Fortinet FortiDDoS-2000E - DDoS Protection Appliance - FDD-2000E
- Explore Remote Installation & Support for this device
- 100% hardware-based Layer 3, 4, & 7 DDoS attack identification and mitigation
- 100% Behavior-based DDoS detection
- Completely invisible to attackers with no IP & no MAC addresses in data path
- Advanced DNS DDoS mitigation on most models
- Continuous threat evaluation to minimize false positive detections
- Single-pass architecture simultaneously monitors hundreds of thousands of parameters
- Manufacturer Part #: FDD-2000E
Distributed Denial of Service (DDoS) attacks continue to remain a top threat to IT security and have evolved in almost every way to do what they do best: shut down your vital online services. Never has a problem been so dynamic and broad-based without being tied to one particular technology.
There is almost an unlimited array of tools that Hacktivists and Cyberterrorists can use to prevent access to your network. Sophisticated DDoS attacks create not only Layer 4 volumetric assaults, but also target Layer 7 and DNS services where much smaller attack sizes can hide the attacks from cloud-based mitigation methods.
To combat these attacks, you need a solution that is equally dynamic and broad-based. Fortinet s FortiDDoS Attack Mitigation appliances use behavior-based attack detection methods and 100% hardwarebased detection and mitigation using security processing units (SPUs) to deliver the most advanced and fastest DDoS attack mitigation on the market today.
A Different and Better Approach to DDoS Attack Mitigation
Only Fortinet uses a 100% SPU approach to its DDoS products without the performance compromises of a CPU or CPU/ASIC hybrid system. The SPU-TP2 transaction processors inspect 100% of both inbound and outbound Layer 3, 4 and 7 traffic, resulting in the fastest detection and mitigation, and the lowest latency in the industry.
FortiDDoS uses a 100% heuristic/behavior-based method to identify threats, compared to competitors that rely primarily on signaturebased matching. Instead of requiring predefined signatures to identify attack patterns, FortiDDoS uses its massively-parallel computing architecture to build an adaptive baseline of normal activity from hundreds-of-thousands of parameters and then monitors traffic against that baseline. Should an attack begin, FortiDDoS sees this as abnormal and immediately takes action to mitigate it.
FortiDDoS protects you from known attacks and from zero-day attacks because it doesn t need to wait for updated signature files. FortiDDoS handles attack mitigation differently than other solutions. In other DDoS attack mitigation appliances, once an attack starts, it s 100% blocked or traffic is rate-limited to the destination IP which has the negative affect of also rate-limiting good traffic. If an event is a false positive" then all traffic is affected, requiring intervention. FortiDDoS uses a more surgical approach, by monitoring normal traffic and then using Source Tracking to detect up to 6 million Source IP addresses that are causing the problem.
FortiDDoS blocks the offending Source IP addresses, then reevaluates the attack at user-defined intervals. If the offending Source IP addresses continue to be a threat for each of these reevaluation periods, the blocking period is extended until the attack subsides. Destination IPs are seldom rate-limited and valid Source IPs are always allowed.
Flexible Defense Mechanisms
FortiDDoS protects against every DDoS attack including Bulk Volumetric, Layer 7 Application, DNS, and SSL/HTTPS attacks. From the oldest trick in the book to the latest in advanced application layer attacks, FortiDDoS has you covered.
Product Name | Fortinet FortiDDoS-2000E - DDoS Protection Appliance |
---|---|
SKU | FDD-2000E |
Manufacturer | Fortinet |
Active | No |
Service Length | No Services Included |
Data Sheet | View Sheet |