Fortinet (FTNT) is working to make network security even more ironclad with the introduction of four new distributed denial of service (DDoS) appliances. The security vendor's latest technology aims to detect and prevent DDoS attacks by utilizing a new single-path custom ASIC for performance increases of up to 10 times the speed of competing DDoS mitigation appliances, according to the company.
The new FortiDDoS 400B, 800B, 1000B and 2000B utilize behavior-based attack mitigation engines to identify and mitigate current and future threats based on patterns and intent rather than content, the company said. The new engines will allow each appliance to detect and block attacks quickly by dynamically monitoring trends.
“The adaptive, behavior-based attack monitoring introduced in today’s models automatically identifies any type of DDoS attack, including zero-days, and almost immediately takes action to mitigate it,” said John Maddison, vice president of Marketing for Fortinet, in a statement.
Fortinet's technology utilizes a 100 percent custom ASIC approach to its DDoS products, which eliminates the overhead with CPU or CPU/ASIC hybrid systems, the company noted. Other vendors use a combination of ASIC and CPU or total CPU for traffic, which can lead to bottlenecks and slow down the system's performance.
Another feature of the new FortiDDoS appliances is the ability to protect against known attacks and zero-day attacks instantaneously, since the system doesn’t need to wait for signature files to be updated.
“Despite the best efforts by ISPs to defend against DDoS threats, residual and application layer attacks are still able to bring down services in an Internet data center,” said Hemant Jain, vice president of Engineering for Fortinet. “Fortinet now provides DDoS attack mitigation with up to 24Gbps of full duplex throughput in the data center to ensure that critical services are always available.”