Cisco Secure DDoS Protection Integration

Cisco Secure DDoS Protection service, also known as Radware Cloud DDoS Protection, is based on the industry's most effective DDoS attack detection algorithms and mitigation technologies.

This solution is fueled by a powerful detection algorithm that considers all attack probabilities (not just volumetric attacks), uses a behavioral engine and employs advanced active challenges to verify good versus bad traffic.

In Cisco XDR, the Cisco Secure DDoS Protection integration allows users to investigate IP addresses to retrieve reputation data from the solution and check if any attacks have been detected involving those addresses.

  1. In the Cisco XDR navigation menu, choose Administration > Integrations.

  2. On the Integrations page, click the Cisco tab and navigate to the Cisco Secure DDoS Protection integration.

  3. Click Get Started. The Cisco Secure DDoS Protection integration page is displayed.

  4. Expand the Integration Guide area and follow the instructions on how to add the Cisco Secure DDoS Protection integration in Cisco XDR.

You can perform the following task after you integrate Cisco Secure DDoS Protection with Cisco XDR:

  • Investigate - Start a new investigation into IP addresses and see if any records of them exist in your Cisco Secure DDoS Protection. To verify that this integration is working, and to see what kind of data is returned, investigate one or more observables about which you know Cisco Secure DDoS Protection has recent information. For details, see Investigate.