Cisco DNCS System Release 2.7 3.7 4.2 Guia Do Desenho
3-10
Security Recommendations for the DBDS Network in a DOCSIS Environment
4000358 Rev B
Data Paths and Traffic Flows,
Continued
Data Path
Flow
Description
Allowed or Denied
3
3.1
Registered integrated cable modem -
DBDS Network
Denied
3.2
Unregistered/Registered stand-alone
cable modem - DBDS Network
Denied
3.3
DHCT CPE - DBDS Network
Allowed
3.4
Unsubscribed/Subscribed PC CPE -
DBDS Network
Denied
4
4.1
DOCSIS Server – Internet service
provider Servers
Cable Service
Provider’s
Implementation
5
5.1
Registered integrated cable modem –
Internet
Denied
5.2
DHCT CPE - Internet
Denied
5.3
Unsubscribed PC CPE – Internet
Cable Service
Provider’s
Implementation
5.4
Subscribed PC CPE – Internet
Allowed
6
6.1
Application Servers Public Interface –
Internet
Allowed
6.2
Application Servers Private Interface –
Internet
Denied
7
7.1
DBDS Network Elements – Internet
Denied
8
8.1
DBDS Network - DOCSIS Servers
Denied
8.2
DBDS Network – non-DOCSIS Servers
Denied
8.3
EMS - cable service provider’s NMS
server
Allowed
9
9.1
DBDS Network - DMZ
Denied
10
10.1
DHCT CPE - DMZ
Denied
10.2
Registered integrated cable modem -
DMZ
Denied
10.3
Unsubscribed/Subscribed PC CPE - DMZ Cable Service
Provider’s
Implementation