Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Minimum Security against Multicast attacks

I was wondering on 2 4006's with L3 RSM's what would be the recommended "minimum security" that I can enable for PIM ? I want to address the issue of any malicious / non-malicious multicast attacks on my LAN / VLAN's.

Thanks,

~zo

1 REPLY
Silver

Re: Minimum Security against Multicast attacks

Well, without knowing the exact security posture that you intend to incorporate into your setup, it's tough to say much. However here is some information that will help you do the same. The simplest to secure your network is to configure acess lists. Many of the common attacks use address spoofing, something that can be easily prevented using access lists. For example, a packet coming in form the outside interface carrying a source IP which is being used on the inside, is in all likelyhood a malicious packet. You could use access lists to deny such packets. The range of attacks which you can insulate against using access lists goes on. For more information see Configuring Network Security (Using ACL's) at http://www.cisco.com/en/US/products/hw/switches/ps663/products_configuration_guide_chapter09186a00800ddcfb.html

The document 'Configuring Network Security' at http://www.cisco.com/en/US/products/hw/switches/ps663/products_configuration_guide_chapter09186a00800f0e24.html has security information that is unique to the Catalyst 4006.

Also see, Security Overview (for 12.1) at http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_configuration_guide_chapter09186a008008824a.html.

91
Views
0
Helpful
1
Replies
CreatePlease to create content