Table Of Contents
Introduction
This chapter provides an overview of the Cisco Guard Web Based Management (WBM) interface. This chapter includes the following sections:
•
Areas of the User Interface (Describes the WBM main areas)
System Requirements
The Cisco Guard Web Based Management (WBM) interface supports an Internet Browser, Microsoft Internet Explorer 5 or higher, that supports HTML, Tables, Cookies, JavaScript and Frames.
We recommend that you use a screen resolution of minimum of 1024 by 768 pixels.
No software installation is required.
Overview
What is DDos
The Distributed Denial of Service (DDoS) attacks are attacks in which malicious individuals cause thousands of compromised computers ("zombies") to run automated scripts that cripple a protected server's (the Zone) network resources with spurious requests for service. The attacks can be, for example, a flood of bogus home page requests to a web server that shuts out legitimate consumers, or efforts that compromise the availability and accuracy of Domain Name System (DNS) servers. Although often launched by an individual, the zombies actually executing the attacking code may number in the hundreds of thousands, and are distributed over multiple autonomous systems, administered by multiple organizations.
DDoS attacks continuously evolve as sophisticated hackers create damaging new exploits. In addition, their attack scripts are made widely available on the Internet and are routinely executed by individuals with minimal technical knowledge of networking. Thus, DDoS defense technology must be flexible and adaptive.
It must be capable of detecting an upcoming DDoS attack, differentiate between malicious and legitimate traffic, and perform those tasks without hindering the traffic flow of the attacked network element
The Cisco Guard
The Cisco Guard is a high performance network device deployed in a distributed upstream configuration, at the ISP/MSP/backbone level, protecting the entire network. When an attack is detected, the system diverts only the attacked zone's traffic to the Guard. The data flow is analyzed; all DDoS components obstructed and clean traffic is allowed to continue flowing to the intended zone. The Guard is a system that allows a transparent zone traffic flow, constantly filters the traffic, and closely remains tuned to zone traffic characteristics to be on the alert for evolving attack patterns.
To accomplish the above-mentioned tasks the Cisco Guard employs the following components:
•
•
•
Integrating these components enables the Guard to assume its protective role upon attack, while remaining in the background for the rest of the time.
Areas of the User Interface
The WBM provides access to various Guard configuration and management screens, allowing you to view statistics, and permitting you to graphically monitor system status..
The WBM allows configuring and monitoring the Guard's various protection mechanisms. It provides a subset of the CLI functionality and mostly deals with protected zone configuration, status, and reports. Configuration parameters, relating to procedures such as initial Guard setup procedure and network-level setup of the Guard are only accessible through the CLI. See the Cisco Guard User Guide for further details.
Figure 1-1 displays the WBM user interface. The user interface is divided into three distinct areas as described in Table 1-1.
Figure 1-1 WBM User Interface
User Interface Conventions
Navigation
Navigation in the screen hierarchy can be performed either using the menus or by using the location view in the main area (area 3, as shown in the previous section).
When navigating using the location view, the black colored section indicates the current location.
The color of a selectable item turns grey when moving the mouse cursor over it.
Click on the grey item to display its page.
To navigate to one of the higher sections of the hierarchy, select the desired location and click the mouse.
For example, the location view: Home > Zone > Policies > Service indicates that the displayed location is Policy service configuration.
To navigate to the Policy menu list, select Policies.
To Navigate to the "home page" of the Guard or one of the zones, select a zone in the navigation pane (see Figure 1-2).
The item that is currently displayed in the main area is marked by a white frame.
Figure 1-2 Zone List
Tree Lists are displayed as shown in Figure 1-3. Click + on the left side of the item to navigate in the tree hierarchy. Once the lower level hierarchy is displayed, click - on the higher level to close the view of the lower levels. Click the item in the tree hierarchy to open its configuration window. For example, in Figure 1-3, click 53 to open the service configuration window for the dns_tcp template.
Figure 1-3 Tree List View
The i indicates that additional information is available. Click to display the additional information.
Configuration
Selection items in menus have a drop-down list. Selection items that are not available in the current view are grayed-out.
Configurable parameters appear in Forms. Parameters are configured in one of the following ways:
•
•
•
•
Be sure to click OK or Add to confirm the new settings once a configuration change has been made.
Lists are displayed as shown in Figure 1-4. To add an item to the list, click Add at the bottom of the screen.
To delete an item from the list, select the check box next to the desired item and click Delete.
Figure 1-4 List View
You may choose which items are to be displayed in system defined lists, such as the counters list. However, items cannot be added to or deleted from these lists.
WBM Screen Hierarchy
This section summarizes the screen hierarchy in the WBM, to provide you with a quick guide to finding the screen you want.
