Cisco has begun streamlining distributed denial-of-service (DDoS) attack defense by offering Arbor Networks technology on its carrier class routers.
This will enable Cisco Carrier Routing System devices detect threats and scrub traffic -- a job that otherwise might need to be done by a stand-alone Arbor appliance.
According to Tom Bienkowski, director of product marketing at Arbor, Cisco has licensed Arbor's Peakflow SP Threat Management System so that the technology can be embedded into the Cisco Carrier Grade Services Engine (CGSE) module on its CRS-1 carrier class routers. This approach can offer advantages such as not having to route attack traffic to dedicated centres to be cleaned up and can save on backhaul expenses.
Bienkowsi says the expectation is that each CSGE could support 10Gbps DDoS mitigation capability and that four blades together would support 40Gbps maximum.
Though there may be cost-savings in bandwidth and traffic management by using the router-embedded technology versus the separate anti-DDoS appliance from Arbor, the actual price for the embedded TMS-CGSE in CRS is expected to be slightly more than acquiring the Arbor Peakflow gear separately, according to Bienkowski (though he wouldn't provide details).
Cisco and Arbor have had a long relationship that has seen both its cooperative and competitive side. More than a decade ago, Cisco was an early investor in Arbor, and Cisco NetFlow is an important data source for anti-DDOS detection.
Over the years, Cisco had its own anti-DDoS technology, Anomaly Guard and Anomaly Detector Modules for DDoS detection and mitigation, but announced "end-of-sale" of it in 2010. Cisco then established closer ties related to use of Arbor anti-DDoS gear in Cisco networks, and the announcement today about embedding Arbor technology directly in Cisco routers represents the next step in the companies' relationship.
Find your next job with techworld jobs