MSP Today Expert Feature
March 10, 2014

Fortinet Offers 4 New DDoS Appliances for MSPs, Data Center Managers

Fortinet (News - Alert) has announced four new appliances geared toward managed service providers (MSPs), as well as data center managers and system architects at mid-to-large enterprises. The company has added the new offerings to its Distributed Denial of Service (DDoS) product family to help detect and protect against sophisticated DDoS attacks.

The new offerings include the FortiDDoS-400B, FortiDDoS-800B, FortiDDoS-1000B and FortiDDoS-2000B and each has Fortinet’s 100 percent behavior-based DDoS attack mitigation engine integrated. This is combined with a new, single-path custom ASIC for detecting and mitigating attacks.

The new features enable the products to detect more types of attacks as well as perform faster than average DDoS mitigation appliances. The behavior-based attack detection lets the product family identify and mitigate both current and future threats based on patterns and intent instead of content. This lets the appliances dynamically monitor trends to protect against zero-day attacks instead of waiting for a signature file to be updated, since no signatures are required. Attacks are also continuously reevaluated, reducing the impact of false positives if traffic patterns should return to normal.

The global market for DDoS prevention appliances is expected to grow by double digits this year, according to Infonetics (News - Alert) Research. The research firm estimates the data center segment comprises the largest market for DDoS mitigation offerings, making offerings geared toward that space and MSPs, like Fortinet’s new product family, in high demand.

“DDoS prevention appliances are the first line of defense against brute-force attacks like those we saw aimed at U.S. financial institutions last September, and most service providers and large enterprises are investing heavily in them,” said Jeff Wilson, principal analyst for security at Infonetics Research (News - Alert). “With the number, size and coverage of DDoS attacks on the rise, we expect revenue for DDoS prevention solutions to grow in the healthy double digits through 2014.”

"We've dramatically improved the way we identify DDoS attack types since we released our first appliances in 2012,” said John Maddison, vice president of marketing for Fortinet. “The adaptive, behavior-based attack monitoring introduced in today's models automatically identifies any type of DDoS attack, including zero-days, and almost immediately takes action to mitigate it."

"Despite the best efforts by ISPs to defend against DDoS threats, residual and application layer attacks are still able to bring down services in an Internet data center," added Hemant Jain, vice president of engineering for Fortinet. "Fortinet now provides DDoS attack mitigation with up to 24 Gbps of full duplex throughput in the data center to ensure that critical services are always available."

The FortiDDoS product family works by building a baseline of normal application activity, and then monitoring traffic against it. If attacks begin, the appliance immediately takes action to mitigate them using a surgical bi-direction approach. This means that normal inbound and outbound traffic is monitored and then the appliances use a reputation scoring system to rate IP addresses as good or as participating in an attack. Offending IP addresses are temporarily blocked and repeatedly reevaluated.

Edited by Alisen Downey