User Manual
365
Users Manual of XGS-6350-24X4C
Chapter 42. Attack Prevention Configuration
Attack Prevention Configuration
42.1
42.1.1 Overview
To guarantee the reasonable usage of network bandwidth, our 6508 series switches provide the function to
prevent vicious traffic from occupying lots of network bandwidth. In light of current attack modes, our 6508
series switches can limit the hosts that send lots of ARP, IGMP or IP message in a period of time and do not
provide any service to these hosts. The function can prevent malicious message from occuping lots of
network bandwidth. Therefore, the networkcan not be congested.
42.1.2 Attack Prevention Configuration Tasks
When the number of IGMP, ARP or IP message that is sent by a host in a designated interval exceeds the
threshold, we think that the host attacks the network.
You can select the type of attack prevention (ARP, IGMP or IP), the attack prevention port and the attack
detection parameter. You have the following configuration tasks:
Configuring the attack prevention type
Configuring the attack detection parameters
42.1.3 Attack Prevention Configuration
42.1.3.1 Configuraing the Attack Detection Parameters
Command Description
filter period time Sets the attack detection period to time, whose
unit is second.
filter threshold vlaue Sets the attack detection threshold to value. The
parameter value represents the number of messge
at the threshold.
filter block-time time
Sets the out-of-service time for the attack source
when the attack source is detected. Its unit is
second.
42.1.3.2 Configuring the Attack Prevention Type
Command Description
filter igmp
Detects the igmp attack.
fileter ip source-ip
Detects the IP attack based on the source IP
address.
interface f x/y
Enters interface configuration mode for interface y