14. PCE safety
The PCE is a central element of the network. The fact that the PCE can influence all network routing makes it necessary to analyze its security.
If a malicious person gains access to the PCE, he or she can take control of all or part of the network's routing.
14.1 Protocol security
It is essential to control which PCC connects to the PCE. Filtering mechanisms such as access lists or firewalls are needed to identify which addressing plans are authorized to connect to the PCE.
It is also imperative to ensure that an intruder does not impersonate an existing PCC. Authentication mechanisms such as hash functions can be implemented on the PCEP session with a shared secret (SHA256, etc.), the use of TLS (Transport...
The Ultimate Scientific and Technical Reference
This article is included in
Networks and Telecommunications
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
PCE safety
Implementing a PCE
Bibliography
- (1) - IETF – PCEP - Extension for Distribution of Link-State and TE Information. - https://datatracker.ietf.org/doc/draft-dhodylee-pce-pcep-ls/ (2018).
- (2)...
Standards and norms
- RSVP-TE : Extensions to RSVP for LSP Tunnels. - RFC 3209 - 2001
- Traffic Engineering (TE) Extensions to OSPF Version 2. - RFC 3630 - 2003
- The Transport Layer Security Protocol Version 1.2. - RFC 5246 - 2008
- IS-IS Extensions for Traffic Engineering. - RFC 5305 - 2008
- Traffic Engineering Extensions to OSPF Version 3. - RFC 5329 - 2008
- Path Computation Element Communication Protocol....
The Ultimate Scientific and Technical Reference
