The fortigate 100A has been discontinued for almost 10 years.
Specs are 100mb/s throughput and between 20-70mb/s with services turned on.
Max connections is 4k/s
The only spec on it thats decent is the max simultaneous connections at 200k . . . but that's just due to the amount of RAM in the unit, not the CPU.
The RV320 just due to being a supported device gets my vote.
The issue wont be with stopping DDoS to the router but to the server. DDoS mitigation can help but the main target would be his server and that is something he cant redirect normally not unless you implement script to add the offending address to the router's list to redirect but it still doesnt solve DDoS entirely. The game server service itself could be vulnerable and there wouldnt be much you could do about it.A decent UTM firewall should be able to stop DDOS attacks if the attack does not saturate your internet connection. If the DDOS attack is large enough to saturate your internet connection, then it needs to be stopped before it gets to you. There are proxy type services you can use to run your internet through that have very large internet bandwidth and the hardware to take care of DDOS attacks in many instances.
The issue wont be with stopping DDoS to the router but to the server. DDoS mitigation can help but the main target would be his server and that is something he cant redirect normally not unless you implement script to add the offending address to the router's list to redirect but it still doesnt solve DDoS entirely. The game server service itself could be vulnerable and there wouldnt be much you could do about it.
A friend told me to buy a Cisco router cuz they come whit firewall for protection , so i understand u cant stop 100% DDOS atacks , but still there have to be someting cheap to buy lest say 200$ max , i dont wana buy someting to pay per month ..
Ive used CloudFlare , OVH but i quit on them cuz its to expencive to pay per month , that is why i search someting buy one time or free producs thay some use and say may work not perfect but work , my internet providers told me they cand give me protection only the one they have it for free but that is weak so weak
the good firewalls can stop TCP based DDoS very easily using tarpit and it really works. I have been DDoSed by a advertisement botnet once on http and tarpit really did solve it using mikrotik.
The cisco RV has DoS protection like any other consumer router now but not DDoS. My criticism of the cisco RV isnt just the slower CPU and unstable platform/firmware but also because it doesnt offer any advantage over a consumer router and even ASUS has surpassed the cisco RV.
Im sure your friend meant higher end cisco because the low end like the cisco RV has the same amount of protection as a consumer router or he probably doesnt understand networking properly.
tarpit helps if the attack is tcp based and one of the characteristics about it is that it slows the attack where nothing gets transmitted and frees up bandwidth by using up the attackers resources.
In terms of resource, UDP uses a lot less processing power and less bandwidth than TCP. A few simple tricks could help but its not entirely reliant on 1 device. Multiple WANs, redirections, switch level blocking (requires the ISP/host to provide this), changing a few IP settings.For that very reason, many DDOS attacks are UDP, hence freeing up the attackers to put even more resources on the targets downstream leg...
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!