Cisco Packs Products Together

Software links security wares to let telecom providers offer more-effective protection against distributed denial-of-service attacks

Paul Travis, Managing Editor, InformationWeek.com

June 11, 2005

2 Min Read
InformationWeek logo in a gray background | InformationWeek

Cisco Systems last week introduced software that ties together a variety of its security products so service providers can offer more-effective protection against distributed denial-of-service attacks.

Cisco's DDoS Protection technology includes new software for its Cisco Guard and Cisco Traffic Anomaly Detector products that learns what is normal on a network and adjusts its behavior on the basis of that information. It also communicates that information, along with user-established security policies and administrative changes, to service providers.

Distributed denial-of-service attacks flood Web sites or E-mail addresses with traffic, keeping them so busy that they can't serve up Web pages or handle routine E-mail traffic. The Cisco package of technology, which includes Cisco routers, the Cisco Guard and Detector, and network monitoring and detection gear from Arbor Networks Inc., is designed to let telecom service providers better protect their own networks from attack while at the same time offering managed-security services to their customers.

Sales of managed services, especially for security, are growing in importance for service providers as intense competition is causing a decline in the price and profitability of basic bandwidth services. Sprint uses Cisco's products to offer its IP Defender services. The service provider's managed-security portfolio includes network-based firewalls, an E-mail protection service, anti-spam and antivirus services, and a distributed denial-of-service detection and mitigation service.

The Cisco technology lets Sprint conduct deep inspection of packets flowing over the network to identify malicious traffic. So-called dirty traffic can be blocked or diverted to a quarantined area where it can be removed; legitimate traffic is sent back to the network. "Our focus is on scrubbing the traffic when it's in the network and only forwarding on legitimate traffic," says Randy Ritter, VP of product management at Sprint. "When you're dealing with a distributed denial-of-service attack, you want to deal with it in the network and not at the customer premises."

Read more about:

20052005

About the Author

Paul Travis

Managing Editor, InformationWeek.com

Paul Travis is Managing Editor of InformationWeek.com. Paul got his start as a newspaper reporter, putting black smudges on dead trees in the 1970s. Eventually he moved into the digital world, covering the telecommunications industry in the 1980s (when Ma Bell was broken up) and moving to writing and editing stories about computers and information technology in the 1990s (when he became a "content creator"). He was a news editor for InformationWeek magazine for more than a decade, and he also served as executive editor for Tele.Com, and editor of Byte and Switch, a storage-focused website. Once he realized this Internet thingy might catch on, he moved to the InformationWeek website, where he oversees a team of reporters that cover breaking technology news throughout the day.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights