DDoS attacks are designed to overwhelm the devices, services, and network of their intended target with fake internet traffic, thereby making them inaccessible to legitimate users or making them unusable. Below showed some common types of DDoS attack.
Types of DDoS attacks
UDP flood attack
Protocol-based (layer-3/4) attacks
SYN flood attack
Application-based (layer-7) attacks
Some tips on Fortinet and Palo Alto Firewalls to mitigate DDoS Protection :
Technical staff requires to understand the average and peak number of concurrent sessions / packets per second (PPS) that can be handled by the systems you want to protect.
Supported firewall models :
All software versions of FortiGate firewall
Recommended DDoS protection :
Based on the recommended threshold and your above figures, apply DoS policies and configure L3/4 anomalies to mitigate attacks.
DoS policies : Create DoS policy (Policy & Objects > IPv4 DoS Policy or Policy & Objects > IPv6 DoS Policy)
L3/4 anomalies :
Concurrent Sessions : For thresholds based on the number of concurrent sessions, blocking the anomaly will not allow more than the number of concurrent sessions to be set as the threshold.
Packets per second (PPS) : For rate based thresholds, where the threshold is measured in packets per second, the Block action prevents anomalous traffic from overwhelming the firewall in two ways:
continuous: Block packets once an anomaly is detected, and continue to block packets while the rate is above the threshold. This is the default setting.
periodical: After an anomaly is detected, allow the configured number of packets per second.