3Com 5500G Configuration And Command Reference Manual

Also see for 5500G SERIES: Product guide Getting started guide

2 Configuring the ApplicationControl Forwarding Protocol(ACFP)Introduction toACFPBasic data communication networks are composed of routers andswitches, which forward data packets. With the development of datanetworks, more and more services run on the networks. It has becomedifficult to use traditional network devices (routers and switches) tohandle all the services. Therefore, some products are designed to handlespecific services. For example, firewalls, Intrusion Detection Systems (IDS),Intrusion Prevention Systems (IPS), and voice and wireless products.For better support of these services, application modules are beingdeveloped on networking devices (routers and switches in this document)to specifically handle these services. Some networking devicemanufacturers provide software and hardware interfaces to allowmodules or devices from other manufacturers to be plugged into orconnected to their networking devices to provide these services.3Com’s Open Systems Networking (OSN) provides customers with anopen service architecture developed to achieve this functionality.Compatible IPS/IDS application modules or IPS/IDS applications running asACFP clients allow software packages developed by other manufacturersto support the IPS/IDS services. A router or switch mirrors or redirects thepackets received from another interface to an ACFP client after matchingthe ACFP collaboration rules. The software running on the ACFP clientmonitors and detects the packets. Based on the monitoring and detectionresults, the ACFP client sends back responses to the router or switchthrough collaborative Management Information Bases (MIBs) to instructthe router or switch to process the results, such as filtering out specificpackets.