizations or startups. Depending on the level of protection and customization needed, the pricing might not fit every budget.
Cost Considerations: The cost of implementing Fortinet Managed Rules can be a concern for smaller organizations or startups. Depending on the level of protection and customization needed, the pricing might not fit every budget.
What problems is the product solving and how is that benefiting you?
Fortinet Managed Rules for AWS WAF in API Gateway tackle various security challenges and deliver substantial benefits to organizations. They provide protection against web application attacks, including common threats like SQL injection and cross-site scripting. This proactive defense prevents data breaches and unauthorized access to APIs. Real-time threat detection and mitigation capabilities are pivotal. Quick identification and response to potential threats minimize attack impact and maintain data integrity.
mahnaz f.
I have 2 project experiences using Fortinet Managed Rules for AWS WAF with API Gateway
Reviewed on Sep 03, 2023
Review provided by G2
What do you like best about the product?
as a .NET Core developer, you might find that one of the benefits of using Fortinet Managed Rules for AWS WAF - API Gateway is that it provides an easy-to-use solution for adding an extra layer of security to your web applications running on AWS API Gateway. The service offers pre-configured rules that can be easily integrated into your application, helping to protect against common web-based attacks. This can save you time and effort when it comes to implementing security measures for your application.
What do you dislike about the product?
as a .NET Core developer, you might find that one of the potential drawbacks of using Fortinet Managed Rules for AWS WAF - API Gateway is that it may add some additional latency to your application. This is because the service inspects incoming web requests and applies the configured rules before allowing the request to reach your application. While this added latency may be minimal, it is something to consider when deciding whether or not to use this service. Additionally, the cost of using this service may be a concern for some users as it is a paid service.
What problems is the product solving and how is that benefiting you?
Security: Fortinet Managed Rules provide pre-configured rules that help protect your web applications from common web-based attacks such as SQL injection and cross-site scripting (XSS). By using these rules, you can enhance the security of your applications running on AWS API Gateway.
Compliance: If your application needs to meet specific compliance requirements, such as PCI DSS or HIPAA, Fortinet Managed Rules can help you meet those requirements by providing a set of security rules and configurations that align with industry standards.
Simplified Implementation: Fortinet Managed Rules offer an easy-to-use solution for adding security to your applications. The rules are designed to integrate seamlessly with AWS API Gateway, making it convenient for .NET developers to implement and manage security measures without extensive manual configuration.
Time and Cost Savings: By leveraging Fortinet Managed Rules, you can save time and effort in implementing and maintaining custom security rules. The pre-configured rules provided by the service eliminate the need for you to create and manage complex rule sets from scratch, potentially reducing development and maintenance costs.
Overall, Fortinet Managed Rules for AWS WAF - API Gateway is solving security-related problems that can benefit .NET developers by providing an easy-to-use, pre-configured solution that enhances the security of their web applications running on AWS API Gateway, while also potentially saving time and cost.
Compliance: If your application needs to meet specific compliance requirements, such as PCI DSS or HIPAA, Fortinet Managed Rules can help you meet those requirements by providing a set of security rules and configurations that align with industry standards.
Simplified Implementation: Fortinet Managed Rules offer an easy-to-use solution for adding security to your applications. The rules are designed to integrate seamlessly with AWS API Gateway, making it convenient for .NET developers to implement and manage security measures without extensive manual configuration.
Time and Cost Savings: By leveraging Fortinet Managed Rules, you can save time and effort in implementing and maintaining custom security rules. The pre-configured rules provided by the service eliminate the need for you to create and manage complex rule sets from scratch, potentially reducing development and maintenance costs.
Overall, Fortinet Managed Rules for AWS WAF - API Gateway is solving security-related problems that can benefit .NET developers by providing an easy-to-use, pre-configured solution that enhances the security of their web applications running on AWS API Gateway, while also potentially saving time and cost.
Jose C.
Strict rules for adequate security
Reviewed on Aug 26, 2023
Review provided by G2
What do you like best about the product?
Through Fortinet rules we can achieve many things, security, vpn, proxy, data wherehouse, scalability, functionality, usability, all this can be achieved through a rules and policies appropriate and optimized for each business, we could say that the cost benefit is adequate and functional, achieving adequate levels of connectivity without much investment.
What do you dislike about the product?
In the world of security there is no time to criticize or belittle the policies that are handled, for the management of these rules must have an expert and especially the extent that these should be clear and optimized for the company because not all work for everything.
What problems is the product solving and how is that benefiting you?
They are necessary for all connectivity and perimeter security throughout the company in a transversal and horizontal way, so you can maintain scalability and robust connectivity, balancing services and this helps all important areas, from sales to logistics, Fortinet is a strong ally to achieve fundamental objectives of any company.