Fortinet unveils new appliances for DDoS attacks 

The appliances come with a new 100 per cent behaviour-based DDoS attack mitigation engine and a single-path custom ASIC. They are designed to detect more types of attacks, with up to 10 times the performance speed of typical DDoS mitigation appliance.

“Despite the best efforts by ISPs to defend against DDoS threats, residual and application layer attacks are still able to bring down services in an Internet data center,” said Hemant Jain, VP, engineering, Fortinet. “Fortinet now provides DDoS attack mitigation with up to 24 Gbps of full duplex throughput in the data center to ensure that critical services are always available.”

The appliances are able to dynamically monitor trends, as they do not require signatures, and the ASICs enable the appliances to continually reevaluate threats.

FortiDDoS assigns all of its traffic to the ASIC instead of the CPU, which leads to improved system performance. It establishes a standard of normal application behaviour, and then monitors traffic against it to pinpoint anomalies. It also rates inbound traffic, marking some IP addresses as “good” and quarantining the rest for further evaluation.

“We’ve dramatically improved the way we identify DDoS attack types since we released our first appliances in 2012. The adaptive, behavior-based attack monitoring introduced in today’s models automatically identifies any type of DDoS attack, including zero-days, and almost immediately takes action to mitigate it,” said John Maddison, VP, marketing, Fortinet. “What’s more, we’re able to offer this class-leading performance at less than half the cost of our closest competitors.”