FortiDDos DDoS Attack Mitigation Guide - Fortinet
FortiDDos DDoS Attack Mitigation Guide - Fortinet
FortiDDos DDoS Attack Mitigation Guide - Fortinet
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
TCP random sequence, acknowledgement numbers .............................. 30<br />
TCP random window size......................................................................... 31<br />
TCP random option value ......................................................................... 31<br />
TCP random data length........................................................................... 31<br />
TCP checksum error flood........................................................................ 31<br />
IP random identification flood................................................................... 31<br />
IP random fragment flag, offset flood....................................................... 32<br />
IP random TTL flood ................................................................................. 32<br />
IP random protocol ................................................................................... 32<br />
UDP checksum error ................................................................................ 32<br />
Non-spoofed ICMP echo reply flood........................................................ 32<br />
Spoofed ICMP echo reply......................................................................... 32<br />
Un-spoofed ICMP type/code flooding...................................................... 32<br />
Spoofed ICMP random type/code flooding.............................................. 33<br />
Non-IP flooding......................................................................................... 33<br />
Conclusion...................................................................................................... 33<br />
Choosing a <strong>DDoS</strong> <strong>Mitigation</strong> System................................................... 34<br />
Introduction..................................................................................................... 34<br />
Hardware logic or software appliance............................................................ 34<br />
Customization................................................................................................. 34<br />
Virtual partitioning and multiple policies......................................................... 35<br />
Bidirectional attack mitigation ........................................................................ 35<br />
Connectivity.................................................................................................... 35<br />
Legacy <strong>DDoS</strong> attack mitigation systems........................................................ 35<br />
Network layer and application layer attacks................................................... 35<br />
Hardware redundancy .................................................................................... 36<br />
Centralized monitoring, alerts and reports ..................................................... 36<br />
Performance and capacity.............................................................................. 36<br />
Openness in specifications............................................................................ 36<br />
Field upgrades ................................................................................................ 36<br />
Role based management and audit trails....................................................... 37<br />
Performance and reputed third party validation............................................. 37<br />
Post sales support.......................................................................................... 37<br />
Customer reference is the best validation ...................................................... 37<br />
A sample matrix for solution comparison ....................................................... 37<br />
Conclusion...................................................................................................... 39<br />
Forti<strong>DDoS</strong> <strong>DDoS</strong> <strong>Attack</strong> <strong>Mitigation</strong> <strong>Guide</strong><br />
28-100-167076-20120501 vi<br />
http://docs.fortinet.com/ • Feedback