Cisco Cisco Catalyst 6500 Cisco 7600 Router Anomaly Guard Module データシート
Data Sheet
All contents are Copyright © 1992
–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 11
Cisco Anomaly Guard Module
The Cisco
®
Anomaly Guard Module is an integrated services module for Cisco Catalyst
6500 Series switches and Cisco 7600 Series routers that delivers a powerful and
extensive solution for defending online resources against massive distributed denial-of-
service (DDoS) attacks. Designed to meet the performance and scalability requirements
of the largest and most demanding enterprise and service provider environments, the
Cisco Anomaly Guard Module delivers unprecedented levels of protection for defeating
today’s increasingly complex and elusive attacks.
today’s increasingly complex and elusive attacks.
A single Cisco Anomaly Guard Module (Figure 1) provides the platform for processing attack traffic
at multigigabit line rates. The Anomaly Guard Module employs a unique “on-demand” deployment
at multigigabit line rates. The Anomaly Guard Module employs a unique “on-demand” deployment
model, diverting and scrubbing only traffic addressed to targeted devices or zones without affecting
other traffic. Integrated multiple layers of defense within the Anomaly Guard Module enable it to
identify and block malicious attack traffic while allowing legitimate transactions to continue flowing
to their original destinations. Business operations continue uninterrupted, even in the midst of
attack.
Figure 1. Cisco Anomaly Guard Module
Multiple Cisco Anomaly Guard Modules, working together in a single chassis, can incrementally
scale to support many times the single module rate, delivering a scalable solution that easily adapts
to large and growing enterprise and service provider environments. The Anomaly Guard Module’s
to large and growing enterprise and service provider environments. The Anomaly Guard Module’s
multiprocessor architecture can support future licensed software upgrades to enhance and improve
performance for defending against massive attacks.
Evolving DDoS Attacks
Today’s DDoS attacks are more destructive and focused than ever. These attacks can easily elude
and overwhelm the most common defenses. Composed of requests that appear legitimate,
massive numbers of “zombie” sources, and spoofed identities that make it virtually impossible to
massive numbers of “zombie” sources, and spoofed identities that make it virtually impossible to
identify and block these malicious flows, DDoS attacks paralyze their victims and prevent them
from conducting business, costing billions of dollars per year in losses
—from lost transactions and
customers to damaged reputations and legal liabilities.
The Cisco Anomaly Guard Module defends against all types of DDoS attacks, enabling businesses
to identify and block malicious traffic without compromising their mission-critical and revenue-
bearing operations. Based on a unique, patented multiverification process architecture, the Cisco