5-10
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 5 Configuring the Management Interface and Security
Configuring Management Interface Security
How to Enable the IP Fragment Filter
Step 1 From the SCE(config)# prompt, type ip filter fragment enable and press Enter.
How to Disable the IP Fragment Filter
Step 1 From the SCE(config)# prompt, type ip filter fragment disable and press Enter.
Configuring the Permitted and Not-permitted IP Address Monitor
Options
The following options are available:
• I p permitted/ip not-permitted — Specifies whether the configured limits apply to permitted or
not-permitted IP addresses.
If neither keyword is used, it is assumed that the configured limits apply to both permitted and
not-permitted IP addresses.
• low rate — lower threshold; the rate in Mbps that indicates the attack is no longer present.
–
Default — 20
• high rate — upper threshold; the rate in Mbps that indicates the presence of an attack.
–
Default — 20
• burst size — duration of the interval in seconds that the high and low rates must be detected in order
for the threshold rate to be considered to have been reached
–
Default — 10
Step 1 From the SCE(config)# prompt, type ip filter monitor {ip_permited|ip_not_permited} low_rate
low_rate high_rate high_rate burst burst size and press Enter.
To Next Page
Loading...
