Digital Data Communications LevelOne GTL-2091 매뉴얼 - 페이지 3
{카테고리_이름} Digital Data Communications LevelOne GTL-2091에 대한 매뉴얼을 온라인으로 검색하거나 PDF를 다운로드하세요. Digital Data Communications LevelOne GTL-2091 4 페이지. Attack prevention configuration
Digital Data Communications LevelOne GTL-2091에 대해서도 마찬가지입니다: 매뉴얼 (8 페이지)
페이지 인쇄Chapter 1 Attack Prevention Configuration
1.1 Overview
To guarantee the reasonable usage of network bandwidth, our 6508 series switches
provide the function to prevent vicious traffic from occupying lots of network bandwidth.
In light of current attack modes, our 6508 series switches can limit the hosts that send
lots of ARP, IGMP or IP message in a period of time and do not provide any service to
these hosts. The function can prevent malicious message from occuping lots of
network bandwidth. Therefore, the network can not be congested.
1.2 Attack Prevention Configuration Tasks
When the number of IGMP, ARP or IP message that is sent by a host in a designated
interval exceeds the threshold, we think that the host attack the network.
You can select the type of attack prevention (ARP, IGMP or IP), the attack prevention
port and the attack detection parameter. You have the following configuration tasks:
l
Configuring the attack prevention type
l
Configuring the attack detection parameters
1.3 Attack Prevention Configuration
1.3.1 Configuraing the Attack Detection Parameters
filter period time
filter threshold vlaue
filter block-time time
1.3.2 Configuring the Attack Prevention Type
filter igmp
fileter ip source-ip
interface f x/y
http://www.level1.com
Command
Command
Attack Prevention Configuration
Description
Sets the attack detection period to time,
whose unit is second.
Sets the attack detection threshold to value.
The parameter value represents the number
of messge at the threshold.
Sets the out-of-service time for the attack
source when the attack source is detected.
Its unit is second.
Description
Detects the igmp attack.
Detects the IP attack based on the source IP
address.
Enters interface configuration mode for
- 1 -