NOTE
l The device provides complete security measures, but not all security measures need to be deployed. Only
the security measures that meet the following requirements need to be deployed:
l The security measures can be used on the live network.
l The security measures are easy to deploy.
l The security measures are effective.
l Different ONUs support different security features. Select the security feature recommended in this topic
according to actual ONU capabilities.
System Security
Security
Vulnerability
Solution Description and Usage
Suggestion
DoS attack Enable the anti-DoS-attack
function for OLT and
MDU.
After the anti-DoS-attack function is
enabled, control packets are
monitored and those exceeding the
number threshold are discarded.
Use this solution for new site
deployment.
IP attack Enable the anti-IP-attack
function for OLT and
MDU.
After the anti-IP-attack function is
enabled, a device discards the IP
packets received from the user side
whose destination IP address is the IP
address of the device, and therefore
the system is protected.
Use this solution for new site
deployment.
User Security
Security
Vulnerability
Solution Description and Usage
Suggestion
MAC spoofing Enable the anti-MAC-
duplicate function for OLT
and MDU.
After anti-MAC-duplicate is enabled,
the system records the first MAC
address learnt from the port and binds
the MAC address to the port and
VLAN. If receiving packets sent from
the host that has the same MAC
address with the port, the system
discards the packets directly. In this
case, it can prevent users from forging
MAC addresses to perform malicious
attacks.
Use this solution for new site
deployment.
SmartAX MA5600T/MA5603T/MA5608T Multi-service
Access Module
Commissioning and Configuration Guide 12 FTTO Configuration(SOHO and SME)
Issue 01 (2014-04-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
1092
To Next Page
Loading...
Need help?
General
