Cisco Cisco Catalyst 6500 Cisco 7600 Router Anomaly Guard Module プリント

444

Cisco DDoS Mitigation
Service Provider Solutions

Attack Evolution

•

Nonessential
protocols
(e.g., ICMP)

•

100s of sources

•

10K packets/second

Scale

Attacks

Sophistication of Attacks

Two scaling dimensions:

•

Millions of
packets/second

•

100Ks zombies

•

Essential protocols

•

Spoofed

•

10K zombies

•

100K packets/second

•

Compound and
morphing

Past

Present

Emerging

Potentially

random

Targeted

economic

Publicity

driven

Mainstream

corporations

High-profile

targets

Niche targets

Stronger and More Widespread