6 Local Attack Defense Configuration
The attack defense policy view is displayed.
Step 3 Run:
auto-defend enable
The automatic attack source tracing function is enabled.
----End
6.4.4 Configuring the Threshold of Attack Source Tracing
Context
After the threshold of attack source tracing is configured, a log is recorded when the number of
packets sent by the possible attack source in a given period exceeds the threshold. The
S9300supports the source tracing of ARP packets, DHCP packets, and IGMP packets to be sent
to the CPU.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
cpu-defend policy policy-number
The attack defense policy view is displayed.
Step 3 Run:
auto-defend threshold threshold-value
The threshold of attack source tracing is configured.
By default, the threshold of attack source tracing is set to 128 pps.
----End
6.4.5 (Optional) Configuring the Attack Source Alarm Function
Context
After the attack source alarm function is enabled, a trap is sent to the Network Management
System (NMS) when the number of packets sent by the possible attack source in a given period
exceeds the alarm threshold.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
6-10
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Quidway S9300 Terabit Routing Switch
Configuration Guide - Security
Issue 06 (2010–01–08)