Security design for MPLS to protect against the Service Provider (using BGP)
I was hoping I might find some help regarding wrapping appropriate security around an MPLS network design (beyond a IPSEC tunnel between sites), to protect against the Service Provider. e.g. What can I do to most effiencently keep them [the SP] from being a potential attack vector, outside of VPN, more in the sense of edge security with them? - ACLs, route filtering, or what have you to ensure they can't access or traverse our network from their side (PE) - including some examples would be fantastic.
Items to Note:
BGP is being used between us & the SP
Each site has its own ASN
Using /30 networks between us & the SP (is it better to do a different way?)
Purpose of the document
This document describes the general recommendations or best practices when designing and deploying the Cisco SD-Access technology. The document assumes that the reader has a general overview of Cisco's SD-Access for Distributed C...
Dear All, When I use the show interface command on the Cisco Router ISR-4331, it will display as below information. The word that I mark red, it refresh every 5 seconds. But, I compare with the old router model like a Cisco 29XX or 28X...
Whether you're attending VMworld 2019 on-site or from afar, read the latest on the key themes to expect. They are also the key themes for IT management today, from software defined everything to cloud and automation to IoT and edgecomputing : http:...