Often, during meetings with clients, network engineers and security specialist there is following question posed: “What firewall product best suits their environment and which one is the best currently on the market?” Like almost always the answer could be “Well, it depends” …
After we prove the CPU utilization can be easily increased by anyone anytime (as shown in the previous blog post, “Protect the Control Plane – part 1, trivial attack.”), I feel obliged to show how to quickly prevent the cause of potential network and services damage.
How many of you use the control plane protection features given by the vendor with the benefit of inventory? From what I see mostly, it is a very rare practice to use CoPP. Most of the network engineers haven’t even heard of it. “Because my network performs well, why should I care about control plane […]