Using CBAC to Protect Users from Attack
This section describes the limitations of Cisco IOS ACLs and explains how CBAC better protects users from attack. It also lists the protocols that are supported by CBAC and describes the added alert and audit trail features. Finally, the CBAC configuration tasks are listed.
Cisco IOS ACLs
Before delving into CBAC, some basic ACL concepts need to be covered briefly. An ACL provides packet filtering: it has an implied “deny all” at the end of the ACL, and if the ACL is not configured, it permits all connections. Without CBAC, traffic filtering is limited to ACL implementations that examine packets at the network layer or, at most, the transport layer. Cisco IOS ACLs Provide traffic filtering by:
Source and ...