Cisco Enhances Anti-Distributed-Denial-Of-Service Capabilities For Service Providers
Telecom service providers can use the technology to offer more-effective managed security services, Cisco says.
Cisco Systems on Monday introduced software that ties together a variety of its security products so service providers can offer more effective protection against distributed-denial-of-service attacks.
Introduced at the Supercomm show in Chicago, Cisco's DDoS Protection technology includes new software for its Cisco Guard and Cisco Traffic Anomaly Detector products that learns what is normal on a network and adjusts its behavior on the basis of that information. It also communicates that information, along with user-established security policies and administrative changes, to the service providers.
Distributed-denial-of-service attacks typically flood a Web site or E-mail address with traffic, keeping them so busy that they can't serve up Web pages or handle routine E-mail traffic. The Cisco package of technology, which includes Cisco routers, the Cisco Guard and Detector, and network monitoring and detection gear from Arbor Networks, is designed to let telecom service providers better protect their own networks from attack while at the same time offering managed security services to their customers.
"It lets service providers offer their customers a managed security service that protects their network and provides a service-level agreement," says Jeff Spagnola, Cisco's VP of service provider marketing. "The service providers will scrub the traffic on those pipes before the traffic hits the user's network."
Sales of managed services--especially security services--are growing in importance for service providers as intense competition is causing a decline in the prices and profitability of basic bandwidth services. AT&T last week enhanced its package of managed security services, which includes E-mail security, personal firewalls, policy enforcement applications, and security compliance consulting.
Sprint uses Cisco's products to offer its IP Defender services, which were introduced in the fourth quarter of last year. The service provider's managed security portfolio includes network-based firewalls, an E-mail protection service, anti-spam and antivirus services, as well as a distributed-denial-of-service detection and mitigation service.
Sprint uses the Cisco technology for, among other things, to conduct deep inspection of packets flowing over the network to identify malicious traffic. So-called dirty traffic can be blocked or diverted to a quarantined area where the malicious traffic can be removed and legitimate traffic sent back to the network.
"Our focus is on scrubbing the traffic when it's in the network and only forwarding on legitimate traffic," says Randy Ritter, VP of product management at Sprint. "When you're dealing with a distributed-denial-of-service attack, you want to deal with it in the network and not at the customer premises."
By blocking distributed-denial-of-service traffic in the network, the attacking messages don't clog up a customer's communications links. The Cisco gear and software in the service provider's network communicates with Cisco gear on a customer's premises to pass threat alerts back and forth and to establish baselines for what is normal on the network.
"The types of attacks are changing, so the measures companies need to take need to change," says Ritter. "I don't think corporations will ever give away their security strategy to someone else. But more of them are now looking at service providers as a critical element of their security strategy."
Cisco says its DDoS Protection technology can be deployed in several different ways by service providers, such as part of a managed network service or a managed hosting service, or as part of wholesale connections sold to Internet service providers.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
. We've got a management crisis right now, and we've also got an engagement crisis. Could the two be linked? Tune in for the next installment of IT Life Radio, Wednesday May 20th at 3PM ET to find out.