3Com 5500G Configuration And Command Reference Manual - Control Forwarding Protocol
2 Configuring the Application
Control Forwarding Protocol
(ACFP)
Introduction to
ACFP
Basic data communication networks are composed of routers and
switches, which forward data packets. With the development of data
networks, more and more services run on the networks. It has become
difficult to use traditional network devices (routers and switches) to
handle all the services. Therefore, some products are designed to handle
specific services. For example, firewalls, Intrusion Detection Systems (IDS),
Intrusion Prevention Systems (IPS), and voice and wireless products.
For better support of these services, application modules are being
developed on networking devices (routers and switches in this document)
to specifically handle these services. Some networking device
manufacturers provide software and hardware interfaces to allow
modules or devices from other manufacturers to be plugged into or
connected to their networking devices to provide these services.
3Com’s Open Systems Networking (OSN) provides customers with an
open service architecture developed to achieve this functionality.
Compatible IPS/IDS application modules or IPS/IDS applications running as
ACFP clients allow software packages developed by other manufacturers
to support the IPS/IDS services. A router or switch mirrors or redirects the
packets received from another interface to an ACFP client after matching
the ACFP collaboration rules. The software running on the ACFP client
monitors and detects the packets. Based on the monitoring and detection
results, the ACFP client sends back responses to the router or switch
through collaborative Management Information Bases (MIBs) to instruct
the router or switch to process the results, such as filtering out specific
packets.