EasyManuals Logo

HPE FlexNetwork MSR Series Comware 5 Security Configuration Guide

HPE FlexNetwork MSR Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #432 background imageLoading...
Page #432 background image
419
Step Command Remarks
4. Configure the global action
and silence thresholds for
SYN flood attack
protection.
defense syn-flood
rate-threshold high
rate-number
[
low
rate-number ]
Optional.
By default, the action threshold is
1000 packets per second and the
silence threshold is 750 packets per
second.
5. Configure the action and
silence thresholds for SYN
flood attack protection of a
specific IP address.
defense syn-flood ip
ip-address
rate-threshold high
rate-number
[
low
rate-number ]
Optional.
Not configured by default.
6. Configure the device to
drop SYN flood attack
packets.
defense syn-flood action
{
drop-packet
}
Optional.
By default, the device only outputs
alarm logs if detecting an attack.
To configure an ICMP flood attack protection policy:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter attack protection
policy view.
attack-defense policy
policy-number
N/A
3. Enable ICMP flood attack
protection.
defense icmp-flood enable
Disabled by default.
4. Configure the global action
and silence thresholds for
ICMP flood attack
protection.
defense icmp-flood
rate-threshold high
rate-number
[
low
rate-number ]
Optional.
By default, the action threshold is
1000 packets per second and the
silence threshold is 750 packets per
second.
5. Configure the action and
silence thresholds for ICMP
flood attack protection of a
specific IP address.
defense icmp-flood ip
ip-address
rate-threshold high
rate-number
[
low
rate-number ]
Optional.
Not specifically configured for an IP
address by default.
6. Configure the device to
drop ICMP flood attack
packets.
defense icmp-flood action
drop-packet
Optional.
By default, the device only outputs
alarm logs if detecting an attack.
To configure a UDP flood attack protection policy:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter attack protection
policy view.
attack-defense policy
policy-number
N/A
3. Enable UDP flood attack
protection.
defense udp-flood enable
Disabled by default.
4. Configure the global action
and silence thresholds for
UDP flood attack
protection.
defense udp-flood
rate-threshold high
rate-number
[
low
rate-number ]
Optional.
By default, the action threshold is
1000 packets per second and the
silence threshold is 750 packets per
second.

Table of Contents

Other manuals for HPE FlexNetwork MSR Series

Preview: Configuration Guide
Configuration Guide861 pages
Preview: Comware 7 Layer 3 - Ip Services Configuration Guides
Comware 7 Layer 3 - Ip Services Configuration Guides554 pages
Preview: Guide
Guide213 pages
Preview: Command Reference
Command Reference120 pages
Preview: Comware 5 Layer 2 - Wan Access Configuration Guide
Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork MSR Series
CategoryNetwork Router
LanguageEnglish

Related product manuals