Cisco Defends Against DOS

Cisco Systems Inc. has released its first products following its $39 million acquisition of Riverhead Networks (see Cisco's Security Spree Continues).

The security specialist was snapped up by Cisco for its strengths in combating distributed denial-of-service (DDOS) attacks like the Mydoom virus, which can wreak havoc on network and data center resources.

Today Cisco unveiled the first fruits of this union in the shape of two network security appliances to protect against DDOS attacks -- the Cisco Guard XT 5650 and the Cisco Traffic Anomaly Detector XT 5600.

The 5650 provides what is known as "anomaly recognition" -- comparing network behavior and traffic flows to block DDOS attacks. It also employs a technology called "dynamic diversion" to redirect traffic away from network resources targeted in an attack.

According to Cisco, the 5600 can identify a broad range of DDOS attacks and automatically activate the 5650. Eventually, the company plans to integrate the products onto its flagship Catalyst 6500 switch product.Charles Kolodgy, research director at analyst firm IDC believes the new products could help Cisco users fill out their security infrastructure. They are offering data centers another tool for their security kit,” he says.

There has been a flurry of activity in the specialized security market over recent months. Cisco's rival in the IP router space, Juniper Networks Inc. (Nasdaq: JNPR), has also taken an interest in security, having anted up $4 billion for NetScreen Technologies Inc. (Nasdaq: NSCN). (See Juniper Buys NetScreen.)

Juniper, however, is yet to reveal its roadmap for integrated NetScreen products (see Juniper, NetScreen Move On). Nonetheless, there is a great deal of curiosity about what these products will look like. NetScreen's primary focus is security, with a range of products including integrated firewalls/SSL VPNs and intrusion detection and prevention. Juniper's focus, however, has been primarily on edge routers and infranet products.

Cisco and Juniper are taking very different approaches to bolster their security strategies: Juniper has opted for a "big bang" approach with its high-profile acquisition of NetScreen. Cisco, on the other hand, has focused on buying up smaller, specialist firms.

Kolodgy says that Cisco is now likely to turn its attention toward intrusion prevention systems (IPSs) and intrusion detection systems (IDSs). “This is a much bigger issue for Cisco than just DDOS. They will also be looking to add IPS and IDS functionality to their products.”However, he added that Cisco already has access to IPS technology thanks to its acquisition of network security software firm Okena.

There has been growing speculation recently over which security firms were next on Cisco’s shopping list. The company snapped up Psionic Technologies in December 2002 and completed the buy-out of Okena last year (see Cisco Buys Psionic and Cisco Completes Okena Buy).

The company also recently completed its purchase of specialist security software vendor Twingo Systems, a move that is expected to increase price competition in the SSL VPN marketplace (see Cisco: It Takes Two to Twingo).

— James Rogers, Site Editor, Next-gen Data Center Forum