Hi all ,
i was reading secure router strategies , and got the following order of
operations when packet hits a cisco router. the first thing the router does
it if RITE is enabled it dumps it to the interface connected to sniffer .
What the sniffer will do with encypted traffic ? isn't it more logical
to put RITE after DE CYPHER action ?
1. IP Traffic Export (RITE)
2. QoS Policy Propagation through BGP (QPPB)
3. Ingress Flexible NetFlow
4. Network Based Application Recognition (NBAR)
5. Input QoS Classification
6. Ingress NetFlow
7. IOS IPS Inspection
8. Input Stateful Packet Inspection (IOS FW)
9. Input ACL
10. Input Flexible Packet Matching (FPM)
11. IPsec Decryption (if encrypted)
12. Unicast RPF check
13. Input QoS Marking
14. Input Policing (CAR)
15. Input MAC/Precedence Accounting
16. NAT Outside-to-Inside
17. Policy Routing
Blogs and organic groups at http://www.ccie.net
Received on Sat Oct 06 2012 - 15:10:32 ART
This archive was generated by hypermail 2.2.0 : Thu Nov 01 2012 - 10:53:33 ART