CISCO GUARD XT 5650 PRODUCT OVERVIEW



Similar documents
Cisco Conference Connection

CISCO METRO ETHERNET SERVICES AND SUPPORT

CISCO PIX SECURITY APPLIANCE LICENSING

Cisco IOS Public-Key Infrastructure: Deployment Benefits and Features

How To Get A New Phone System For Your Business

CISCO CONTENT SWITCHING MODULE SOFTWARE VERSION 4.1(1) FOR THE CISCO CATALYST 6500 SERIES SWITCH AND CISCO 7600 SERIES ROUTER

Cisco 2-Port OC-3/STM-1 Packet-over-SONET Port Adapter

THE CISCO CRM COMMUNICATIONS CONNECTOR GIVES EMPLOYEES SECURE, RELIABLE, AND CONVENIENT ACCESS TO CUSTOMER INFORMATION

CISCO NETWORK CONNECTIVITY CENTER

CISCO IOS IP SERVICE LEVEL AGREEMENT

CISCO MDS 9000 FAMILY PERFORMANCE MANAGEMENT

CISCO IP PHONE SERVICES SOFTWARE DEVELOPMENT KIT (SDK)

Cisco IT Data Center and Operations Control Center Tour

Cisco Secure Access Control Server Solution Engine

Cisco Systems GigaStack Gigabit Interface Converter

Cisco Router and Security Device Manager File Management

Cisco CNS NetFlow Collection Engine Version 4.0

CISCO SMALL AND MEDIUM BUSINESS CLASS VOICE SOLUTIONS: CISCO CALLMANAGER EXPRESS BUNDLES

It looks like your regular telephone.

NetFlow Feature Acceleration

NETWORK AVAILABILITY IMPROVEMENT SUPPORT OPERATIONAL RISK MANAGEMENT ANALYSIS

Figure 1. The Cisco Aironet Power Injectors Provide Inline Power to Cisco Aironet Access Points and Bridges

Cisco CNS NetFlow Collection Engine Version 5.0

CISCO WIRELESS SECURITY SUITE

CISCO SFP OPTICS FOR PACKET-OVER-SONET/SDH AND ATM APPLICATIONS

PUBLIC KEY INFRASTRUCTURE CERTIFICATE REVOCATION LIST VERSUS ONLINE CERTIFICATE STATUS PROTOCOL

HIGH-DENSITY PACKET VOICE DIGITAL SIGNAL PROCESSOR MODULE FOR CISCO IP COMMUNICATIONS SOLUTION

Cisco IOS Firewall Intrusion Detection System

CISCO IOS SOFTWARE FEATURE PACKS FOR THE CISCO 1700 SERIES MODULAR ACCESS ROUTERS AND CISCO 1800 SERIES (MODULAR) INTEGRATED SERVICES ROUTERS

THE BUSINESS CASE FOR MANAGED SERVICES IN SMALL AND MEDIUM-SIZED BUSINESSES

CISCO CATALYST 6500 SERIES CONTENT SWITCHING MODULE

Cisco Blended Agent: Bringing Call Blending Capability to Your Enterprise

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

CISCO 7304 SERIES ROUTER PORT ADAPTER CARRIER CARD

E-Seminar. Financial Management Internet Business Solution Seminar

Cisco Catalyst 6500 Series/Cisco 7600 Series Supervisor Engine 720-3BXL

IS YOUR OLD PHONE SYSTEM HANGING UP YOUR DISTRICT? CISCO K 12 DIRECT LINE SOLUTION FOR IP COMMUNICATIONS

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 3800 SERIES ROUTERS

CISCO AIRONET POWER INJECTOR

Want to Improve Communication to Parents? Make it Simple.

Serial Connectivity Network Modules for the 2600, 3600, and 3700 Series (NM-1HSSI, NM-4T, NM-4A/S, NM-8A/S, NM-16A/S, NM-16A, NM-32A)

Cisco Aironet 1130AG Series

CISCO CATALYST 3750 SERIES SWITCHES

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 2800 SERIES ROUTERS

CISCO DISTRIBUTED DENIAL OF SERVICE PROTECTION SOLUTION: LEADING DDOS PROTECTION FOR SERVICE PROVIDERS AND THEIR CUSTOMERS

Combined voice and data solution supports Orange s ongoing success in the UK business market

Cisco GLBP Load Balancing Options

CISCO NETWORK CONNECTIVITY CENTER MPLS MANAGER 1.0

Cisco Solution Incentive Program Asia Pacific

Empower Your Law Firm with Your Next Phone System

PREVENTING WORM AND VIRUS OUTBREAKS WITH CISCO SELF-DEFENDING NETWORKS

CISCO IP PHONE EXPANSION MODULE 7914

Cisco 7200 Series Enterprise WAN Aggregation Application

Cisco WebEx Social Compatibility Guide

Cisco 7200 and 7500 Series Routers

CISCO 10GBASE X2 MODULES

Cisco IOS Telephony Services Survivable/Standby Remote Site Telephony

DATA SHEET. GigaStack GBIC THE CISCO SYSTEMS GIGASTACK GIGABIT INTERFACE CONVERTER (GBIC) IS A VERSATILE, LOW-COST,

How To Connect A Cisco Aironet 350 Series Wireless Bridge To A Network With A Wireless Bridge

IP Networking and the Advantages of consolidation

CISCO 7609 ROUTER ENHANCED 9-SLOT CHASSIS

SOUTH BAY BMW ACHIEVES UNMATCHED AVAILABILITY AND SECURITY WITH ITS CISCO NETWORK

CISCO CATALYST 6500 SUPERVISOR ENGINE 32

Cisco SMB Class Solutions Your Next Phone System Purchase

Cisco Outbound Option

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

CISCO ATA 186 ANALOG TELEPHONE ADAPTOR

CISCO MEETINGPLACE FOR OUTLOOK 5.3

CISCO 100BASE-X SFP FOR FAST ETHERNET SFP PORTS

Cisco PBX Interoperability: Lucent/Avaya Definity G3si V7 PBX with CallManager using Analog FXS and FXO Interfaces as an MGCP Gateway

Cisco Router and Security Device Manager Dial-Backup Solution

SERIAL AND ASYNCHRONOUS HIGH-SPEED WAN INTERFACE CARDS FOR CISCO 1800, 2800, AND 3800 SERIES INTEGRATED SERVICES ROUTERS

Optical Service Modules: OC-3/STM-1, OC-12/STM-4 and OC-48/STM-16 POS, OC-12/STM-4 ATM, Gigabit Ethernet WAN, Channelized T3 (CT3) and OC12/STM-4

How To Outtask Metro Ether To A Managed Service Provider

CONNECT TO COMPREHENSIVE NETWORK SECURITY SOLUTIONS WITH THE CISCO IP NETWORK DEFENDER PROGRAM.

E-Seminar. E-Commerce Internet Business Solution Seminar

Internal IT Staff at a Serbian Children s Hospital Takes Innovative Approach to Outpatient Care

CISCO ATA 188 ANALOG TELEPHONE ADAPTOR

Cisco Systems Brings World-Class Online Banking Solutions to State Bank of India

CISCO CALLMANAGER EXPRESS 3.2

Cisco Intelligent Contact Management Enterprise Edition

IP Communications for the Small or Autonomous Branch Office

Cisco Business Communications Solution. Brochure

Cisco Unified IP Conference Station 7936

Enabling High Availability for Voice Services in Cable Networks

CISCO MEETINGPLACE HOSTED SERVICE

Cisco IT Data Center and Operations Control Center Tour

Cisco 2600XM DSL Router Bundles

CISCO MEETINGPLACE MANAGED SERVICE

Cisco AVVID Network Enterprise Data Center Solution Overview

Cisco CSS Series Content Services Switch

CISCO WAN MANAGER 15 DATA SHEET

The Palace of Versailles Goes Digital, Increasing Revenue and Enhancing Overall Visitor Experience

MITIGATING ATTACKS IN VOIP ENVIRONMENTS

CISCO SMARTNET SUPPORT AND CISCO SMARTNET ONSITE

World Consumer Income and Expenditure Patterns

Enterprise Reporting

6000 WATT AC POWER SUPPLY FOR THE CISCO CATALYST 6500 SERIES CHASSIS

City Government Improves Caller Service and Cultivates Economic Vitality

Transcription:

DATA SHEET CISCO GUARD XT 5650 PRODUCT OVERVIEW The Cisco Guard XT 5650 DDoS Mitigation Appliance from Cisco Systems delivers a powerful and extensive distributed denial-of-service (DDoS) protection system. Designed to meet the performance and scalability requirements of the largest and most demanding enterprise environments, the Cisco Guard XT provides unprecedented levels of protection against today s increasingly complex and elusive attacks. Featuring two Gigabit Ethernet interfaces, a single Cisco Guard XT can process attack traffic at line rates as high as a full gigabit-per-second (Gbps). Working together, multiple Cisco Guard XTs can incrementally scale to support multi-gigabit rates, delivering an extensible solution that easily adapts to large and growing enterprise environments. DDoS Attacks Evolving Today s DDoS attacks are more malicious, more virulent, more destructive, and more focused than ever. Launched by disgruntled users or unscrupulous businesses targeting specific sites or competitors, these attacks easily elude and overwhelm the most common defenses. Composed of legitimate-appearing requests, massive numbers of zombies and spoofed identities that make it virtually impossible to identify and block these malicious flows, DDoS attacks literally paralyze their victims and prevent them from conducting business, costing billions of dollars per year in lost revenue. The Cisco Guard XT defends against this new wave of DDoS attacks, enabling businesses to defeat these attacks without compromising their mission-critical and revenue-bearing operations. Based on a unique multiverification process (MVP) architecture, the Cisco Guard XT employs the most advanced anomaly recognition, source verification, and anti-spoofing technologies to identify and block individual attack flows while allowing legitimate transactions to pass. Combined with an intuitive, graphical user interface (GUI) and extensive multilevel monitoring and reporting designed to provide a comprehensive overview of all attack activity, the Cisco Guard XT delivers robust and comprehensive DDoS defense for protecting business operations. All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 1 of 7

Figure 1 The Cisco Guard XT MVP Architecture APPLICATIONS The Cisco Guard XT is one part of a complete detection and mitigation solution that protects enterprises, hosting centers, government agencies, and service provider environments from DDoS attacks. Combined with the Cisco Traffic Anomaly Detector XT, which detects the presence of DDoS, worm, and other attacks, the Cisco Guard XT performs the detailed per-flow level attack analysis, identification and mitigation services required to block attack traffic and prevent it from disrupting network operations. When the Cisco Traffic Anomaly Detector XT identifies a potential attack, it alerts the Cisco Guard XT to begin diverting traffic destined for the targeted devices and only that traffic for inspection. All other traffic continues to flow freely, reducing the impact on overall business operations while increasing the number of devices or zones a single Cisco Guard XT can protect. Diverted traffic is rerouted through the Cisco Guard XT, which is typically deployed off the critical path at any point in the network from enterprise entrance access points to peering points off an ISP backbone. The diverted traffic is subjected to intense scrutiny to identify and separate bad flows from legitimate transactions. Specific attack packets are identified and removed, while legitimate traffic is forwarded to its original destination, ensuring that real users and real transactions always get through, and guaranteeing maximum availability. All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 2 of 7

Figure 2 KEY FEATURES AND BENEFITS Multistage Verification The Cisco Guard XT performs detailed, granular, per-flow analysis and blocking to stop attack traffic with surgical precision while allowing legitimate transactions to flow freely. The innovative blocking techniques are based on the MVP architecture, developed by Cisco Systems, which delivers multiple interactive layers of defense to identify and block all types of attacks with extreme accuracy. Integrated dynamic filtering and active verification technologies, driven by a sophisticated profile-based anomaly recognition engine, enables rapid, automatic protection against all types of assaults, even Day Zero attacks that have never been seen before. Additional protocol analysis and rate limiting features help ensure only valid traffic gets through, and only in volumes that won t overwhelm downstream devices. The Cisco Guard XT also features integrated Zombie Killer technologies that help identify and block all types and sizes of attacks, including those launched by hundreds of thousands of distributed zombie hosts one of the most prevalent and difficult-to-stop DDoS attack sources. All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 3 of 7

Multi-Gigabit Performance Each Cisco Guard XT features dedicated network processors that support attack analysis and cleaning at full gigabit line rates in standalone mode, defending against large-scale DDoS attacks, including those launched by massively distributed attackers such as compromised zombie hosts. The Guard XT also supports a unique clustering architecture that supports incremental scaling of both attack processing rates and zombie defense capacities sufficient for protecting even the largest enterprise and service provider environments against the most serious threats. Deployed off the critical path as a routing peer to ensure maximum reliability and straight-forward installation, the Cisco Guard XT diverts and cleans only that traffic destined for a targeted zone, enabling cost-effective resource and scaling. Multilevel Monitoring and Reporting The Guard XT features an intuitive, Web-based GUI that simplifies the policy definition, operational monitoring, and report generation processes. Multiple monitoring and reporting levels provide network operators, security administrators, and clients with a wide range of detailed real-time and historical information. Attack reports provide details for individual attacks including characteristics, lists of identified zombies, and specific enforcement actions used enabling security experts to review and tune the Cisco Guard XT s security policies. Meanwhile, customer-level historical summaries enable service providers to easily report on successful protection against the variety, duration and scale of attacks. In addition, an interactive mode allows users to review and approve recommended actions and policies prior to activation, providing manual control over attack responses if desired. SUMMARY Designed for service providers, hosting centers, and online enterprises, the Cisco Guard XT can help ensure uninterrupted business operations, even in the face of the most malicious assaults. For users, that translates into a significant competitive advantage by ensuring uncompromised availability and unparalleled protection of the most valuable business assets. All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 4 of 7

PRODUCT SPECIFICATIONS Table 1. Product Specifications Memory Hard Drive Interfaces Operating Temperature Non Operating Temperature 2 GB DDRAM 80 GB Two Gigabit Ethernet Two 100BASE-T (management) 10 to 35C (50.0 to 95.0F) 10 to 43C (50.0 to 109.4F) Humidity Operating: 8% to 80% Power Supply Weight Height Width Depth Rackmountable Management Certifications Attack Protection Non-Operating: 8% to 80% Dual 110-220V, 350W 62 lbs/28.2 kg 3.36 in. / 8.53 cm 17.5 in. / 44.5 cm 27.5 in. / 69.9 cm Yes Secure Web-based GUI CLI: Console, Telnet, SSH Cisco (Riverhead) SNMP MIB and MIB II TACACS+ Syslog UL recognized CE FCC Rules Part 15 compliant Spoofed and non-spoofed attacks TCP (syns, syn-acks, acks, fins, fragments) UDP (random port floods, fragments) ICMP (unreachable, echo, fragments) DNS Client Attacks Inactive and total connections HTTP Get flood BGP attacks All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 5 of 7

ORDERING INFORMATION Table 2. Ordering Information Product Name Part Number SMARTnet Number Cisco Guard XT 5650 with 1000BASE-SX Multimode Fiber Optic Ports with LC Connectors, Dual AC Power, RAID Cisco Traffic Anomaly Guard XT Appliance 5.0 Software To place an order, visit the Cisco Ordering Home Page. AGXT-5650-MMF-A-K9 SC-AGXT-5.0-K9 CON-SNT-AGX5650M TECHNICAL SUPPORT SERVICES Whether your company is a large organization, a commercial business, or a service provider, Cisco is committed to maximizing the return on your network investment. Cisco offers a portfolio of technical support services to help ensure that your Cisco products operate efficiently, remain highly available, and benefit from the most up-to-date system software. The Cisco Technical Support Services organization offers the following features, providing network investment protection and minimal downtime for systems running mission-critical applications: Provides Cisco networking expertise online and on the telephone Creates a proactive support environment with software updates and upgrades as an ongoing integral part of your network operations, not merely a remedy when a failure or problem occurs Makes Cisco technical knowledge and resources available to you on demand Augments the resources of your technical staff to increase productivity Complements remote technical support with onsite hardware replacement Cisco Technical Support Services include: Cisco SMARTnet support Cisco SMARTnet Onsite support Cisco Software Application Services, including Software Application Support and Software Application Support plus Upgrades For more information, visit: http://www.cisco.com/en/us/products/svcs/ps3034/serv_category_home.html All contents are Copyright 1992 2004 All rights reserved. Important Notices and Privacy Statement. Page 6 of 7

Corporate Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel: 31 0 20 357 1000 Fax: 31 0 20 357 1100 Americas Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-7660 Fax: 408 527-0883 Asia Pacific Headquarters 168 Robinson Road #28-01 Capital Tower Singapore 068912 www.cisco.com Tel: +65 6317 7777 Fax: +65 6317 7799 Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Web site at www.cisco.com/go/offices. Argentina Australia Austria Belgium Brazil Bulgaria Canada Chile China PRC Colombia Costa Rica Croatia Cyprus Czech Republic Denmark Dubai, UAE Finland France Germany Greece Hong Kong SAR Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe Copyright 2004 All rights reserved. Catalyst, Cisco, Cisco IOS, Cisco Systems, the Cisco Systems logo, PIX, and SMARTnet are registered trademarks of and/or its affiliates in the United States and certain other countries. All other trademarks All contents mentioned are in Copyright this document 1992 2004 or Website are Cisco the property Systems, of their Inc. respective All rights owners. reserved. The use of Important the word partner Notices does and not Privacy imply a partnership Statement. relationship between Cisco and any other company. (0403R) BG/LW6448 0604 Page 7 of 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information