Cisco Secure DDoS Edge Protection At-a-Glance
Available Languages
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
● Real time on-box autonomous zero-day and known attack detection and mitigation with 99.49% efficacy and less than 10 seconds to attack mitigation.
● Cost-effective and scalable with no need for additional equipment and backhauling to scrubbing centers.
● Pervasive protection across mobile access, peering nodes, and broadband networks.
Use your routers as the first line of defense against DDoS attacks
The growth of more distributed and edge networks combined with the proliferation of different connected devices – from connected cars to smart home thermostats – increases opportunities for cybercriminals to launch massive DDoS attacks.
As perpetrators use more and more sophisticated methods to cripple networks, boosting DDoS defenses with traditional solutions becomes cost-prohibitive and impedes the performance of low-latency applications.
Cisco® Secure DDoS Edge Protection enables communication service providers and other network operators to keep attack traffic off their network by using routers as the first line of defense against DDoS attacks. It detects and mitigates attacks in real time and ensures that applications’ latency requirements are not impacted. It enables network operators to scale their DDoS capabilities simply and cost-effectively, as they scale their networks.
Use routers as the first line of defense against DDoS attacks
Cisco Secure DDoS Edge Protection consists of two software components: detectors on each router and a controller that is hosted on a server (on-prem or in the cloud) to manage up to 50,000 detectors and share malicious DDoS signatures across all detectors.
The detectors act as a distributed defense system for networks at the edge, collecting telemetry and using autonomous machine learning to detect attacks. They tackle attacks by pushing access control list updates to the controller for mitigation.
The controller receives alerts from all routers’ detectors to scale defenses network-wide when an attack occurs. It offers information about real-time and historical attack forensics to support threat intelligence analyses.
Why Cisco Secure DDoS Edge Protection?
● Protects quality of experience and the performance of low-latency applications in a cost-effective and scalable way.
● Ensures the flow of legitimate traffic while preventing malicious traffic from flooding the network.
● Offers both ease of management and complete control.
Mobile access:
The solution protects the network from attacks originating from mobile end-user equipment such as cellphones and IoT sensors without impacting application latency. It sees inside the GTP tunnel for mobile traffic and detects and mitigates DDoS attacks on the cell site router at the network edge before they can spread to applications in the MEC or in the packet core.
Peering:
The solution protects peering nodes by characterizing attacks and their signatures in real time, dynamically adapting the mitigation as attack vectors change. It enables communication service providers to identify zero-day threats more effectively than static misuse lists and eliminates the need for investments in scrubbing center infrastructure.
Broadband:
The solution offers protection against DDoS attacks leveraging high-bandwidth CPE and different end-user devices as well as DDoS attacks using local internet breakouts in more distributed broadband architectures. Detection and mitigation of zero-day attacks with dynamic adaptation close to the source prevents threats from spreading into the rest of the network.
Cisco Secure DDoS Edge Protection:
www.cisco.com/site/us/en/products/security/ddos-edge-protection/index.html.
Cisco Secure DDoS Protection:
www.cisco.com/c/en/us/products/security/secure-ddos-protection/index.html.
Cisco Secure DDoS Edge Protection on DEVNET:
developer.cisco.com/docs/secure-ddos-edge-protection/.
Visit our Development Sandbox on DEVNET:
Go to developer.cisco.com/site/sandbox/, click “Get started,” and search for “DDoS Edge Protection.”
Technical Whitepaper:
www.cisco.com/c/en/us/products/collateral/security/secure-ddos-protection/secure-edgeprotection-tech-wp.pdf.
Cisco NCS 540 Series:
www.cisco.com/c/en/us/products/routers/network-convergencesystem-540-series-routers/index.html.
To schedule a demo or Proof of Value (PoV), contact your Cisco sales representative today.
To experience the solution with a demonstration and lab test, contact your Cisco sales representative today.
For more information about Cisco Secure DDoS Edge Protection or to schedule a demo,
Visit www.cisco.com/site/us/en/products/security/ddos-edge-protection/index.html.