Network security specialist Fortinet expanded its distributed denial-of-service (DDoS) product family with four appliances for data center managers and system architects and managed service providers (MSPs).
The company’s behavior-based attack mitigation engine enables FortiDDoS to identify and mitigate current and future threats based on patterns and intent rather than content.
The second-generation FortiASIC-TP2 traffic processor provides both detection and mitigation of DDoS attacks in a single processor that handles all layer 3, 4 and 7 traffic types.
"We’ve dramatically improved the way we identify DDoS attack types since we released our first appliances in 2012. The adaptive, behavior-based attack monitoring introduced in today’s models automatically identifies any type of DDoS attack, including zero-days, and almost immediately takes action to mitigate it," John Maddison, vice president of marketing for Fortinet, said in a statement. "What’s more, we’re able to offer this class-leading performance at less than half the cost of our closest competitors."
The FortiDDoS-400B features 4G bps full-duplex throughput, 16 1G bps RJ-45 copper and small form-factor pluggable (SFP) ports for local area network (LAN) and wide area network (WAN) connectivity with support for up to 1 million simultaneous connections, and the FortiDDoS-800B features 8G bps full-duplex throughput, 16 1G bps RJ-45 copper and SFP ports for LAN and WAN connectivity with support for up to 2 million simultaneous connections.
The FortiDDoS-1000B features 12G bps full-duplex throughput, 16 10G bps SPF+ slots for LAN and WAN connectivity with support for up to 3 million simultaneous connections, and the FortiDDoS-2000B features 24G bps full-duplex throughput, 16 10G bps SPF+ slots and 4 10G bps SFP+ bypass ports for LAN and WAN connectivity with support for up to 6 million simultaneous connections.
FortiDDoS also handles attack mitigation by using a surgical bi-directional approach, monitoring normal inbound and outbound traffic and then using a reputation scoring system, rates IP addresses that are "good" and others that are participating in the attack.
The good traffic is allowed to proceed, but the offending IP addresses are temporarily blocked. If they’re determined to be a real threat after repeated re-evaluation, they are blocked for a much longer period of time.
"Despite the best efforts by ISPs to defend against DDoS threats, residual and application layer attacks are still able to bring down services in an Internet data center," Hemant Jain, vice president of engineering for Fortinet, said in a statement. "Fortinet now provides DDoS attack mitigation with up to 24G bps of full duplex throughput in the data center to ensure that critical services are always available."