Cisco Systems Inc. used the Supercomm trade show in Chicago to announce a new service Monday to prevent distributed-denial-of-service attacks on customer networks.
The new Cisco Distributed Denial of Service Protection Solution service uses updates to the companys 7600 Series Routers and Catalyst 6500 Series Switches, along with Arbor Networks Peakflow SP traffic monitoring and anomaly detection service, to provide “clean pipes” to ISPs and their customers, Cisco said in a statement on Monday.
DDoS attacks use large networks of Internet-connected systems, which send junk traffic to a victim network or server, crashing the device or slowing it enough to cause a denial of service.
The new service is geared to ISP and Web hosting companies, Cisco said.
ISPs can sell the new service to their enterprise customers as DDoS-protected connection. Hosting providers can also use it to resell DDoS-proof Web hosting services, said Mick Scully, vice president of product management at Ciscos Security Technology Group.
New software for the Cisco Traffic Anomaly Detector XT appliance and Cisco Traffic Anomaly Detector Service Module monitors customer networks for attacks, learns “baseline” network behavior, and shares that baseline behavior and customer-defined policies with the ISP, Cisco said.
DDoS traffic is diverted to a “scrubbing center” at the network core, where Cisco DDoS Guard technology, acquired with Riverhead Networks in March 2004 and embedded in Catalyst 6500 Series routers, sorts out attack traffic and forwards legitimate traffic on to its destination, said Scully.
The new service was prompted by an increase in DDoS attacks on enterprise networks, Scully said.
“Weve kind of moved from the Internet being a model of implicit trust to a model essentially of pervasive distrust,” Scully said.
Some ISPs have already signed on for the service, including Sprint and MCI. MCI announced a new service Monday to protect its managed services customers from DDoS attacks using the Cisco service, according to an MCI executive.