DDoS Protection
FortiDDoS automatically defends against known and zero-day distributed-denial-of-service attacks
Overview
FortiDDoS is an inline, purpose-built solution that protects organizations against disruptions caused by attacks that flood a target with packets and exhaust resources, causing the network, applications, or services to be unavailable to legitimate traffic. Without user intervention, FortiDDoS automatically detects and stops multiple simultaneous attacks of any size before services fail.
Features and Benefits
FortiDDoS offers advanced performance, reliability, and analysis capabilities with full autonomous mitigation to protect against disruptions.
FULLY AUTONOMOUS MITIGATION
During attacks, no user intervention is required. Also, no additional subscriptions are required
EXPANSIVE MONITORING
230,000 parameters are simultaneously monitored to stop zero-day attacks
100% PACKET INSPECTION
All mitigations take place in less than one second. No sampling
HIGH SMALL-PACKET INSPECTION
77 Mpps small-packet inspection ensures detection and network performance
ADVANCED LAYERS 4 AND 7 MITIGATION
TCP flag, DNS, NTP, DTLS, QUIC direct/reflected attacks are mitigated from the first packet
UNMATCHED UDP REFLECTION MITIGATION
More than 10,000 possible UDP Reflection ports are monitored
FortiDDoS Use Cases
INFRASTRUCTURE PROTECTION
FortiDDoS minimizes impact and maintains business continuity.
BOTNET DEFENSE
FortiDDoS blocks malicious bot activity without blocking bots, using 100% inspected small-packet rate detection capabilities.
AUTONOMOUS DDOS PROTECTION
FortiDDoS is the only completely autonomous DDoS mitigation system that requires no user or vendor NOC intervention during attacks.
FortiGuard AI-Powered Security Services
FortiGuard Labs - Fortinet’s elite cybersecurity threat intelligence and research organization comprised of experienced threat hunters, researchers, analysts, engineers, and data scientists - develops and enhances FortiGuard AI-powered Security Services as well as provides valuable expert help through FortiGuard Expert-driven Security Services.
Show All Services
Content Security
Web Security
Device Security
Application Security
SOC NOC Security
FortiGuard Domain Reputation Service
Provides a regularly updated list of known malicious fully qualified domain names (FQDNs) to prevent DNS-based attacks.
FortiGuard Anti-botnet and C2 Service
Blocks unauthorized attempts to communicate with compromised remote servers for both receiving malicious commands and extracting information.
Models and Specifications
FortiDDoS models range from entry-level virtual machines to ultra-high-end DDoS protection hardware appliances to handle larger volumetric attacks.
All FortiDDoS models offer high availability and all appliance models offer 1000BT and/or Optical Bypass to ensure network continuity.
View by:
FortiDDoS 200F
Max Inspected rates Gbps |
8 |
@ Mpps |
9 |
DNS/NTP Mitigation (Responses/s) |
>2M |
TCP Sessions |
>4M |
Time-to-Mitigate |
<1s |
Form Factor |
1U |
FortiDDoS 1500F
Max Inspected rates Gbps |
30 |
@ Mpps |
28 |
DNS/NTP Mitigation (Responses/s) |
>8M |
TCP Sessions |
>16M |
Time-to-Mitigate |
<1s |
Form Factor |
2U |
FortiDDoS 2000F
Max Inspected rates Gbps |
76 |
@ Mpps |
60 |
DNS/NTP Mitigation (Responses/s) |
>16M |
TCP Sessions |
>33M |
Time-to-Mitigate |
<1s |
Form Factor |
2U |
FortiDDoS 1500E
Max Inspected rates Gbps |
45 |
@ Mpps |
38 |
DNS/NTP Mitigation (Responses/s) |
>2/1M |
Sessions |
>12M |
Time-to-Mitigate |
<1s |
Form Factor |
2U |
FortiDDoS 2000E
Max Inspected rates Gbps |
90 |
@ Mpps |
77 |
DNS/NTP Mitigation (Responses/s) |
>2M |
Sessions |
>24M |
Time-to-Mitigate |
<1s |
Form Factor |
2U |
Please see the FortiDDoS Ordering Guide for details on deployment support.
FortiDDoS-VM04
Throughput / Mitigation |
3 Gbps / 4Mpps |
FortiDDoS-VM08
Throughput / Mitigation |
5 Gbps / 6 Mpps |
FortiDDoS-VM16
Throughput / Mitigation |
10 Gbps / 10 Mpps |
Actual performance will vary depending on underlying hardware. Performance results were observed using a bare-metal appliance with Intel(R) Xeon(R) W-3245 CPU @ 3.20GHz running VMware ESXI 7.0.0 and SR-IOV.
Training & Certifications
FortiDDoS Course
In this 1-day class, candidates will learn how to form network baseline data, and how to recognize and mitigate individual and distributed denial of service (DDoS) attacks while preserving service and network performance.
Free Product Demo
In this FortiDDoS demo you’ll be able to explore the system dashboard, intuitive GUI, global settings, and protection profiles to see for yourself how comprehensive, yet easy it is to set up thresholds address/service definitions, and access control lists. You’ll also be able to view the detailed reporting and graphing tools ranging from the Executive Dashboard to detailed drill-down reports on dropped packets.
