Table of Contents
Advertisement
Quality of Service (QoS) Commands
78-20269-01 Command Line Interface Reference Guide
Default Configuration
The security suite feature is disabled.
If global-rules-only is not specified, the default is to enable security-suite globally
and per interfaces.
Command Mode
Global Configuration mode
User Guidelines
MAC ACLs must be removed before the security-suite is enabled. The rules can
be re-entered after the security-suite is enabled.
If ACLs or policy maps are assigned on interfaces, per interface security-suite
rules cannot be enabled.
Examples
Example 1 - The following example enables the security suite feature and
specifies that security suite commands are global commands only. When an
attempt is made to configure security-suite on a port, it fails.
Console(config)#
security-suite enable global-rules-only
Console(config)#
interface
Console(config-if)#
To perform this command, DoS Prevention must be enabled in the per-interface mode.
Example 2 - The following example enables the security suite feature globally and
on interfaces. The security-suite command succeeds on the port.
Console(config)#
security-suite enable
Console(config)#
interface
Console(config-if)#
Console(config-if)#
41.44 security-suite dos protect
Use the security-suite dos protect Global Configuration mode command to
protect the system from specific well-known Denial of Service (DoS) attacks.
gi1
security-suite dos syn-attack
gi1
security-suite dos syn-attack
41
199
any
/10
199
/10
any
601
Advertisement
Table of Contents
