Context-Based Access Control
CBAC is similar to the Adaptive Security Algorithm (ASA) discussed in the preceding chapter. It too is a mechanism that allows the router to look at the packets flowing through it and, based on the connections that have been established through the router, decide which traffic to allow through and which to stop. Three pieces of the puzzle come together to create the CBAC technology as we know it in the Cisco IOS Software today:
Dynamic modification of the extended access lists by CBAC to allow passage to the appropriate response protocols/ports for applications initiated from the inside
Inspection of the application level and transport level protocols
Control of the number and length of sessions based on the information ...
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.