Content deleted Content added
mNo edit summary Tags: Reverted Visual edit Mobile edit Mobile web edit |
Undid revision 1285706095 by Mike Holand102 (talk) Refspam |
||
Line 3:
The [[Computer network|networking]] equipment which uses NBAR does a [[deep packet inspection]] on some of the packets in a dataflow, to determine which traffic category the flow belongs to. Used in conjunction with other features, it may then program the internal [[application-specific integrated circuits]] (ASICs) to handle this flow appropriately. The categorization may be done with [[Application_layer|Open Systems Interconnection (OSI) layer 4]] info, packet content, signaling, and so on but some new applications have made it difficult on purpose to cling to this kind of tagging.<ref>[[BitTorrent protocol encryption|BitTorrent Encryption and Obfuscation]]</ref>
The NBAR approach is useful in dealing with malicious [[software]] using known [[TCP and UDP port|ports]] to fake being "priority traffic", as well as non-standard applications using dynamic ports.<ref>''[http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml Using Network-Based Application Recognition and ACLs] for Blocking the "Code Red" Worm'', Cisco.</ref> That's why NBAR is also known as [[OSI layer 7]] categorization
On Cisco routers, NBAR is mainly used for [[quality of service]] and [[network security]] purposes.
| |||