- A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: Reflexive AL and CBAC posted 10/17/2002
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

As far I remember reflexive ACLs will open holes for return traffic only
based on the protocol and port number, so applications requiring multiple
channels are not going to work.
CBAC takes care of this because you can set it up to watch out for
multichannel apps.

Peter Puczko, Brian McGahan's buddy
#7247 (R&S, Security)
Phone (847) 674-3392

----- Original Message -----
From: <Sam.MicroGate@xxxxxxxxxxxxxx>
To: <ccielab@xxxxxxxxxxxxxx>
Sent: Thursday, October 17, 2002 8:36 AM
Subject: Reflexive AL and CBAC

> Hello everyone,
> Can someone tell the main difference between the reflexive access list and
> class based access control? They seem very similar to me. The same use and
> the concept. The both filter traffic at the edge of the network. Only
> traffic that originated from the inside will pass to the outside unless
> configure otherwise. Thanks.
> Sam