Cisco SCE 1000 2xGBE User's Guide Page 241

  • Download
  • Add to my manuals
  • Print
  • Page
    / 490
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 240
Chapter 9 Identifying And Preventing Distributed-Denial-Of-Service Attacks
Configuring Attack Detectors
SCE 1000 2xGBE Release 2.0.10 User Guide
OL-7117-02 9-9
Use these commands to define thresholds, actions, and subscriber notification setting for a
specific attack detector for a particular situation (protocol/attack direction/side).
To enable a specific attack detector and assign and it an ACL:
Step 1 From the SCE 1000(config if)# prompt, type attack-detector <number>
access-list <number> comment <comment> and press Enter.
To disable a specific attack detector:
Step 1 From the SCE 1000(config if)# prompt, type no attack-detector <number>
and press Enter.
To disable all non-default attack detectors:
Step 1 From the SCE 1000(config if)# prompt, type no attack-detector all-
numbered and press Enter.
To define action and optionally thresholds for a specific attack detector:
Step 1 From the SCE 1000(config if)# prompt, type attack-detector <number>
protocol (TCP|UDP|ICMP|other) attack-direction (attack-
source|attack-destination|both) side
(subscriber|network|both) action (report|block) [open-flows
<number> ddos-suspected-flows <number>] and press Enter.
Page view 240
1 ... 240 241 242 ... 490

Comments to this Manuals

No comments