General overview of Context-Based Access Control (CBAC).

On the Cisco IOS you can enable state-full firewall and enable protocols which should be inspected. There are many general settings like audit, logging and some settings per each named inspection. Each named inspection has to be applied on an interface with proper direction (in/out).

ip inspect name CBAC ftp timeout 30

ip inspect name CBAC tcp

int gig0/0

inspect CBAC out

There is no implicit deny for non-inspected protocols after the inspection (like for ZBFW) and to protect your network you have to add an access list with the deny statement:

ip access-list extended OUT

deny ip any any


int gig0/0

ip access-group OUT in
 
3
Kudos
 
3
Kudos

Now read this

L2 security – storm control.

Storm control is a security feature that protects network against packet flood. You can monitor unicast, broadcast and multicast packets. There are three measure methods: traffic rate: pps – packet per second, bps – bit per second, and... Continue →