Manualshelf

Product guide

ManualsBrandsProCurve ManualsComputer equipment6200yl
71727374757677787980
3-12
Virus Throttling
Configuring Connection-Rate Filtering
Configuring the Per-Port Filtering Mode
Table 3-1. Throttle Mode Penalty Periods
Syntax: filter connection-rate < port-list > < notify-only | throttle | block >
no filter connection-rate < port-list >
Configures the per-port policy for responding to detection of a
relatively high number of inbound, routed IP connection
attempts from a given source. The level at which the switch
detects such traffic depends on the sensitivity setting config-
ured by the connection-rate-filter sensitivity command (page
3-11). (Note: You can use connection-rate ACLs to create excep-
tions to the configured filtering policy. See “Configuring and
Applying Connection-Rate ACLs” on page 3-19.) The no form of
the command disables connection-rate filtering on the ports in #
< port-list >.
notify-only: If the switch detects a relatively high number of
routed IP connection attempts from a specific host, notify-only
generates an Event Log message. Sends a similar message to
any SNMP trap receivers configured on the switch.
throttle: If the switch detects a relatively high number of routed
IP connection attempts from a specific host, this option gener-
ates the notify-only messaging and also blocks all routed traffic
inbound from the offending host for a penalty period. After the
penalty period, the switch allows routed traffic from the offend-
ing host to resume, and re-examines the traffic. If the suspect
behavior continues, the switch again blocks the routed traffic
from the offending host and repeats the cycle. For the penalty
periods, refer to table 3-1, below.
block: If the switch detects a relatively high number of routed
IP connection attempts from a specific host, this option gener-
ates the notify-only messaging and also blocks all routed and
switched traffic inbound from the offending host.
Throttle Mode
(Sensitivity)
Frequency of IP
Connection Requests
from the Same Source
Mean Number of New
Destination Hosts in the
Frequency Period
Penalty Period
Low < 0.1 second 54 < 30 seconds
Medium < 1.0 second 37 30 - 60 seconds
High < 1.0 second 22 60 - 90 seconds
Aggressive < 1.0 second 15 90 - 120 seconds