FortiDDOS
Protectie avansata DDoS pentru Enterprise Data Centers
DDoS Protection – FortiDDoS
Ce este FortiDDoS, solutia Fortinet DDoS
Solutia de protectie DDoS, impotriva atacurilor de DDoS de la Fortinet ofera o protectie eficienta datorita tehnologiei incorporate in toate echipamentele Fortinet: procesare hardware si inteligenta in sistemul de operare proprietar. Atacurile DDoS pot fi prevenite folosind echipamentele de protectie DDoS FortiDDoS.
FortiDDoS ofera protectie atat impotriva atacurilor cunoscute cat si impotriva atacurilor zero-day cu latenta foarte mica. Instalarea si administrarea sunt usoare, si in plus, include tool-uri cuprinzatoare de raportare si analiza. FortiDDoS obtine performante rapide superioare de protectie DDoS folosindu-se de:
- Identificare si protectie de atacuri Layer 3, 4, 7 bazate 100% pe hardware
- Detectie DDoS si protectie avansata impotriva atacurilor DDoS de DNS bazate 100% pe comportament
- Protectie disponibila in mod hibrid On-premise/Cloud
- Serviciul de “Cloud Monitoring Service” pentru vizibilitate si monitorizare a atacurilor
- Evaluare constanta a amenintarilor cibernetice pentru a minimiza numarul de detectii fals pozitive
- Arhitectura specifica de tip “Single-pass” ce monitroizeaza simultan sute de mii de parametrii
Functionalitati cheie si beneficii
- 100% Behavioral-based Detection 100% Hardware-based DDoS Protection Continuous Attack Evaluation
- Advanced DNS Protection
- Automated Learning Process
- Hybrid On-premise/Cloud Support
- Cloud Monitoring Service
FORTIDDOS Functionalitati
- FortiDDoS nu se bazeaza pe semnaturile fisierelor ce trebuie sa fie updatate impreuna cu ultimele pericole, asadar sunteti protejat atat impotriva atacurilor de tip zero-day cunoscute cat si necunoscute.
- Procesorul de tranzactie SPU-TP2 ofera un procent de 100% de inspectie a pachetelor cu detectie si aparare bi-directionala pentru nivelele 3, 4 si 7 impotriva atacurilor DDoS pentru o performanta de top in industrie.
- Minimizeaza riscul detectiei unui “false positive” prin reevaluarea atacului pentru a asigura ca traficul relevant nu este interupt.
- FortiDDoS ofera 100% inspectie a traficului DNS pentru protectia impotriva unei game largi de atacuri bazate pe anomali, aplicatii si atacuri DNS la scara larga.
- Cu configurare minima, FortiDDoS va construi automat profile de comportament al traficului normal si al resurselor pentru ca dumneavoastra sa castigati timp si resurse potential pierdute pe administrare.
- Open API permite integrarea cu provideri Cloud third-party de protectie DDoSpentru optiuni de instalare flexibile si protectie impotriva atacurilor DDoS de mari amplitudini.
- Monitorizeaza statusul serverelor din 10 locatii aflate in cloud, legatura la retelele atat inbound cat si outbound de la nenumarate site-uri private. Integreaza in mod unic raportare a status-ului serviciilor inbound si outbound, fie din cloud, fie private.
Modele: FortiDDoS 200B, 400B, 600B, 800B, 900B, 1000B, 1000B-DC si 1200B
Functionalitati FortiDDoS
Packet Inspection Technology
- Granular Packet Inspection
- Stateful Monitoring
- Continuous Adaptive Rate Limiting
- Heuristic Analysis
- Predictive Behavioral Analysis
Multi-verification Process
- Dynamic Filtering
- Active Verification
- Anomaly Recognition
- Protocol Analysis
- Rate Limiting
- White List, Black List, Non-Tracked Subnets
- State Anomaly Recognition
- Stealth Attack Filtering
- Dark Address Scan Prevention
- Source Tracking
- Legitimate IP Address Matching (Anti-Spoofing)
Flood Prevention Mechanisms
- SYN Cookie, ACK Cookie, SYN Retransmission
- Connection Limiting
- Aggressive Ageing
- Legitimate IP Address Matching
- Source Rate Limiting
- Source Tracking
- Granular Rate Limiting
Layer 3 Flood Mitigation
- Protocol Floods
- Fragment Floods
- Source Floods
- Destination Floods
- Dark Address Scans
- Excessive TCP per Destination
- Geo-location Access Control Policy (ACP)
Layer 4 Flood Mitigation
- TCP Ports (all)
- UDP Ports (all)
- ICMP TCP/Codes (all)
- Connection Flood
- SYN Flood
- Excessive SYN’s/Source/Second
- Excessive Connection Establishments/Second
- Zombie Floods
- Excessive Connections per Source Flood
- Excessive Connections per Destination Flood
- TCP State Violation Floods
Layer 7 Flood Mitigation
- Opcode Flood
- HTTP URL Get Flood
- User Agent Flood
- Referrer Flood
- Cookie Flood
- Host Flood
- Associated URL Access
- Mandatory HTTP Header Parameters
- Sequential HTTP Access
- SIP Invites per Source
- SIP Registers per Source
- SIP Concurrent Invites per Source
IP Reputation Analysis
- Dynamic IP Reputation Analysis
- IP Reputation Database Updates
Management
- SSL Management GUI
- CLI
- RESTful API
Behavioral Monitoring Metrics
- Packets/Source/Second
- SYN Packet/Second
- Connection Establishments/Second
- SYN Packets/Source/Second
- Connections/Second
- Concurrent Connections/Source
- Concurrent Connections/Destination
- Packets/Port/Second
- Fragmented Packets/Second
- Protocol Packets/Second
- Same URL/Second
- Same User-Agent/Host/Referrer/Cookie/Second
- Same User-Agent, Host, Cookie, Referrer/Second
- Anti-Spoofing Checks
- Associated URLs Heuristics
Reporting Statistics
- Top Attacks
- Top Attackers
- Top Attacked Subnets
- Top Attacked Protocols
- Top Attacked TCP Ports
- Top Attacked UDP Ports
- Top Attacked ICMP Type/Codes
- Top Attacked URLs
- Top Attacked HTTP Hosts
- Top Attacked HTTP Referrers
- Top Attacked HTTP Cookies
- Top Attacked HTTP User-Agents
Centralized Event Reporting
- GUI
- SNMP
- Email/Pager
- Support for MRTG, Cacti
Audit and Access Trails
- Login Trail
- Configuration Trail Audit Trail