Keysight 400GE Network Cybersecurity Test Platform Validates Fortinet’s Hyperscale DDoS Defence Capabilities
December 2023 by Marc Jacob
Keysight Technologies, Inc. announces that Fortinet chose the Keysight APS-M8400 network cybersecurity test platform to validate the hyperscale distributed denial of service (DDoS) defence capabilities and carrier-grade performance of its FortiGate 4800F next generation firewall (NGFW). The APS-M8400 is the industry’s first and highest density 8-port 400GE Quad Small Form Factor Pluggable Double Density (QSFP-DD) network security test platform.
Carrier networks, data centre operators and service providers are facing exponential growth in cyber-attacks, including DDoS attacks, which have increased by 40% in the last 6 months. The scope and scale of these DDoS attacks are also increasing, as evidenced by the recent, record-breaking Rapid Reset attack which peaked at 398 million requests per second (RPS).
Fortinet developed the powerful FortiGate 4800F NGFW to help carriers, data centre operators, and service providers protect their critical network infrastructure and services from hyperscale DDoS attacks and other cybersecurity threats while continuing to process multi-terabit volumes of legitimate customer traffic driven by the growing adoption of 400GE. Needing an application and security test solution powerful enough to validate the carrier-grade performance and security capabilities of the FortiGate 4800F NGFW prior to deploying in a live customer network, Fortinet turned to Keysight’s APS-M8400.
Using the Keysight APS-M8400, Fortinet validated the cybersecurity capabilities of the FortiGate 4800F NGFW using:
• Carrier-Grade Traffic Generation – The APS-M8400 platform generated 3 Tbps of legitimate and malicious traffic in a single test, validating the hyperscale firewall protection offered by the Fortigate 4800F, which successfully defended against an 800 Gbps layer 2-3 DDoS attack while continuing to deliver 2.2 Tbps of legitimate layer 4-7 traffic, without taxing CPU, memory usage, or system responsiveness.
• Port Density and Flexibility – Fortinet used all of the APS-M8400’s 8x400GE QSFD-DD interfaces to send traffic across all available 400GE test ports on the FortiGate 4800F. Each of the APS-M8400’s 8x400GE QSFD-DD interfaces can fan out to 200/100/50/40/25/10GE, offering Fortinet the flexibility to test multiple port configurations like the 12x200GE/100GE/40GE and up to 12x50GE/25GE/10GE test ports supported by the Fortigate 4800F.
• Hyperscale Throughput and Scalability – The APS-M8400’s extensible aggregation of compute node resources and Field-Programmable Gate Array (FPGA) resources allowed Fortinet to scale up the test bed to generate the 3 Tbps of traffic needed to effectively test the Fortigate 4800F. The APS-M8400 features a pay-as-you-grow model, enabling users to scale in multi-chassis mode to generate more than 12 Tbps of layer 4-7 traffic, 3.2 Tbps of layer 2-3 traffic, 9.6 Tbps of Transport Layer Security (TLS) traffic, 20 billion concurrent connections, and 220 million connections per second of legitimate and malicious test traffic in a single test.
• Ease of Management – APS-M8400’s intuitive, single pane of glass management allowed Fortinet to simply and easily configure the multiple compute node and FPGA resources required to run a hyperscale, multi terabit test. This reduced their overall test time and system maintenance, freeing up users to focus on other critical efforts.