CBAC versus ZBFP?

Unanswered Question
Jon Marshall Fri, 03/12/2010 - 00:49

Ali

This short doc should help. Basically CBAC applies to interfaces on the router whereas ZBFW allows you to group interfaces into zones and then apply traffic policies between the zones -

CBAC vs ZBFW

Jon

Ganesh Hariharan Fri, 03/12/2010 - 01:28

Hi

what is the difference between between CBAC and ZBFP?

Thanks

Hi,

Context-based Access Control (CBAC)

A methodology and algorithms used by Cisco IOS Devices (usually routers or L3 switches) preforming as a network. Firewall to control access to network resource controlled by that perimeter firewall.
Context-based access control (CBAC) intelligently filters TCP and UDP packets based on application-layer protocol session information and can be used for intranets, extranets and internets.You can configure CBAC to permit specified TCP and UDP traffic through a firewall only when the connection is initiated from within the network you want to protect.

Zone-based Firewall (ZBF)

A new model for configuring the Cisco IOS Firewall function. This new configuration model provides unidirectional application of firewall policies between groups of interfaces known as "zones." That is, interfaces are assigned to zones, and specific inspection policies are applied to traffic moving between the zones.

Check out the below link for more information

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.3.1/configuration/example/ZBF_ConfigExample.html#wp62900

Hope to help !!

Ganesh.H

Actions

This Discussion