September 2017
Beginner to intermediate
436 pages
12h 33m
English
Content preview from Implementing Cisco Networking Solutions
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Protocol security
The control plane can also be manipulated by getting updates from rogue devices. It is recommended to use MD5 authentication for all protocols that are being used on the network wherever supported. If MD5 is not supported, use plain text passwords, but make sure to protect all sessions on the network. This would include authentication for routing protocols, such as RIP, OSPF, BGP, ISIS, and so on, and management protocols, such as Network Time Protocol (NTP).
The protocol security can also be extended to use protocol-specific features and limiting the maximum number of prefixes that are allowed and sending alerts when the limits are exceeded.
In addition, techniques such as dampening should be used in protocols such as BGP, ...