This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Cisco Enhances Anti-Distributed-Denial-Of-Service Capabilities For Service Providers
Telecom service providers can use the technology to offer more-effective managed security services, Cisco says.
Cisco Systems on Monday introduced software that ties together a variety of its security products so service providers can offer more effective protection against distributed-denial-of-service attacks.
Introduced at the Supercomm show in Chicago, Cisco's DDoS Protection technology includes new software for its Cisco Guard and Cisco Traffic Anomaly Detector products that learns what is normal on a network and adjusts its behavior on the basis of that information. It also communicates that information, along with user-established security policies and administrative changes, to the service providers.
Distributed-denial-of-service attacks typically flood a Web site or E-mail address with traffic, keeping them so busy that they can't serve up Web pages or handle routine E-mail traffic. The Cisco package of technology, which includes Cisco routers, the Cisco Guard and Detector, and network monitoring and detection gear from Arbor Networks, is designed to let telecom service providers better protect their own networks from attack while at the same time offering managed security services to their customers.
"It lets service providers offer their customers a managed security service that protects their network and provides a service-level agreement," says Jeff Spagnola, Cisco's VP of service provider marketing. "The service providers will scrub the traffic on those pipes before the traffic hits the user's network."
Sales of managed services--especially security services--are growing in importance for service providers as intense competition is causing a decline in the prices and profitability of basic bandwidth services. AT&T last week enhanced its package of managed security services, which includes E-mail security, personal firewalls, policy enforcement applications, and security compliance consulting.
Sprint uses Cisco's products to offer its IP Defender services, which were introduced in the fourth quarter of last year. The service provider's managed security portfolio includes network-based firewalls, an E-mail protection service, anti-spam and antivirus services, as well as a distributed-denial-of-service detection and mitigation service.
Sprint uses the Cisco technology for, among other things, to conduct deep inspection of packets flowing over the network to identify malicious traffic. So-called dirty traffic can be blocked or diverted to a quarantined area where the malicious traffic can be removed and legitimate traffic sent back to the network.
"Our focus is on scrubbing the traffic when it's in the network and only forwarding on legitimate traffic," says Randy Ritter, VP of product management at Sprint. "When you're dealing with a distributed-denial-of-service attack, you want to deal with it in the network and not at the customer premises."
By blocking distributed-denial-of-service traffic in the network, the attacking messages don't clog up a customer's communications links. The Cisco gear and software in the service provider's network communicates with Cisco gear on a customer's premises to pass threat alerts back and forth and to establish baselines for what is normal on the network.
"The types of attacks are changing, so the measures companies need to take need to change," says Ritter. "I don't think corporations will ever give away their security strategy to someone else. But more of them are now looking at service providers as a critical element of their security strategy."
Cisco says its DDoS Protection technology can be deployed in several different ways by service providers, such as part of a managed network service or a managed hosting service, or as part of wholesale connections sold to Internet service providers.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
IT Careers: Tech Drives Constant ChangeAdvances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!