Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home FortiAppSec Cloud User Guide

    WAF Applications

    WAF Applications

    On the Applications page, you can manage configurations related to applications, including viewing application information, filtering applications, onboarding applications, enabling/disabling CDN, selecting FortiAppSec Cloud scrubbing centers for your application.

    Viewing application information

    The application table displays all the applications you have onboarded. You can view the following information about an application. Click Add Filter to create a filter based on Application table fields. Click the Column Settings icon to select the columns being displayed in the table.

    Domain Name The domain name of the application. If you have added more than one domain name, click the number mark to view all the domain name. You can change the domain names in Network > Endpoints.

    Platform

    		 The platform where the FortiAppSec Cloud scrubbing center assigned to your application is located. You can click the edit icon to change the region.

    Region

    The FortiAppSec Cloud scrubbing center assigned to your application.
    DNS Status It shows OK if you have changed the DNS record to use the CNAME IP address provided by FortiAppSec Cloud. Refer to Example: Changing DNS records on AWS Route 53.
    Blocked / Allowed

    The ratio of blocked to allowed requests.

    Blocked Requests: number of requests blocked by FortiAppSec Cloud

    Allowed Requests: The number of requests that reached your application.

    To view the details, click the application name, then go to Logs > Attack Logs.
    Data Usage The volume of data processed by FortiAppSec Cloud, including the data accumulated by the blocked requests.

    IP Allowlist

    Displays the number of IPs used for connections to your origin server. Click to view the full list and add them to your firewall allowlist.

    Health Check

    Displays the status of the servers on your application.

    • Enable HC: This application has origin servers with multiple pool members but no health check configured. We recommend enabling health checks for these origin servers.

      To enable Health Check:

      1. Click the name of the relevant application.

      2. Navigate to Network > Origin Servers.

      3. Find the server pool with the disabled Health Check, then click the Edit icon under Actions.

      4. In the row of the Server Balance settings, click the Edit icon under Actions.

      5. Scroll down to the Health Check option and select the radio button to enable it.

        For details on the other configuration options on this page, please refer to Origin Servers.

    • Active: All servers on this application are healthy and operational.

    • Partial: The servers on this application have different statuses. Hover over this status to view a detailed breakdown.

    • Out of service: None of the servers in this application are operational.

    • Not Required: This application does not require enabling health check.

    Template

    The configuration template applied to the application, if any. For more information, refer to Templates.
    Block Mode Enable or disable the block mode. Refer to Understanding block mode and action

    Onboarding applications

    See Onboarding WAF applications for instructions on how to onboard applications.

    Cloning the application configurations

    You can create a new template by cloning an existing application's configuration.

    1. Click the Clone icon on the application row.
    2. Enter a name for the template.
    3. Click OK.

    The template will be displayed in WAF > Templates.

    Enabling/disabling CDN

    Enable or disable CDN. For more information, refer to CDN

    Changing FortiAppSec Cloud scrubbing center

    If CDN is disabled, the system automatically assigns a FortiAppSec Cloud scrubbing center located nearest to your application server. You can change it to another scrubbing center.

    1. Go to WAF > Applications.
    2. Click the edit icon for the application.
    3. Select the desired region.
    4. Click OK.

    Previous
    Next

    WAF Applications

    WAF Applications

    On the Applications page, you can manage configurations related to applications, including viewing application information, filtering applications, onboarding applications, enabling/disabling CDN, selecting FortiAppSec Cloud scrubbing centers for your application.

    Viewing application information

    The application table displays all the applications you have onboarded. You can view the following information about an application. Click Add Filter to create a filter based on Application table fields. Click the Column Settings icon to select the columns being displayed in the table.

    Domain Name The domain name of the application. If you have added more than one domain name, click the number mark to view all the domain name. You can change the domain names in Network > Endpoints.

    Platform

    		 The platform where the FortiAppSec Cloud scrubbing center assigned to your application is located. You can click the edit icon to change the region.

    Region

    The FortiAppSec Cloud scrubbing center assigned to your application.
    DNS Status It shows OK if you have changed the DNS record to use the CNAME IP address provided by FortiAppSec Cloud. Refer to Example: Changing DNS records on AWS Route 53.
    Blocked / Allowed

    The ratio of blocked to allowed requests.

    Blocked Requests: number of requests blocked by FortiAppSec Cloud

    Allowed Requests: The number of requests that reached your application.

    To view the details, click the application name, then go to Logs > Attack Logs.
    Data Usage The volume of data processed by FortiAppSec Cloud, including the data accumulated by the blocked requests.

    IP Allowlist

    Displays the number of IPs used for connections to your origin server. Click to view the full list and add them to your firewall allowlist.

    Health Check

    Displays the status of the servers on your application.

    • Enable HC: This application has origin servers with multiple pool members but no health check configured. We recommend enabling health checks for these origin servers.

      To enable Health Check:

      1. Click the name of the relevant application.

      2. Navigate to Network > Origin Servers.

      3. Find the server pool with the disabled Health Check, then click the Edit icon under Actions.

      4. In the row of the Server Balance settings, click the Edit icon under Actions.

      5. Scroll down to the Health Check option and select the radio button to enable it.

        For details on the other configuration options on this page, please refer to Origin Servers.

    • Active: All servers on this application are healthy and operational.

    • Partial: The servers on this application have different statuses. Hover over this status to view a detailed breakdown.

    • Out of service: None of the servers in this application are operational.

    • Not Required: This application does not require enabling health check.

    Template

    The configuration template applied to the application, if any. For more information, refer to Templates.
    Block Mode Enable or disable the block mode. Refer to Understanding block mode and action

    Onboarding applications

    See Onboarding WAF applications for instructions on how to onboard applications.

    Cloning the application configurations

    You can create a new template by cloning an existing application's configuration.

    1. Click the Clone icon on the application row.
    2. Enter a name for the template.
    3. Click OK.

    The template will be displayed in WAF > Templates.

    Enabling/disabling CDN

    Enable or disable CDN. For more information, refer to CDN

    Changing FortiAppSec Cloud scrubbing center

    If CDN is disabled, the system automatically assigns a FortiAppSec Cloud scrubbing center located nearest to your application server. You can change it to another scrubbing center.

    1. Go to WAF > Applications.
    2. Click the edit icon for the application.
    3. Select the desired region.
    4. Click OK.

    Previous
    Next