Cisco Enhances Anti-Distributed-Denial-Of-Service Capabilities For Service Providers
Telecom service providers can use the technology to offer more-effective managed security services, Cisco says.
Cisco Systems on Monday introduced software that ties together a variety of its security products so service providers can offer more effective protection against distributed-denial-of-service attacks.
Introduced at the Supercomm show in Chicago, Cisco's DDoS Protection technology includes new software for its Cisco Guard and Cisco Traffic Anomaly Detector products that learns what is normal on a network and adjusts its behavior on the basis of that information. It also communicates that information, along with user-established security policies and administrative changes, to the service providers.
Distributed-denial-of-service attacks typically flood a Web site or E-mail address with traffic, keeping them so busy that they can't serve up Web pages or handle routine E-mail traffic. The Cisco package of technology, which includes Cisco routers, the Cisco Guard and Detector, and network monitoring and detection gear from Arbor Networks, is designed to let telecom service providers better protect their own networks from attack while at the same time offering managed security services to their customers.
"It lets service providers offer their customers a managed security service that protects their network and provides a service-level agreement," says Jeff Spagnola, Cisco's VP of service provider marketing. "The service providers will scrub the traffic on those pipes before the traffic hits the user's network."
Sales of managed services--especially security services--are growing in importance for service providers as intense competition is causing a decline in the prices and profitability of basic bandwidth services. AT&T last week enhanced its package of managed security services, which includes E-mail security, personal firewalls, policy enforcement applications, and security compliance consulting.
Sprint uses Cisco's products to offer its IP Defender services, which were introduced in the fourth quarter of last year. The service provider's managed security portfolio includes network-based firewalls, an E-mail protection service, anti-spam and antivirus services, as well as a distributed-denial-of-service detection and mitigation service.
Sprint uses the Cisco technology for, among other things, to conduct deep inspection of packets flowing over the network to identify malicious traffic. So-called dirty traffic can be blocked or diverted to a quarantined area where the malicious traffic can be removed and legitimate traffic sent back to the network.
"Our focus is on scrubbing the traffic when it's in the network and only forwarding on legitimate traffic," says Randy Ritter, VP of product management at Sprint. "When you're dealing with a distributed-denial-of-service attack, you want to deal with it in the network and not at the customer premises."
By blocking distributed-denial-of-service traffic in the network, the attacking messages don't clog up a customer's communications links. The Cisco gear and software in the service provider's network communicates with Cisco gear on a customer's premises to pass threat alerts back and forth and to establish baselines for what is normal on the network.
"The types of attacks are changing, so the measures companies need to take need to change," says Ritter. "I don't think corporations will ever give away their security strategy to someone else. But more of them are now looking at service providers as a critical element of their security strategy."
Cisco says its DDoS Protection technology can be deployed in several different ways by service providers, such as part of a managed network service or a managed hosting service, or as part of wholesale connections sold to Internet service providers.
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.