First customer shipments (FCS) for the multimode fiber Cisco® Traffic Anomaly Detector XT 5600 (part number ADXT-5600-MMF-A-K9) and the multimode fiber Cisco Guard XT 5650 (part number AGXT-5650-MMF-A-K9) will begin the week of Aug. 23.
The Cisco Traffic Anomaly Detector XT 5600 and the Cisco Guard XT 5650 with 10/100/1000BASE-T Ethernet ports (part numbers ADXT-5600-GET-A-K9 and AGXT-5650-GET-A-K9, respectively) will begin shipping the week of Sept. 27. General orderability opens the week of Aug. 30.
PRODUCT DESCRIPTION
Cisco DDoS detection and mitigation solutions detect the presence of DDoS attacks and identify and block malicious traffic in real time, without affecting the flow of legitimate transactions. As a result, business operations of targeted organizations continue running, even while under withering attack, which helps ensure protection of critical corporate assets.
The Cisco DDoS family includes two products, both of which deliver multigigabit performance for protecting the largest enterprise and service provider environments from the highest-volume, most sophisticated attacks:
Cisco Traffic Anomaly Detector XT 5600: The Cisco Traffic Anomaly Detector XT detects DDoS, worm, and other attacks and reports on their characteristics. Detection is based on sophisticated anomaly detection capabilities that compare activity to profiles of known "normal" behavior, enabling the Cisco Traffic Anomaly Detector XT to identify even Day Zero attacks that have never before been detected.
Cisco Guard XT 5650: The Cisco Guard XT performs per-flow-level attack analysis, identification, and mitigation services that block attack traffic. Alerted by the Cisco Traffic Anomaly Detector XT or other standards-based detection solution, the Guard XT diverts traffic destined for a targeted device-and only that traffic-and subjects it to the unique MultiVerification Process (MVP) architecture from Cisco. The architecture imposes multiple layers of defense designed to identify and block specific packets and flows responsible for the attack while allowing legitimate transactions to pass, helping to ensure business continuity even while under attack.
The following tables highlight specific features of the Cisco Guard XT and the Cisco Traffic Anomaly Detector XT solutions.
Table 1. Cisco Guard XT Features
Feature
Description
Performance
· A single Cisco Guard XT can process gigabit-level attacks at full line rates with minimal latency, keeping business operations flowing even under large, high-volume attacks
· Clustered multiple Guard XTs can deliver a scalable solution that can process many times the standalone rate, sufficient for handling rates seen by the largest enterprises and service providers
· Only traffic destined for targeted victims is diverted for inspection and cleaning, allowing unaffected traffic to flow unimpeded
· Legitimate traffic passes to its original destination, helping to ensure that customer transactions are unaffected by attacks
Attack Coverage
· Highly sophisticated algorithms and traffic analysis enable the Guard XT to detect and defeat the largest, most advanced attacks
· Zombie Killer capabilities allow a single Guard XT to identify and block more than 100,000 individual zombies in a single attack, thwarting one of the most common and difficult to defeat DDoS attack methods
· Clustering increases Zombie Killer capabilities to protect against attacks launched by several hundred thousand zombies
Monitoring and Reporting
· Multiple levels of real-time views and historical reports provide network operators, security administrators, and clients with rich, detailed information to assist in troubleshooting, policy setting, and system monitoring
· Device-level views provide high-level overview of protected zones, showing current attacks and incoming and outgoing traffic to immediately determine current status
· Zone-level views provide a log of events for the selected zone, including attack history, durations, and types, helping the operator anticipate and respond appropriately to future events
· Attack-level views provide details for specific events, including attack characteristics, identified zombies, and policies used to defend against the attack, allowing security experts to review and fine-tune policy thresholds
· Historical reports provide visual records of attacks and associated responses over time for determining attack patterns and allowing IT administrators and service provides to verify successful protection techniques
Management
· Easy-to-use interface dramatically simplifies the policy setting and operational management for the Cisco Guard XT
· "Interactive mode" enables users to review and approve recommended actions and policies before activation, providing manual control over attack responses
· Simple Network Management Protocol (SNMP) support, including a proprietary management information base (MIB), enables the Cisco Guard XT to be easily integrated into any standards-based environment and be managed by any SNMP-compliant system
· The Cisco Guard XT includes support for other interfaces such as TACACS+ authentication and syslog logging, contributing to complete, standards-based manageability
Table 2. Cisco Traffic Anomaly Detector XT Features
Feature
Description
High-Performance Detection
· Detects and identifies the sources of even the most elusive and sophisticated DDoS attacks, including massive botnet attacks launched by legions of zombies
· Monitors copies of individual traffic flows entering protected zones, enabling rapid, accurate and precise detection of all types of attacks
· Processes traffic flows at full Gigabit Ethernet line rates, delivering performance sufficient for the largest and most demanding environments
· Uses Cisco MVP-based anomaly recognition technology to identify deviations from "normal" behavior that indicate an attack, allowing detection of attacks that had never been seen before without relying on signature updates
· Session state context allows the detector to recognize validated session traffic and identify session-abusive attacks, providing additional protection against malicious activity
· Scheduled learning sessions gather performance data to suggest thresholds and policies that can be accepted, modified, or rejected
· Can be deployed downstream close to protected zones or resources, or upstream closer to the Cisco Guard XT to provide wider coverage
Leading Management and Reporting
· A single detector can monitor a Gigabit link and is capable of detecting attacks on thousands of protected IP addresses, providing a scalable solution for large and expanding environments
· Resides off the critical network path and does not require network device statistics collection that might interfere with network operations while under attack
· Automatically sends alerts to network operators, management systems, and the Cisco Guard XT to initiate rapid response and attack mitigation
· Preconfigured default thresholds can be automatically tuned by self-learning, eliminating the need for manual tuning or technical expertise
· Proprietary Simple Network Management Protocol (SNMP) management information base (MIB) enables integration with other standards-based management systems
ORDERING INFORMATION
Table 3. Ordering Information for the Cisco Traffic Anomaly Detector XT 5600 and Cisco Guard XT 5650
Part Number
Description
ADXT-5600-GET-A-K9
Cisco Traffic Anomaly Detector XT 5600 with 10/100/1000BASE-T Ethernet Ports, Dual AC Power, RAID
ADXT-5600-MMF-A-K9
Cisco Traffic Anomaly Detector XT 5600 with 1000BASE-SX Multimode Fiber-Optic Ports with LC Connectors, Dual AC Power, RAID
Cisco Guard XT 5650 with 10/100/1000BASE-T Ethernet Ports, Dual AC Power, RAID
AGXT-5650-MMF-A-K9
Cisco Guard XT 5650 with 1000BASE-SX Multimode Fiber-Optic Ports with LC Connectors, Dual AC Power, RAID
SC-AGXT-3.0.8-K9
Cisco Guard XT 5650 MVP-OS R3.0.8 Software
TECHNICAL SUPPORT
Cisco SMARTnet® Parts Replacement Next Business Day support is available for the Cisco Guard XT and the Cisco Traffic Anomaly Detector XT.
Cisco SMARTnet support improves productivity and increases operational efficiency by complementing in-house resources with world-class network security expertise. It can maximize availability and minimize risks for systems running mission-critical applications.
For assistance quoting Cisco SMARTnet support, please contact your Cisco services account manager.
Table 4. SMARTnet Ordering Information for the Cisco Traffic Anomaly Detector XT 5600 and Cisco Guard XT 5650
Cisco Part Number
Description
SMARTnet Product Number
ADXT-5600-MMF-A-K9
Cisco Traffic Anomaly Detector XT 5600 with 1000BASE-SX Multimode Fiber-Optic Ports with LC Connectors, Dual AC Power, RAID
CON-SNT-ADX5600M
ADXT-5600-GET-A-K9
Cisco Traffic Anomaly Detector XT 5600 with 10/100/1000BASE-T Ethernet Ports, Dual AC Power, RAID
CON-SNT-ADX5600G
AGXT-5650-MMF-A-K9
Cisco Guard XT 5650 with 1000 BASE-SX Multimode Fiber-Optic Ports with LC Connectors, Dual AC Power, RAID
CON-SNT-AGX5650M
AGXT-5650-GET-A-K9
Cisco Guard XT 5650 with 10/100/1000BASE-T Ethernet Ports, Dual AC Power, RAID
