Attack Detection And Prevention Configuration Task List; Configuring An Attack Defense Policy; Creating An Attack Defense Policy; Configuring A Single-Packet Attack Defense Policy - HP MSR Series Configuration Manual

Attack detection and prevention configuration task
list
Tasks at a glance
(Required.)
•
(Required.)
•
(Required.) Perform at least one of the following tasks to configure attack detection:

Configuring a single-packet attack defense policy

Configuring a scanning attack defense policy
Configuring a flood attack defense policy
•
(Optional.)
(Required.) Perform at least one of the tasks to apply an attack defense policy:
•
Applying an attack defense policy to an interface
•
Applying an attack defense policy to the device
(Optional.) Disabling log aggregation for single-packet attack events
(Optional.) Configuring TCP fragment attack prevention
(Optional.) Configuring client verification:
•
Configuring TCP client verification
•
Configuring DNS client verification
•
Configuring HTTP client verification
(Optional.) Configuring the blacklist feature

Configuring an attack defense policy

Creating an attack defense policy

An attack defense policy can contain a set of attack detection and prevention configuration against
multiple attacks.
To create an attack defense policy:
Step
1. Enter system view.
2. Create an attack defense
policy and enter its view.
Configuring a single-packet attack defense policy
Configure the single-packet attack defense policy on the interface that connects to the external
network.
Single-packet attack detection inspects incoming packets based on the packet signature. If an attack
packet is detected, the device can take the following actions:
•
Output logs (the default action).
•
Drop attack packets.
Configuring an attack defense
Creating an attack defense policy
Configuring attack detection exemption
Command
system-view
attack-defense policy
policy-name
policy:
489
Remarks
N/A
By default, no attack defense policy
exists.