416
The traffic statistics function does not concern about the session status (except the TCP half-open
and half-close states). As long as a session is established, the count increases by 1. As long as a
session is deleted, the count decreases by 1.
Attack detection and protection configuration task
list
The attack detection and protection configuration tasks include three categories:
• Configuring attack protection functions for an interface. To do so, you need to create an attack
protection policy, configure the required attack protection functions (such as Smurf attack
protection, scanning attack protection, and flood attack protection) in the policy, and then apply
the policy to the interface. There is no specific configuration order for the attack functions, and
you can configure them as needed.
• Configuring the blacklist function. This function can be used independently or used in
conjunction with the scanning attack protection function on an interface.
• Enabling the traffic statistics function. This function can be used independently.
Complete the following tasks to configure attack detection and protection:
Task Remarks
Configuring attack
protection functions for
an interface
Creating an attack protection policy
Req
uired.
Configuring an attack protection policy
:
• Configuring a single-packet attack protection policy
• Configuring a scanning attack protection policy
• Configuring a flood attack protection policy
Req
uired.
Configure one or
more policies as
needed.
Applying an attack protection policy to an interface
Required.
Configuring the blacklist function
Optional.
Enabling traffic statistics on an interface
Optional.
Enabling TCP fragment attack protection
Optional.
Configuring attack protection functions for an
interface
Creating an attack protection policy
Before configuring attack protection functions for an interface, you need to create an attack
protection policy and enter its view. In attack protection policy view, you can define one or more
signatures used for attack detection and specify the corresponding protection measures.
When creating an attack protection policy, you can also specify an interface so that the interface
uses the policy exclusively.
To create an attack protection policy:
To Next Page
Loading...
Need help?
General
