Popular Posts

Thursday, 7 May 2009

Understanding about Route Filtering to securing network

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!


As my previous post about Routing Protocol Authentication, today post, I would like to find out about Route Filtering to securing network

What is Route Filtering?

Route Filtering is the process by Router, in which the certain routes are not considered for inclusion in the local route database, or not advertised to one's neighbours. During configuring Router, the Network Administrator need to be aware of which type of network route should be allowed to enter the Network Local or to go out to the remote Network. 

There are two Types of Filtering:

1.Input filtering

Input filtering is a filter is applied to routes as they are learned from a neighbour. A route that has been filtered out is discarded straight away, and hence not considered for inclusion into the local routing database.

2.Output filtering

Output filtering, a filter is applied to routes before they are announced to a neighbour. A route that has been filtered out is never learned by a neighbour, and hence not considered for inclusion in the remote route database.

Why Route Filtering? 

1.Route filtering enables the network administrator to keep tight control over route advertisements.

2.Route filters ensure that routers will advertise as well as accept legitimate networks. They work by regulating the flow of routes that are entered into or advertised out of the routing table.

3.Filtering the networks that are advertised out of a routing process or accepted into the routing process helps to increase security because, if no route is advertised to a downstream or upstream neighbor, then no route apparently exists to the network. 

4.Using Route Filtering to prevent routers on a local network from learning about routes that are dynamically advertised out on the interface, you can define the interface as passive. Defining an interface as passive keeps routing update messages from being sent through a router interface, preventing other systems on the interface from learning about routes dynamically from this router. You can configure a passive interface for all IP routing protocols except Border Gateway Protocol (BGP).

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

0 comments:

Post a Comment