Cisco offers state-of-the-art solutions to protect against DDoS attacks by using the industry standard Cisco Anomaly Detection and Mitigation products.
The Cisco Anomaly Detection and Mitigation solution combats complex and sophisticated DDoS attacks. This solution can be used for service provider and enterprise environments. Some of the features are the following:
Classify legitimate traffic and attack traffic in real-time.
Block the attack traffic by using source-based dynamic filters.
Block large botnets and zombie attacks.
Deliver multigigabit performance at line rate for detection and mitigation.
Figure 22-3 illustrates the packet flow through the defense modules that provides advanced DDoS protection using the Cisco Anomaly Detection and Mitigation solution.
The Cisco DDoS Anomaly Detection and Mitigation solution consists of two basic deployment components:
Cisco Traffic Anomaly Detector
Cisco Guard DDoS Mitigation
Note
Both products are available as appliance-based solutions and integrated service modules for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers.