Chapter 15: Network security
The information in this section helps you to design and implement a secure network.
You must provide security mechanisms to prevent your network from attack. If links become
congested due to attacks, you can immediately halt end-user services. During the design phase,
study availability issues for each layer. For more information, see
page 55. Without redundancy, all services can be brought down.
To provide additional network security, you can use the Avaya Contivity VPN product suite or the
Ethernet Routing Switch Firewall and Intrusion Sensor. They offer differing levels of protection
against Denial of Service (DoS) attacks through either third party IDS partners, or through their own
high-performance stateful firewalls.
Navigation
•
DoS protection mechanisms
•
Damage prevention
•
Security and redundancy
•
Data plane security
•
Control plane security
•
For more information
DoS protection mechanisms
The Ethernet Routing Switch is protected against Denial-of-Service (DoS) attacks by several internal
mechanisms and features.
DoS protection mechanisms navigation
•
Broadcast and multicast rate limiting
•
Directed broadcast suppression
•
Prioritization of control traffic
June 2016
on page 266
on page 269
on page 272
on page 272
on page 278
on page 288
on page 267
on page 267
on page 267
Planning and Engineering — Network Design
Comments on this document? infodev@avaya.com
Redundant network design
on
266