RE: NBAR with class based policing

From: Alexander Arsenyev (GU/ETL) (alexander.arsenyev@ericsson.com)
Date: Fri Jan 23 2004 - 06:35:26 GMT-3

• Next message: Szabo, Vilmos: "RE: NBAR with class based policing"
• Previous message: Arvind Yadav: "Re: prevent loop on ospf link"
• Maybe in reply to: Dmitry Volkov: "NBAR with class based policing"
• Next in thread: Szabo, Vilmos: "RE: NBAR with class based policing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

NBAR is actually compatible with policing - see http://www.cisco.com/warp/public/cc/pd/nemnsw/qodvmn/prodlit/kuszu_cs.htm
I suggest You police incoming "http-hacks" class with conform/exceed action drop - this will ensure NO "http-hacks" will ever get into Your network.
Cheers
Alex
[skip]
> ----- Original Message -----
> From: "Dmitry Volkov" <dmitry.volkov@rogers.com>
> To: "'Chris_M'" <cmartin007@msn.com>; <ccielab@groupstudy.com>
> Cc: <security@groupstudy.com>
> Sent: Thursday, January 22, 2004 12:32 PM
> Subject: RE: NBAR with class based policing
>
>
> > Chris,
> >
> > Agree, I missed "ip nbar protocol discovery".
> > About classification: Are You saying NBAR is strictly classification
> method
> > (not compatible with policing) and I need something like this :
> >
[skip]

• Next message: Szabo, Vilmos: "RE: NBAR with class based policing"
• Previous message: Arvind Yadav: "Re: prevent loop on ospf link"
• Maybe in reply to: Dmitry Volkov: "NBAR with class based policing"
• Next in thread: Szabo, Vilmos: "RE: NBAR with class based policing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Feb 02 2004 - 09:07:49 GMT-3