I know, every Network Security Engineer has a dream of completing CCIE Security certification. But the fact is it’s really a pain in vain. So i am trying to prepare all the CCIE security V4 topics here one-by-one for easy reading and preparation.
Your comments and suggestions are really appreciated.
Topic 1: System Hardening and Availability
1.1 Understanding Types of Traffic Planes on a Cisco Router (Control, Management and Data)
This article contains information to help you secure your Cisco IOS® system devices, which increases the overall security of your network. Structured around the three planes into which functions of a network device can be categorized, this document provides an overview of each included feature and references to related documentation.
The three functional planes of a network – the management plane, control plane, and data plane – each provide different functionality that needs to be protected.
- Management Plane – The management plane manages traffic that is sent to the Cisco IOS device and is made up of applications and protocols such as Secure Shell (SSH) and Simple Network Management Protocol (SNMP).
- Control Plane – The control plane of a network device processes the traffic that is paramount to maintain the functionality of the network infrastructure. The control plane consists of applications and protocols between network devices, which includes the Border Gateway Protocol (BGP), as well as the Interior Gateway Protocols (IGPs) such as the Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF).
- Data Plane – The data plane forwards data through a network device. The data plane does not include traffic that is sent to the local Cisco IOS device.
Next Topic: Understanding Management Plane Security Technologies and Core Concepts Covering Security Features Available to Protect the Management Plane.