Endnotes

1. These networks do not represent a real allocation. They were pulled from the APNIC blocks as an example, not to portray any real, live network.

2. Tools such as TCP Wrapper are well known and have a role in an ISP's overall security architecture.

3. Spoofing attacks are more likely to target workstation and server resources. These resources likely would depend on tools such as TCP Wrapper—these wrappers also can be bypassed by spoofing attacks. So placement of antispoofing filters protects the entire network, not just the routers.

4. This includes distributed switching (FIB), Cisco Express Forwarding (CEF), Distributed NetFlow, and other improvements in the 11.1CC and 12.0S code trains.

Was this article helpful?

0 0

Post a comment