1. Manuals
  2. Brands
  3. Huawei Manuals
  4. Switch
  5. S9700 Series
  6. Configuration manual

Checking The Configuration; Configuring The Log Function; Establishing The Configuration Task - Huawei S9700 Series Configuration Manual

Terabit routing switches spu
Hide thumbs Also See for S9700 Series:
Table of Contents

Advertisement

S9700 Core Routing Switch
Configuration Guide - SPU
----End

2.12.4 Checking the Configuration

After the traffic statistics and monitoring are configured, you can view information about traffic
statistics and monitoring.
Procedure
l
l
l
----End

2.13 Configuring the Log Function

The firewall logs include session logs, statistics logs, attack defense logs, and blacklist logs.

2.13.1 Establishing the Configuration Task

Before configuring the log function, familiarize yourself with the applicable environment,
complete the pre-configuration tasks, and obtain the data required for the configuration. This
will help you complete the configuration task quickly and accurately.
Applicable Environment
The logs record the behaviors and status of the firewall to help you find security risks, analyze
attempts to violate security policies, and detect network attacks.
Issue 01 (2012-03-15)
3.
Run:
statistics ip enable { inzone | outzone }
The IP address-level traffic statistics and monitoring are enabled.
By default, the IP address-level traffic statistics and monitoring is disabled.
4.
Run:
statistics connect-number ip { inzone | outzone } { icmp | tcp | udp }
high high-threshold low low-threshold
The session thresholds for the IP address-level traffic statistics and monitoring are set.
You can set the thresholds for TCP and UDP sessions in the inbound and outbound
directions. For example, you can set the threshold for inbound TCP sessions to 10000.
When the number of TCP sessions initiated from an IP address in the local zone
exceeds 10000, the SPU denies new TCP sessions from this IP address.
By default, the upper threshold and lower threshold for each type of protocol packets
are 500000 and 450000.
Run the display firewall statistics system command to view information about the system-
level traffic statistics and monitoring.
Run the system-view command to enter the system view, and then run the display firewall
statistics zone zone-name { inzone | outzone } all command to view information about
the zone-level traffic statistics and monitoring.
Run the display firewall statistics zone-ip zone-name command to view information about
the IP address-level traffic statistics and monitoring.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
2 Firewall Configuration
63

Advertisement

Table of Contents
loading

Related Manuals for Huawei S9700 Series

Related Content for Huawei S9700 Series

Table of Contents