44
IPSec VPN Shared Port Adapter
This module delivers scalable and cost-effective VPN
performance with Data Encryption Standard (DES), Triple
Data Encryption Standard (3DES), plus next-generation
Advanced Encryption Standard (AES) technology,
including all key sizes (128-, 192-, and 256-bit keys)
for ultimate in IPSec VPN security and interoperability.
• Provides up to 2.5Gbps of AES and 3DES IPSec
throughput with large packets and 1.6Gbps with Internet
mix (IMIX) traffic.
• Up to 10 Cisco IPSec VPN SPAs can be installed in a
system, scaling to 25Gbps of total throughput for
wire-speed security transport for native 10 Gigabit
Ethernet interfaces.
• Using the Cisco Service s SPA Carrier-400, each slot of
the Cisco Catalyst 6500 supports up to two IPSec VPN
SPAs, increasing total performance per slot.
Intrusion Detection Services Module (IDSM-2)
This module helps detect, classify, and stop threats
including worms, spyware/adware, network viruses,
and application abuse. The Cisco IDSM-2 combines
inline prevention services with innovative technologies
that improve accuracy, allowing you to stop more
threats without dropping legitimate network traffic.
• Accurate inline prevention technologies offer intelligent,
automated, contextual analysis of your data and help
ensure you are getting the most out of your intrusion
prevention solution.
• Offers 600Mbps performance p er module, providing
the high bandwidth detection capabilities required for
larger networks.
• Multivector threat identification protects your network
from policy violations, vulnerability exploitations,
and anomalous activity through detailed inspection
of traffic in Layers 2–7.
• Unique network collaboration enhances scalability
and resiliency through network collaboration, including
efficient traffic capture techniques, load-balancing
capabilities, and visibility into encrypted traffic.
Cisco Catalyst 6500 series switches support a variety of high-performance
security modules that protect networks from the full range of threats, while also
simplifying management and reducing overhead by consolidating security
services into the switching chassis.
Anomaly Guard Services Module
This module mitigates DDoS and other cyber attacks.
It effectively stops the DDoS attack while allowing
legitimate traffic to continue to its destination, thereby
maintaining continuous business operations.
• Monitors and processes attack traffic at full Gigabit
line rates, delivering a high-performance solution that
detects DDoS attacks without consuming valuable
switch or router resources.
• Multi-verification process (MVP) architecture utilizes
advanced anomaly recognition, source verification
and anti-spoofing technologies to identify and block
individual attack flows without affecting legitimate
transactions.
• Dynamic diversion redirects and cleans only traffic
destined for targeted devices, allowing unaffected
traffic to flow freely and ensuring business continuity.
• Automatic learning builds baseline profiles of normal
operating conditions, enabling rapid identification of
anomalous or unusual activity that indicates an attack.
• Identifies and blocks all types and sizes of assaults,
including those launched by hundreds of thousands of
distributed zombie hosts, providing complete protection
against the widest range of attacks.
Traffic Anomaly Detector Services Module
This module helps large organizations protect against
distributed denial-of-service (DDoS) or other cyber
attacks, enabling users to quickly initiate mitigation
services and block the attack before business is
adversely affected. It utilizes the latest behavioral analysis
and attack recognition technology to proactively detect
and identify all types of cyber assaults.
• Monitors and processes attack traffic at full Gigabit
line rates, delivering a high-performance solution that
detects DDoS attacks without consuming valuable
switch or router resources.
• Identifies and blocks all types and sizes of assaults,
including those launched by hundreds of thousands of
distributed zombie hosts, providing complete protection
against the widest range of attacks.
• Scales through clustering in a single chassis to
support multi-gigabit performance, providing maximum
protection for the largest enterprise and service
provider environments or for individual vulnerable zones.
• Automatic learning builds baseline profiles of normal
operating conditions, enabling rapid identification of
anomalous or unusual activity that indicates an attack.
• Supports real-time monitoring of individual devices and
protected zones with web-based graphical manager,
as well as historical attack-level reports showing specific
attack types seen and associated statistics.