Professional Documents
Culture Documents
Protection Overview
June 2005
Cisco Public
Cisco Public
Cisco Public
Cisco NFP
Control Plane
Service Delivery
Ability to route
Network availability
and performance
Management Plane
Ability to manage
Cisco Public
Security Toolkit:
One or more techniques
used to respond to a
security related threat
Control Plane
Protection
Management
Plane Protection
L7
L6
L5
Threat type
L4
L3
L2
L1
Cisco NFP Overview , 6/05
Cisco Public
Control Plane
Management
Plane
Internet
NetFlow, IP source
tracker, ACLs, uRPF,
RTBH, QoS tools,
PE-PE encryption
NetFlow,
ACLs, uRPF
ASBR
Customer
Service
Provider
PE
CE
ASBR
NetFlow, IP
source tracker,
ACLs, uRPF,
RTBH, QoS tools
Core
Control Plane & Management Plane Protection
Cisco NFP Overview , 6/05
Cisco Public
Cisco Public
Data Plane
IP source tracker
Quickly and efficiently pinpoints the source interface an attack is coming from
Protect edge routers from malicious traffic; explicitly permit the legitimate traffic
that can be sent to the edge router's destination address
Remotely triggered
black holing (RTBH)
QoS tools
Receive ACLs
Provides QoS control for packets destined to the control plane of the routers;
ensures adequate bandwidth for high-priority traffic such as routing protocols
Routing protection
Protects CPU & memory resources of IOS device against DoS attacks
Control Plane
Management
Plane
Benefits
Cisco Public
Resources
Cisco NFP
www.cisco.com/go/nfp
Cisco Public
Cisco Public
10