Johan,
Have you also gone thru the video and audio on demand on these topics? Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com/> www.ipexpert.com From: [email protected] [mailto:[email protected]] On Behalf Of Johan Bornman Sent: Sunday, November 21, 2010 11:23 PM To: 'Vybhav Ramachandran' Cc: 'OSL Security' Subject: Re: [OSL | CCIE_Security] Control-plane Thanks! From: Vybhav Ramachandran [mailto:[email protected]] Sent: 22 November 2010 06:16 AM To: Johan Bornman Cc: OSL Security Subject: Re: [OSL | CCIE_Security] Control-plane Hello Johan, You are right. The special "port-filter" and "queue-threshold" policy-maps can only be applied on the control-plane "HOST" subinterface. Along with this, what i meant by Management Plane protection was using the "management-interface" command http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htsecmpp.html Using Management plane protection , you can control what managment protocols ( ex : telnet , ssh , http , etc ) are allowed on specific physical interfaces on the router. This is only possible on the "control-plane HOST subinterface" Cheers, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
