Fortinet DDoS Solution

In this course, you will learn how to form network baseline data, and how to recognize and mitigate individual and distributed denial of service (DDoS) attacks while preserving service and network performance.

Objectives After completing these courses, you will be able to

• Train your Forti DDoS to recognize your unique network patterns

• Choose the right Forti DDoS model

• Distinguish a DDoS from a rush of Reddit traffic or a successful Thursday marketing campaign

• Defend against both volumetric and mechanistic DDoS attacks

• Mitigate SYN floods

• Handle attacks from dynamic or Tor-masked IPs by Forti Guard IP reputation and aging data

• Detect connections from proxies

• Inspect HTTP traffic on non-standard ports

• Deploy to protect both network appliances and servers

• Describe how the blocking periods and penalty factors intelligently determine which packets will be dropped after an attack has been detected

• Implement bypass or a high availability Forti DDoS cluster for maximum service uptime

• Understand when to use Detection vs. Prevention mode

• Create "Do Not Track" policies

• Whitelist "safe" clients or servers

• Characterize different types of attacks by using logs and statistics graphs

• Troubleshoot incorrect thresholds