Cisco joins with Arbor Networks to fight DDoS attacks

Cisco has begun streamlining distributed denial-of-service (DDoS) attack defense by offering Arbor Networks technology on its carrier class routers.

This will enable Cisco Carrier Routing System devices detect threats and scrub traffic -- a job that otherwise might need to be done by a stand-alone Arbor appliance.

According to Tom Bienkowski, director of product marketing at Arbor, Cisco has licensed Arbor's Peakflow SP Threat Management System so that the technology can be embedded into the Cisco Carrier Grade Services Engine (CGSE) module on its CRS-1 carrier class routers. This approach can offer advantages such as not having to route attack traffic to dedicated centers to be cleaned up and can save on backhaul expenses.

[ RELATED: Massive DDoS attacks a growing threat to VoIP services ]

Bienkowsi says the expectation is that each CSGE could support 10Gbps DDoS mitigation capability and that four blades together would support 40Gbps maximum.

Arbor also has a similar OEM arrangement with Alcatel-Lucent and its 7750SR router.

Though there may be cost-savings in bandwidth and traffic management by using the router-embedded technology versus the separate anti-DDoS appliance from Arbor, the actual price for the embedded TMS-CGSE in CRS is expected to be slightly more than acquiring the Arbor Peakflow gear separately, according to Bienkowski (though he wouldn't provide details).

Cisco and Arbor have had a long relationship that has seen both its cooperative and competitive side. More than a decade ago, Cisco was an early investor in Arbor, and Cisco NetFlow is an important data source for anti-DDOS detection.

Over the years, Cisco had its own anti-DDoS technology, Anomaly Guard and Anomaly Detector Modules for DDoS detection and mitigation, but announced "end-of-sale" of it in 2010. Cisco then established closer ties related to use of Arbor anti-DDoS gear in Cisco networks, and the announcement today about embedding Arbor technology directly in Cisco routers represents the next step in the companies' relationship.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email:

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags routercsgarbor networksddosLAN & WANCisco security

More about Alcatel-LucentArbor NetworksCarrierCiscoCRS AustraliaIDGLucent

Show Comments