Creating An Attack Defense Policy; Configuring The Blacklist - Huawei Quidway S3700 Series Configuration Manual
Hide thumbs
Also See for Quidway S3700 Series:
- Configuration manual (398 pages) ,
- Quick start manual (70 pages) ,
- Manual (69 pages)
Table of Contents
Advertisement
Quidway S3700 Series Ethernet Switches
Configuration Guide - Security
Pre-configuration Tasks
Before configuring an attack defense policy, complete the following tasks.
l
Data Preparation
To configure an attack defense policy, you need the following data.
No.
1
2
3
6.3.2 Creating an Attack Defense Policy
You can create an attack defense policy by using name.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
cpu-defend policy policy-name
An attack defense policy is created and the attack defense policy view is displayed.
The S3700 supports up to 13 attack defense policies. Attack defense policy default is
automatically generated in the system by default and is applied to all boards. Attack defense
policy default cannot be deleted and its parameters cannot be modified. The rest of 12 policies
can be created and deleted.
Step 3 (Optional) Run:
description text
The description of the attack defense policy is set.
----End
6.3.3 Configuring the Blacklist
A blacklist is a set of unauthorized users. The packets that match ACL rules bound to the blacklist
are discarded.
Issue 01 (2011-07-15)
Connecting interfaces and setting the physical parameters of each interface to ensure that
the physical layer is in Up state
Data
Name and description of the attack defense policy
Number and rules of the ACL for blacklist users
CIR and CBS of the packets sent to the CPU
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
6 Local Attack Defense Configuration
179
Advertisement
Table of Contents
