[c-nsp] Filtering packets by content
Peter Rathlev
peter at rathlev.dk
Fri Feb 1 09:26:16 EST 2008
Hi,
If you just need L4 access-lists, like blocking all port 80/tcp traffic
and not all HTTP (which could use another port and thus needs a more
thorough examination of the flows), you can use regular hardware based
access-lists on a Sup720/PFC3 and all will be well.
If you need inspection (like the PISA gives you) Oliver's options seem
like the way to go.
Regards,
Peter
On Fri, 2008-02-01 at 15:47 +0200, Konstantin Barinov wrote:
> Hello!
>
> Which platform will be able to filter more than 2 Gbit/sec bandwidth
> by packet contents? For example, I need to drop all outgoing http and
> udp according to some rules. Sup32-PISA can only do up to 2Gbps. What
> is the next step, load balance between them only?
>
>
> br
> --
> Konstantin Barinov
> INFONET AS, Tallinn, Estonia
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list