You might not consider QoS a security mechanism, but having the ability to control the flow of particular traffic minimizes the impact that malicious traffic will cause. Implementing QoS requires a detailed understanding of the applications running on your network. When known applications can be given the appropriate bandwidth and priority, and other traffic is given a small portion of bandwidth with very low priority, network impacts will be minimized.
For additional information on QoS, see the Cisco Press book titled End-to-End QoS
QoS may be one of the least-used security methods, but it provides a very effective means to control how much and which type of traffic you want to allow. When you are considering how to effectively implement security policies, don't forget about QoS.
Was this article helpful?