From: Michael Locke (mi_locke@yahoo.com)
Date: Sat Jan 26 2008 - 17:58:34 ARST
Hi Muhammad,
I've implemented these. I don't know many people who have as it's a pretty niche product.
The Detector is the alerting mechanism for the Cisco Guard which actually does the DDoS mitigation. I've never heard of anyone deploying a Detector w/o deploying Cisco Guards as well, though some people deploy Guards w/o Detectors.
The bigger question isn't between versions of the appliance ... you'd just want the most recent one. Many people choose to get the service modules which go in 6500 and 7600 chassis. The modules use RHI for traffic diversion which can take advantage of any routing protocol as opposed to the appliances which can only use BGP. Also, the modules have greater capacity ... 3 gig as opposed to 1 gig.
Detector module:
http://www.cisco.com/en/US/products/ps6236/index.html
Guard module:
http://www.cisco.com/en/US/products/ps6235/index.html
Email me offline if you have more detailed questions.
HTH,
Michael Locke
CCIE 8133
----- Original Message ----
From: Muhammad Nasim <muhammad.nasim@gmail.com>
To: Cisco certification <ccielab@groupstudy.com>; Cisco certification <security@groupstudy.com>
Sent: Saturday, January 26, 2008 5:00:46 AM
Subject: Cisco Traffic Anomaly Detectors
Dear
All,
Is
there
any
one
who
implmentated
standalone
Cisco
Traffic
Anomaly
detectors
appliances?.
I
am
curious
to
know
real
world
experience
about
these
appliances
as
I
am
thinking
to
inlcude
these
detectors
in
a
network
security
designs.
Any
feedback
will
be
highly
appreciated
:
)
Thanks
-- Muhammad Nasim Network Engineer Saudi Arabia
This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:38:01 ARST