DDoS attacks are designed to overwhelm the devices, services, and network of their intended target with fake internet traffic, thereby making them inaccessible to legitimate users or making them unusable. Below showed some common types of DDoS attack.
Types of DDoS attacks
Example
Volume-based attacks
UDP flood attack
Protocol-based (layer-3/4) attacks
SYN flood attack
Application-based (layer-7) attacks
Slowloris attack
Some tips on Fortinet and Palo Alto Firewalls to mitigate DDoS Protection :
A. Fortinet
Prerequisites :
Technical staff requires to understand the average and peak number of concurrent sessions / packets per second (PPS) that can be handled by the systems you want to protect.
Supported firewall models :
All software versions of FortiGate firewall
Recommended DDoS protection :
Based on the recommended threshold and your above figures, apply DoS policies and configure L3/4 anomalies to mitigate attacks.
DoS policies : Create DoS policy (Policy & Objects > IPv4 DoS Policy or Policy & Objects > IPv6 DoS Policy)
L3/4 anomalies :
Concurrent Sessions : For thresholds based on the number of concurrent sessions, blocking the anomaly will not allow more than the number of concurrent sessions to be set as the threshold.
Packets per second (PPS) : For rate based thresholds, where the threshold is measured in packets per second, the Block action prevents anomalous traffic from overwhelming the firewall in two ways:
continuous: Block packets once an anomaly is detected, and continue to block packets while the rate is above the threshold. This is the default setting.
periodical: After an anomaly is detected, allow the configured number of packets per second.
Technical staff requires to understand the average and peak baseline connections-per-second (CPS) of the critical servers and zones you want to protect.
Supported firewall models :
PA-5220, PA-5250 and PA-7000 series hardware firewall
Recommended DDoS protection :
Based on your above figures, apply DoS and Zone Protection and enable Packet Buffer Protection to mitigate attacks.
Zone Protection : Create Zone Protection profiles (Network > Network Profiles > Zone Protection) and apply them to defend each zone.
DoS Protection : Consists of DoS protection policy rules and DoS protection profiles
DoS Protection policy rules (Policies > DoS Protection), which specify the devices, users, zones, and services that define the traffic you want to protect from DoS attacks.
DoS Protection profiles (Objects > Security Profiles > DoS Protection), which set flood thresholds for different types of traffic. Then add a DoS Protection profile to a DoS Protection policy rule.
Packet Buffer Protection : Enable Packet Buffer Protection globally to protect the firewall buffers from single-session DoS attacks
This website uses Cookies, including Cookies from Google Analytics, to ensure you get the best browsing experience. If you “Continue” to use this site, you consent to the use of Cookies. Read more about Cookies
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.