Datasheet
Data Sheet
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 7 of 10
Benefits of Security Services Integration
Security Services Integration
The Cisco Traffic Anomaly Detector Module can be combined with other Cisco security services
modules such as the Firewall Services Module (FWSM), Intrusion Detection Services Module
(IDSM-2), Content Switching Module (CSM), and the Network Analysis Module (NAM-1 and
NAM-2). Together, these services modules provide a complete self-defending network solution.
Deployment Flexibility
Installed inside a Cisco Catalyst 6500 Series switch or Cisco 7600 Series router, the Cisco Traffic
Anomaly Detector Module integrates complete DDoS detection capabilities into the network
infrastructure. Modules can be easily installed in existing switches or routers, allowing powerful
DDoS protection services to be deployed where and when they are needed, without consuming
any interface ports. High-density dedicated appliances or multiservice security switches can also
be deployed, using any range of chassis sizes and with high-availability, DC power, and Network
Equipment Building Standards (NEBS) options. Interoperable line cards help ensure media
flexibility. Packet capture may be completely intrachassis, or may occur across devices using
remote SPAN or fiber link splitters.
Scalability
Where high-capacity protection is required, up to four modules can be installed in a single switch
to support large and rapidly expanding environments. Additionally, the Cisco Traffic Anomaly
Detector Module’s multiprocessor architecture and multiple gigabit backplane interfaces can
support future licensed software upgrades to multigigabit performance per module.
Reliability and High Availability
The Cisco Traffic Anomaly Detector Module maintains the performance, reliability, and robust
architecture of the standalone Cisco Traffic Anomaly Detector XT appliance. When deployed in a
Cisco Catalyst 6500 Series switch or Cisco 7600 Series router, the Traffic Anomaly Detector
Module supports highly reliable redundant configurations, including redundant supervisor engines,
backplanes, power supplies, and fans. In addition, Cisco Catalyst 6500 Series switches and Cisco
7600 Series routers offer Control Plane Policing for DDoS hardening, as well as high-availability
options.
Lower Cost of Ownership
Since the modules are integrated into Cisco Catalyst 6500 Series switches or Cisco 7600 Series
routers along with other services modules, there are fewer devices to manage, reducing the cost of
operation. In addition, because the application software is similar to the appliance application
software, training costs are minimized. With this modular approach, customers can use their
existing switching and routing infrastructures for cost-effective deployment—and can do so while
obtaining the highest performance available in the industry and providing secured IP services
along with multilayer LAN and WAN switching and routing capabilities.
Summary
Working in concert with the Cisco Anomaly Guard Module, the Cisco Traffic Anomaly Detector
Module contributes to a complete security solution that helps ensure uninterrupted business
operations, even in the face of the most malicious DDoS attacks. This translates into a significant