Cisco NFP (Network Foundation Protection) Framework - Management plane, Control plane and Data plane

Cisco NFP (Network Foundation Protection) is Technology framework which provides the technologies and tools to protect different types of network traffic. Cisco has classified different type of network traffic as different planes of communication. Cisco NFP (Network Foundation Protection) defines three planes and they are Management plane, Control plane and Data plane.

Management plane: The management plane includes traffic that a network administrator uses to configure network devices. Management plane traffic is usually consists protocol traffic like telnet (in an insecure network), SSH or SNMP. Management plane provides the ability to manage network infrastructure devices. Example of Management plane traffic is the network traffic generated by a network administrator using SSH to configure the router or switch.

Control plane: Control plane traffic includes the traffic that the network devices send between each other for automatic network discovery and configuration. Example of Control plane traffic is routing protocol update and Address Resolution Protocol (ARP) traffic..

Data plane: Data plane traffic is the real end user traffic happening in the network. Example of Data plane traffic is the network traffic generated by a user sitting inside the company network and browsing a website.

Management plane, Control plane and Data plane must be well protected to ensure business continuity. Cisco NFP (Network Foundation Protection) framework provides the technologies and tools which are required to secure Management plane, Control plane and Data plane.See the below links to view the Cisco NFP (Network Foundation Protection) framework technologies to protect Management Plane, to protect Control Plane and to protect Data Plane.