Network Based Application Recognition: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 01:20, 23 July 2004 edit Angela (talk \| contribs) Extended confirmed users 45,369 edits mNo edit summary ← Previous edit		Latest revision as of 13:04, 15 April 2025 edit undo Aoidh (talk \| contribs) Autopatrolled, Checkusers, Oversighters, Administrators 59,283 edits Undid revision 1285706095 by Mike Holand102 (talk) Refspam Tag: Undo
(31 intermediate revisions by 26 users not shown)
Line 1: '''Network Based Application Recognition''' (NBAR)<ref>[https://web.archive.org/web/20050924161229/http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t8/dtnbarad.htm NBAR defined at Cisco website]</ref> is the mechanism used by some [[Cisco]] [[Router (computing)\|router]]s and [[Network switch\|switches]] to recognize a [[Traffic_flow_(computer_networking)\|dataflow]] by ~~the~~inspecting ~~first~~some [[packet (information technology)\|packets]] sent. The [[Computer network\|networking]] equipment which uses NBAR does a [[deep packet inspection]] on ~~the~~some ~~first~~of ~~packet~~the packets in a dataflow, to determine which traffic category the flow belongs to. ItUsed in conjunction with other features, it may then ~~programmes~~program the internal [[~~ASIC~~application-specific integrated circuits]]s (ASICs) to handle this flow ~~appropriatly~~appropriately. The ~~categorisation~~categorization ismay ~~usually~~be done with [[Application_layer\|Open Systems Interconnection (OSI~~-layer4~~) layer 4]] info, packet content, signaling, and so on but some new applications have made it difficult on purpose to cling to this kind of tagging.<ref>[[BitTorrent protocol encryption\|BitTorrent Encryption and Obfuscation]]</ref> The NBAR approach is useful in dealing with malicious [[software]] using known [[~~Port~~TCP ~~(computing)~~and UDP port\|ports]] to fake being "priority traffic", as well as non-standard ~~apps~~applications using ~~non-determinaly~~dynamic ports.<ref>''[http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml Using Network-Based Application Recognition and ACLs] for Blocking the "Code Red" Worm'', Cisco.</ref> That's why NBAR is also known as [[OSI layer 7]] categorization. On Cisco routers, NBAR is mainly used for [[quality of service]] and [[network security]] purposes. ==References== {{reflist}} == External links == [http://whitepapers.zdnet.co.uk/0,39025945,60105500p-39000590q,00.htm ''Network Based Application Recognition: RTP Payload Classification''], Cisco. [http://www.cisco.com Cisco's website] *[http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080ac3082.shtml ''Block P2P Traffic on a Cisco IOS Router using NBAR Configuration Example''], Cisco. [[Category:Computer network security]] {{compu-network-stub}}