Management Plane—The management plane consists of functions that achieve the management goals of the network. This includes interactive management sessions using SSH, as well as statistics-gathering with SNMP or NetFlow. When you consider the security of a network device, it is critical that the management plane be protected. If a security incident is able to undermine the functions of the management plane, it can be impossible for you to recover or stabilize the network.
Simple Network Management Protocol
Telnet
Secure Shell Protocol
File Transfer Protocol
Trivial File Transfer Protocol
Secure Copy Protocol
TACACS+
RADIUS
NetFlow
Network Time Protocol
Syslog
Control Plane—The control plane of a network device processes the traffic that is paramount to maintaining the functionality of the network infrastructure. The control plane consists of applications and protocols between network devices, which includes the Border Gateway Protocol (BGP), as well as the Interior Gateway Protocols (IGPs) such as the Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF).
Control plane functions consist of the protocols and processes that communicate between network devices to move data from source to destination. This includes routing protocols such as the Border Gateway Protocol, as well as protocols like ICMP and the Resource Reservation Protocol (RSVP).
Data Plane—The data plane forwards data through a network device. The data plane does not include traffic that is sent to the local Cisco IOS device.
Although the data plane is responsible for moving data from source to destination, within the context of security, the data plane is the least important of the three planes. It is for this reason that when securing a network device it is important to protect the management and control planes in preference over the data plane.
Upstream/Downstream—From the user's perspective, upstream network traffic flows away from the local computer toward the remote destination. If the data flows from your edge device further into your network, that would be upstream.
The Web browser sends HTTP requests upstream to the Web server, and the server replies with downstream data usually in the form of HTML pages. Downstream traffic flows to the user's computer.
Sources
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml
http://compnetworking.about.com/od/internetaccessbestuses/l/bldef_stream.htm
No comments:
Post a Comment