Keysight 400GE Network Cybersecurity Test Platform Validates Fortinet’s Hyperscale DDoS Defense Capabilities
- Scalable test platform generates both legitimate and malicious traffic at multi-terabit, hyperscale volumes, realistically emulating DDoS attack mitigation of carrier-grade network loads
- Facilitates the transition to 400GE and reduces costs by offering compatibility with existing infrastructure using 8x400GE test ports with fanout support to 200/100/50/40/25/10GE
- Single pane of glass management simplifies test configuration and system upgrades, reducing overall test time and system maintenance
Keysight Technologies, Inc. announces that Fortinet chose the Keysight APS-M8400 network cybersecurity test platform to validate the hyperscale distributed denial of service (DDoS) defense capabilities and carrier-grade performance of its FortiGate 4800F next-generation firewall (NGFW). The APS-M8400 is the industry’s first and highest density 8-port 400GE Quad Small Form Factor Pluggable Double Density (QSFP-DD) network security test platform.
Carrier networks, data center operators, and service providers are facing exponential growth in cyber-attacks, including DDoS attacks, which have increased by 40% in the last six months. The scope and scale of these DDoS attacks are also growing, as evidenced by the recent record-breaking Rapid Reset attack, which peaked at 398 million requests per second (RPS).
Fortinet developed the FortiGate 4800F NGFW, which is powered by 16 NP7 network processors, to help carriers, data center operators, and service providers protect their critical network infrastructure and services from hyperscale DDoS attacks and other cybersecurity threats while continuing to process multi-terabit volumes of legitimate customer traffic driven by the growing adoption of 400GE. Needing an application and security test solution powerful enough to validate the carrier-grade performance and security capabilities of the FortiGate 4800F NGFW before deploying in a live customer network, Fortinet turned to Keysight’s APS-M8400.
Using the Keysight APS-M8400, Fortinet validated the cybersecurity capabilities of the FortiGate 4800F NGFW using:
- Carrier-Grade Traffic Generation – The APS-M8400 platform generated 3 Tbps of legitimate and malicious traffic in a single test, validating the hyperscale firewall protection offered by the FortiGate 4800F, which successfully defended against an 800 Gbps layer 2-3 DDoS attack while continuing to deliver 2.2 Tbps of legitimate layer 4-7 traffic, without taxing CPU, memory usage, or system responsiveness.
- Port Density and Flexibility – Fortinet used all of the APS-M8400’s 8x400GE QSFD-DD interfaces to send traffic across all available 400GE test ports on the FortiGate 4800F. Each of the APS-M8400’s 8x400GE QSFD-DD interfaces can fan out to 200/100/50/40/25/10GE, offering Fortinet the flexibility to test multiple port configurations like the 12x200GE/100GE/40GE and up to 12x50GE/25GE/10GE test ports supported by the FortiGate 4800F.
- Hyperscale Throughput and Scalability – The APS-M8400’s extensible aggregation of compute node resources and Field-Programmable Gate Array (FPGA) resources allowed Fortinet to scale up the test bed to generate the 3 Tbps of traffic needed to test the FortiGate 4800F effectively. The APS-M8400 features a pay-as-you-grow model, enabling users to scale in multi-chassis mode to generate more than 12 Tbps of layer 4-7 traffic, 3.2 Tbps of layer 2-3 traffic, 9.6 Tbps of Transport Layer Security (TLS) traffic, 20 billion concurrent connections, and 220 million connections per second of legitimate and malicious test traffic in a single test.
- Ease of Management – APS-M8400’s intuitive, single pane of glass management allowed Fortinet to easily configure the multiple compute nodes and FPGA resources required to run a hyperscale, multi-terabit test. This reduced their overall test time and system maintenance, freeing up users to focus on other critical efforts.
John Maddison, Executive Vice President of Products and Chief Marketing Officer at Fortinet, said: “The FortiGate 4800F is the industry’s fastest compact hyperscale firewall, offering carrier-grade performance and scalability to safeguard data centers and service providers as cyberattacks continue to accelerate at an unprecedented pace. Powered by 16 of Fortinet’s custom-built seventh-generation network processors, this NGFW delivers the necessary 400GE port density, multi-terabit application throughput, and session scalability to protect customers against DDoS attacks. This is validated by Keysight’s innovative APS-M8400 8x400GE cybersecurity test platform, proving that the FortiGate 4800F delivers the hyperscale performance and real-time threat protection our customers expect.”
Ram Periakaruppan, Vice President and General Manager at Keysight Network Test and Security Solutions said: “Cybersecurity threats like DDoS attacks are continually increasing in scope, scale, and impact on their potential victims. It is vital that carriers, service providers, and data centers protect their critical infrastructure from these attacks to continue serving the hyperscale volumes of legitimate traffic that continue to grow rapidly. Keysight’s APS-8400 helps network equipment manufacturers like Fortinet validate that their solutions are up to the task, delivering carrier-grade application and cybersecurity test loads in a flexible, 8x400GE solution that can grow with their changing needs.