Contents
xvi
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Specific Attack Filtering 11-2
Attack Detection 11-3
Attack Detection Thresholds 11-4
Attack Handling 11-5
Subscriber Notification 11-5
Hardware Filtering 11-6
Configuring Attack Detectors 11-7
How to Enable Specific-IP Detection 11-9
Options 11-9
How to Enable Specific-IP Detection 11-9
How to Enable Specific-IP Detection for the TCP Protocol Only for all Attack Directions 11-9
How to Enable Specific-IP Detection for the TCP Protocol for Port-based Detections Only for
Dual-sided Attacks 11-10
How to Disable Specific-IP Detection for Protocols Other than TCP, UDP, and ICMP for all Attack
Directions 11-10
How to Disable Specific-IP Detection for ICMP for Single-sided Attacks Defined by the Source
IP 11-10
How to Configure the Default Attack Detector 11-10
Options 11-11
How to Define the Default Action and Optionally the Default Thresholds 11-11
How to Reinstate the System Defaults for a Selected Set of Attack Types 11-12
How to Reinstate the System Defaults for All Attack Types 11-12
Specific Attack Detectors 11-13
Options 11-13
How to Enable a Specific Attack Detector and Assign it an ACL 11-14
How to Define the Action and Optionally the Thresholds for a Specific Attack Detector 11-14
How to Define the Subscriber Notification Setting for a Specific Attack Detector 11-15
How to Define the SNMP Trap Setting for a Specific Attack Detector 11-15
How to Define the List of Destination Ports for TCP or UDP Protocols for a Specific Attack
Detector 11-15
How to Delete User-Defined Values 11-16
How to Disable a Specific Attack Detector 11-16
How to Disable All Non-default Attack Detectors 11-16
How to Disable All Attack Detectors 11-16
Sample Attack Detector Configuration 11-17
Configuring Subscriber Notifications 11-18
How to Configure the Subscriber Notification Port 11-18
Options 11-18
How to Remove the Subscriber Notification Port 11-18
Preventing and Forcing Attack Detection 11-19
To Next Page
Loading...
