Huawei S1700 Series - Dai; Global

To Next Page

To Previous Page

S1700 Managed Series Ethernet Switches

Web User Manual

9 Security

Issue 05 (2012-10-25)

Huawei Proprietary and Confidential

158

Item

Description

One Key Bind

One Key Bind button is used to set the entire Bind State field in

entries to Bind State.

One Key Unbind

One Key Unbind button is used to set the entire Bind State field in

entries to Unbind State.

CAUTION

To bind ARP entry as IPSG entry, IPSG should be enabled on interface first.

9.10 DAI

DAI (Dynamic ARP Inspection) is used to check the legality of received packet by using the

DHCP snooping table and IPSG static ARP table. The illegal ARP messages will be discarded.

Functions are as follows:

1. Use DHCP snooping table and IPSG static table to create a credible, real and safe ARP

cache library for resisting ARP spoofing.

2. The non-trusted interface ARP responses will be blocked and matched to check if the

interface is matched; otherwise, the unmatched one should be discarded.

3. The trusted interface will not be blocked and matched.

4. Limit the ARP packet rate for non-trusted interface.

9.10.1 Global

Click Security> DAI> Global, the configuration page is displayed as follows.

Figure 9-46 Global Settings

Other manuals for Huawei S1700 Series