
REST has no built-in security features, however, there are several ways you can secure it.

## Authentication

You should use a form of authentication to ensure not everyone can use the REST API.

## Encryption

Communication between the client and server should be encrypted using TLS because many authentication methods don't have encryption. When an attacker intercepts the credentials, they might be able to communicate with the API.

## Links

https://networklessons.com/network-automation/rest-api-authentication

REST API security

QoS - Assured Forwarding PHB values

QoS - Bc and Be bucket sizes

QoS - Classification by IP

QoS - CoS to DSCP and DSCP to CoS mapping

QoS - Hierarchical QoS

QoS - Jitter

QoS - LLQ applied only outbound

QoS - LLQ bandwidth configuration

QoS - LLQ priority commands

QoS - Nested policy maps

QoS - Policing command syntax

QoS - QoS Groups

QoS - RSVP bandwidth and flow reservations

QoS - Recommended router images for QoS labs in GNS3

QoS - Tail Drop

QoS - Using CBWFQ with traffic shaping

QoS - WRED traffic profile thresholds

QoS - applying policies

QoS - auto qos trust

QoS - classification

QoS - effects of bandwidth interface command

QoS - is WRED really a congestion avoidance mechanism

QoS - key and nonkey fields

QoS - marking

QoS CBWFQ traffic allocation when there are empty queues

QoS CBWFQ

QoS CoS vs DSCP

QoS Hardware Queue vs Software Queue

QoS Hierarchical Queuing Framework (HQF)

QoS Impact of Priority Queue on Class-Default Traffic

QoS Mechanism Triggers

QoS Modular QoS CLI (MQC)

QoS Network Based Application Recognition (NBAR)

QoS RSVP Path message

QoS RSVP Resv message

QoS Resource Reservation Protocol (RSVP)

QoS Software Queues Scheduling

QoS Traffic Shaping Parameters

QoS hardware queues scheduling

QoS how traffic shaping is achieved

QoS max-reserved-bandwidth

QoS models

QoS specifying reserved bandwidth for a class belonging to a policy-map

QoS tokens in shaping and policing

QoS traffic policing

QoS traffic shaping

QoS using a shared policer on Nexus devices connected with vPC

REST API - Support and limitations

RESTCONF - Communication with Cisco Devices

RESTCONF

RIP - Routing and metric incrementing

RIP - poison reverse

RIP timers

RITE

RSPAN

RSVP Bandwidth Allocation Request and Response

RSVP ResvError Message

RSVP Use Cases

Rapid Spanning Tree port states

Real-time Transport Protocol

Redistribute static route into EIGRP stub router

Reliable Transport Protocol

Rev Up To Recert

Route-Map - Managing sequence numbers

Route-Map and ACL matching

Route-map - multiple statements with sequence numbers

Route-map matching OSPF router ID

Route-map with multiple parameters in one match statement

Route-map without a match statement

Route-map

Router Interfaces Need Separate Subnets

Routers - what is a loopback interface

Routing -  Difference between IGPs and EGPs

Routing - 'subnets' keyword for redistribution

Routing - A Directed Broadcast is only detected by the last router

Routing - Administrative Distance

Routing - CEF adjacency fixup error

Routing - Cisco Performance Routing (PfR)

Routing - Classless and Classful routing protocols

Routing - Directed vs Local broadcast address

Routing - Distance Vector Routing Protocols

Routing - Distance-vector routing protocol use cases

Routing - Dynamic routing protocols

Routing - How the routing table is populated

Routing - IP event dampening

Routing - Injecting a Static Route

Routing - Link-State vs Distance-Vector routing protocols

Routing - Link-state routing protocol use cases

Routing - OER master and border routers

Routing - PfR MC and BR on same device

Routing - The Null0 Interface

Routing - Using Anycast with BGP Multipath

Routing - Using the Null0 interface to prevent routing loops

Routing - address-family

Routing - default gateway

Routing - default routing using DHCP

Routing - directed broadcast