Summary
CAR is an important IOS feature that can be used to control the amount of traffic passing through an interface. This ability, when combined with the knowledge of what type the malicious traffic is and good data describing the normal flow and amount of traffic on a network, can help control network attacks, such as DoS attacks. This chapter discussed what CAR is and how it is used for security implementation. We looked at how CAR can be used to limit the severity of DoS attacks, as well as how to limit suspected malicious activity. CAR can be used in conjunction with simple techniques of identifying various types of traffic, such as ACLs, or with more advanced techniques, such as NBAR. The end result is the ability to limit the amount ...
Get Network Security Principles and Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
