Leaflet
112
OL-11615-01
complete DDoS protection system. By constantly monitoring for, and detecting the start of, potential
DDoS attacks, the Cisco Traffic Anomaly Detector Services module enables the activation of intelligent
mitigation by the Cisco Anomaly Guard. The combined solution provides a scalable, flexible, and
cost-effective method to help ensure that business integrity is always preserved, even while under attack.
Network Analysis Module (NAM)
The Network Analysis module (NAM) is a powerful integrated traffic monitoring solution for the
high-performance Catalyst 6500 Series switches and Cisco 7600 Series routers that enables network
managers to gain application-level visibility into network traffic with the ultimate goal of improving
performance, reducing failures, and maximizing returns on network investment. The new generation of
NAMs are available in two hardware versions, NAM-1 and NAM-2, to meet diverse network analysis
needs in scalable switching and routing environments running at gigabit speeds. The NAMs come with
an embedded, web based traffic analyzer, which provides full scale remote monitoring and
troubleshooting capabilities that are accessible using a web browser.
Commonly Used Protocols
Table 4 lists the protocols commonly used in the infrastructure.
Ta b l e 4 Commonly Used Protocols
Protocol Protocol Number, TCP/UDP Ports, and Message Type
BGP TCP/179
OSPF Prot 89
EIGRP Prot 88
GRE Prot 47
AH Prot 51
ESP Prot 50
TACACS+ TCP/49
RADIUS UDP/1812, UDP/1813, in the past UDP/1645 and UDP/1646
SSH TCP/22
TELNET TCP/23
SNMP UDP/161
NTP UDP/123
ICMP Prot 1, ttl-exceeded, port-unreachable, echo, echo-reply
DNS UDP/53