Cisco Guard provides added layer of protection for server properties with high business value.

Cisco IT uses many different techniques to protect its network from distributed denial-of-service (DDoS) attacks. When attacks originate from a broad range of spoofed addresses and target mission-critical servers, Cisco IT often uses Cisco Guard, a mitigation appliance that provides an added layer of network protection. Deployed in Cisco Internet points of presence (POPs) worldwide, Cisco Guard protects servers with high business value from attacks originating within the Cisco network. Cisco IT has also deployed Cisco Guard in the public Internet to protect Cisco servers and upstream bandwidth from large-scale attacks launched from outside the Cisco network.

This security case study describes Cisco IT’s internal deployment of Cisco Guard and explains:

  • The challenges of mitigating different types of DDoS attacks
  • How Cisco Guard distinguishes between malicious and legitimate traffic
  • How Cisco IT uses Cisco Guard in conjunction with the Arbor PeakFlow DoS system

Read the DDoS Protection Case Study