Attack Scenarios

To be able to evaluate security of MPLS, you must define a threat model for the various zones of trust. This section uses the zones of trust defined in the chapter introduction and outlines the threats against those zones.

A complete threat model (such as a security policy) must contain threats from outside as well as from inside a trusted zone because in practice many threats come from the inside. For example, a thief might come from outside an office building, but thefts actually are perpetrated in many enterprises much more frequently by internal trusted staff. Therefore, a complete threat model must take both internal and external threats into consideration. Physical threats, such as nonauthorized access to buildings, network operating centers, transmission links, and network infrastructure, also comprise the overall threat model. A network operations center (NOC) is the nerve center of a service provider and a large enterprise that deploys and manages services and networks because it applies OAM and security policies.