From: WorkerBee (ciscobee@gmail.com)
Date: Mon Oct 16 2006 - 20:58:54 ART
CBAC is more of a Firewall feature as compare to TCP intercept.
CBAC modifies the ACL while TCP intercept does not. So CBAC
is more like a stateful firewall while TCP intercept, well, is more like
to ensure every legitimate TCP connection has a complete 3-way handshake.
If they ask for stuffs like, ensure the connection can only initiate from
1 direction, then use CBAC.
TCP intercept can work in watch mode (Passive), while CBAC is always
inline/intercept mode.
On 10/17/06, Roberto Fernandez <rofernandez@us.telefonica.com> wrote:
> Friends,
>
> Reviewing lots of things for my next attempt, I came through the find of
> that CBAC has been added recently to the lab blue print.
>
> Some of the CBAC functions overlap with the "old" TCP intercept.
> Specifically related to the handling of TCP connections and the timers
> they use for connections management, for example:
>
> ip intercept watch-timeout v/s ip inspect tcp synwait-time
>
>
> If we were to speak only about TCP connections, which basic difference
> or functionality would you think would make one or the other, the choice
> for a solution?
>
> Best Regards,
> Roberto
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:05 ART