Securing IOS-XE Routing Protocols
Securing the routing information prevents an attacker from introducing false routing information into the network, which could be used as part of a Denial of Service (DoS) or Man-in-the-Middle (MiTM)…
Securing IOS-XE SSH
Securing IOS-XE SSH SSH (Secure Shell) is a commonly used cryptographic protocol used to securely manage network devices such as switches, routers, firewalls etc over an insecure network. Although more…
IOS-XE Zone Based Firewall
Cisco Zone-Based Firewall (ZBFW) is a stateful firewall supported on Cisco IOS/IOS-XE routers. The routers interfaces are assigned to zones, inspection policies are applied for traffic moving between the zones,…
Unicast Reverse Path Forwarding (uRPF)
Unicast Reverse Path Forwarding (uRPF) Unicast Reverse Path Forwarding (uRPF) is a security feature on Cisco ISR routers and ASA or Secure Firewall Threat Defence (FTD) firewalls, that enables the…
Prevent BGP transit AS
By default, BGP advertises all prefixes to External BGP neighbours. When a router is dual homed to two or more ISP using BGP, the local router could become as transit…
BGP Path Selection
BGP uses several attributes or metrics for the path selection process, this post discusses the BGP attributes used on Cisco IOS-XE routers/switches for path selection and provides configurations examples of…