Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 25.4.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    User Guide

    Home FortiAppSec Cloud User Guide
    25.4.0
    26.1.0
    25.4.0
    25.3.0
    25.2.0

    Overview

    Overview

    Why migrate from FortiWeb Cloud/ FortiGSLB/ FortiGuard ABP to FortiAppSec Cloud?

    FortiAppSec Cloud is Fortinet's integrated platform for application security services. It unifies four previously standalone solutions — FortiWeb Cloud (Web Application Firewall and Threat Analytics), FortiGSLB (Global Server Load Balancing), and FortiGuard Advanced Bot Protection — into a single, cohesive platform. This integration streamlines management and operations while delivering a comprehensive application security solution. FortiAppSec Cloud addresses a broad spectrum of needs, from traffic optimization and load balancing to advanced threat protection, ensuring robust and efficient security for modern applications.

    How is the FortiAppSec Cloud Platform delivered?

    The FortiAppSec Cloud Platform is a SaaS service accessible via https://appsec.fortinet.com.

    What are the advantages of the FortiAppSec Cloud Platform? 

    The advantages of the new solution include:

    • Unified management for web application security, advanced bot protection, threat analytics, and server load balancing.

    • End-to-end protection for web applications and APIs.

    • Centralized security management for hybrid cloud environments.

    • Advanced delivery capabilities, including GSLB and content routing.

    • Faster content delivery with a global CDN.

    • Improved visibility and reduced complexity for easier application security management.

    Is the FortiAppSec Cloud Platform SOC2 compliant?

    The WAF and Threat Analytics services are SOC2 compliant. The GSLB and Advanced Bot Protection services are under review and are expected to pass SOC2 compliance shortly. SOC2 compliance ensures services meet rigorous security, availability, and confidentiality standards.

    Are there any changes in functionality/features for existing services?

    Most functionality and features remain the same between the previous standalone products and FortiAppSec Cloud. However, with FortiAppSec Cloud, we aim to highlight the evolution of the Cloud WAF industry towards a unified, all-inclusive offering that encompasses all cloud-based web application protection features.

    Where can I check the status of FortiAppSec Cloud and access incident history?

    Visit https://status.appsec.fortinet.com/ to check the real-time service status, review incident history, and subscribe for updates. Subscribing ensures you stay informed about any outages or changes affecting the system.

    Can I access the FortiAppSec Cloud portal via API?

    Yes, you can access the FortiAppSec Cloud portal through its API. This API enables you to manage configurations, automate workflows, and access application data. For more details, please refer to the FortiAppSec Cloud RESTful API Reference.

    What is FortiAppSec Cloud’s bandwidth capacity?

    FortiAppSec Cloud is deployed on cloud service providers (CSPs) that support traffic in the tens to hundreds of Gbps, depending on the region and availability zone. With its auto-scaling capability, FortiAppSec can easily expand to growing customer traffic needs.

    What export options are supported for FortiAppSec Cloud insights?

    FortiAppSec Cloud supports the following export options for logs:

    • Audit logs: Can be exported to FortiAnalyzer, FortiSIEM, Syslog, or Elasticsearch.

    • Attack logs: Can be exported to FortiAnalyzer, FortiSIEM, Syslog, or Elasticsearch.

    • Traffic logs: Can be exported to AWS S3 buckets or Azure Blob storage containers.

    • Splunk integration: Supports exporting Attack and Audit logs to Splunk (requires the FortiAppSec Cloud Add-on for Splunk).

    FortiAppSec Cloud also supports the following export options for reports:

    There are currently no direct export options for dashboard widgets.

    Previous
    Next

    Overview

    Overview

    Why migrate from FortiWeb Cloud/ FortiGSLB/ FortiGuard ABP to FortiAppSec Cloud?

    FortiAppSec Cloud is Fortinet's integrated platform for application security services. It unifies four previously standalone solutions — FortiWeb Cloud (Web Application Firewall and Threat Analytics), FortiGSLB (Global Server Load Balancing), and FortiGuard Advanced Bot Protection — into a single, cohesive platform. This integration streamlines management and operations while delivering a comprehensive application security solution. FortiAppSec Cloud addresses a broad spectrum of needs, from traffic optimization and load balancing to advanced threat protection, ensuring robust and efficient security for modern applications.

    How is the FortiAppSec Cloud Platform delivered?

    The FortiAppSec Cloud Platform is a SaaS service accessible via https://appsec.fortinet.com.

    What are the advantages of the FortiAppSec Cloud Platform? 

    The advantages of the new solution include:

    • Unified management for web application security, advanced bot protection, threat analytics, and server load balancing.

    • End-to-end protection for web applications and APIs.

    • Centralized security management for hybrid cloud environments.

    • Advanced delivery capabilities, including GSLB and content routing.

    • Faster content delivery with a global CDN.

    • Improved visibility and reduced complexity for easier application security management.

    Is the FortiAppSec Cloud Platform SOC2 compliant?

    The WAF and Threat Analytics services are SOC2 compliant. The GSLB and Advanced Bot Protection services are under review and are expected to pass SOC2 compliance shortly. SOC2 compliance ensures services meet rigorous security, availability, and confidentiality standards.

    Are there any changes in functionality/features for existing services?

    Most functionality and features remain the same between the previous standalone products and FortiAppSec Cloud. However, with FortiAppSec Cloud, we aim to highlight the evolution of the Cloud WAF industry towards a unified, all-inclusive offering that encompasses all cloud-based web application protection features.

    Where can I check the status of FortiAppSec Cloud and access incident history?

    Visit https://status.appsec.fortinet.com/ to check the real-time service status, review incident history, and subscribe for updates. Subscribing ensures you stay informed about any outages or changes affecting the system.

    Can I access the FortiAppSec Cloud portal via API?

    Yes, you can access the FortiAppSec Cloud portal through its API. This API enables you to manage configurations, automate workflows, and access application data. For more details, please refer to the FortiAppSec Cloud RESTful API Reference.

    What is FortiAppSec Cloud’s bandwidth capacity?

    FortiAppSec Cloud is deployed on cloud service providers (CSPs) that support traffic in the tens to hundreds of Gbps, depending on the region and availability zone. With its auto-scaling capability, FortiAppSec can easily expand to growing customer traffic needs.

    What export options are supported for FortiAppSec Cloud insights?

    FortiAppSec Cloud supports the following export options for logs:

    • Audit logs: Can be exported to FortiAnalyzer, FortiSIEM, Syslog, or Elasticsearch.

    • Attack logs: Can be exported to FortiAnalyzer, FortiSIEM, Syslog, or Elasticsearch.

    • Traffic logs: Can be exported to AWS S3 buckets or Azure Blob storage containers.

    • Splunk integration: Supports exporting Attack and Audit logs to Splunk (requires the FortiAppSec Cloud Add-on for Splunk).

    FortiAppSec Cloud also supports the following export options for reports:

    There are currently no direct export options for dashboard widgets.

    Previous
    Next