H3C S9500 Series Operation Manual page 1227

Operation Manual – IDS Linkage
H3C S9500 Series Routing Switches
The IDS device's IP address is 192.168.1.247. Its management port connects the
switch port Ethernet3/1/47; its monitoring port connects the switch port
Ethernet3/1/48.
The management port with the IP address 192.168.1.1 on the switch
communicates with the IDS.
Note:
Controlling means that the IDS monitors traffic data from mirroring ports. When
detecting suspicious traffic data, the IDS device sends to a switch (router) or firewall the
traffic data protocol header information (IP/TCP/UDP/ICMP) and action information.
The switch (router) or firewall blocks the specified traffic or port.
II. Network diagram
Figure 1-1 Network diagram for IDS linkage configuration
III. Configuration procedure
Note:
Only the commands related to the switch are listed here.
<H3C> system-view
[H3C] mirroring-group 1 inbound Ethernet 3/1/1 mirrored-to Ethernet 3/1/48
[H3C]vlan 192
[H3C-vlan192]port Ethernet3/1/1 Ethernet3/1/3 Ethernet3/1/5 Ethernet3/1/47
[H3C-vlan192]interface vlan-interface 192
[H3C-Vlan-interface192]ip add 192.168.1.1 255.255.255.0
Chapter 1 IDS Linkage Configuration
1-4