Help
FortiDDoS
FortiDDoS protects from both known and zero day attacks with very low latency. It’s easy to deploy and manage, and includes comprehensive reporting and analysis tools.
cbenejean
Staff
Staff

Created on ‎01-29-2018 01:06 AM

Article Id 196421

Technical Note: Most Active Source graph

Description
There are more packets/sec reported for the Most Active Source graph compared to what the FortiDDoS is actually receiving/sending for that source and also compared to other graphs.

Scope
All FortiDDoS.

Solution
For TCP and DNS traffic, the MAS will add up both directions.  Wherever a session is detected it is associated with both inbound and outbound traffic to its source for Most Active Source.  This is to catch the offending sources in a faster way.  Since this client creates the session, the source can be identified and punished more rapidly.

Labels:
489
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.