FortiDDoS uses a 100% heuristic/behavior-based method to identify threats compared to competitors that rely primarily on signature-based matching. Instead of using pre-defined signatures to identify attack patterns, FortiDDoS builds a baseline of normal activity and then monitors traffic against it. Should an attack begin, FortiDDoS sees this as an anomaly and then immediately takes action to mitigate it. You're protected from known attacks and from the unknown "zero-day" attacks as FortiDDoS doesn't need to wait for a signature file to be updated. FortiDDoS also handles attack mitigation differently than other solutions. In other DDoS attack mitigation appliances, once an attack starts, it's 100% blocked until the threat is over. If an event is mistakenly matched to a signature creating a "false positive", then all traffic comes to a halt requiring intervention. FortiDDoS uses a more surgical approach by monitoring normal traffic and then using a reputation penalty scoring system, rates IP addresses that are "good" and others that are causing the problem. FortiDDoS blocks the offending IP addresses then repeatedly reevaluates the attack at user defined periods (every 15 seconds by default). If the offending IP addresses continue to be a persistent threat for each of these reevaluation periods, their reputation penalty score will increase and will eventually be blacklisted once they hit a user-defined threshold.
Fortinet FortiDDoS 400B - Security appliance - GigE - 1U (Voltage: AC 120/230 V (50/60 Hz))
Processor / Memory / Storage
Data Link Protocol:
- Ethernet, Fast Ethernet, Gigabit Ethernet
Remote Management Protocol:
- Simultaneous connections: 1000000
- Stateful Packet Inspection (SPI), packet filtering
- 8 x 1000Base-T - RJ-45 x 2 (WAN / LAN)
- 8 x - SFP (mini-GBIC) x 2 (WAN / LAN)
- 2 x management - RJ-45
- UL, VCCI, C-Tick, cUL, CB, FCC Part 15 A
Power Consumption Operational:
Min Operating Temperature:
Max Operating Temperature:
Humidity Range Operating:
- 100% behavioral-based detection
FortiDDoS doesn't rely on signature files that need to be updated with the latest threats so you're protected from both known and unknown "zero-day" attacks.
- 100% hardware-based DDoS protection
The FortiASIC-TP2 transaction processor provides bi-directional detection and mitigation of Layer 2, 3 and 7 DDoS attacks for industry-leading performance.
- Continuous attack evaluation
Minimizes the risk of "false positive" detection by reevaluating the attack to ensure that "good" traffic isn't disrupted.
- Congestion resistant
With up to 24 Gbps of throughput, FortiDDoS won't easily be overwhelmed by high-volume DDoSattacks.
- Automated learning process
With minimal configuration, FortiDDoS will automatically build normal traffic and resources behavior profiles saving you time and IT management resources.
- Multiple attack protection
By understanding behaviors FortiDDoS can detect any DDoS attack from basic Bulk Volumetric to sophisticated Layer 7 SSL-based attacks without the need to decrypt traffic.
- Comprehensive reporting capabilities
Real-time and historic reports provide granular visibility for network and protocol layers.
No Reviews are available at this time