Latest news
Fortinet announced that the Fortinet FortiGate-5140B chassis, powered by FortiGate-5101C blades, has achieved 536 Gbps of blended application and security attack traffic during an IPv6 test driven by the BreakingPoint FireStorm CTS.Testing was performed by Fortinet using five BreakingPoint FireStorm CTMs in May 2012. Each BreakingPoint FireStorm CTM test system is capable of generating 120 Gbps of stateful application traffic. The FortiGate-5140B chassis under test consisted of 14 FortiGate-5001B high-performance blades, with each blade capable of 40 Gbps firewall throughput and up to 11 million concurrent sessions per blade.
The FortiGate-5140B was put through a number of industry-standard tests for performance using IPv6 traffic. Highlights include:
Stateless UDP traffic: the type of traffic typically seen in financial trading and streaming environments, showed 536 Gbps for large (1518 byte) packets, 532 Gbps for small (64 byte) packets.
Stateful TCP traffic: seen in today’s typical enterprise environments, showed 503 Gbps for HTTP and 514 Gbps with real-world application traffic. Application traffic included Facebook, Zynga Farmville, Pandora radio, AOL Instant Messenger, Microsoft Outlook and others. The FortiGate-5140B was also able to process more than 1.4 million connections per second.
One of the challenges networks face as they migrate to IPv6 is the inability of their existing network security tools to detect threats within IPv6 traffic. This is due to legacy firewalls not implementing a ‘dual stack’ approach, in which a firewall has dual IPv4 and IPv6 protocol stacks running at the same time, to allow it to inspect the contents and enforce policies regardless of the version of the protocol used.
Instead, the limited IPv6 support these legacy tools offer means they simply forward IPv6 traffic to its destination, allowing threats hidden within IPv6 content to pass undetected.
Fortinet’s IPv6 technology has been certified compliant by the US DoD JITC since 2008, and has earned “IPv6 Ready Phase-2” compliance.
Spotlight
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
