Applying The Attack Defense Policy - Huawei Quidway S9300 Configuration Manual

Quidway S9300 Terabit Routing Switch
Configuration Guide - Security
cpu-defend policy policy-number
The attack defense policy view is displayed.
Step 3 Run:
auto-defend alarm enable
The attack source alarm function is enabled.
Step 4 Run:
auto-defend alarm threshold threshold-value
The threshold of the attack source alarm function is set.
By default, the threshold of the attack source alarm function is set to 128 pps.
----End

6.4.6 Applying the Attack Defense Policy

Context
The attack defense policy can be applied to the main control board or all the LPUs in the system
view or to the specified LPU in the slot view.
Procedure
l
l
Issue 06 (2010–01–08)
NOTE
When the attack defense policy is applied on the LPU, the cpu-defend-policy command is run in either
the system view or the slot view. That is, if the cpu-defend-policy command is run in the system view and
global is specified, the cpu-defend-policy command cannot be run in the slot view. In a similar manner,
if the cpu-defend-policy command is run in the slot view, the cpu-defend-policy command with specified
global cannot be run in the system view.
Applying the attack defense policy in the system view
1. Run:
system-view
The system view is displayed.
2. Run:
cpu-defend-policy policy-number [ global ]
An attack defense policy is applied.
If you do not specify global in the command, the attack defense policy is applied
–
on the main control board. A flexible plug-in card needs to be installed on the main
control board to support the application.
If you specify global in the command, the attack defense policy is applied on all
–
the LPUs.
Applying the attack defense policy in the slot view
1. Run:
system-view
The system view is displayed.
2. Run:
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
6 Local Attack Defense Configuration
6-11