Cisco Security Services Modules - Cisco 850 Series Manual

Cisco Security Services Modules

Traffic Anomaly Detector Services Module Traffic Anomaly Detector Services Module
This module helps large organizations protect This module helps large organizations protect
against distributed denial-of-service (DDoS) or against distributed denial-of-service (DDoS) or
other cyber attacks, enabling users to quickly other cyber attacks, enabling users to quickly
initiate mitigation services and block the initiate mitigation services and block the
attack before business is adversely affected . It attack before business is adversely affected . It
utilizes the latest behavioral analysis and attack utilizes the latest behavioral analysis and attack
recognition technology to proactively detect and recognition technology to proactively detect and
identify all types of cyber assaults . identify all types of cyber assaults .
• Monitors and processes attack traffic at full Gigabit • Monitors and processes attack traffic at full Gigabit
line rates, delivering a high-performance solution line rates, delivering a high-performance solution
that detects DDoS attacks without consuming that detects DDoS attacks without consuming
valuable switch or router resources . valuable switch or router resources .
• Identifies and blocks all types and sizes of • Identifies and blocks all types and sizes of
assaults, including those launched by hundreds of assaults, including those launched by hundreds of
thousands of distributed zombie hosts, providing thousands of distributed zombie hosts, providing
complete protection against the widest range of complete protection against the widest range of
attacks . attacks .
• Scales through clustering in a single chassis to • Scales through clustering in a single chassis to
support multi-gigabit performance, providing support multi-gigabit performance, providing
maximum protection for the largest enterprise and maximum protection for the largest enterprise and
service provider environments or for individual service provider environments or for individual
vulnerable zones . vulnerable zones .
• Automatic learning builds baseline profiles of • Automatic learning builds baseline profiles of
normal operating conditions, enabling rapid normal operating conditions, enabling rapid
identification of anomalous or unusual activity that identification of anomalous or unusual activity that
indicates an attack . indicates an attack .
• Supports real-time monitoring of individual • Supports real-time monitoring of individual
devices and protected zones with web-based devices and protected zones with web-based
graphical manager, as well as historical attack-level graphical manager, as well as historical attack-level
reports showing specific attack types seen and reports showing specific attack types seen and
associated statistics . associated statistics .
138
Anomaly Guard Services Module Anomaly Guard Services Module
This module mitigates DDoS and other cyber This module mitigates DDoS and other cyber
attacks . It effectively stops the DDoS attack attacks . It effectively stops the DDoS attack
while allowing legitimate traffic to continue to while allowing legitimate traffic to continue to
its destination, thereby maintaining continuous its destination, thereby maintaining continuous
business operations . business operations .
• Monitors and processes attack traffic at full Gigabit • Monitors and processes attack traffic at full Gigabit
line rates, delivering a high-performance solution line rates, delivering a high-performance solution
that detects DDoS attacks without consuming that detects DDoS attacks without consuming
valuable switch or router resources . valuable switch or router resources .
• Multi-verification process (MVP) architecture • Multi-verification process (MVP) architecture
utilizes advanced anomaly recognition, source utilizes advanced anomaly recognition, source
verification and anti-spoofing technologies to verification and anti-spoofing technologies to
identify and block individual attack flows without identify and block individual attack flows without
affecting legitimate transactions . affecting legitimate transactions .
• Dynamic diversion redirects and cleans only traffic • Dynamic diversion redirects and cleans only traffic
destined for targeted devices, allowing unaffected destined for targeted devices, allowing unaffected
traffic to flow freely and ensuring business traffic to flow freely and ensuring business
continuity . continuity .
• Automatic learning builds baseline profiles of • Automatic learning builds baseline profiles of
normal operating conditions, enabling rapid normal operating conditions, enabling rapid
identification of anomalous or unusual activity that identification of anomalous or unusual activity that
indicates an attack . indicates an attack .
• Identifies and blocks all types and sizes of • Identifies and blocks all types and sizes of
assaults, including those launched by hundreds of assaults, including those launched by hundreds of
thousands of distributed zombie hosts, providing thousands of distributed zombie hosts, providing
complete protection against the widest range of complete protection against the widest range of
attacks . attacks .
Cisco 7600 series routers and Cisco Catalyst 6500 series switches support a
variety of high-performance security modules that protect networks from the full
range of threats, while also simplifying management and reducing overhead by
consolidating security services into the switching chassis.
Intrusion Detection Services Module (IDSM-2)
This module helps detect, classify, and stop
threats including worms, spyware/adware,
network viruses, and application abuse .
The Cisco IDSM-2 combines inline prevention
services with innovative technologies that
improve accuracy, allowing you to stop more
threats without dropping legitimate network
traffic .
• Accurate inline prevention technologies offer
intelligent, automated, contextual analysis of your
data and help ensure you are getting the most out
of your intrusion prevention solution .
• Offers 600 Mbps performance per module,
providing the high bandwidth detection
capabilities required for larger networks .
• Multivector threat identification protects your
network from policy violations, vulnerability
exploitations, and anomalous activity through
detailed inspection of traffic in Layers 2–7 .
• Unique network collaboration enhances scalability
and resiliency through network collaboration,
including efficient traffic capture techniques,
load-balancing capabilities, and visibility into
encrypted traffic .
IPsec VPN Shared Port Adapter
This module delivers scalable and cost-effective
VPN performance with Data Encryption Standard
(DES), Triple Data Encryption Standard (3DES),
plus next-generation Advanced Encryption
Standard (AES) technology, including all key
sizes (128-, 192-, and 256-bit keys)
for ultimate in IPsec VPN security and
interoperability .
• Provides up to 2 . 5 Gbps of AES and 3DES IPsec
throughput with large packets and 1 . 6 Gbps with
Internet mix (IMIX) traffic .
• Up to 10 Cisco IPsec VPN SPAs can be installed in
a system, scaling to 25 Gbps of total throughput for
wire-speed security transport for native 10 Gigabit
Ethernet interfaces .
• Using the Cisco Services SPA Carrier-400, each
slot of the Cisco 7600, or Cisco Catalyst 6500
supports up to two IPsec VPN SPAs, increasing
total performance per slot .
139