HOME

TheInfoList



Click Here for Items Related To - Network Based Application Recognition
OR:
Network Based Application Recognition on:   [Wikipedia]   [Google]   [Amazon]

Network Based Application Recognition (NBAR) is the mechanism used by some
Cisco Cisco Systems, Inc. (using the trademark Cisco) is an American multinational digital communications technology conglomerate corporation headquartered in San Jose, California. Cisco develops, manufactures, and sells networking hardware, s ...
routers and switches to recognize a
dataflow In computing, dataflow is a broad concept, which has various meanings depending on the application and context. In the context of software architecture, data flow relates to stream processing or reactive programming. Software architecture Dat ...
by inspecting some packets sent. The networking equipment which uses NBAR does a
deep packet inspection Deep packet inspection (DPI) is a type of data processing that inspects in detail the data (Network packet, packets) being sent over a computer network, and may take actions such as alerting, blocking, re-routing, or logging it accordingly. Deep ...
on some of the packets in a dataflow, to determine which traffic category the flow belongs to. Used in conjunction with other features, it may then program the internal
application-specific integrated circuits An application-specific integrated circuit (ASIC ) is an integrated circuit (IC) chip customized for a particular use, rather than intended for general-purpose use, such as a chip designed to run in a digital voice recorder or a high-efficien ...
(ASICs) to handle this flow appropriately. The categorization may be done with Open Systems Interconnection (OSI) layer 4 info, packet content, signaling, and so on but some new applications have made it difficult on purpose to cling to this kind of tagging. The NBAR approach is useful in dealing with malicious
software Software consists of computer programs that instruct the Execution (computing), execution of a computer. Software also includes design documents and specifications. The history of software is closely tied to the development of digital comput ...
using known
ports Ports collections (or ports trees, or just ports) are the sets of makefiles and Patch (Unix), patches provided by the BSD-based operating systems, FreeBSD, NetBSD, and OpenBSD, as a simple method of installing software or creating binary packages. T ...
to fake being "priority traffic", as well as non-standard applications using dynamic ports.
Using Network-Based Application Recognition and ACLs
for Blocking the "Code Red" Worm'', Cisco. That's why NBAR is also known as OSI layer 7 categorization. On Cisco routers, NBAR is mainly used for
quality of service Quality of service (QoS) is the description or measurement of the overall performance of a service, such as a telephony or computer network, or a cloud computing service, particularly the performance seen by the users of the network. To quantitat ...
and network security purposes.


References


External links


''Network Based Application Recognition: RTP Payload Classification''
Cisco.
''Block P2P Traffic on a Cisco IOS Router using NBAR Configuration Example''
Cisco. Computer network security {{compu-network-stub