Control de aplicaciones expuestas a internet
Control de APIS
one-arm, una sola red
two-arm dos redes distintas
4 Pasos generales para la configuración inicial.
1.Cargar el certificado
extensiones
.prt
.pm
2. Configurar el server pool, la ip del server que contiene la aplicaciones web
3. Configurar el virtual server, una ip dentro de la red del Fortiweb.
4. Configurar política
Capas de protección
ip reputacion
ddos proteccion
protocol validation
attack signatures
antivirus/dlp
integration
advance proteccion
behavioral validation
https://avinetworks.com/glossary/ssl-offload/
A Web Application Firewall or WAF provides web application security for online services from malicious Internet traffic. WAFs detect and filter out threats such as OWASP Top 10 which could degrade, compromise or bring down online applications.
SSL offloading is the process of removing the SSL based encryption from incoming traffic that a web server receives to relieve it from decryption of data. Security Socket Layer (SSL) is a protocol that ensures the security of HTTP traffic and HTTP requests on the internet. SSL traffic can be compute intensive since it requires encryption and decryption of traffic. SSL (called TLS or Transport Layer Security now) relies on public key cryptography to encrypt communications between the client and server sending messages safely across networks. Encryption of sensitive information protects against potential hackers and man-in-the-middle attacks.
