NBAR Protocols
Network-Based Application Recognition Protocol (NBAR) identifies protocols for classification and compiles use statistics for quality control. The protocol discovery feature of NBAR protocol displays statistics of traffic through an application gateway. The NBAR database enables or disables the requested protocol. NBAR configures tables of protocols used and the amount of data in and out of the protocol by bandwidth. The NBAR protocol reports breaches of security and notifies the system administrator if firewalls are crossed.
Other People Are Reading
-
Recognition
-
The Supported Protocols Table lists the protocols that NBAR recognizes. The user can add additional protocols through a Packet Description Language Module or upgrading to a newer version of NBAR protocol. The Supported Protocols Table, indexed by the supported protocol number, contains the name of the supported protocol. Multiple active protocols may have a negative effect on a router. The number of interfaces that can be configured is based on platform and threshold types. The NBAR protocol deactivates interfaces that are not necessary or would cause a security breach.
Table Configuration
-
The Top N Config Table lists protocols with associated statistics. The statistics for each protocol are in a single row in the Top N Config Table, which is indexed by a number that represents a specific interface or a specific row in the table. The Top Config Stats Select table chooses the statistical method used to determine the order of protocol execution. Descriptive statistics per protocol include: incoming, outgoing and total bit rate; incoming, outgoing, and total packets; interval bit rate was sampled; number of protocols or N number in Top N Config table; and the number of protocols in the table. The Top N Config table does not necessarily match the Top N Config requested size.
-
Commands
-
NABR protocol includes the ability to view protocols and tally activity at the interface to the protocol. The NABR status table is coded with the ability to enable or disable functions in a protocol listed within the NABR protocol table. The NABR status table contains a IfIndex, which contains protocols by interface numbers. The enable command is either true or false. If the enable status is true, the NABR protocol discovery is enabled on the interface or entrance to the protocol. If the status of enable command is false, protocol discovery is not enabled on the interface. The status enable command can be activated by the SNMP set any command. NABR protocol maintains use statistics by protocol, which include the date of last use or the update date and time. The status update time displays the last time the protocol was enabled.
Statistics
-
The All Stats Table is a temporary table compiled each time a protocol is used. The All Stats Table contains the IfIndex, which represents a specific protocol interface from the Supported Protocols Table. The supported protocols table contains a comprehensive list of protocols with associated numbers. The number of data packets, the amount of data in bytes and hexadecimal bytes in and out, the number of bytes of data through a protocol interface is recorded in the Network Management System. The All Stats Bit Rates represents bits of data in and out of a specific protocol interface.
-
References
- Photo Credit Martin Poole/Stockbyte/Getty Images
