SCCyberworld

Monday, January 14, 2013

Fortinet Launches Network Security Solution Suite with New Dedicated Distributed Denial of Service (DDoS) Protection Solutions in Malaysia


Family of High Performance Appliances Helps Today’s Enterprises Defend Against DDoS Attacks 

Malaysia – January 10, 2013 - Fortinet, a world leader in high-performance network security, today announced the FortiDDoS product family for enterprises, Web hosting and cloud service providers in Malaysia. The new FortiDDoS-100A, FortiDDoS-200A and FortiDDoS-300A are dedicated appliances that are designed to detect and help protect against today’s most damaging and sophisticated DDoS attacks. The appliances feature custom ASICs that are capable of mitigating DDoS attacks while maintaining incredibly-low latency (less than 26 microseconds), preventing loss of availability to critical systems, servers and applications.

“This launch is significant because as systems become more inter connected, the need for greater network protection against targeted DDoS attacks become more pronounced,” said Dato' Sri George Chang, Fortinet's Regional Director for Southeast Asia & Hong Kong.   “This specialized protection ensures customer confidence and decreases the liability of Malaysian enterprises in the long term.”

Providing granular real-time network traffic visibility and automatic protection against targeted DDoS attacks, the FortiDDoS appliances will be the only solution on the market that supports network virtualization and automatic and continuous traffic baselining. Network virtualization helps prevent attacks on one segment of the network from affecting other segments, thereby preserving availability in virtualized environments of datacenters and cloud-based service providers. The automatic traffic baseline model building is also unique, enabling the FortiDDoS products to build a network behavior model initially and adaptively update it continuously with practically no end-user intervention, resulting in significantly reduced administrative overhead.

“DDoS attacks aren’t just an annoyance and minor inconvenience, they are a serious problem that could cause significant liability to businesses today,” said Michael Xie, chief technology officer and vice president of engineering at Fortinet. “The damage from a DDoS attack can include loss of revenue, loss of customer confidence, loss of brand equity and potentially huge legal liabilities. A FortiDDoS appliance installed in front of a network infrastructure can act as a shield against DDoS attacks.”

FortiDDoS appliances are easy to deploy and manage, and are designed to recognize today’s attack vectors and deliver hardware-accelerated performance to block attacks quickly.

“Fortinet appliances’ support of virtual instances is a valuable feature,” said Michael Suby, Stratecast vice president of research at Frost and Sullivan. “This feature is not only beneficial in supporting multiple layers of defense but also is a cost containment and administration-friendly feature for organizations that have multiple Web properties to protect, and need unique policies for each. Virtual instances can also be effectively used in defense escalation. Rather than have a single set of policies, multiple policy sets can be defined in advance, such that the organization can apply a more stringent set of policies if the preceding policies were inadequate.”

Hacktivism via botnets and network testing applications has increased significantly in the last year, which has led to an increase in volumetric and application layer attacks. These attacks bring down sites by filling up Internet pipes and overloading application servers. As businesses consume more software as a service (SaaS) offerings and other public cloud-based services, DDoS attacks have become a serious concern for CIOs and CSOs whether they are moving to the cloud or keeping their systems and data on-premise.

The most common motivations for DDoS attacks today are either financial or political. Financially motivated attackers seek to extort funds from sites by launching an initial attack and demanding payment to avoid future attacks. Politically motivated attackers launch an attack in response to an organization’s policies by disrupting the victim’s business operations. Regardless of the motive, any downtime affects not only a victim organization’s customers, partners and employees, but can damage its brand and credibility as well.

FortiDDoS Highlights
All FortiDDoS appliances feature eight virtualized network partitions with independent protection policies for virtualized environments, automatic traffic profiling and rate limiting context-aware policy enforcement for maximum effectiveness. They also provide real-time and historic attacking traffic analysis that delivers unmatched granular visibility on top attacks, top sources and top attackers. The FortiDDoS family will also utilize an innovative design that eliminates a common performance bottleneck by ensuring there is no CPU or operating system in the path of the packets.

• The FortiDDoS-100A features 1 Gbps full-duplex anti-DDoS throughput, four 1GbpsRJ-45 copper and SFP ports for LAN and WAN connectivity and one terabyte of storage. This model can be used to protect 2 Internet links.
• The FortiDDoS-200A features 2Gbps full-duplex anti-DDoS throughput, eight 1Gbps RJ-45 copper and SFP ports for LAN and WAN connectivity, a redundant power supply and two terabytes of RAID storage. This model can be used to protect up to 4 Internet links.

• The FortiDDoS-300A features 3Gbps full-duplex anti-DDoS throughput, twelve 1Gbps RJ-45 Copper and SFP ports for LAN and WAN connectivity, a redundant power supply and two terabytes of RAID storage. This model can be used to protect up to 6 Internet links.

Availability
The FortiDDoS-100A, FortiDDoS-200A and FortiDDoS-300A are available immediately.


Fortinet引入全新专用分散式阻断服务攻击防护产品扩大网路安全解决方案系列

高性能设备系列协助现今企业防御分散式阻断服务(DDos)攻击

马来西亚 –2013年1月10日 - 全球高效能网路安全领导厂商Fortinet宣布推出全新的系列产品 FortiDDoS ,首批推出包括 FortiDDoS-100A 、FortiDDoS-200A 和 FortiDDoS-300A ,能协助企业、网页代管和云端服务业者,并抵御目前最危险复杂的分布式阻断服务攻击 (DDS)。这些设备配置专属的 ASIC 芯片,不仅能减缓 DDoS 的攻击,同时亦能维持低延迟性(少于26微秒),让重要的系统、服务器和应用程序永续运转。

“此次发布非常重要,由于系统变得更互相联系,针对性的DDos攻击就更加需要更大的网络保护。”Fortinet东南亚及香港区域总监拿督斯里George Chang表示。“这项特殊的保护能确保客户的信心及长期内减少马来西亚企业的担当。”

FortiDDoS 提供精细的网络流量实时检视与 DDoS 攻击的自动防护,为目前唯一同时支持网络虚拟化,以及连续自动的流量基准化功能的解决方案。网络虚拟化能防止攻击从一个网络区段蔓延至其它区段,因此能维系数据中心或云端服务供货商在虚拟环境的可用性。流量基准化模型的自动设立也是独特功能,能让 FortiDDoS 设立初始的网络行为模型,然后适时地持续更新,几乎不需要使用者介入,因此能显著降低经常性的管理费用。

Fortinet首席技术总监兼工程部副总裁Michael Xie说道:“DDos攻击不仅造成问题和不便,亦促使现今企业需要正视和处理的难题。”他表示:“DDos攻击除了会导致收入和品牌资产损失,以及失去客户的信任外,亦为企业带来潜在巨大的法律责任。安置于网路基础架构前线的FortiDDos,能够有效抵御DDos攻击。

FortiDDos设备易于部署和管理,能够辨识现今攻击走向及流量,提供硬件加速效能,并快速阻止攻击。

“Fortinet设备其中一个很重要的功能,就是对虚拟环境提供支援。”Frost & Sullivan旗下Stratecast专案研究总监Michael Suby表示。“此功能不但有利于支援多层防御,更为需要保护多种网页内容涉及独立政策,减低企业成本,方便管理。机构与虚拟环境下,除了可有效做出防御升级外,若先前的政策有不足之处,更可调较其单一政策,以使用一套更加严格的规条,让多个政策能够尽早作出修订。”

过去几年,透过殭尸网络和网络测试程序,黑客行动主义(Hacktivism)的活动已显著增加,特别是消耗容量与锁定应用层的攻击。这些攻击能藉由塞爆网络信道,以及使应用服务器超载的方式,来让网站瘫痪停机。随着企业使用软件服务与公有云服务的日渐普及, DDoS 的攻击已成为企业 CIO 与安全主管格外忧心的问题,不论他们是否采用云端,或是就地部署自己的系统。

目前发动 DDoS 最普遍的动机,不是财务上的,就是与政治有关。动机与金钱财务有关的攻击者,会先发动首波攻击,并藉此敲诈网站,以赎款来交换中止后续的攻击。与政治动机有关的攻击者,通常会发动攻击扰乱受害者的日常运作,以响应某企业或组织的政策。然而无论动机为何,任何网站或系统的停机都不只对受害企业的客户、伙伴和员工有所影响,也会损及品牌和信誉。

FortiDDos的特点
所有的 FortiDDoS 皆能支持达8个虚拟网络区,并有独立的防护政策针对虚拟环境、自动使用分析,以及速率限制的关联感知(context-aware)政策的执行,来达到最大的效益。它们同时也能提供实时与过往攻击的使用分析,让排行前位的攻击、资源与攻击者信息,能以无可比拟的可视化方式精细地呈现。 FortiDDoS 系列产品拥有一项创新的设计,能藉由确保处理器与操作系统不在封包的路径上,来消弭常见的效能瓶颈。

• FortiDDoS-100A 拥有1Gbps全双工抵御 DDoS 的处理效能,四个1Gbps RJ-45 与SFP埠连接区网与广域网路,以及1TB的储存容量。此机型可以用来保护两个因特网联机。

• FortiDDoS-200A 具备2Gbps全双工抵御 DDoS 的处理效能,八个1 Gbps RJ-45和 SFP 埠连接区网与广域网路,一个备援电源供应器和2TB的磁盘阵列。此机型并可用来保护四个因特网联机。

• FortiDDoS-300A 配置3Gbps全双工抵御 DDoS 的处理效能,12个1 Gbps RJ-45和SFP埠连接区网与广域网路,一个备援电源供应器和2TB的磁盘阵列。此机型可用来保护六个因特网联机。

推出日期
FortiDDoS-100A、 FortiDDoS-200A 及 FortiDDoS-300A 计划于尽早供应。

No comments: