Cisco Enhances Anti-Distributed-Denial-Of-Service Capabilities For Service Providers - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
6/6/2005
10:23 AM
50%
50%
RELATED EVENTS
[Analytics] Make the Most of Your Data's Potential in 2017
Jan 19, 2017
Are you tapping into all of your data's potential? According to a comprehensive report from McKins ...Read More>>

Cisco Enhances Anti-Distributed-Denial-Of-Service Capabilities For Service Providers

Telecom service providers can use the technology to offer more-effective managed security services, Cisco says.

Cisco Systems on Monday introduced software that ties together a variety of its security products so service providers can offer more effective protection against distributed-denial-of-service attacks.

Introduced at the Supercomm show in Chicago, Cisco's DDoS Protection technology includes new software for its Cisco Guard and Cisco Traffic Anomaly Detector products that learns what is normal on a network and adjusts its behavior on the basis of that information. It also communicates that information, along with user-established security policies and administrative changes, to the service providers.

Distributed-denial-of-service attacks typically flood a Web site or E-mail address with traffic, keeping them so busy that they can't serve up Web pages or handle routine E-mail traffic. The Cisco package of technology, which includes Cisco routers, the Cisco Guard and Detector, and network monitoring and detection gear from Arbor Networks, is designed to let telecom service providers better protect their own networks from attack while at the same time offering managed security services to their customers.

"It lets service providers offer their customers a managed security service that protects their network and provides a service-level agreement," says Jeff Spagnola, Cisco's VP of service provider marketing. "The service providers will scrub the traffic on those pipes before the traffic hits the user's network."

Sales of managed services--especially security services--are growing in importance for service providers as intense competition is causing a decline in the prices and profitability of basic bandwidth services. AT&T last week enhanced its package of managed security services, which includes E-mail security, personal firewalls, policy enforcement applications, and security compliance consulting.

Sprint uses Cisco's products to offer its IP Defender services, which were introduced in the fourth quarter of last year. The service provider's managed security portfolio includes network-based firewalls, an E-mail protection service, anti-spam and antivirus services, as well as a distributed-denial-of-service detection and mitigation service.

Sprint uses the Cisco technology for, among other things, to conduct deep inspection of packets flowing over the network to identify malicious traffic. So-called dirty traffic can be blocked or diverted to a quarantined area where the malicious traffic can be removed and legitimate traffic sent back to the network.

"Our focus is on scrubbing the traffic when it's in the network and only forwarding on legitimate traffic," says Randy Ritter, VP of product management at Sprint. "When you're dealing with a distributed-denial-of-service attack, you want to deal with it in the network and not at the customer premises."

By blocking distributed-denial-of-service traffic in the network, the attacking messages don't clog up a customer's communications links. The Cisco gear and software in the service provider's network communicates with Cisco gear on a customer's premises to pass threat alerts back and forth and to establish baselines for what is normal on the network.

"The types of attacks are changing, so the measures companies need to take need to change," says Ritter. "I don't think corporations will ever give away their security strategy to someone else. But more of them are now looking at service providers as a critical element of their security strategy."

Cisco says its DDoS Protection technology can be deployed in several different ways by service providers, such as part of a managed network service or a managed hosting service, or as part of wholesale connections sold to Internet service providers.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll