EasyManuals Logo

D-Link xStack DGS-3610 Series User Manual

D-Link xStack DGS-3610 Series
703 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #584 background imageLoading...
Page #584 background image
Chapter 41 Anti-attack System Guard Configuration DGS-3610 Series Configuration Guide
41-4
Command
Meaning
show system-guard
Check the configuration entities.
copy running-config startup-config
Save the configuration.
Caution
The smaller the threshold is set, the weaker the accuracy of the judging for
the attacked host is. It is easy to isolate the normal host online incorrectly.
It is recommended that administrators configure corresponding threshold
according to the security of the actual network environment.
If you want to restore the default value of corresponding parameters, execute the no
system-guard same-dest-ip-attack-packets and no system-guard
scan-dest-ip-attack-packets commands for setting in the interface mode.
41.2.5 Setting the Maximum Number of
Monitored IPs
You can set the maximum quantity of the attacked hosts monitored by the devices, 20% of
the quantity of the actually-operated hosts. However, if you detect that the isolated hosts
reach or approach to the maximum quantity of the monitored hosts, the quantity of the
monitored hosts can be enlarged to meet the requirements for better system guard.
You can set the maximum quantity of the attacked host through the following steps:
Command
Meaning
configure terminal
Enter the global configuration mode.
system-guard detect-maxnum
number
Set the maximum number of monitored hosts. This value
is based on line card, ranging from 1 to 500, 100 by
default.
end
Return to the privileged mode.
show system-guard
Check the configuration entities.
copy running-config startup-config
Save the configuration.
Caution
If you change the quantity of the monitored hosts to be less than the
original quantity, it can cause data clearing of current monitored host. In
case of a large number of isolated IP addresses, it may display chip
resource full, because the device has isolated many users, causing full
occupation of the hardware chip resource (This quantity is about 100-120
IP addresses for each port according to the actual switch operation and
the ACL setting). However these users are not isolated actually, so it is
necessary for administrators to take other measures to handle these
attackers.

Table of Contents

Other manuals for D-Link xStack DGS-3610 Series

Preview: Hardware Installation Guide
Hardware Installation Guide26 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the D-Link xStack DGS-3610 Series and is the answer not in the manual?

D-Link xStack DGS-3610 Series Specifications

General IconGeneral
BrandD-Link
ModelxStack DGS-3610 Series
CategorySwitch
LanguageEnglish

Related product manuals