Creating An Attack Defense Policy; Configuring The Whitelist; Configuring The Blacklist - Huawei Quidway S9300 Configuration Manual
Terabit routing switch
Hide thumbs
Also See for Quidway S9300:
- Configuration manual - network management (630 pages) ,
- Configuration manual (603 pages) ,
- Configuration manual - multicast (262 pages)
Table of Contents
Advertisement
6 Local Attack Defense Configuration
6.3.2 Creating an Attack Defense Policy
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
cpu-defend policy policy-number
An attack defense policy is created.
Step 3 (Optional) Run:
description text
The description of the attack defense policy is set.
----End
6.3.3 Configuring the Whitelist
Context
You can create a whitelist and add users matching the specific characteristic to the whitelist.
The system allows the packets of whitelist users to pass through and first forwards the packets
of whitelist users. The CAR and deny cannot be configured for the packets of whitelist users.
The S9300 supports the flexible setting of the whitelist through ACLs.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
cpu-defend policy policy-number
The attack defense policy view is displayed.
Step 3 Run:
whitelist whitelist-id acl acl-number
The user-defined whitelist is created.
The ACL used by the whitelist can be a basic ACL, an advanced ACL, or a layer 2 ACL. For
details on ACL configuration, see
By default, no whitelist is configured on the S9300.
----End
6.3.4 Configuring the Blacklist
6-4
11.3 Configuring an
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Quidway S9300 Terabit Routing Switch
Configuration Guide - Security
ACL.
Issue 06 (2010–01–08)
Advertisement
Chapters
Table of Contents
