Data Sheet
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 11
The Cisco DDoS Multidevice Manager 1.0 is another management option that enables
consolidating monitoring and reporting of attack information across multiple guards and detectors.
More information is available at http://www.cisco.com/en/US/products/ps7020/index.html.
Cisco Anomaly Guard Module Performance Metrics
Table 1 provides information on the performance and capacity of the Cisco Anomaly Guard
Module.
Table 1. Cisco Anomaly Guard Module Features
Feature Description
Performance Option #1: 1 Gbps
●
1 Gbps of throughput per module
●
Up to 150,000 dynamic filters
●
1.5 million concurrent connections
●
500 protection zones (different policies and baselines [contexts])
●
30 concurrent zones in protection
●
Less than 1 ms latency and jitter
Option #2: 3 Gbps
●
3 Gbps of throughput per module
●
Up to 150,000 dynamic filters
●
4.5 million concurrent connections
●
500 protection zones (different policies and baselines [contexts])
●
50 concurrent zones in protection
●
Less than 1 ms latency and jitter
Clustering Option #1: Clustering 1-Gbps modules
●
Uses equal-cost multipath routing
●
No special load balancers required
●
Up to 6 modules in a Cisco Catalyst 6509/Cisco 7609 chassis
●
Up to 10 modules in a Cisco Catalyst 6513/Cisco 7613 chassis
Option #2: Clustering 3-Gbps modules
●
Uses equal-cost multipath routing
●
No special load balancers required
●
Up to 6 modules in a Cisco Catalyst 6509/Cisco 7609 chassis
●
Up to 10 modules in a Cisco Catalyst 6513/Cisco 7613 chassis
Cisco Anomaly Guard Module Overall Feature Summary
Table 2 lists features of the Cisco Anomaly Guard Module.
Table 2. Cisco Anomaly Guard Module Features
Feature Description
Attack Protection
●
Spoofed and non-spoofed attacks
●
TCP (syns, syn-acks, acks, fins, fragments) attacks
●
User Datagram Protocol (UDP) attacks (random port floods, fragments)
●
Internet Control Message Protocol (ICMP) attacks (unreachable, echo,
fragments)
●
Domain Name System (DNS) attacks
●
Client attacks
●
Inactive and total connections attacks
●
HTTP Get Flood attacks
●
Border Gateway Protocol (BGP) attacks
●
Session Initiation Protocol (SIP) voice over IP (VoIP) attacks
Continuous Learning and
Protection
●
Can operate in continuous learning and protection mode (Release 5.0 and later)
●
Simultaneously adjusts thresholds and protect from attacks
●
Switches between learning and protection modes automatically
●
Returns to learning mode after an attack is completed
(67 strony)
(73 strony)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji