Fortinet has expanded its family of Distributed Denial of Service products with four new appliances to help detect and mitigate large threats designed to wield large numbers of infected systems to flood servers with requests and crowd out legitimate traffic.
According to Fortinet these newly available appliances, FortiDDoS-400B, FortiDDoS-800B, FortiDDoS-1000B and FortiDDoS-2000B, all feature a behavior-based DDoS attack mitigation engine that’s able to handle sophisticated DDoS attacks such as Zero-Day attacks and unidentified attacks. Behavior-based detection means that FortiDDoS does not need to wait for a signature file to be updated.
These devices are also capable of mitigating increasingly large attacks. These devices are capable of between 4 and 24 Gbps full-duplex throughput, and between 1 and 6 million simultaneous connections
“We’ve dramatically improved the way we identify DDoS attack types since we released our first appliances in 2012,” Fortinet marketing VP John Maddison said in a statement. “The adaptive, behavior-based attack monitoring introduced in today’s models automatically identifies any type of DDoS attack, including zero-days, and almost immediately takes action to mitigate it.”
Fortinet said these appliances can be purchased for less than half the price of competing solutions, and stop attacks as much as 10 times faster. High-performance Application-Specific Integrated Circuits (or ASICs) make the blocking period very short, and allow the appliance to continuously reevaluate attacks.
These appliances feature Fortinet’s custom, second-generation FortiASIC-TP2 traffic processor, which detects and mitigates of DDoS attacks on all layer 3, 4 and 7 traffic types. This approach eliminates the overhead with CPU or CPU/ASIC hybrid systems, and other bottlenecks.
DDoS attacks are becoming an increasing problem for web hosts, corporations, and world governments. In a recent report on its attack data (PDF), Distributed Denial of Service mitigation provider Black Lotus saw the average DDoS attack size swell to 3.1 Gbps and 1.5 million packets per second. And according to Arbor Networks’ latest infrastructure security report, more than 70 percent of data centers had reported DDoS attacks in 2013.
Fortinet engineering VP Hemant Jain said, “Despite the best efforts by ISPs to defend against DDoS threats, residual and application layer attacks are still able to bring down services in an Internet data center. Fortinet now provides DDoS attack mitigation with up to 24 Gbps of full duplex throughput in the data center to ensure that critical services are always available.”