Description

The control plane in an OSI Layer 3 device provides traffic-routing functions by building the device routing and forwarding tables, and often involves cooperation with nearby devices using dynamic routing protocols. These interactions must be controlled by authenticating the associations between devices, discarding malicious routing information, and protecting the resources of each device against excessive use. In this course you will examine various defenses in Cisco IOS Software that protect the control plane. You will also learn strategies for protecting routing protocols using routing protocol authentication and filtering. The management plane performs all of the management functions for a device and coordinates functions between the control and data planes making the management plane a prime target for attacks. This course introduces you to some strategies to protect the management plane by limiting access to it and to its individual. Similarly as Cisco IOS Software devices, you can access the Cisco adaptive security appliance 5500-X management interface locally, using the console connection, or you can access it remotely over an IP network. Configuring remote management access in a secure fashion is of paramount importance to ensure the integrity of the adaptive security appliance in a possibly hostile environment, such as when management paths use an untrusted network. Last you will learn how to configure remote management access to the adaptive security appliance, and how to configure and use management access AAA features.