Category Archives: Cybersecurity

Cybersecurity, News

EfficientEther Ltd Secures Cyber Essentials Certification, Enhancing Its Cybersecurity Framework

London, 29th April 2024 – EfficientEther Ltd, an AI and cloud cost optimisation start-up, is delighted to announce its recent achievement in obtaining the Cyber Essentials certification. This accomplishment follows the successful certification of ISO 9001 and ISO 27001 standards in October 2023, underscoring the company’s unwavering commitment to governance and security in its innovative solutions.

Established in June 2023, EfficientEther Ltd. is headquartered in London, UK, and specialises in artificial intelligence and deliver cost-effective cloud solutions. This certification marks a significant milestone in the company’s journey towards enhancing IT security frameworks and operational excellence. This accreditation not only bolsters our security credentials but also broadens our market opportunities in sectors that mandate compliance with Cyber Essentials standards.

Ryan Mangan, CEO of EfficientEther Ltd, highlighted the importance of this certification, stating, “Securing the Cyber Essentials certification further validates our dedication to robust cybersecurity measures. This achievement reassures our customers of our growing capabilities in protecting our infrastructure against cyber threats, and it aligns with our commitment to governance and security in the rapidly evolving cloud market.”

 

The Cyber Essentials scheme is designed to help organisations of all sizes fortify their IT systems against common cyber-attacks, offering a clear view of their cybersecurity level. It is also a critical requirement for businesses seeking to engage in certain government contracts, further enhancing their trustworthiness and competitive edge in the industry.

About EfficientEther Ltd

EfficientEther Ltd is an innovative start-up specialising in AI and cloud cost optimisation solutions. Founded in 2023 and headquartered in London, the company is committed to transforming the cloud industry through a focus on sustainability, information security, and cost-effectiveness. Following the attainment of the Cyber Essentials certification, alongside ISO 9001 and ISO 27001, EfficientEther Ltd is committed to providing secure and sustainable cloud solutions.

Cybersecurity, News

Cybercrime drives demand for IT security professionals.

Increased concerns from businesses around cybercrime are driving a widening skills gap, according to technology specialists at SPG Resourcing.

The UK government estimates the economic cost of cybercrime to UK businesses is £21 billion per year, including losses from intellectual property theft, industrial espionage, extortion, and data breaches. For individuals in the UK, the estimated economic cost of cybercrime is £3.1 billion per year, primarily from identity theft and online scams.

SPG Resourcing has published a study outlining the challenges companies face when recruiting IT security professionals and offering advice on securing talent in a competitive job market.

Commenting on the report, Richard Howarth, associate director at SPG Resourcing, said: “The demand for IT security professionals in the UK is on the rise, evidenced by the thousands of job opportunities currently available across multiple platforms. With the IT security market experiencing a surge in vacancies, many businesses are either actively hiring or have hiring plans for the second quarter.

“This surge in demand underscores the critical need for a proactive and flexible approach to addressing the growing IT security talent gap. As businesses navigate an increasingly complex digital landscape, the importance of skilled professionals in safeguarding sensitive data and mitigating cyber threats cannot be overstated. We hope our new whitepaper will give companies a useful roadmap to address their cybersecurity recruitment needs.”

SPG Resourcing advises companies wishing to recruit IT security professionals to enhance the candidate experience by prioritising clear communication, providing prompt feedback, and offering personalised interactions.

Given the competitiveness of the cybersecurity sector, companies should provide remote work options. Additionally, offering career advancement opportunities, certifications, and upskilling options is vital for attracting and retaining cybersecurity talent, particularly in an industry facing a notable talent shortage.

The UK National Cyber Security Centre predicts AI will increase the volume and impact of cyberattacks over the next two years. AI may contribute to developing malware that evades detection by current security protocols.

SPG Resourcing helps companies and organisations across the digital sector find the talent they need. It operates internationally from offices in Leeds and Newcastle.

The SPG Resourcing whitepaper can be downloaded here https://spg-resourcing-144291094.hubspotpagebuilder.eu/spg-resourcing-itsecurity-whitepaper

 

Cybersecurity, News, Smartphone News and Views, Telecoms, Telecoms News

New research shows that poor PIN hygiene leads to 62% of phone theft victims in the UK facing further financial loss and data breaches

  • 45 per cent of Britons use their main phone PIN for multiple apps
  • Businesses, including banks and fintechs, are not doing enough to support customers in protecting their personal data when they lose their phones

 

22 April 2024—London, UK: Nuke From Orbit, a fintech startup headquartered in the UK, has unveiled findings from its latest research report, shedding light on a concerning trend in smartphone thefts. The report indicates that in 62% of cases of smartphone thefts in the UK, the repercussions extend far beyond the initial loss of the device.

According to the research, not only were respondents’ social media and email accounts accessed, but one in four individuals also fell victim to digital wallet theft, resulting in monetary losses. Alarmingly, the study reveals that one in five respondents experienced compromised personal bank accounts through unauthorised access via mobile banking apps.

The alarming findings come amid the evolving boom in smartphone usage and the growing identity threat that users face. Although smartphones were created to simplify life with their many functions, users do not realise that this convenience has also made them more vulnerable to risk and therefore aren’t taking the appropriate precautions.

Other key findings from the research include:

  • The further losses the respondents reported can partly be attributed to poor PIN hygiene despite repeated warnings and guidance on password and PIN best practices.
  • 78% of the respondents use their smartphones for mobile banking, 85% for accessing email, 71% for managing social media and 51% for a digital wallet, indicating that cybercriminals can easily access their personal data from a single mobile device.
  • However, nearly half (45%) are in the habit of using the same PIN to gain access to the phone and multiple apps, services, and bank cards.

James O’Sullivan, CEO and founder of Nuke From Orbit commented, “Biometrics were introduced to make smartphones more secure because the frequency with which you need to input a PIN is greatly reduced, but our research shows this has led to some complacency. Criminals are returning to old-school shoulder surfing tactics – that made ATMs a nightmare – to access the phones they then steal to commit secondary crimes.”

A legislation that will contribute to the fight against such threats is The UK Product Security and Telecommunications Infrastructure (Product Security) Act, which will come into effect on the 29th of April. The Act will ensure that consumer technology products meet mandatory security requirements to protect against cyberattacks. Businesses will be accountable for protecting customer data as the regulation mandates them to set safety measures such as minimum default password requirements and providing information on reporting security issues.

With so much interconnectivity, and even authenticator apps and one-time passcodes utilising the same device, smartphones are at the heart of the challenge this legislation is designed to tackle.

“The Act is relevant for consumers and businesses, including banks, fintechs and online service providers. Service providers are responsible for ensuring they do everything possible to protect consumers when the worst happens. Our research suggests that currently, they are not doing enough. Nuke From Orbit is on a mission to support such service providers in protecting the digital identities of individuals and putting them back in control of their data swiftly when their smartphones are stolen.”

Nuke From Orbit offers a unique digital panic button, allowing individuals to block access to various services and accounts all at once if their smartphone is stolen. This world’s first solution adds a higher level of data protection and privacy in the mobile security market by fixing a significant vulnerability. Consumers can join the waiting list to be alerted when the service goes live in their region.

About Nuke From Orbit: 

Founded in 2023, Nuke From Orbit is a UK-based company developing a service that allows subscribers to block access to multiple services and accounts simultaneously, avoiding account compromise issues and monetary loss when their smartphone gets stolen. For more information and to see how the service works, visit https://nuke.app.

Cybersecurity

Cyber attack surge is “tip of iceberg”, expert warns

New figures showing a surge in cyber-attacks on businesses are just the “tip of the iceberg”, a leading expert has revealed.

Government data shows 50% of companies have experienced a breach or attack in the past year.

But Roy Shelton, CEO of the Connectus Group, said that the true scale of the problem may be much higher, due to the unwillingness of businesses to disclose such incidents.

He said: “Attacks are rising and getting more and more sophisticated. Those reported are just the tip of the iceberg. A lot more happen and exist under the radar and are never reported. All businesses need to be vigilant to the growing risk.”

He was commenting in the wake of the 2024 Cyber Security Breaches Survey, which found that 74% of large businesses had been attacked, 70% of medium-sized businesses had been targeted, along with 66% of charities with an annual income of £500,000 or more.

The most common type of breach or attack is phishing (84% of businesses and 83% of charities), followed by others impersonating organisations in emails or online (35% of businesses and 37% of charities), and then viruses or other malware (17% of businesses and 14% of charities).

In all, it is estimated that UK businesses have experienced around 7.78 million cyber crimes of all types and approximately 116,000 non-phishing cyber crimes in the last 12 months. For UK charities, the estimate is some 924,000 cyber crimes in the past year.

Mr Shelton added: “This report is a good and welcome update which highlights the growing need to be ever vigilant.

“These figures are based on only reported breaches: I would suspect many are never reported due to fear of brand and reputational damage.

“The common breaches remain as phishing, malware, and impersonation. All of this can be avoided with training of staff and or deploying low cost, high value counter measures.”

The figures show that, in terms of counter-measures, 51% of businesses have tried multiple approaches to try and minimise the risks of cyber attacks, while 40% of charities have done so.

The report also found how, among businesses, 33% have deployed security monitoring tools and 31% have carried out risk assessments.

Just 18% have tested staff with exercises, such as mock phishing attacks, 17% have carried out vulnerability audits, 11% have tried penetration testing, and 10% have invested in threat intelligence.

The growing cyber threat has prompted the Connectus Group to develop a new tool which helps provide businesses with advanced 24/7 protection from cyber attacks.

The Connectus Managed Extended Detection and Response (MXDR) service is powered by the acclaimed Heimdal XDR Unified Security Platform, which is specifically designed to help modern enterprises to stay safeguarded by integrating detect-and-respond services with the industry’s broadest coverage for total protection against cyber threats.

The Heimdal MXDR is unmatched: a proactive team of experts and an accredited Security Operations Centre (SOC) works in real-time and closely with IT and Security counterparts to create an integrated approach to threat-hunting and response.

For legal and property firms, the risks associated with a data breach are greater than most due to the additional risk of financial information being captured and further exploited by criminal gangs via banking fraud, for example.

Mr Shelton concluded: I’d advise looking for a more holistic managed service from professionals to ensure they have the right solution set and skill set working proactively on their behalf?

“Only a small number of companies actually understand how to respond to a cyber breach so, again, working with a trusted partner to deliver a managed, detect and resolve service would make more sense.”

AI, Cybersecurity, News, Technology

Crossword Cybersecurity launches new CyberAI Practice, helping CISOs embrace AI with confidence across the enterprise

Crossword Cybersecurity Plc, the cybersecurity solutions company focused on cyber strategy and risk, has launched a new CyberAI Practice.  The practice, which sits within Crossword Cybersecurity’s Consulting business, consolidates Crossword’s artificial intelligence (AI) expertise into a centre of excellence that will deliver AI-focused cybersecurity consulting services and products to help clients harness the power of AI in the organisation.

The ever-evolving threat landscape and proliferation of data-generating apps and devices has had organisations grasping at Generative AI and Large Language Models (LLM) as the solution to the problems they face. While AI has a huge role to play in improving security posture, customer experience, identifying insights and streamlining business processes, the pace of change, regulation, deployment by employees of ‘Shadow AI’, and ‘AI washing’ by marketers, can leave cybersecurity teams struggling to remain current.

 

The LLM dilemma

LLMs have led to the emergence of many new tools, which must be assessed and assured so that adoption is controlled and does not pose legal, reputational, or commercial threats. Simultaneously, LLMs have empowered would-be attackers by lowering the barriers to launching successful attacks.

Crossword has already led a significant initiative in investigating the application of Generative AI to cyber security. This has been conducted with major industry partners and leading universities, including academics from Oxford University and MIT in the USA and AI researchers from the world famous Alan Turing Institute.

 

Helping enterprises keep pace with AI innovation

The CyberAI Practice will provide organisations with advisory, security testing and engineering services, which will allow organisations to manage AI threats and grasp the opportunities to improve efficiency, cybersecurity, and create new experiences for end users.  Following its launch, the CyberAI Practice is offering the following services:

 

  • Engineering – Modular services designed to support the assessment and development of LLM architectures, LLM security testing, design and security architecture reviews, and wider LLM-related engineering services
  • CyberAI onsite workshops – Education and maturity workshops to help organisations understand the market, assess their needs and existing AI use, and consult on whether to ‘build or buy’

 

James Henry, Consulting Innovation Director at Crossword Cybersecurity said: “The latest wave of AI technologies hit the security industry with such pace that many businesses have been struggling to keep up.  At Crossword it is our mission to provide businesses with the knowledge and tools needed to securely embrace the benefits of Generative AI technologies, whilst also managing the associated risks.”

Cyber Attack, Cybersecurity, News, Technology

Cybersecurity firm launches simulated phishing-attack training

~ New managed service lets businesses use fake phishing attacks to increase staff awareness ~

London-based managed IT services provider OryxAlign has announced the launch of its new managed cybersecurity awareness training service in partnership with training specialist KnowBe4. The service will allow businesses, especially SMEs, to periodically test their employees’ awareness and preparedness against phishing attacks. Based on their responses, staff will receive a customised training programme and access to a library of thousands of resources, including webinars, quizzes and games to develop their cybersecurity awareness.

Phishing is a type of cyberattack where an attacker sends a fraudulent email, message or website that appears to be legitimate, to trick the recipient into sharing sensitive information, such as login credentials or financial information.

According to the Information Commissioner’s Office (ICO) phishing attacks accounted for 31 per cent of all cyber related incidents. It was superseded only by ransomware attacks at 34 per cent.

The phishing security test from OryxAlign provides businesses with the ability to simulate a phishing attack by sending randomised fake phishing emails to their employees every quarter. The emails are designed to look like real phishing emails that employees may receive. The tool allows organisations to track who clicked on the links in the email or provided sensitive information in response to the email.

Based on their responses, users are given a cybersecurity awareness score, which is used to provide them with an ongoing programme of cybersecurity training, via an online library of webinars, quizzes, games and even a Netflix-style TV series.

“Employees across a business can vary significantly in their cybersecurity skills, so there’s no such thing as a one-size-fits-all training programme to improve awareness and preparedness,” explained Nathan Charles, Head of Customer Experience at OryxAlign. “This is why we’ve partnered with KnowBe4 to offer a simulated phishing attack and training service for SMEs.

“By using this tool, organisations can assess their employees’ ability to identify and avoid phishing attacks. The results of the test can help businesses identify areas of weakness in their security, from shop-floor workers to the CEO.”

The training is delivered virtually at the user’s own pace and organisations can integrate their corporate IT policies into the platform. As well as scoring individual users, the results of the simulated attacks can be used to benchmark the overall score for the company against similar businesses in the same sector.

The cybersecurity awareness training is offered as a managed service, but interested users can carry out a free phishing test for up to 100 employees by filling out the online form on OryxAlign’s website.

Cybersecurity, News, Tech, Technology

Crossword Cybersecurity Launches Trillion HarVista

Crossword Cybersecurity Plc, the cybersecurity solutions company focused on cyber strategy and risk, has launched Trillion HarVista, a new product in its Trillion Threat Intelligence platform that for the first time allows enterprise security teams to safely gather threat intelligence from multiple dark web forums, discussion channels, ransomware sites and messaging platforms, without leaving a trail of activity or risking malware infection.

As a groundbreaking threat intelligence tool, Trillion HarVista works by constantly scraping new posts, chats and replies, creating keyword searchable indexes and screenshots with automated alerts based on the terms defined by an enterprise, such as a company name, or a known exploit. It does this by creating ‘offline’ copies of forums and chats, stripping them of harmful content and attachments, before storing them on secure servers for a safe browsing experience.  This data can then be tagged, searched, and analysed.

Keeping safely ahead of the threat actors

Security defenders know that monitoring the dark web can provide insights that could make the difference between being in front of an attack or being a victim, but accessing and tracking this underground information can be challenging, and the locals hostile. It requires time and deft skill to avoid detection, which can place a company at higher risk of attack.

Stuart Jubb, Group Managing Director from Crossword Cybersecurity Plc said, “For the first time, Trillion HarVista gives enterprise security professionals a new level of proactive threat intelligence, and a safe way to secretly monitor the channels used by criminal communities and stay one step ahead in the race to keep organisations safer from attacks and data breaches.  Trillion HarVista takes the pain, risk, and endless hours out of monitoring the dark web, allowing security professionals to focus on analysis and action.”

 

Key features of Trillion HarVista

  • Safe access to a wide range of sources – Immediate, anonymous, and safe access to closed and difficult to access forums.  Hacker chat channels from popular messaging apps like Telegram can also be searched.
  • Data pivoting – Search results within Trillion HarVista are parsed and presented in a meaningful data model, making the information easy to navigate and drill through.  With a single click analysts can jump from a high level search into detailed discussion threads or even alternative topics posted by a specific threat actor.
  • Keyword searches and alerts – Allow security professionals to easily search topics, as well as be alerted to topics of interest when they are being discussed.
  • Original screenshots – Get complete context by seeing what was being said and by who through stored screenshots.
  • Private tags – Easily make other members of an enterprise security team aware of key discoveries by applying private tags.

 

Trillion HarVista is part of the Trillion platform, Crossword’s dark web credential monitoring service, which monitors the billions of account credentials passing through dark markets and criminal forums, and alerting customers when leaked credentials are discovered.

 

Cybersecurity, News, Technology

Gcore Radar Report Reveals DDoS Peak Attack Volumes Doubled in H2 of 2023

Surge in volume sees cybersecurity industry measuring DDoS attacks in a new unit, Terabits. 

Gcore, an international cloud and edge solutions provider, has today revealed the findings of its Q3-Q4 2023 Gcore Radar report that provides insights into the current state of the DDoS protection market and cybersecurity trends. The report finds that there were a number of significant developments in the scale and sophistication of cyberthreats in 2H 2023.

Key Highlights from Q3–Q4

  • The maximum attack power rose from 800 Gbps (1H 2023) to 1.6 Tbps.
  • UDP floods constitute 62% of DDoS attacks. TCP floods and ICMP attacks remain popular at 16% and 12% respectively and SYN, SYN+ACK flood, and RST Flood, account for just 10% combined.
  • The most-attacked business sectors were gaming (46%), financial (including banks and gambling services) (22%) and telecom (18%).
  • USA (24%), Indonesia (17%) and The Netherlands (12%) list as the top three attack source countries.
  • In Q3/Q4, the longest attack duration lasted 9 hours.
  • The average length of attack was approximately an hour.

High-Volume Attacks: A Surging Threat

The past three years have brought about a >100% annual increase in DDoS peak (registered maximum) attack volume:

  • In 2022, the peak capacity of DDoS attacks increased from 300Gbps (2021) to 650 Gbps
  • In Q1–Q2 of 2023, it increased again to 800 Gbps
  • In Q3–Q4 of 2023, it rocketed to 1600 Gbps (1.6 Tbps)

The jump in H2 of 2023 has resulted in the cybersecurity industry now measuring DDoS attacks in a new unit, Terabits. This escalation illustrates a significant and ongoing rise in the potential damage of DDoS attacks which, according to Gcore, is a trend that it expects to see continue in 2024.

Maximum attack power in 2021–2023 in Gbps

DDoS Attack Techniques

According to Gcore’s statistics, in Q3-Q4 of 2023:

  • UDP floods continue to dominate having become more popular amongst attackers in H1 of 2023.
  • TCP floods and ICMP attacks have jumped into second and third place respectively.
  • There was a decrease in the number of SYN flood attacks from 24% in H1 of 2023, seeing SYN, SYN+ACK floods, and RST Floods making up the remaining types of attack in Q3/Q4.
Dominant attack types in H2 of 2023

 

Commenting on these findings, Andrey Slastenov, Head of Security Department at Gcore, said: “The exponential surge in attack power and variation in attack methods that we saw in the second half of 2023 illustrates how sophisticated cyber attackers are becoming. It’s more essential than ever for organisations to adopt a multifaceted defence strategy that can protect against a range of DDoS techniques. Failure to address these evolving threats can result in costly disruptions, reputational damage, loss of customer trust, and security breaches.”

 

DDoS Attacks by Geography

Gcore’s findings in the latter half of 2023 illustrate a widespread global threat as it identified attack sources ranging from the US, Indonesia and The Netherlands as the top three countries respectively, and Mexico, Germany and Brazil coming in as the bottom three attack source countries.

Geographical attack source spread

 

DDoS Attacks by Business Sector

According to Gcore’s report, the gaming, financial and telecom were the most attacked sectors in Q3–Q4 of 2023 which is likely to be due to their financial gains and the potential impact on users. These findings underscore the need for targeted cybersecurity strategies like countermeasures for specific gaming servers.

 

DDoS attacks by affected industry

 

Slastenov concluded: “The increase in attack power to 1.6 Tbps is particularly alarming, signalling a new level of threat for which organisations must prepare. Paired with the geographical distribution of attack sources, it’s clear that DDoS threats are a serious and global issue, necessitating international cooperation and intelligence sharing to mitigate potentially devastating attacks effectively.”

Cybersecurity, News, Tech

Connectus Group Launches New Cybersecurity Package to Further Safeguard Clients

A LEADING tech firm has launched a new Cyber Essentials Package to further help safeguard clients in 2024.

The Connectus Group’s all-in-one offering covers cyber security audits, training, accreditations and a fully managed multilayer defence system.

 

In a further move to ensure their clients are better protected from cyber attacks, the tech-firm has taken the step of updating the mandated services it provides to customers.

This will see Connectus offer best in class services which offer cost effective protection at a “vital time”.

 

Explaining the motivation behind the move, Roy Shelton, the CEO of the Connectus Group said: “These changes come at a vital time because the risk of cyber-attacks is growing. Cybersecurity is no longer an office hours only requirement. With the rise of hybrid working and devices seemingly being “always on”, the biggest threats are happening during the night.

“We have partnered with Heimdal for a comprehensive 24/7/365 managed alerting service where your network will constantly have eyes on to make sure you are protected around the clock.”

 

Connectus’ Cyber Essentials package is a suite of technical controls that organisations should have in place to protect themselves against common online security threats.

It is a fully managed cyber security solution so that you can focus on running your business, safe in the knowledge that it is protected from the latest security threats.

Those who sign up will be secure in the face of common threats such as phishing attacks, malware, ransomware, password guessing, and network intrusion.

The package includes guidance to set scope, covering firewall and network controls, secure configuration, access controls, malware protection and patch management.

 

Also included is a review before submission for assessment, cyber insurance, free assessment and audit method.

Email support, certification, and a half-day of support are covered to ensure a smooth transition to a new secure future.

 

Data on the current threat landscape shows that 31% of all UK SMEs are attacked every week, and 65% of successful breaches result in a £10,000 cost to pay ransoms or fines and/or litigation or business disruption.

An astonishing 90% of SMEs receive phishing emails every week and human error means that 89% are successful.

 

The Connectus Cyber Essentials package is suitable for businesses of all sizes and demonstrates to your customers and suppliers your commitment to cyber security, as well as safeguarding against cyber attacks.

A Cyber Essentials certificate is required by all suppliers bidding for government contracts which involve handling of certain sensitive and personal information.

Connectus has introduced a limited offer of £675 to gain certification and, once obtained, customers can apply to upgrade to Cyber Essentials Plus and maintain their defences for just £99 per month.

 

Mr Shelton added: “This new 360 package is designed to provide the very best services to businesses of all sizes. Having proper cyber security measures in place is growing more important with each passing year. At Connectus our expert team is constantly updating the services we offer to meet the modern-day needs businesses require.”

For further details, visit www.connectus.org.uk, email info@connectus.org.uk, or telephone 0330 440 4848

Cybersecurity, News, Technology

Keysight 400GE Network Cybersecurity Test Platform Validates Fortinet’s Hyperscale DDoS Defence Capabilities

  • Scalable test platform generates both legitimate and malicious traffic at multi-terabit, hyperscale volumes, realistically emulating DDoS attack mitigation of carrier-grade network loads
  • Facilitates the transition to 400GE and reduces costs by offering compatibility with existing infrastructure using 8x400GE test ports with fanout support to 200/100/50/40/25/10GE
  • Single pane of glass management simplifies test configuration and system upgrades, reducing overall test time and system maintenance

December 13, 2023

SANTA ROSA, Calif., – Keysight Technologies, Inc. (NYSE: KEYS) announces that Fortinet chose the Keysight APS-M8400 network cybersecurity test platform to validate the hyperscale distributed denial of service (DDoS) defence capabilities and carrier-grade performance of its FortiGate 4800F next generation firewall (NGFW). The APS-M8400 is the industry’s first and highest density 8-port 400GE Quad Small Form Factor Pluggable Double Density (QSFP-DD) network security test platform.

Carrier networks, data centre operators and service providers are facing exponential growth in cyber-attacks, including DDoS attacks, which have increased by 40% in the last 6 months. The scope and scale of these DDoS attacks are also increasing, as evidenced by the recent, record-breaking Rapid Reset attack which peaked at 398 million requests per second (RPS).

Fortinet developed the powerful FortiGate 4800F NGFW to help carriers, data centre operators, and service providers protect their critical network infrastructure and services from hyperscale DDoS attacks and other cybersecurity threats while continuing to process multi-terabit volumes of legitimate customer traffic driven by the growing adoption of 400GE. Needing an application and security test solution powerful enough to validate the carrier-grade performance and security capabilities of the FortiGate 4800F NGFW prior to deploying in a live customer network, Fortinet turned to Keysight’s APS-M8400.

Using the Keysight APS-M8400, Fortinet validated the cybersecurity capabilities of the FortiGate 4800F NGFW using:

  • Carrier-Grade Traffic Generation – The APS-M8400 platform generated 3 Tbps of legitimate and malicious traffic in a single test, validating the hyperscale firewall protection offered by the Fortigate 4800F, which successfully defended against an 800 Gbps layer 2-3 DDoS attack while continuing to deliver 2.2 Tbps of legitimate layer 4-7 traffic, without taxing CPU, memory usage, or system responsiveness.
  • Port Density and Flexibility – Fortinet used all of the APS-M8400’s 8x400GE QSFD-DD interfaces to send traffic across all available 400GE test ports on the FortiGate 4800F. Each of the APS-M8400’s 8x400GE QSFD-DD interfaces can fan out to 200/100/50/40/25/10GE, offering Fortinet the flexibility to test multiple port configurations like the 12x200GE/100GE/40GE and up to 12x50GE/25GE/10GE test ports supported by the Fortigate 4800F.
  • Hyperscale Throughput and Scalability – The APS-M8400’s extensible aggregation of compute node resources and Field-Programmable Gate Array (FPGA) resources allowed Fortinet to scale up the test bed to generate the 3 Tbps of traffic needed to effectively test the Fortigate 4800F. The APS-M8400 features a pay-as-you-grow model, enabling users to scale in multi-chassis mode to generate more than 12 Tbps of layer 4-7 traffic, 3.2 Tbps of layer 2-3 traffic, 9.6 Tbps of Transport Layer Security (TLS) traffic, 20 billion concurrent connections, and 220 million connections per second of legitimate and malicious test traffic in a single test.
  • Ease of Management – APS-M8400’s intuitive, single pane of glass management allowed Fortinet to simply and easily configure the multiple compute node and FPGA resources required to run a hyperscale, multi terabit test. This reduced their overall test time and system maintenance, freeing up users to focus on other critical efforts.

John Maddison, Executive Vice President of Products and Chief Marketing Officer, Fortinet, said: “The FortiGate 4800F is the industry’s fastest compact hyperscale firewall, offering carrier-grade performance and scalability to safeguard data centre and service providers as cyber-attacks continue to accelerate at an unprecedented pace. With Keysight’s innovative APS-M8400 8x400GE cybersecurity test platform, Fortinet has the necessary 400GE port density, multi-terabit application throughput, and session scalability to easily generate cyber-attacks and legitimate traffic at scale to validate that the FortiGate 4800F can deliver the hyperscale performance and real-time threat protection our customers expect.”

 

Ram Periakaruppan, Vice President and General Manager, Keysight Network Test and Security Solutions, said: “Cybersecurity threats like DDoS attacks are continually increasing in scope, scale, and impact on their potential victims. It is vital that carriers, service providers and data centres protect their critical infrastructure from these attacks to continue serving the hyperscale volumes of legitime traffic that continue to grow at a rapid pace. Keysight’s APS-8400 helps network equipment manufacturers like Fortinet validate that their solutions are up to the task, delivering carrier-grade application and cybersecurity test loads in a flexible, 8x400GE solution that can grow with their changing needs.

Resources