Configuring Management Interface Security
How to Enable the IP Fragment Filter
From the SCE(config)# prompt, type ip filter fragment enable and press Enter.
Step 1
How to Disable the IP Fragment Filter
From the SCE(config)# prompt, type ip filter fragment disable and press Enter.
Step 1
Configuring the Permitted and Not-permitted IP Address Monitor
Options
The following options are available:
•
•
•
•
From the SCE(config)# prompt, type
Step 1
low_rate high_rate high_rate burst burst size and press Enter.
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
5-10
I p permitted/ip not-permitted — Specifies whether the configured limits apply to permitted or
not-permitted IP addresses.
If neither keyword is used, it is assumed that the configured limits apply to both permitted and
not-permitted IP addresses.
low rate — lower threshold; the rate in Mbps that indicates the attack is no longer present.
–
Default — 20
high rate — upper threshold; the rate in Mbps that indicates the presence of an attack.
Default — 20
–
burst size — duration of the interval in seconds that the high and low rates must be detected in order
for the threshold rate to be considered to have been reached
Default — 10
–
Chapter 5
Configuring the Management Interface and Security
p filter monitor {ip_permited|ip_not_permited} low_rate
i
OL-7827-12