Security Contexts

Table of contents:

Quality of Service

This chapter covers the following topics:

  • Architectural overview
  • Configuration of quality of service
  • Deployment scenarios
  • Monitoring quality of service

In a standard IP network, all packets are processed identically based on best effort. The network devices usually ignore the importance or criticality of the data that is passing through the network. This creates problems in deployments where time-sensitive traffic, such as voice and video packets, is delayed or dropped because the network devices do not prioritize it over other traffic. The feature of prioritizing some traffic over other traffic is known as quality of service (QoS).

QoS is useful in the following network deployments:

  • You run voice, video, and data traffic on the same network. Because voice and video streams are time sensitive and do not tolerate network delays, QoS policies must be implemented to ensure traffic prioritization.
  • You run data applications such as time sensitive databases that require traffic prioritization if there is congestion on the network.
  • You want to prioritize management traffic, such as Telnet or SSH, so that you do not lose access to the network devices if there is an outbreak of a new virus in the local network.
  • You are a service provider and want to offer different classes of service (CoS) to your customers based on their needs.
  • You have virtual private networks (VPNs) deployed and you want to prioritize or rate-limit traffic going over the VPN tunnel.

Many different types of QoS mechanisms are available in the Cisco devices, such as the following:

  • Traffic policing
  • Traffic prioritization
  • Traffic shaping
  • Traffic marking

Note

QoS is useful in policing and prioritizing packets only when there is congestion in the network. For end-to-end QoS, all network devices along the path should be QoS capable.


Part I: Product Overview

Introduction to Network Security

Product History

Hardware Overview

Part II: Firewall Solution

Initial Setup and System Maintenance

Network Access Control

IP Routing

Authentication, Authorization, and Accounting (AAA)

Application Inspection

Security Contexts

Transparent Firewalls

Failover and Redundancy

Quality of Service

Part III: Intrusion Prevention System (IPS) Solution

Intrusion Prevention System Integration

Configuring and Troubleshooting Cisco IPS Software via CLI

Part IV: Virtual Private Network (VPN) Solution

Site-to-Site IPSec VPNs

Remote Access VPN

Public Key Infrastructure (PKI)

Part V: Adaptive Security Device Manager

Introduction to ASDM

Firewall Management Using ASDM

IPS Management Using ASDM

VPN Management Using ASDM

Case Studies



Cisco Asa(c) All-in-one Firewall, IPS, And VPN Adaptive Security Appliance
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
ISBN: 1587052091
EAN: 2147483647
Year: 2006
Pages: 231

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net