FortiDDOS Feature HIGHLIGHTS
100% Machine Learning Detection | FortiDDoS doesn’t rely on signature files that need to be updated with the latest threats so you’re protected from both known and unknown “zero-day” attacks. No “threat-protection” subscriptions required. Saves OPEX. |
Massively Parallel Architecture | Parallel architecture provides 100% packet inspection with bidirectional detection and mitigation of Layer 3, 4, and 7 DDoS attacks even at the smallest packets sizes. Get the performance you pay for. |
Continuous Attack Evaluation | Minimizes the risk of “false positive” detection by reevaluating the attack to ensure that “good” traffic isn’t disrupted. Less management time needed. |
Advanced DNS Protection | FortiDDoS provides 100% inspection of all DNS Query and Response traffic up to 12 million QPS, for protection from a broad range of DNS-based volumetric, application and anomaly attacks. DNS Reflection floods are stopped from the FIRST packet |
Advanced NTP Protection (selected models) | FortiDDoS provides 100% inspection of all NTP Query and Response traffic up to 6 million QPS. NTP Reflection floods are stopped from the FIRST packet. |
Continuous Learning | With continuous background learning and minimal configuration, FortiDDoS will automatically build normal traffic and resources behavior profiles saving you time and IT management resources. |
Autonomous Mitigation | No operator intervention required for any type or size of attack. |
Hybrid On-premise/Cloud Support | Open, documented API allows integration with third-party cloud DDoS mitigation providers for flexible deployment options and protection from large-scale DDoS attacks. |
Fortinet Security Fabric Integration | Single-pane visibility of attack mitigation and network performance reduces management and improves response time (on selected models). |
RESTful API | FortiDDoS can be integrated into almost any environment through its RESTful API |
Central Manager | FortiDDoS-CM (for B-/E-Series) is available for users with multiple geographically dispersed FortiDDoS units. One management screen for all devices with single sign-on. |
Access Control Lists
FortiDDoS is the ONLY product in the industry that supports large ACLs in hardware with no performance degradation.
While most DDoS attacks use spoofed source IP addresses, your existing Indicators of Compromise IP address and domain lists can be uploaded to FortiDDoS to offload other infrastructure.
- IP Reputation – Fortinet FortiGuard subscription
- IP/subnet Blocklist/ Allowlist
- Bulk IPv4 Blocklist Customer Upload (>1million addresses)
- Geolocation
- Enhanced BCP38 Source Address Validation/Local Address
- Anti-Spoofing (>2000 subnets) (B/E)
- Protocol, UDP, TCP, and other Protocol Fragments, DNS Fragment, L4 Port, ICMP Type/Code
- HTTP Methods, URLs, Hosts, Referrers, User Agents
- DNS Domain Reputation – Fortinet FortiGuard subscription
- (>250k Malicious Domains)
- DNS Bulk Domain Blocklist Customer Upload (>500k Domains)
- DNS Resource Record ACLs (256 RRs)
- IPv4/v6, Protocol, TCP/UDP Port, ICMP Type-Code, TCP/UDP/Other fragment ACL
- Flowspec ACL script generation
Comprehensive Reporting
- Filterable/Exportable Attack Log
- Summary Graphs and Logs for:
- Top Attacks / Top Attackers
- Top ACL Drops
- Top Attacked Subnets and IP Addresses
- Top Attacked Protocols
- Top Attacked TCP and UDP Ports
- Top Attacked ICMP Types/Codes
- Top Attacked URLs, HTTP Hosts, Referers, Cookies, UserAgents
- Top Attacked DNS Servers
- Top Attacked DNS Anomalies
- Physical Port, SPP, SPP Policy (subnet) and SPP Policy Group statistics: Mbps/pps and Drops graphing
- Custom, on-demand, on-schedule and/or on-AttackThreshold reports in multiple formats
- Millions of built-in reporting graphs for real-time and forensic analysis
Centralized Event Reporting
- SNMP v2/v3 MIB and Traps
- Email Alerts and Reports
- Open RESTful API
- Syslog support for FortiAnalyzer, FortiSIEM and third-party servers
- FortiDDoS Central Manager centralized attack log and executive summary (B/E)
Audit Trails
- Login Audit Trail
- Configuration Audit Trail
Management
- Full TLS 1.3 Management GUI
- Full CLI
- Open RESTful API (B/E)
- RADIUS, LDAP, and TACACS+ Authentication including 2FA and Proxy
- Multi-Tenant MSSP Portal (B/E)
- Central Manager for multiple FortiDDoS
- Open Cloud Mitigation Signaling