Applying The Attack Defense Policy; Checking The Configuration - Huawei Quidway S3700 Series Configuration Manual
Hide thumbs
Also See for Quidway S3700 Series:
- Configuration manual (398 pages) ,
- Quick start manual (70 pages) ,
- Manual (69 pages)
Table of Contents
Advertisement
Quidway S3700 Series Ethernet Switches
Configuration Guide - Security
Step 2 Run:
cpu-defend policy policy-name
The attack defense policy view is displayed.
Step 3 Run:
auto-defend enable
Automatic attack source tracing is enabled.
By default, automatic attack source tracing is disabled.
Step 4 (Optional) Run:
auto-defend attack-packet sample sample-value
The sampling ratio for attack source tracing is set.
The default packet sampling ratio is 16.
When the sampling ratio is smaller than 5, the attack source tracing result may be affected by
the packet sending rate.
----End
6.4.9 Applying the Attack Defense Policy
After an attack defense policy is created, you must apply the attack defense policy in the system
view. Otherwise, the attack defense policy does not take effect.
Context
When the S3700 is stacked, the attack defense policy is applied to all switches in a stack.
Procedure
l
----End
6.4.10 Checking the Configuration
This section describes how to check the configuration of attack source tracing.
Procedure
l
Issue 01 (2011-07-15)
Applying the attack defense policy in the system view
1.
Run:
system-view
The system view is displayed.
2.
Run:
cpu-defend-policy policy-name global
An attack defense policy is applied.
Run the display cpu-defend policy policy-name command to view the attack defense
policy.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
6 Local Attack Defense Configuration
189
Advertisement
Table of Contents
