SCE 1000 2xGBE Release 2.0.10 User Guide
OL-7117-02 1
A
Access Control List (ACL)
Permits or denies incoming connections on
any of the management interfaces. It is an
ordered list of entries, each consisting of an
IP address and an optional wildcard “mask”
defining an IP address range, and a
permit/deny field.
Auto-negotiation
Gigabit Ethernet auto-negotiation allows the
link to synchronize with its peer
automatically.
B
Bump-in-the-wire topology
The SCE Platform physically resides on the
data link between the subscriber side and the
network side, and can both receive and
transmit traffic.
Bypass module
Separated hardware mechanism in SCE
Platforms, that forwards traffic
independently of the status of the rest of the
modules in the platforms.
C
Collection Manager (CM)
A software application that is responsible for
receiving RDRs from SCE Platforms and
processing them.
Command Line Interface (CLI)
One of the management interfaces to the
SCE Platform. It is accessed through a
Telnet session or directly via the console
port on the front panel of the SCE Platform.
Cutoff
Mechanism that cuts the link so that there is
no forwarding of traffic, and the physical
link is forced down (cutoff at layer 1).
D
DDoS Attack Filtering
The aim of DDoS attack filtering is to detect
attacks that occur in the traffic flowing
through the SCE platform, to report such
attacks via management channels, and to
handle these attacks by blocking them, if
configured to do so. In addition, if the
application loaded to the SCE 1000 supports
the ‘subscriber-notification’ feature, a
subscriber whose IP address is associated
with an attack that was identified can be
notified about the attack on-line by the SCE
1000.
There are two main aspects of attack
filtering:
• Attack detection: Detect attacks based
on their common IP address and number
of flows found to/from that IP address.
• Attack handling: Attack flows may be
blocked or processed as usual.
Glossary of Terms
Comments to this Manuals