Distributed Denial of Service (DDoS) attacks are ever-evolving and use a variety of technologies. To successfully combat these attacks, you need a dynamic, multi-layered security solution. Fortinet DDoS Network Security FortiDDoS protects from both known and zero day attacks with very low latency. It’s easy to deploy and manage, and includes comprehensive reporting and analysis tools. FortiDDoS includes 100% security processor (SPU-based Layer-3, Layer-4, and Layer-7 DDoS protection application-aware traffic management. Behavior-based DDoS protection to eliminate need for signature files, minimal false-positive detections through continuous threat evaluation, and ability to monitor hundreds of thousands of parameters simultaneously. Defense against every DDoS attack — bulk volumetric, Layer-7 application, and SSL/HTTPS and attack protection for DNS services via specialized tools.
Distributed Denial of Service (DDoS) attacks are some of the oldest of Internet threats. Despite that, due their simplicity and effectiveness, they continue to be a top risk for public services around the world. As protections have evolved, the technology used by hackers has adapted and become much more sophisticated. New attack types now target applications and services, and not only are bulk Layer-3 and Layer-4 DDoS events becoming more sophisticated but many times they are masked in apparently legitimate traffic, or combined in unique new “zero day” attacks, making it very difficult to detect them. Fortinet FortiDDoS has the technologies used traditionally to detect and mitigate DDoS attacks, how they evolved and why the state-of-the-art technology must rely on Application Specific Integrated Circuits (ASICs), inline symmetric or asymmetric deployments, a wide-spectrum of analysis methods covering from Layer-2 to Layer-7 of the OSI model, and why this must be done with high-performance, hardware-based architectures.
Fortinet DDoS Network Security — FortiDDoS
DDoS attack mitigation appliances — Fortinet FortiDDoS. Fortinet DDoS Network Security is the only company to use a 100% custom ASIC approach to its DDoS products and uses a 100% adaptive behavior based method to identify threats. Unmatched DDoS detection and mitigation performance with less than 50 microsecond latency. Easy-to-deploy and manage with automatic learning tools and intuitive GUI. Lowest TCO compared to other hardware and service-based DDoS mitigation solutions. Best false-detection avoidance with sub-minute blocking and attack reevaluation. FortiDDoS uses a 100% heuristic/behavior-based method to identify threats, compared to competitors that rely primarily on signature-based matching. Instead of requiring predefined signatures to identify attack patterns, Fortinet DDoS Network Security FortiDDoS uses its massively-parallel computing architecture to build an adaptive baseline of normal activity from hundreds-of-thousands of parameters and then monitors traffic against that baseline. Should an attack begin, FortiDDoS sees this as abnormal and immediately takes action to mitigate it.
A Different And Better Approach To DDoS Attack Mitigation
Only Fortinet DDoS Network Security uses a 100% SPU approach to its DDoS products without the performance compromises of a CPU or CPU/ASIC hybrid system. The SPU-TP2 transaction processors inspect 100% of both inbound and outbound Layer-3, Layer-4 and Layer-7 traffic, resulting in the fastest detection and mitigation, and the lowest latency in the industry. FortiDDoS uses a 100% heuristic/behavior-based method to identify threats, compared to competitors that rely primarily on signature-based matching. Instead of requiring predefined signatures to identify attack patterns, FortiDDoS uses its massively parallel computing architecture to build an adaptive baseline of normal activity from hundreds-of-thousands of parameters and then monitors traffic against that baseline. Should an attack begin, FortiDDoS sees this as abnormal and immediately takes action to mitigate it.
Flexible Defense Mechanisms
Fortinet DDoS Network Security FortiDDoS protects against every DDoS attack including Bulk Volumetric, Layer-7 Application, DNS, and SSL/HTTPS attacks. From the oldest trick in the book to the latest in advanced application layer attacks, FortiDDoS has you covered. Bulk Volumetric Attacks were the first DDoS attack types and continue to pose significant threats today. While ISPs may prevent simple attacks of this type, the attacks are increasingly used to mask more complex application-level attack methods. The easiest way to deal with these types of threats is to simply block all abnormal traffic until the attack stops. The FortiDDoS IP Reputation scoring system continues to let “good” traffic in while mitigating Source IP addresses that are causing the problem. This process not only provides the protection you need, but also minimizes the effects of a “false positive” match from halting good client traffic.
Fortinet DDoS Network Security
Web applications and email systems have long been favorite targets of hackers because they have access to valuable information and they are relatively easy to exploit. A successful attack can result in a variety of devastating consequences including financial loss, damage to brand reputation, and loss of customer trust. Most organizations do not recover from a major security breach, making it absolutely critical to protect your users and customers from threats that target applications and email systems.
Fortinet Data Center Application Security solution consists of a robust and integrated set of products to protect against these attacks. We are the only company that delivers a complete single-vendor solution with the proven performance and security effectiveness to meet the increasing demands of today’s data centers. In addition, our application security solutions can be integrated with Fortinet FortiGate next-generation firewalls and Fortinet FortiSandbox sandbox for extra defenses against Advanced Persistent Threats (APTs).
The enterprise data center is evolving rapidly with technologies such as virtualization, software-defined networking, and public cloud computing. Trying to apply traditional security to new technologies generally will not be effective. Enterprises need to evaluate their data center initiatives and how they will impact network security to ensure all areas of the data center remain protected. Today’s data centers are dynamic and complex. Security solutions need to be flexible, effective, and easy to manage so they bring order to the chaos instead of adding to it. Fortinet can protect your physical, virtual, and cloud servers with one solution — whether data center, private cloud, or public cloud deployments.
Under constant attack, organizations cannot afford to choose between security and maintaining a high-performance business infrastructure. Your extended enterprise needs proven security that won't compromise performance: from deep within internal segments, to physical and virtual data centers, to dynamic cloud environments. Deploying network security solutions from multiple vendors causes unnecessary complexity and introduces security gaps. The Fortinet Enterprise Firewall Solution delivers industry-leading security effectiveness with unmatched performance capabilities — through one operating system managed within a single pane of glass.
Cloud computing is becoming increasingly popular among enterprises looking to take advantage of the quick deployment, unprecedented scalability, and cost savings. Private cloud infrastructure, including virtualization and software-defined networking (SDN), are rapidly transforming data centers worldwide. At the same time, organizations are rapidly embracing public clouds, both migrating workloads to Infrastructure-as-a-Service (IaaS) clouds like AWS and Azure, and adopting Software-as-a-Service (SaaS) applications. This results in a hybrid cloud and increasingly multi-cloud environment that is truly borderless for your enterprise users, data, and applications.
Evolving your infrastructure means your security must evolve as well, to protect your enterprise regardless of where your infrastructure and applications are running. If your security can’t keep up with the agile public, private, and hybrid cloud environments of today, gaps in protection will occur. There are a number of deployment methods being used today that require scalable security capable of keeping up with elastic workloads. Fortinet provides comprehensive security for private, public, and hybrid deployments before, during, and after migration — with one solution.
At the heart of Fortinet data center security are the FortiGate data center firewalls which are purpose-built FortiASIC processors that enable this extremely high level of performance. These custom content and network processors provide near-wire speed switching, routing, and stateful firewalling. The network processors eliminate the need for legacy Layer-2 switches and routers within the data center. Instead, FortiGate takes over and performs network segmentation, switching, routing, and network security, all while reducing network complexity.
Furthermore, our integrated architecture provides extremely high throughput and exceptionally low latency, minimizing packet processing while accurately scanning the data for threats. Custom FortiASIC processors deliver content inspection at multi-gigabit speeds. The only way for a network security platform to scale is via purpose-built ASICs to accelerate specific parts of the packet processing and content scanning function. FortiGate technology utilizes Optimum Path Processing (OPP) to optimize the different resources available in packet flow. The FortiASIC can scale to 500 Gbps of firewall throughput independent of packet size while maintaining a high number of sessions and extremely low latency.
FortiWeb provides integration with leading third-party vulnerability scanners including Acunetix, HP WebInspect, IBM AppScan, Qualys and WhiteHat to provide dynamic virtual patches to security issues in application environments. Vulnerabilities found by the scanner are quickly and automatically turned into security rules by FortiWeb to protect the application until developers can address them in the application code. Quarantined IPs HTTP Traffic service protects you from known attack sources like botnets, spammers, anonymous proxies, and sources known to be infected with malicious software.
FortiWeb Security Service is designed just for FortiWeb including items such as application layer signatures, malicious robots, suspicious URL patterns and web vulnerability scanner updates. Finally, FortiWeb offers FortiGuard’s top-rated antivirus engine that scans all file uploads for threats that can infect your servers or other network elements. FortiWeb provides maximum flexibility in supporting your virtual and hybrid environments. The virtual versions of FortiWeb support all the same features as Fortinet hardware-based devices and work with all the top hypervisors.