Cisco is the market leader in Internet-based routers, with products that feature stateful packet filtering and stateful inspection, as well as support for a wide range of protocols, depending on licensing. Cisco's router product line is vast; this, coupled with the fact that routers store volatile data, makes this field of forensics difficult for novices. Therefore, it is crucial that you take the time to plan your investigation prior to accessing a router that has been compromised.

Attacks against routers are becoming increasingly common due to their position in the network and their criticality for the continued operation of interconnected systems. The main reasons routers are attacked include the following: