Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

IPv6 Covert Channels Overview

A covert channel is an attack technique that allows communication of information by transferring objects through existing information channels in an unauthorized or illicit manner. With the help of covert channels, an attacker can carry out malicious activity in a network.

Covert channels identification and mitigation for IPv6 extension headers is supported on Intrusion Detection and Prevention (IDP). It is the transfer of information that violates the existing security systems. The security package for IDP contains a database of predefined IDP attack objects for covert channel that you can use in IDP policies to match traffic against attacks.

As part of this support, you can detect and flag IPv6 extension headers anomalies, which can establish covert channels and take action specified in the policy. The covert channel attacks are displayed in the Show security idp attack table with the other attacks.

Change History Table

Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.

Release
Description
19.1R1
Previously IDP signature updates supported only nine tags under filters. The seven tags are category, direction, false-positives, performance, product, recommended, service, severity, and vendor. IDP signature updates now support four new additional tags under filters for creating more sophisticated dynamic groups in addition to the existing nine tags.