3Com 5500G Configuration And Command Reference Manual - Control Forwarding Protocol

2 Configuring the Application 

Control Forwarding Protocol 

(ACFP)

Introduction to 

ACFP

Basic data communication networks are composed of routers and 

switches, which forward data packets. With the development of data 

networks, more and more services run on the networks. It has become 

difficult to use traditional network devices (routers and switches) to 

handle all the services. Therefore, some products are designed to handle 

specific services. For example, firewalls, Intrusion Detection Systems (IDS), 

Intrusion Prevention Systems (IPS), and voice and wireless products.

For better support of these services, application modules are being 

developed on networking devices (routers and switches in this document) 

to specifically handle these services. Some networking device 

manufacturers provide software and hardware interfaces to allow 

modules or devices from other manufacturers to be plugged into or 

connected to their networking devices to provide these services.

3Com’s Open Systems Networking (OSN) provides customers with an 

open service architecture developed to achieve this functionality. 

Compatible IPS/IDS application modules or IPS/IDS applications running as 

ACFP clients allow software packages developed by other manufacturers 

to support the IPS/IDS services. A router or switch mirrors or redirects the 

packets received from another interface to an ACFP client after matching 

the ACFP collaboration rules. The software running on the ACFP client 

monitors and detects the packets. Based on the monitoring and detection 

results, the ACFP client sends back responses to the router or switch 

through collaborative Management Information Bases (MIBs) to instruct 

the router or switch to process the results, such as filtering out specific 

packets.