Home > Articles > Infrastructure Security and Segmentation

Infrastructure Security and Segmentation

Chapter Description

In this sample chapter from Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security, you will review security of the three planes of network infrastructure, the importance of segmenting traffic and methods for doing so, and the benefits of NetFlow.


Securing network devices is key to securing your data and assets. If the infrastructure is compromised, the rest of the network will be easily compromised, too.

This chapter discusses security for each of the three planes of a network device. Various common attacks are discussed at each plane of Layer 2 and Layer 3 devices.

A large part of this chapter is dedicated to data plane security because that is where the majority of attacks are focused. For the CCIE exam, you are expected to understand these attacks as well as methods to mitigate them.

This chapter also lays the foundation that is required to understand operations of various security devices and solutions discussed throughout the rest of the series. Some of the attacks discussed here are revisited in other chapters, along with other methods to mitigate them.

Finally, this chapter focuses on the security of the wired network infrastructure only. Chapter 3, “Wireless Security,” extends the discussion to wireless networks.

7. References | Next Section Previous Section

There are currently no related articles. Please check back later.