User's Manual
368
Chapter 49 Attack Prevention Configuration
49.1 Attack Prevention Configuration Tasks
When the number of IGMP, ARP or IP message that is sent by a host in a designated interval exceeds the
threshold, we think that the host attack the network.
You can select the type of attack prevention (ARP, IGMP or IP), the attack prevention port and the attack
detection parameter. You have the following configuration tasks:
Configuring the attack filter parameters
Configuring the attack prevention type
Enables the attack prevention function.
Checking the State of Attack Prevention
49.2 Attack Prevention Configuration
49.3 Configuring the Attack Filter Parameters
In global configuration mode, run the following command to configure the parameters of Filter.
Command Purpose
Switch# config Enters the global configuration mode.
Switch_config# filter period time Sets the attack filter period to time. Its
unit is second.
Switch_config# filter threshold
[ arp | bpdu | dhcp | igmp | ip |
icmp ] value
Sets the attack filter threshold to value.
Switch_config# filter block-time time Sets the out-of-service time (block-
time) for the attack source when the
attack source is detected. Its unit is
second.
Switch_config# filter polling period
time
Sets the filter polling period in Hybrid
mode. Its unit is second.
Switch_config# filter polling threshold
[ arp | bpdu | dhcp | igmp | ip | icmp |
icmpv6 ]
value
Sets the filter polling threshold in
Hybrid mode.
Switch_config# filter polling auto-fit Sets the corresponding parameters of
period and threshold of polling filter
which adapts to the attack source filter.
The command is efficient by default.
The polling period equals with the
attack filter period and the polling