ccamp-11----Page:11
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
|
Security Section Security threats: Possibility for the network to control the traffic injected by the client in the data plane (BPDU, Multicast, Broadcasts, etc.) or the control plane (RSVP-TE signaling) All usual threats brought by IP control (and data plane) Entry points induced by the possible coexistence of the two technologies (L2LSPs and usual Broadcast Ethernet mode). Current RSVP security mechanisms [RFC2207], [RFC3097] to be analyzed/evaluated in the context of L2 LSPs Attacks on the data plane insertion of non-authenticated data traffic Denial of Service (DoS) attacks traffic snooping |