In this 1-day class, candidates will learn how to form network baseline data, and how to recognize and mitigate individual and distributed denial of service (DDoS) attacks while preserving service and network performance.
In interactive labs, candidates will deploy FortiDDoS to learn about normal network traffic patterns. Then you will simulate attacks, observe the defense, and adjust the automatically estimated behavior.
With a focus on core feature skills, topics also include network behavior analysis and ASIC chips.
After completing this course, candidates will be able to:
- Train FortiDDoS to recognize their unique network patterns
- Choose the right FortiDDoS model
- Defend against both volumetric and mechanistic DDoS attacks
- Mitigate SYN floods
- Detect connections from proxies
- Inspect HTTP traffic on non-standard ports
- Deploy FortiDDoS to protect both network appliances and servers
- Describe how the blocking periods and penalty factors intelligently determine which packets will be dropped after an attack has been detected
- Implement bypass or a high availability FortiDDoS cluster for maximum service uptime
- Understand when to use detection and prevention modes
- Whitelist safe clients or servers
- Characterize different types of attacks by using logs and statistics graphs
- Troubleshoot incorrect threshold levels
- Introduction and Deployment
- Initial Configuration
- Monitoring and Reporting
- Global Settings
- Service Protection Profiles
Anyone who is responsible for day-to-day management of a FortiDDoS appliance.
- Knowledge of TCP, UDP, ICMP, and HTTP protocols
- Knowledge of network security