Industrial Electronics

Keysight 400GE network cybersecurity test platform validates Fortinet’s Hyperscale DDoS defense capabilities

22 December 2023

Fortinet chose the APS-M8400 network cybersecurity test platform from Keysight Technologies, Inc. to validate the hyperscale distributed denial of service (DDoS) defense capabilities and carrier-grade performance of its FortiGate 4800F next generation firewall (NGFW). The APS-M8400 is the industry's first and highest density 8-port 400GE Quad Small Form Factor Pluggable Double Density (QSFP-DD) network security test platform.

Carrier networks, data center operators and service providers are facing exponential growth in cyber-attacks, including DDoS attacks, which have increased by 40% in the last 6 months. The scope and scale of these DDoS attacks are also increasing, as evidenced by the recent, record-breaking Rapid Reset attackThe Keysight APS-M8400. Source: Keysight Technologies, Inc.The Keysight APS-M8400. Source: Keysight Technologies, Inc. which peaked at 398 million requests per second (RPS).

Fortinet developed the FortiGate 4800F NGFW, which is powered by 16 NP7 network processors, to help carriers, data center operators and service providers protect their critical network infrastructure and services from hyperscale DDoS attacks and other cybersecurity threats while continuing to process multi-terabit volumes of legitimate customer traffic driven by the growing adoption of 400GE. Needing an application and security test solution powerful enough to validate the carrier-grade performance and security capabilities of the FortiGate 4800F NGFW prior to deploying in a live customer network, Fortinet turned to Keysight's APS-M8400.

Using the Keysight APS-M8400, Fortinet validated the cybersecurity capabilities of the FortiGate 4800F NGFW using:

  • Carrier-grade traffic generation — The APS-M8400 platform generated 3 Tbps of legitimate and malicious traffic in a single test, validating the hyperscale firewall protection offered by the FortiGate 4800F, which successfully defended against an 800 Gbps layer 2-3 DDoS attack while continuing to deliver 2.2 Tbps of legitimate layer 4-7 traffic, without taxing CPU, memory usage, or system responsiveness.
  • Port density and flexibility — Fortinet used all of the APS-M8400's 8x400GE QSFD-DD interfaces to send traffic across all available 400GE test ports on the FortiGate 4800F. Each of the APS-M8400's 8x400GE QSFD-DD interfaces can fan out to 200/100/50/40/25/10GE, offering Fortinet the flexibility to test multiple port configurations like the 12x200GE/100GE/40GE and up to 12x50GE/25GE/10GE test ports supported by the FortiGate 4800F.
  • Hyperscale throughput and scalability — The APS-M8400's extensible aggregation of compute node resources and Field-Programmable Gate Array (FPGA) resources allowed Fortinet to scale up the test bed to generate the 3 Tbps of traffic needed to effectively test the FortiGate 4800F. The APS-M8400 features a pay-as-you-grow model, enabling users to scale in multi-chassis mode to generate more than 12 Tbps of layer 4-7 traffic, 3.2 Tbps of layer 2-3 traffic, 9.6 Tbps of Transport Layer Security (TLS) traffic, 20 billion concurrent connections, and 220 million connections per second of legitimate and malicious test traffic in a single test.
  • Ease of management — APS-M8400's intuitive, single pane of glass management allowed Fortinet to simply and easily configure the multiple compute node and FPGA resources required to run a hyperscale, multi terabit test. This reduced their overall test time and system maintenance, freeing up users to focus on other critical efforts.
To contact the author of this article, email GlobalSpecEditors@globalspec.com


Powered by CR4, the Engineering Community

Discussion – 0 comments

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Engineering Newsletter Signup
Get the GlobalSpec
Stay up to date on:
Features the top stories, latest news, charts, insights and more on the end-to-end electronics value chain.
Advertisement
Weekly Newsletter
Get news, research, and analysis
on the Electronics industry in your
inbox every week - for FREE
Sign up for our FREE eNewsletter
Advertisement