Chapter 22. Using NBAR to Identify and Control Attacks

This chapter covers the following key topics:

  • Overview of NBAR— This section gives a brief overview of how NBAR works.

  • Using NBAR to Classify Packets— This section discusses ways that packets can be marked using NBAR. This marking is then used for security purposes.

  • Using NBAR to Counter Network Attacks— This section discusses how NBAR can be used to deter attacks as soon as the offensive traffic has been classified.

  • Using PDLM in Conjunction with NBAR to Classify Network Attacks— This section discusses how PDLM can be used to help classify custom protocols.

  • Performance Impact of Using NBAR-Based Access Control Techniques— This section touches on NBAR's performance impact on a router.

Get Network Security Principles and Practices now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial