Cisco Enhances Anti-Distributed-Denial-Of-Service Capabilities For Service Providers - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications
News
6/6/2005
10:23 AM
50%
50%

Cisco Enhances Anti-Distributed-Denial-Of-Service Capabilities For Service Providers

Telecom service providers can use the technology to offer more-effective managed security services, Cisco says.

Cisco Systems on Monday introduced software that ties together a variety of its security products so service providers can offer more effective protection against distributed-denial-of-service attacks.

Introduced at the Supercomm show in Chicago, Cisco's DDoS Protection technology includes new software for its Cisco Guard and Cisco Traffic Anomaly Detector products that learns what is normal on a network and adjusts its behavior on the basis of that information. It also communicates that information, along with user-established security policies and administrative changes, to the service providers.

Distributed-denial-of-service attacks typically flood a Web site or E-mail address with traffic, keeping them so busy that they can't serve up Web pages or handle routine E-mail traffic. The Cisco package of technology, which includes Cisco routers, the Cisco Guard and Detector, and network monitoring and detection gear from Arbor Networks, is designed to let telecom service providers better protect their own networks from attack while at the same time offering managed security services to their customers.

"It lets service providers offer their customers a managed security service that protects their network and provides a service-level agreement," says Jeff Spagnola, Cisco's VP of service provider marketing. "The service providers will scrub the traffic on those pipes before the traffic hits the user's network."

Sales of managed services--especially security services--are growing in importance for service providers as intense competition is causing a decline in the prices and profitability of basic bandwidth services. AT&T last week enhanced its package of managed security services, which includes E-mail security, personal firewalls, policy enforcement applications, and security compliance consulting.

Sprint uses Cisco's products to offer its IP Defender services, which were introduced in the fourth quarter of last year. The service provider's managed security portfolio includes network-based firewalls, an E-mail protection service, anti-spam and antivirus services, as well as a distributed-denial-of-service detection and mitigation service.

Sprint uses the Cisco technology for, among other things, to conduct deep inspection of packets flowing over the network to identify malicious traffic. So-called dirty traffic can be blocked or diverted to a quarantined area where the malicious traffic can be removed and legitimate traffic sent back to the network.

"Our focus is on scrubbing the traffic when it's in the network and only forwarding on legitimate traffic," says Randy Ritter, VP of product management at Sprint. "When you're dealing with a distributed-denial-of-service attack, you want to deal with it in the network and not at the customer premises."

By blocking distributed-denial-of-service traffic in the network, the attacking messages don't clog up a customer's communications links. The Cisco gear and software in the service provider's network communicates with Cisco gear on a customer's premises to pass threat alerts back and forth and to establish baselines for what is normal on the network.

"The types of attacks are changing, so the measures companies need to take need to change," says Ritter. "I don't think corporations will ever give away their security strategy to someone else. But more of them are now looking at service providers as a critical element of their security strategy."

Cisco says its DDoS Protection technology can be deployed in several different ways by service providers, such as part of a managed network service or a managed hosting service, or as part of wholesale connections sold to Internet service providers.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
IT Salary Report 2020: Get Paid What You Are Worth
Jessica Davis, Senior Editor, Enterprise Apps,  2/12/2020
Slideshows
10 Analytics and AI Startups You Should Know About
Cynthia Harvey, Freelance Journalist, InformationWeek,  2/19/2020
News
Fighting the Coronavirus with Analytics and GIS
Jessica Davis, Senior Editor, Enterprise Apps,  2/3/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Slideshows
Flash Poll