FortiDDos DDoS Attack Mitigation Guide - Fortinet

More documents

Recommendations

Info

A typical botnet launch pad A typical botnet launch pad Botmasters launch attacks in a way that they cannot be found easily. Bots are available for rent. And when you rent, you get a control panel similar to one shown in the diagram above. You can simply attack a chosen site using attack parameters available to you. What's common among the botnet attack packets Botnet attacks are scripted. Despite the botnet script writers' intelligence, there is a trail that is left behind in the attacks in terms of common parameters. These common parameters can be observed in a hardware logic based system such as a FortiDDoS device. These common parameters are usually visible in the application layer headers. FortiDDoS DDoS Attack Mitigation Guide 28-100-167076-20120501 16 http://docs.fortinet.com/ • Feedback
Can you do the same processing in CPU based systems? Can you do the same processing in CPU based systems? CPU based systems get overwhelmed under pressure of botnet attacks. They cannot handle the amount of onslaught that botnets create. A hardware logic based system is designed from ground-up to process every packet without losing steam. The logic processes packets in a massively parallel architecture ensuring that all blocks work together to deliver the allow/deny result quickly. Blocking botnet attack packets using FortiDDoS appliances FortiDDoS appliances are implemented using hardware logic and therefore can process all packets at line rate. They have visibility and control at layer 7 HTTP headers and can process many parameters simultaneously without slowing down. The hardware logic can monitor millions of continuously varying parameters per VID and there can be up to 8 VIDs in a system. The monitoring is associated with adaptive thresholds which are set based on your traffic and therefore if the thresholds exceed, the botnet is caught easily and blocked for a period of time configured by you. Conclusion Designing a security strategy for networked assets can be a daunting task. New threats demand new types of security elements. Traditional firewalls and content filters play an essential role in any network strategy, but neither can adequately defend against ratebased attacks such as those that are created using botnets. These systems are now available and extremely affordable, putting true zero-hour prevention within the reach of all network budgets. FortiDDoS DDoS Attack Mitigation Guide 28-100-167076-20120501 17 http://docs.fortinet.com/ • Feedback
Page 1 and 2: FortiDDoS DDoS Attack Mitigation Gu
Page 3 and 4: Table of Contents Introduction.....
Page 5 and 6: independent devices ...............
Page 7 and 8: Introduction Defining DDoS attacks
Page 9 and 10: Virus infections, botnets and distr
Page 11 and 12: Myths and realities about DDoS atta
Page 13 and 14: Anti-DDoS appliances Anti-DDoS appl
Page 15 and 16: Things to look for in Anti-DDoS equ
Page 17 and 18: Support for IPv6 will become import
Page 19 and 20: Source rate limiting Source rate li
Page 21: Botnet Attack Mitigation Overview o
Page 25 and 26: A very simple deployment Figure 4:
Page 27 and 28: Typical deployment for an internet
Page 29 and 30: DDoS and SaaS Model for E-Commerce
Page 31 and 32: Testing a Mitigation System Introdu
Page 33 and 34: Attacks to test functionality and p
Page 39 and 40: Conclusion Conclusion Spoofed ICMP
Page 41 and 42: Virtual partitioning and multiple p
Page 43 and 44: Role based management and audit tra
Page 45: Conclusion Conclusion Buying a DDoS

FortiDDos DDoS Attack Mitigation Guide - Fortinet

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?