Filter
Top Products
1-104
Cisco uBR7200 Series Universal Broadband Router Software Configuration Guide
OL-2239-05
Chapter1 Overview of Cisco uBR7200 Series Software
cops tcp window-size
Cable Source Verification (cable source-verify Command)
The cable source-verify command helps to prevent the spoofing of IP addresses by CMs or their CPE
devices by verifying that the upstream packets coming from each cable modem are known to be
associated with the IP address in that packet. Packets with IP addresses that do not match those
associated with the cable modem are dropped.
Note The cable source-verify [dhcp] cable interface command specifies that DHCP lease-query requests are
sent to verify any unknown source IP address found in upstream data packets. This feature requires a
DHCP server that supports the new LEASEQUERY message type.
For additional information about the cable source-verify command, refer to the Cisco Broadband Cable
Command Reference Guide on Cisco.com.
Cisco IOS Firewall Feature Set
The Cisco IOS Firewall feature set interoperates in seamless fashion with Cisco IOS software, providing
great value for the many benefits it delivers. The most outstanding benefits include:
• Flexibility — installed on a Cisco router, this all-in-one scalable solution performs multiprotocol
routing, perimeter security, intrusion detection, VPN functionality, and per-user authentication and
authorization.
• Investment protection — integrating firewall functionality into a multiprotocol router leverages an
existing router investment without the cost and learning curve associated with a new platform.
• VPN support — deploying Cisco IOS Firewall with Cisco IOS encryption and QoS VPN features
enables extremely secure, low-cost transmissions over public networks and ensures
mission—critical application traffic receives high priority delivery.
• Scalable deployment — available for a wide variety of router platforms, the Cisco IOS Firewall
scales to meet any network`s bandwidth and performance requirements.
• Easier management — with Cisco ConfigMaker software, a network administrator can configure
Cisco IOS security features (including the Cisco IOS Firewall, Network Address Translation, and
Cisco IPSec) from a central console over the network.
For additional Cisco IOS firewall information, refer to the document titled Cisco IOS Firewall
FeatureSet on Cisco.com.
Cisco IOS Firewall Feature Enhancements
Cisco IOS Release 12.1(1a)T1 enhances the previous Cisco IOS Secure Integrated Software feature set
with the following set of features:
• Context-Based Access Control (CBAC) that intelligently filters TCP and UDP packets based on the
application-layer protocol. This includes Java applets, which can be blocked completely or allowed
only from known and trusted sources.
• Detection and prevention of the most common denial of service (DoS) attacks, such as ICMP and
UDP echo packet flooding, synchronize/start (SYN) packet flooding, half-open or other unusual
TCP connections, and deliberate misfragmentation of IP packets.
• Support for a broad range of commonly used protocols, including H.323 and NetMeeting, FTP,
HTTP, MS Netshow, RPC, SMTP, SQL*Net, and TFTP.
• Authentication Proxy for authentication and authorization of web clients on a per-user basis.