How effective is the DDoS feature in FortiGates?

Forum|Forum|1 year ago
March 4, 2025
1 reply
900 views

I understand the point of a NGFW is to consolidat a stack of security appliances into one. But isn't the fiewall itself subject to DDoS attacks - esp since it doesn't act in stealth mode? Wouldn't it be best practice to have either a cloud based DDoS service or a dedicated and stealthed DDoS security appliance like FortiDDoS infront of the gateway firewall?

FortiGate

AEK

SuperUser

FortiGate/FortiOS is not immunized against DDoS (Distributed DoS). It can however block DoS attacks.

DDoS are by definition not detectable by a simple equipment like FGT, FWB or any other server.

As per my knowledge DDoS need some cooperation between ISPs. So I think the correct way to prevent DDoS attacks is to purchase the service from your ISP (if it is not already included in your package).

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded