FortiDDoS – DDoS zaštita

FortiDDoS

DDoS zaštita Data Centara

FortiDDoS – DDoS zaštita

FortiDDoS  – Fortinet DDoS rješenje

 

FortiDDoS rješenja omogućuju DDoS zaštitu Data Centara i to pomoću tehnologije koja je ugrađena u svu Fortinet opremu:hardver i inteligencija s vlastitim operativnim sustavom.

FortiDDoS pruža zaštitu od svih poznatih napada  ali također i od svih zero-day napada. FortiDDoS omogućava odlične performanse u DDoS zaštiti pomoću:
  •    Identify and protect Layer 3, 4, 7 attacks 100% based on hardware
  •    DDoS detection and advanced protection against DDoS DNS attacks 100% based on behavior
  •    Available On-premise / Cloud hybrid protection
  •    Cloud Monitoring Service for visibility and monitoring of attacks
  •    Constantly assess cyber threats to minimize false positives
  •    The single-pass architecture that simultaneously simulates hundreds of thousands of parameters

Način instalacije

Inline instalacija ispred Data Centra

 

Ključne značajke i prednosti

Packet Inspection Technology

Granular Packet Inspection
Stateful Monitoring
Continuous Adaptive Rate Limiting
Heuristic Analysis
Predictive Behavioral Analysis

Multi-verification Process

Dynamic Filtering
Active Verification
Anomaly Recognition
Protocol Analysis
Rate Limiting
White List, Black List, Non-Tracked Subnets
State Anomaly Recognition
Stealth Attack Filtering
Dark Address Scan Prevention
Source Tracking
Legitimate IP Address Matching (Anti-Spoofing)

Flood Prevention Mechanisms

SYN Cookie, ACK Cookie, SYN Retransmission
Connection Limiting
Aggressive Ageing
Legitimate IP Address Matching
Source Rate Limiting
Source Tracking
Granular Rate Limiting

Layer 3 Flood Mitigation

Protocol Floods
Fragment Floods
Source Floods
Destination Floods
Dark Address Scans
Excessive TCP per Destination
Geo-location Access Control Policy (ACP)

Layer 4 Flood Mitigation

TCP Ports (all)
UDP Ports (all)
ICMP TCP/Codes (all)
Connection Flood
SYN Flood
Excessive SYN’s/Source/Second
Excessive Connection Establishments/Second
Zombie Floods
Excessive Connections per Source Flood
Excessive Connections per Destination Flood
TCP State Violation Floods

Layer 7 Flood Mitigation

Opcode Flood
HTTP URL Get Flood
User Agent Flood
Referrer Flood
Cookie Flood
Host Flood
Associated URL Access
Mandatory HTTP Header Parameters
Sequential HTTP Access
SIP Invites per Source
SIP Registers per Source
SIP Concurrent Invites per Source

IP Reputation Analysis

Dynamic IP Reputation Analysis
IP Reputation Database Updates

Management

SSL Management GUI
CLI
RESTful API

Behavioral Monitoring Metrics

Packets/Source/Second
SYN Packet/Second
Connection Establishments/Second
SYN Packets/Source/Second
Connections/Second
Concurrent Connections/Source
Concurrent Connections/Destination
Packets/Port/Second
Fragmented Packets/Second
Protocol Packets/Second
Same URL/Second
Same User-Agent/Host/Referrer/Cookie/Second
Same User-Agent, Host, Cookie, Referrer/Second
Anti-Spoofing Checks
Associated URLs Heuristics

Reporting Statistics

Top Attacks
Top Attackers
Top Attacked Subnets
Top Attacked Protocols
Top Attacked TCP Ports
Top Attacked UDP Ports
Top Attacked ICMP Type/Codes
Top Attacked URLs
Top Attacked HTTP Hosts
Top Attacked HTTP Referrers
Top Attacked HTTP Cookies
Top Attacked HTTP User-Agents

Centralized Event Reporting

GUI
SNMP
Email/Pager
Support for MRTG, Cacti

Audit and Access Trails

Login Trail
Configuration Trail Audit Trail