Products & Services
Support

Product Categories


Popular Downloads


Manage Software

How to Buy

For Home

Linksys Products Store
Linksys is now part of Belkin
Products for everyone

All Ordering Options

Training & Events Partners
Guest

Cisco Security

Service Provider Security Best Practices

Service Provider Security Best Practices assist service providers as they protect and secure the Internet Infrastructure through the design and deployment of security and operational practices, techniques, and capabilities.

NetFlow v9 Export Format

The NetFlow v9 export format is flexible and extensible, which provides the versatility needed to support new fields and record types. This format accommodates new NetFlow-supported technologies such as Multicast, MPLS, NAT, and BGP next hop.


Receive Access Control Lists
Cisco IOS Software Releases 12.0 S IP Receive ACL
GSR: Receive Access Control Lists

Control Plane Policing
Understanding Control Plane Protection
Control Plane Policing Implementation Best Practices
Control Plane Policing
Configuring Control Plane Policing
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release 4.1 - Configuring Control Plane Policing
Cisco IOS Software Releases 12.2 SB Control Plane Policing

Local Packet Transport Services
Implementing LPTS on Cisco IOS XR Software

Selective Packet Discard
Understanding and Using Selective Packet Discard
Troubleshooting Input Drops on the Cisco 12000 Series Internet Router

Routing Protocol Security - BGP
Neighbor Router Authentication: Overview and Guidelines
BGP Neighbor Router Authentication
BGP Support for TTL Security Check
Cisco IOS Software Releases 12.2 S BGP Support for TTL Security Check
Cisco IOS Software Releases 12.0 S - BGP Enforce the First Autonomous System Path
BGP Prefix-Based Outbound Route Filtering
Configuring the BGP Maximum-Prefix Feature

Routing Protocol Security - IS-IS
Configuring IS-IS Authentication
Cisco ASR 9000 Series Aggregation Services Router Routing Command Reference, Release 5.1.x, IS-IS Commands
IS-IS HMAC-MD5 Authentication and Enhanced Clear Text Authentication
Cisco IOS Software Releases 12.0 S IS-IS Mechanisms to Exclude Connected IP Prefixes from LSP Advertisements
Overview of IS-IS Fast Convergence
Setting Best Practice Parameters for IS-IS Fast Convergence

Routing Protocol Security - OSPF
Cisco IOS XR Routing Command Reference, Release 3.7 OSPF Authentication
Sample Configuration for Authentication in OSPF
Cisco IOS XR Software - Configuring Generalized TTL Security Mechanism (GTSM) for OSPF

Routing Protocol Security - OSPFv3
Cisco IOS XR Routing Command Reference, Release 3.7 OSPFv3 Authentication

Routing Protocol Security - Keychain Management
Implementing Keychain Management on Cisco IOS XR Software
Keychain Management Commands on Cisco IOS XR Software

Label Distribution Protocol Security
MPLS LDP - Lossless MD5 Session Authentication
MPLS LDP Session Protection
MPLS LDP MD5 Global Configuration
MPLS LDP - Local Label Allocation Filtering

Resource Reservation Protocol Security
Deploying RSVP in Multiple Security Domains Networks: Securing Application Quality of Service
RSVP Message Authentication
Cisco IOS Software Releases 12.0 S RSVP Message Authentication
Cisco IOS XR MPLS Command Reference, Release 3.7 RSVP Authentication

Simple Network Management Protocol
Securing Simple Network Management Protocol
How to Configure SNMP Community Strings
SNMPv3 Benefits

Syslog
Implementing Logging Services on Cisco IOS XR Software 4.1

SSH
Configuring Secure Shell on Routers and Switches Running Cisco IOS
Implementing Secure Shell on Cisco IOS XR Software for the Cisco XR 12000 Series Router, Release 4.2.x
Secure Copy

Secure Sockets Layer
Implementing Secure Socket Layer (SSL) on Cisco IOS XR Software for the Cisco CRS Router, Release 4.3.x

TACACS+
Authentication Protocols - TACACS+ and RADIUS Comparison
Basic TACACS+ Configuration Example
Configure a Cisco Router with TACACS+ Authentication
How to Assign Privilege Levels with TACACS+ and RADIUS
Cisco ASR 9000 Series Aggregation Services Router System Security Configuration Guide, Release 5.1.x, Configuring AAA Services

Cisco Discovery Protocol
Configuring Cisco Discovery Protocol on Cisco Routers and Switches Running Cisco IOS
Configuring Cisco Discovery Protocol
Implementing CDP on Cisco IOS XR Software for the Cisco CRS Router, Release 4.3.x

Management Plane Protection
Cisco IOS XR System Security Command Reference, Release 3.7 Management Plane Protection Commands on Cisco IOS XR Software

Authentication, Authorization, and Accounting
Configuring AAA Services on Cisco IOS XR Software for the Cisco XR 12000 Series Router, Release 4.0
Cisco AAA Implementation Case Study
Security Baseline Checklist--Infrastructure Device Access

IP Backscatter Traceback
Service Provider Infrastructure Security Techniques - Backscatter Traceback

Network Design
Cisco IOS and NX-OS Software Reference Guide
Network Security Baseline
Bandwidth, Packets Per Second, and Other Network Performance Metrics
Understanding 4-Byte AS Support in C12K and CRS-1
A Security-Oriented Approach to IP Addressing
Secure Network Infrastructure: Protect Video over IP Services
Secure Multivendor Networks
Cisco IPv6 Solutions Integration & Co-Existence
Fixed Mobile Convergence for Integrated-Service Providers
Migration Guide for Explaining 4-Byte Autonomous System
Protecting Border Gateway Protocol for the Enterprise

Operations Security
Understanding Operational Security
Cisco IOS Image Verification
CVSS Usage Within Cisco
Embedded Event Manager in a Security Context
Understanding Access Control List Logging
Identifying Incidents Using Firewall and IOS Router Syslog Events
TTL Expiry Attack Identification and Mitigation
Protect Against Worms
Network Management System: Best Practices White Paper
Cisco ASR 9000 Series Aggregation Services Router System Management Configuration Guide_ Release 5.1.x
Cisco XR 12000 Manageability
Operational Best Practices for the Cisco Catalyst 6500 Series
Device Manageability Instrumentation (DMI)

Service Provider Security Best Practices
Cisco Guide to Harden Cisco IOS XR Devices
Cisco Guide to Harden Cisco IOS Devices
Service Provider Infrastructure Security Techniques
Securing Tool Command Language on Cisco IOS
Infrastructure Protection on Cisco IOS Software-Based Platforms
Cisco ASR 9000 Series Aggregation Services Router System Security Configuration Guide_ Release 5.1.x
Protecting the Cisco Catalyst 6500 Series Switches Against Denial-Of-Service Attacks
Cisco CRS-1 Carrier Routing System Security Application Note
Cisco IOS and NX-OS Software Reference Guide

Data Center Security
Data Center Security
Cisco Service Delivery Center Infrastructure 2.1 Design Guide
Service Module Design with ACE and FWSM

Multiprotocol Label Switching
Multiprotocol Label Switching Security Overview
Security of the MPLS Architecture
MPLS Security - Multiprotocol Label Switching for the Federal Government
RFC 4381: Analysis of the Security of BGP/MPLS IP Virtual Private Networks (VPNs)
Cisco IOS XR MPLS Configuration Guide, Release 3.7 - Implementing IPv6 VPN Provider Edge Transport over MPLS on Cisco IOS XR Software
MPLS VPN - Inter-AS Option AB
Configuring Multicast VPN Inter-AS Support
Cisco IOS Software Releases 12.0 S BGP Multicast Inter-AS (IAS) VPN
Cisco IOS Software Releases 12.0 S - MPLS-aware NetFlow
Cisco IOS Software Releases 12.0 S - SNMP Notification Support for VPNs
Cisco IOS Software High-Availability Enhancements for IP/MPLS Provider Edge
Cisco Multiprotocol Label Switching Management Strategy

Multicast
The Multicast Security Tool Kit
Securing IP Multicast Services in Triple-Play and Mobile Networks

DNS
DNS Best Practices, Network Protections, and Attack Identification
Geographic Implications of DNS Infrastructure Distribution

NetFlow Instrumentation Techniques
Introduction to Cisco IOS NetFlow - A Technical Overview
NetFlow and Security
NetFlow Performance Analysis
Configuring NetFlow BGP Next Hop Support for Accounting and Analysis
Network Management Case Study: How Cisco IT Uses NetFlow to Capture Network Behavior, Security, and Capacity Data
Configuring MPLS-aware NetFlow
Cisco IOS NetFlow Features Roadmap
NetFlow Layer 2 and Security Monitoring Exports

NetFlow Version 9 Instrumentation Techniques
NetFlow Version 9 Flow-Record Format
NetFlow v9 Export Format
NetFlow v9 for IPv6
Getting Started with Configuring NetFlow and NetFlow Data Export

Flexible NetFlow Instrumentation Techniques
Flexible NetFlow

Embedded Event Manager Instrumentation Techniques
Embedded Event Manager in a Security Context
Understanding Cisco IOS Software Embedded Self-Management Capabilities
Cisco ASR 9000 Series Aggregation Services Router System Monitoring Configuration Guide, Release 4.3.x - Configuring and Managing Embedded Event Manager Policies
Cisco ASR 9000 Series Aggregation Services Router System Monitoring Configuration Guide, Release 4.3.x - Implementing Performance Management
Cisco IOS Software Releases 12.0 S - Component Outage On-Line (COOL) Measurement for the Cisco 12000

SNMP Instrumentation Techniques
CISCO-IP-URPF-MIB Support
URPF MIB
Network Management System: Best Practices White Paper

Syslog Instrumentation Techniques
Identifying Incidents Using Firewall and IOS Router Syslog Events

Lawful Intercept Instrumentation Techniques
Cisco Lawful Intercept Security Best Practices
Lawful Interception for 3GPP: Cisco Service Independent Intercept in the GGSN
Lawful Intercept Architecture
Cisco Service Independent Intercept Architecture Version 3.0
Cisco IOS Software Releases 12.0 S - Lawful Intercept on Cisco 12000 Series Router, ISE Line Cards
Cisco IOS Software Releases 12.2 SB - Lawful Intercept Architecture
Cisco 7600 Lawful Intercept Configuration Guide