DDOS Attacks: Protecting your Network Infrastructure

October 27, 2016 - 4 Comments

Following the sophisticated and highly distributed attack involving tens of millions of IP addresses this past week, the concept of DDoS protection is on the forefront of network administrators and operator’s minds alike.  While the nature and source of the attack is under investigation, understanding what can be done to prevent Service Provider Network Securityand mitigate future attacks is of utmost importance.    Fortuitously, several months ago, we scheduled a Cisco Knowledge Network for this very topic:  DDoS Protection for the Network.

The distributed nature and complexity of these attacks is only increasing as the Internet of Things becomes a reality.  Service and web providers with the Cisco ASR 9000 in their network have the opportunity to offer services for protecting against DDoS attacks, which is especially important given the scale and target of recent DDoS attacks shifting the focus to protection for core network infrastructure and services.  With the Cisco ASR 9000 vDDoS protection powered by Arbor Networks, service providers can offer customers, including existing DDoS mitigation and protection firms greater scale and agility for handling much larger attacks concurrently.

There is not much network operators can do today to stem the deluge of internet connected devices and multi-vector attacks enslaved by hacks like botnets.  Poorly secured Internet based devices like security cameras, digital video recorders (DVRs) and consumer routers are a fact of life for the era of IoT.  Having a resilient network infrastructure capable of handling large scale DDoS attacks becomes a valuable service for end users and a potential new revenue generating service for customers.

Attend this upcoming Cisco Knowledge Network webinar covering DDoS Protection and Services for Service Providers on November 1, 2016 at 11:00 AM EST (8:00 AM PST).


In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Thanks for sharing this useful information. I agree with you Due to all these attacks many businesses has to suffer because there server gets slow down. I also suffering from these condition, but DDoScube.com is helpful to preventing these attacks.

  2. attacks have been growing in both size and sophistication. In the last month, two high-profile DDoS attacks reached more than 600 Gbps and 1 Tbps. Both attacks were ranked among the largest DDoS attacks on record. But home user like me can secure themselves by DDoS protected VPN offered by PurevPN

  3. It’s important to understand the correlation between “iot” device adoption and the increase in volume of these attacks. The acronym might be new along with tools such as shodan but vulnerable IP devices such as DVRs sitting wide open with default passwords is not. Most devices out there being sold that people associate with “iot” call back to their manufacturer servers (outgoing connection from your home). Botnets are exploiting devices which allow incoming connections not the other way! It could be confusing but it’s important to understand this fundamental difference.

  4. Are we succeeding in the war on black hats? Cisco is making huge strides in this area but closing the doors is hard.