[c-nsp] Baseline CoPP policies?

Siva Valliappan svalliap at cisco.com
Tue Jul 7 17:11:32 EDT 2009


Hi Drew,

    have you looked at the following docs:

http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html

and

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6642/prod_white_paper0900aecd804fa16a.html

regards
.siva

On Tue, 7 Jul 2009, Daniel Dib wrote:

>
> 	Hi all,
>
> 	Does anyone have any baseline CoPP policies to put in place on a
> switch where you can't really anticipate the kind of traffic that will be
> coming into it but you need the IP INPUT processes, etc to stay at some
> level of control?
>
> I've seen the Cisco TTL Expiry attack documentation etc, are there any good
> generalized guidelines Cisco published or not?
>
> Thanks,
> -Drew
>
> This will probably be highly dependant on what platform you are running.
> What switch are we talking about? You should probably try to blast it with
> different types of traffic to see what it can handle. Will you be running
> dynamic routingprotocols? What protocols will you use for remote access etc?
> More info is needed if we are going to try to answer your question.
>
> /Daniel
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 4222 (20090707) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list