Fortinet NSE 6 – FortiDDoS
Learn how to form network baseline data, and how to recognize and mitigate individual and distributed denial of service (DDoS) attacks while preserving service and network performance.
With a focus on core feature skills, topics also include network behavior analysis and ASIC chips.
Who needs to attend?
Anyone who is responsible for deployment and day-to-day management of a FortiDDoS appliance.
What you will learn
After completing this course, you will be able to:
- Train your FortiDDoS to recognize your unique network patterns
- Choose the right FortiDDoS model
- Distinguish a DDoS from a rush of Reddit traffic on a successful Thursday marketing campaign
- Defend against both volumetric and mechanistic DDoS attacks
- Mitigate SYN floods
- Handle attacks from dynamic or Tor-masked IPs by FortiGuard IP Reputation and aging data
- Detect connections from proxies
- Inspect HTTP traffic on non-standard ports
- Deploy to protect both network appliances and servers
- Describe how the blocking periods and penalty factors intelligently determine which packets will be dropped after an attack has been detected
- Implement bypass or high availability FortiDDoS cluster for maximum service uptime
- Understand when to use Detection vs. Prevention mode
- Create “Do Not Track” policies
- Whitelist “safe” clients and servers
- Characterize different types of attacks by using logs and statistics graphs.
- Troubleshoot incorrect thresholds
- Knowledge of TCP, UDP, ICMP, and HTTP protocols
- Knowledge of network security
There are no follow-ons for this course.
There are no certifications associated with this course.