Display Attack-Defense Policy - HPE FlexNetwork HSR6800 Security Command Reference
Hide thumbs
Also See for FlexNetwork HSR6800:
- Configuration manual (503 pages) ,
- Command reference manual (153 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
reaches or exceeds the specified action threshold, the device considers the IP address to be under
attack, enters attack protection state, and takes protection actions as configured.
low rate-number: Sets the global silence threshold for UDP flood attack protection. The rate-number
argument indicates the number of UDP packets sent to an IP address per second and is in the range
of 1 to 64000. When the device is in attack protection state, if it detects that the sending rate of UDP
packets destined for an IP address drops below the silence threshold, it considers that the attack to
the IP address is over, returns to attack detection state, and stops the protection actions.
Usage guidelines
Adjust the thresholds according to your actual network conditions. For the protected objects that
usually have high UDP traffic, set a bigger action threshold to avoid impact on normal services. For
poor network conditions, or attack-sensitive networks, you can set a smaller action threshold. If the
link bandwidth of the protected network is small, you can set a smaller silence threshold to help
release the network traffic pressure.
Examples
# Configure UDP flood attack protection, set the global action threshold to 3000 packets per second
and the global silence threshold to 1000 packets per second.
<Sysname> system-view
[Sysname] attack-defense policy 1
[Sysname-attack-defense-policy-1] defense udp-flood rate-threshold high 3000 low 1000
Related commands
•
defense udp-flood action drop-packet
•
defense udp-flood enable
•
display attack-defense policy
display attack-defense policy
Use display attack-defense policy to display configuration information about one or all attack
protection policies.
Syntax
display attack-defense policy [ policy-number ] [ | { begin | exclude | include }
regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
policy-number: Sequence number of an attack protection policy, in the range of 1 to 128. If you do not
specify this argument, this command displays all brief information about attack protection policies.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
431
Advertisement
Table of Contents
