CCSP Self-Study: Securing Cisco IOS Networks (SECUR)

Using CBAC to Protect Users from Attack

This section describes the limitations of Cisco IOS ACLs and explains how CBAC better protects users from attack. It also lists the protocols that are supported by CBAC and describes the added alert and audit trail features. Finally, the CBAC configuration tasks are listed.

Cisco IOS ACLs

Before delving into CBAC, some basic ACL concepts need to be covered briefly. An ACL provides packet filtering: it has an implied “deny all” at the end of the ACL, and if the ACL is not configured, it permits all connections. Without CBAC, traffic filtering is limited to ACL implementations that examine packets at the network layer or, at most, the transport layer. Cisco IOS ACLs Provide traffic filtering by:

Source and ...

Get CCSP Self-Study: Securing Cisco IOS Networks (SECUR) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCSP Self-Study: Securing Cisco IOS Networks (SECUR) by John F. Roland

Using CBAC to Protect Users from Attack

Cisco IOS ACLs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly