Cisco Announces Integrated, Managed Virtualization for the Catalyst 6500 Firewall Service Module and New DDoS Attack Prevention Solutions
Extending Self-Defense Network Security Strategy with increased scalability, deployment flexibility, and new attack prevention capabilities
SAN JOSE, Calif., June 2, 2004 - Cisco Systems, Inc., today announced integrated, managed virtualization and other new capabilities for the Cisco Firewall Services Module along with the introduction of the Cisco Traffic Anomaly Detector XT 5600 and the Cisco Guard XT 5650, Distributed Denial of Service (DDoS) detection and mitigation security appliances.
With ongoing innovations and growing adoption of integrated firewall and IP Security (IPSec) VPN security services modules on Cisco Catalyst® 6500 Series switches, Cisco share of high end firewall and VPN sales increased by 15 percent from the fourth quarter of calendar year 2003 to the first quarter of calendar year 2004, according to Infonetics Research, increasing Cisco's leadership position in security.
These new offerings also advance the Cisco Self-Defending Network security strategy addressing customers' increasing requirements to cost-effectively integrate security throughout the network infrastructure to maximize network availability and business continuance.
"The innovations on the Catalyst 6500 Firewall Services Module highlight the first delivery on Cisco's strategy to enable network-integrated, managed virtualization on a converged services platform with industry leading manageability, usability, and scalability," said Luca Cafiero, Senior Vice President of the Cisco Switching, Voice, and Storage Technology Group. "Our service provider and enterprise customers are integrating virtualized firewall and other services, including IPSec VPN, Layer 4-7 switching, and wireless LAN, on the Catalyst 6500 to embed intelligent services throughout their network infrastructures with scalable architectures."
Increased Flexibility and Operational Gains with New Innovations on Cisco Firewall Service ModuleThe Firewall Services Module software Version 2.2 provides enterprise and service provider customers with a more scalable and operationally efficient way to deploy differentiated security services with customized control throughout their networks without having to deploy a dedicated physical device per service type which lowers the total cost of ownership.
"Managed virtualization" allows a single physical Firewall Service Module in a Catalyst 6500 switch to act as many virtual devices or "contexts". It enables the delivery of differentiated firewall service by customer, user or application type providing each its own network management for more granular control. Cisco expands upon foundation virtualization services with a new feature in its Firewall Service Module, called Resource Manager, which helps enterprises and service providers to allocate firewall performance and resource availability on a per virtual firewall basis. This helps enable differentiated service level definitions and guarantees to network segments or customers.
The Firewall Services Module also includes new Layer 2 transparent firewall support which gives customers the flexibility to segment the network into multiple Layer- 2 security "trust zones," while preserving the network's existing IP addressing scheme and simplifying security deployments.
The Firewall Service Module v2.2 and additional capabilities, announced today, including Resource Manager are supported by Cisco PIX® Device Manager (PDM) v4.0, CiscoWorks Management Center for Firewalls (Firewall MC) v1.3, and CiscoView Device Manager (CVDM) v1.0, for easy, Web-based deployment and management at the module, multi-module, and system level.
Together these new offerings demonstrate the continued innovation and investment protection of the Catalyst 6500 platform as a converged network and security services platform. Catalyst 6500 integrated services modules are also supported on the Cisco OSR 7600 Router.
Enhanced Threat Defense Capabilities with new DDoS Prevention Solutions
Cisco also announced the Cisco Guard XT 5650 and Cisco Traffic Anomaly Detector XT 5600, two high-performance network security appliances from the recent Riverhead Networks acquisition that deliver automated protection against DDoS attacks in enterprise and service provider networks.
The Cisco Guard XT 5650 offers anomaly recognition, comparing individual traffic flows to profiles of normal traffic patterns, behavior, and protocol compliance, in addition to source verification and anti-spoofing capabilities, to block individual attack traffic flows while helping to ensure the delivery of legitimate transactions. A "dynamic diversion" approach enables the Cisco Guard XT 5650 to redirect traffic that is flowing toward a targeted resource through this multilayer defense, maximizing scalability and reliability.
The Cisco Traffic Anomaly Detector XT 5600 can quickly and accurately identify a broad range of known and previously unseen DDoS attacks, and automate activation of the Cisco Guard XT 5650. This helps customers protect critical network resources from DDoS attacks, maximizing network availability. Additionally, future phases will integrate the DDoS detection and mitigation technology onto the Catalyst 6500 platform.
Pricing and Availability
Product Pricing (USD) Availability Cisco Firewall Services Module: 20 Virtual Firewalls License $12,500 Available now 50 Virtual Firewalls License $25,000 Available now 100 Virtual Firewalls License $45,000 Available now Cisco Guard XT 5650 $90,000 Sched. availability in July Cisco Traffic Anomaly Detector XT 5600 $45,000 Sched. availability in July
About Cisco SystemsCisco Systems, Inc. (NASDAQ: CSCO), the worldwide leader in networking for the Internet, this year celebrates 20 years of commitment to technology innovation, industry leadership, and corporate social responsibility. Information on Cisco can be found at http://www.cisco.com. For ongoing news, please go to http://newsroom.cisco.com.# # #
Cisco, Cisco Systems, PIX, IOS and the Cisco Systems logo are registered trademarks of Cisco Systems, Inc. or its affiliates in the U.S. and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0005R)