Chapter 10: Managing IP Traffic

Outline:

Chapter Review 
Chapter Overview 
10.1 Traffic Management Techniques
10.1.1 Managing IP Traffic
10.1.2 IP Access Lists
10.2 Configuring IP Standard Access Lists
10.2.1 Filtering
10.2.2 Inbound Access List Processing
10.2.3 Outbound Access List Processing
10.2.4 Access Lists Use Wildcard Mask
10.2.5 Access List Configuration Tasks
10.2.6 Implicit Masks
10.2.7 Configuration Principles for Access Lists
10.2.8 Location of Standard Access Lists
10.3 Restricting Virtual Terminal Access
10.3.1 How to Control vty Access
10.3.2 Virtual Terminal Line Commands
10.4 Configuring Extended Access Lists
10.4.1 Higher Degree of Control
10.4.2 Extended Access List Processing
10.4.3 Extended IP Access List Command
10.4.4  Extended Access List Examples
10.4.5 Configuring Named Access Lists
10.4.6 Location of Extended Access Lists
10.4.7 Verifying Access-List Configuration
10.5 Using an Alternative to Access Lists
10.5.1 Configuring Null Interface
10.5.2 Null Interface Command
10.6 Configuration Lock-and-Key Security (Dynamic Access Lists)
10.6.1 What is Lock-and-Key
10.6.2 Lock-and-Key Configuration Tips
10.6.3 Verify Lock-and-Key Configuration
10.6.4  Lock-and-Key Configuration Examples
10.7 Configuration IP Session Filtering (Reflexive Access Lists)
10.7.1 About Reflexive Access Lists
10.7.2 How Reflexive Access Lists Implement Session Filtering
10.7.3 Configure Reflexive Access Lists
10.7.4  Reflexive Access Lists Configuration Examples
10.8 Context-Based Access Control
10.8.1 Functions
10.8.2 How CBAC Works
10.8.3 The CBAC Process
10.8.4  Configuration Tasks
10.8.5 Basic Configuration
10.8.6 Configuration Global Timeouts and Thresholds
10.8.7 Defining an Inspection Rule
10.8.8  Configuring Logging and Audit Trial
10.8.9 Monitoring and Maintaining CBAC
10.8.10 Configuration Examples
Chapter Summary
Chapter Quiz