cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1112
Views
0
Helpful
1
Replies

CBAC/Inspect engine - Deep Packet Inspection

ms4561
Level 1
Level 1

Can someone advise if Cisco IOS CBAC FW really does deep packet inspection. CBAC (with inspect engine configured)

does not update signature patterns as does Juniper & Check Point fw. It seems that CBAC, inspect engine is limited.

I say this because the fw's that do DI use pattern inspection, these patterns are updated daily, by subscription. As CBAC doesn't rely on pattern updates, how can it do DI (inspect packet payload not just src/dest & port info) & look for new atttck signatures?

Regards

1 Reply 1

sean_evershed
Level 7
Level 7

CBAC is an older technolgy with its successor being Zone Based Firewalls.

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml

Are you looking for something to help prevent denial of service attacks, protection against worms, hackers and viruses, etc?

I suggest that you have a look at Intrusion Protection that performs deep-packet inspection to protect against these types of attacks.

If you have a valid license you can also get regular signature updates.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd803137cf.html

You can either run it on your router or you can purchase a separate hardware device.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: